Retrieving Threat Detected Information from NSM SaaS

This section explains the process of retrieving threat-detected information from Network Security Manager (NSM) SaaS and its significance in bolstering cyber security defences using SonicWall AI for Monitoring & Insight (SAMI).

Here is an example to obtain critical information on threats detected by NSM SaaS using SAMI.

1. In SAMI text box, enter, give me information regarding threats detected for (specify the firewall name or serial number) from NSM SaaS.

   You can specify a tenant, which includes all the groups and firewalls under your management, or a particular group, or even a single firewall.

   SAMI interprets the request and displays the identified data, which includes intrusions, viruses, spyware, and botnets.

2. In SAMI text box, enter, give me information on top five intrusions, viruses, spyware, and botnets detected.

   This helps you understand the different types of threats that your network is dealing with.

   SAMI interprets the request and displays the top five intrusions, viruses, spyware, and botnets detected.

3. In SAMI text box, enter, review the threat data for the last 24 hours.

   SAMI interprets the request and displays the filtered data to include only threats detected within this period, providing current and relevant insights.

Conducting this threat detection, you are able to:

• Help you make informed decisions to protect your network.

• You can specify a tenant, which includes all the groups and firewalls under your management, or a particular group, or even a single firewall.

• When ranking the top 5 intrusions, viruses, spyware, and botnets based on detections, it's important to consider how common they are, the impact they have, and how sophisticated they are.