Specifications
specific location−−for example, all the routers in a particular building. When a device type
(Routers) and a location group (Building2) are both selected, then only the devices contained
in both groups (Routers in Building2) will be included in the search scope.
Resulting Devices
The resulting list of devices that will be searched when Dragon notifies ASM of a threat. The table is
dynamically updated according to your device/device group selections and include/exclude
arguments.
Send Notification...
This checkbox allows you to select a notification to be performed in the event no port is found for the
Threat IP. For example, you can specify an E−Mail notification to be sent when no port is found.
Select the desired notification from the drop−down list. Click Edit to open the Edit Notifications
window which lists the configured notifications. In this window, you can select a notification to edit,
or click Create to open the Create Notification window.
Buttons
Include/Exclude
Adds your tree selections to the Selected Groups and Devices table and sets the Filter column to either
Include or Exclude.
Remove
Deletes one or more rows selected from the Groups and Devices table
Continue
Confirms the selected Devices/Device Groups and takes you to the Exclude Port Types view.
Advanced Search Scope
With Advanced Search Mode selected, the Search Scope Definitions view lets you create search scope rules
to determine which devices you want to include or exclude from the ASM search when Dragon notifies ASM
of a threat. Search Scope Rules are evaluated in order (from top−to−bottom) to examine the attributes of a
threat (Sender ID, Sender Name and Sender Subnet) and when the threat matches the rule, the Search Scope
Group associated with the rule is included in or excluded from the ASM search scope, according to the
include/exclude arguments.
Click areas in the window for more information.
Automated Security Manager Help
Advanced Search Scope 114