Security Center MX Summary

lawrie
Comes here often

Security Center MX Summary

Hi Folks,

 

I am new to this meraki dashboard. I have noticed there is a section under the Security Centre that shows all the events of the Most afffected Operating System. I want to know what these events are and is it affecting operating systems within my domain or are these remote operating systems?

 

What about the unknown Operating Systems?

 

most affected os.JPG

3 REPLIES 3
UCcert
Kind of a big deal

Hi @lawrie , the list of countries on the right and external IPs are a list of external threats that the MX has detected and hopefully blocked.  Worth clicking through and identifying what’s been happening.

 

The list of devices at the bottom, Windows and Unknown are OS types on your network. If you click on the unknown ones it should give you a list of devices and IP addresses so you track them down on your network.

Darren O'Connor | uccert.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
lawrie
Comes here often

Hi @UCcert  Thanks for the explanation. I have tried clicking on the Unknown OS types but nothing happens. All i see is a red line next to the Unknown OS label.

 

As far as i can tell these threats are allowed by Meraki. I assume these files are scanned by Meraki before being allowing into my network?

CptnCrnch
Kind of a big deal

A little bit of background from Merakis documentation:

https://documentation.meraki.com/MX/Monitoring_and_Reporting/Security_Center

 

This should answer some of your questions.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels