Hi,
Network Threat Protection provides the following reports, brute force attack fall under this category.
| Report name |
Description |
| Top Targets Attacked |
This report consists of a pie chart with relative bar. You can view information using groups, subnets, clients, or ports as the target. It includes information such as the number and percentage of attacks, the attack type and severity, and the distribution of attacks. |
| Top Sources of Attack |
This report consists of a pie chart with relative bars that shows the top hosts that initiated attacks against your network. It includes information such as the number and percentage of attacks, the attack type and severity, and the distribution of attacks. |
| Top Types of Attack |
This report consists of a pie chart with associated relative bars. It includes information such as the number and percentage of events. It also includes the group and severity, as well as the event type and number by group. |
| Top Blocked Applications |
This report consists of a pie chart with relative bars that show the top applications that were prevented from accessing your network. It includes information such as the number and percentage of attacks, the group and severity, and the distribution of attacks by group. |
| Attacks over Time |
This report consists of one or more line charts that display attacks during the selected time period. For example, if the time range is the last month, the report displays the total number of attacks per day for the past month. It includes the number and percentage of attacks. You can view attacks for all computers, or by the top operating systems, users, IP addresses, groups, or attack types. |
| Security Events by Severity |
This report consists of a pie chart that displays the total number and percentage of security events in your network, ranked according to their severity. |
| Blocked Applications Over Time |
This report consists of a line chart and table. It displays the total number of applications that were prevented from accessing your network over a time period that you select. It includes the event time, the number of attacks, and the percentage. You can display the information for all computers, or by group, IP address, operating system, or user. |
| Traffic Notifications Over Time |
This report consists of a line chart. It shows the number of notifications that were based on firewall rule violations over time. The rules that are counted are those where you checked the Send Email Alert option in the Logging column of the Firewall Policy Rules list. You can display the information in this report for all computers, or by group, IP address, operating system, or user. |
| Top Traffic Notifications |
This report consists of a pie chart with relative bars that lists the group or subnet, and the number and percentage of notifications. It shows the number of notifications that were based on firewall rule violations that you configured as important to be notified about. The rules that are counted are those where you checked the Send Email Alert option in the Logging column of the Firewall Policy Rules list. You can view information for all, for the Traffic log, or for the Packet log, grouped by top groups or subnets. |
| Full Report |
This report gives you the following Network Threat Protection information in a single report:
- Top Types of Attack
- Top Targets Attacked by Group
- Top Targets Attacked by Subnet
- Top Targets Attacked by Client
- Top Sources of Attack
- Top Traffic Notifications by Group (Traffic)
- Top Traffic Notifications by Group (Packets)
- Top Traffic Notifications by Subnet (Traffic)
- Top Traffic Notifications by Subnet (Packets)
- This report includes the information for all domains.
|
Also, you can construct custom filters by using the Basic Settings and Advanced Settings to change the information that you want to see. You can save your filter settings to the database so that you can generate the same view again in the future. When you save your settings, they are saved in the database. The name you give to the filter appears in the Use a saved filter list box for that type of logs and reports.
Saving and deleting filters
http://www.symantec.com/docs/HOWTO27267
Also, check these articles.
About the different types of Symantec Endpoint Protection Manager Reports
http://www.symantec.com/docs/TECH95538
About Computer Status reports and logs
http://www.symantec.com/docs/TECH95541