Cyber Shield Drill-Down Investigation


You must configure your Cyber Shield Domain Filtering to block specific domain categories. More details on Domain Filtering can be found here: Configuring Cyber Shield Domain Filtering.

Before setting up a drill-down investigation, we also recommend that you refer to this documentation: Cyber Shield Top-10 Dashboard.

Conduct a drill-down investigation

  1. Access the Cyber Shield page in the Administration portal, and on the Top 10 Dashboard pane select a dashboard view. For this example, we’re using Blocked Domains by Category.
  2. Toggle the Investigate Mode switch to ON.
  3. Click one of the category circles on the dashboard. For this example, we’re using Malware.
    • The dashboard displays the users that originated any DNS queries that are classified in the Malware category.
  4. Click on a user to drill down into that data set.
  5. The dashboard displays the devices on which traffic was blocked because it was flagged by the Malware domain filter.
    • You can navigate back to either the Category view or the Malware view by clicking the breadcrumbs.