Executive Summary Report
- Gary Leicht
The Executive Summary Report provides high-level, cyber-security information utilizing highly informative visuals and key metrics delivered in an easy to read and highly understandable format that directly impacts the business. The information contained within the executive summary report is typically used to report the state of the business and its cybersecurity efforts to other interests within the organization who are not technical consumers. Graphics and visuals generated within the report can be incorporated into other reports or can be included in PowerPoint and other presentations.
Information contained within the Executive Summary Report consists of a high-level rollup, supporting visual data, and key findings of activity across an organization's network. The information can be downloaded as a PDF and does not require executive staff members to access the Infoblox Portal in order to access it. The high-level data contained within the report will assist others residing outside the IT department in understanding key Information Security metrics.
The Executive Summary Report is available to subscribers of Infoblox Threat Defense Business Cloud and Infoblox Threat Defense Advanced. The Executive Summary Report is not available for Infoblox Threat Defense Essentials or for Infoblox Threat Defense Business On-Premises subscribers.
Reporting Visualizations | |||
|---|---|---|---|
| Reporting Widget name | Description | Data Source | Visualization type |
| Rollup Summary | Rollup Summary: The chart displays a summary of web and enterprise activity seen over the customer's organization. The Rollup summary includes the following:
| DNS Response Logs. | Custom rollup. This is a single, dashboard view of the other visualizations. |
| Total DNS Activity | Total DNS Activity: The chart depicts the count of total DNS Domain Name requests displays queries made by computer systems within the customer's organization. A disruption to DNS can stop your whole network, therefore watching for outages, spikes, and unusual patterns can be your first step in determining overall network health. The Total DNS Activity chart should follow a gentle pattern reflecting your active business hours. | Logged DNS Queries from all logged sources including direct query, DNSFW, Proxy, and endpoint. | Area Chart |
| DNS Firewall Activity | The DNS Firewall Activity: The chart displays the count of total domain name requests to "Known threats." This could be malware or an employee unknowingly clicking on an unsafe link in an email. Additionally, the Malicious Requests chart represents Infoblox actively stopping a threat from opening a line of communications. Any traffic displayed on the chart is something to be concerned about. | Logged DNS Queries from all logged sources including direct query, DNSFW, Proxy, and endpoint that are tied to all forms of malware (Not web content filtering policy). | Area Chart |
| Top Threat Classes within Organization | The Top Threat Classifications within Organization: The chart classifies threats based on rating and other factors resulting in the level of danger each threat represents to your organization and reports the top 10 types of malware observed on the customer's organization. Threats are displayed in a larger segment based on the danger and/or the number of different systems performing malicious "queries." The data displayed on the Top Threat Classes with Organization chart is valuable in prioritizing efforts to secure your network. | DNS activity with specific hits matched to a specific malware type. | Treemap |
| Communications by Threat Class and Target | The Communications by Threat Class and Target: The chart lists the top 10 types of malware communications and the top destinations of that malware in your network. The information is useful in identifying the threat actors with the most impact across the customer's organization, and to break out a lateral attack spreading in the environment. | Correlation of DNS activity with specific hits against known addresses from Infoblox feeds such as bogon, ransomware, bot-ip, etc. Categorized by the threat type and Target Domain or IP. | Parallel Sets |
| Data Exfiltration Activity | Data Exfiltration Activity: The unauthorized transfer of data from a computer. DNS threat analytics can detect and automatically block data exfiltration attempts via DNS, without the need for endpoint agents or additional network infrastructure. The target domains can originate from any geographic location. | Data Exfiltration Activity data is plotted geographically on a map along with the top attacker per plotted location. The information is also displayed in tabular format (attackers versus locations). | Map |
| Content Filtration | Content Filtrations: Infoblox provides information regarding the various DNS queries in the network. The Content Filtration chart depicts the breakdown of web activity to sites classified by the customer as unauthorized by means of a content category. | Content Filtration is represented using a pie chart .The pie chart displays the percentage of blocked or redirected queries made to unauthorized web categories. | Pie Chart |
Downloading the Executive Summary Report
To download the Executive Summary report, perform the following:
- From the Infoblox Portal, click Monitor > Reports > Security > Summary Reports.
- On the Summary Reports page, complete the three-step process to export the Executive Summary report.
Step 1: Choose a report to generate: Select Executive Summary Report from among the listed reports in the drop-down menu.
Step 2: Select a time period for the report you would like to download. You can select up to 30 days of data: Select the date range for the executive summary you want to download. Date ranges include the following:
- 1 hour
24 hours
48 hours
- 7 days
- 1 month
- Custom. When a custom date range is selected, a date-time prompt will populate the page where you can select the date or dates you want to view. You can choose up to 31 days of data with a maximum query of 31 days, but no further back than 60 days from the current date.
Step 3: Choose page size: You can choose from among three different page size options for your report. Choose your choice of report page size from among the options in the drop-down list. Report page size options include:
- Default (17.78 x 10 inches (452 x 254 mm))
A4 (11.69 x 8.27 inches (297 x 210 mm))
US Letter (11 x 8.5 inches (279 x 216 mm))
Step 4: Export the Report: Click the Export button to download the Executive Summary report in the selected page size as a PDF.
Note
The Executive Summary dashboard widgets can be viewed by adding them to the dashboard page.