From the Malware Prevention dashboard, you can switch to the Campaigns page in the NSX Network Detection and Response UI and monitor the campaigns that NSX Network Detection and Response has detected in your network.
The following procedure explains multiple methods to open the NSX Network Detection and Response UI in NSX Manager and view the campaign details.
Prerequisites
- NSX Malware Prevention and NSX Network Detection and Response features are activated on the NSX Application Platform.
- NSX Malware Prevention feature is activated on the ESXi host clusters or tier-1 gateways, or both, depending on your security requirements.
Procedure
- From your browser, log in to an NSX Manager at https://nsx-manager-ip-address.
- Click Security, and then in the left navigation pane, click Malware Prevention.
The
Potential Malware page is displayed.
- Use any of the following methods to view campaigns in the NSX Network Detection and Response UI.
- Method 1: On the Potential Malware page or the All Files page, expand a row to view the last inspection details of the file. Click the Campaigns link. This link appears only when campaigns are available for the detected malware.
- Method 2: In the upper-right corner of the NSX Manager UI, click , and then click Network Detection and Response. The Dashboard page of NSX Network Detection and Response is displayed.
The Active campaigns in my network widget on the Dashboard page provides an overview of the campaigns that NSX Network Detection and Response has identified and that are currently active in your network. This widget helps you to focus your attention on the most critical campaigns for immediate action. It displays statistics for All Active Campaigns, Open High Impact Campaigns, In-Progress High Impact Campaigns, and Hosts Affected.
To see more details about these campaigns, click Go to campaigns overview at the bottom-left corner of the widget.
- Method 3: In the NSX Manager UI, navigate to .