RiskAnalytics is proud to announce a new interface for managing your security device(s). On June 19, 2015 the new RA Force security dashboard beta version was made available through both your existing RiskTool login as well as a new custom URL that will be communicated to you after the deployment.


This new security dashboard replaces the existing "Security" tab in RiskTool. We will continue to support the Security tab within RiskTool for the time being, but eventually this tab will be removed and all interaction with your RiskAnalytics device will occur in the RA Force security dashboard.


There are several new and exciting features to the interface that we will outline in this page:

  • New Layout
  • RiskTool Integration
  • Monitoring Overview Page
  • Threat Intel Search

New Layout

The new RA Force security dashboard has been completely revamped to allow for easier navigation. The various components within the application can now be accessed through a left-hand sidebar navigation.  


Each component is summarized below:
  • Overview - Here you can get the bulk of your reporting, including security-based blocks and policy-based blocks.
  • Devices - Lists all devices associated to your Account.
  • Alerts (ThreatSweep customers only) - Lists all Low, Medium and HotAlerts that have been identified by your device.
  • Threat Intel Search - Allows you to search the shunlists and whitelists by IP address.
  • Alert Configuration (ThreatSweep customers only) - Provides customization for the types of alerts you'd like to receive notifications for.
  • Shunlist - Settings for the both Security- and Policy-based lists.
  • Whitelist - Allows you to review the Global Whitelists and add a new whitelist entry.

In addition, you are able to manage your Users by clicking the gear icon in the toolbar. 


While not all of these pages listed above will have changes, you will be able to manage them all either here in RA Force or in the RiskTool web app.


RiskTool Integration

If you have a RiskTool system for managing the human element (e.g., Training, Policy Acceptance, etc.), you will be provided a link to the RiskTool application in the main toolbar. In this initial phase, you will still be able to access the "Security" tab, which is the old method of reviewing security statistics, etc. As stated above, the old Security tab will be phased out as we develop new functionality to replace it in the RA Force security dashboard.

Monitoring - Overview

The Overview page is a brand new dashboard to allow you to interact with the most important information your device is returning. There are several new reporting options.
  • Data Reporting Intervals - Data is now returned to RA Force every 15 minutes. In the past we were reporting daily, so this is a significant update to the granularity to which you can assess and interact with the data.
  • Devices - The "Devices" picker in the top toolbar allows you to quickly filter between "All Devices" or a specific device associated to your Account. The default is "All Devices."
  • Time Picker - The time picker allows you to select a custom range to return statistics based on a previous time period "ending now." You can also select custom date ranges in the past. The default is "7 days ending now."
  • Report Types - At the top of the graph, you can now select between "security based blocks" and "policy based blocks."
  • Report Highlights - At the bottom of each report, you can now turn on/off each of the different block types simply by clicking the name. The report will refresh with the parameters that remain.
  • Report Zoom - By clicking and dragging, you can now get a quick view into a specific date or time range with a single click. Just scroll over the time period on the graph you'd like a closer look at, and the graph and the Top 10 Blocked IPs will refresh accordingly.
  • Report Scroll-overs - By mousing over the data points in the graph, you can get more granular data about that block type and time period.
  • Top 10 Blocked IPs - Based on your reporting parameters (Devices, Time Picker and Report Type), the Top 10 Blocked IPs will be displayed.  You can click on the IP address to get more information about the Owner, Registrar, Country Code, Status and additional IP details.


Threat Intel Search

We've brought the ability to search for an IP address to the forefront. This was accessible on the Security tab in RiskTool under "Shunlist," but in an effort to provide additional research tools to our customers, we've made this a single click away from the Overview page. The functionality remains to search for an IP address and be returned pertinent details regarding the information we have available.  

In a future release we will enhance the information provided on an IP to include associated hostnames and the ability to block entire hostnames.


Coming Soon

There are several exciting new features that will be added to the RA Force security dashboard over the next few months. Some of these include:
  • Inbound/Outbound toggles on block reporting data sets
  • CSV downloads of all reports
  • IP address pop-up enhancements, such as hostname data
  • Extension of the Top 10 Blocked IPs to include ALL Blocked IPs

Feedback

We are constantly striving to make enhancements that will make our customers interaction with our services more seamless. Please feel free to report any problems, issues or general feedback to support@riskanalytics.com or by submitting a ticket using the "New Support Ticket" option above.