MSP Threat Report
MSP Threat Reports are configured on a per MSP company basis. Each MSP administrator belonging to an MSP company can include all Nebula-managed Firewalls under their management in the same MSP Threat Report.
The MSP (Managed Service Provider) threat report feature allows administrators to group security data from all managed organizations of an MSP company. You can group organizations by geographical locations, individual customers, or by industries. It helps identify threat trends across groups, monitor any rise or decline in security threats, and generates PDF reports to easy share and review.
SecuReporter does not count activity when devices are offline, and these offline periods are not shown in the MSP threat reports. In NCC, click MSP > MSP cross-org manage > MSP threat report to open SecuReporter.
If your MSP Pack License expires, NCC and SecuReporter hides the MSP Threat Report in the menu tree and stops sending scheduled reports. All profiles are retained, and after renewal, the next report includes all data gathered during the expiration period. Each MSP company can create reports with the following specifications:type | Maximum number |
|---|---|
Profile | 20 |
Device | 500 in total across all profiles |
Click MSP > MSP Threat Report to view and manage your profiles. Click + Add Profile to open the Profile Settings screen.
MSP > MSP Threat Report
MSP > MSP Threat Report > Profile Settings
The following table describes the labels on this screen.
Label | DESCRIPTION |
|---|---|
Edit Profile | |
Basic Information | |
Profile Name | Enter a descriptive name for your profile. You can enter up to 255 printable characters. |
Description | Enter a description for your profile. |
Device | Select one or more organizations, then select at least one device under each one. Individual devices can be assigned to one or more profiles. |
Content | |
Security | Select which security contents and list of expired devices to include in the report. If none of them are selected, the report will only have the Cover Page and Overall Summary page. |
Appendix | Select this if you want the report to include the information of the expired devices. |
Preferences | |
Timezone | This field generates all device log time zones to a single time zone you select here. The reports are generated and sent based on this time zone. |
Report Schedule | Select Monthly to send the reports on the 1st of each month. Once set, you cannot change the schedule to Weekly. Select Weekly and the day of the week to send the reports. Once set, you cannot change the schedule to Monthly, but you can change the day of the week. At the time of writing, generating the report on demand is not supported. |
Cover Design | Select a cover style for your report. |
Customized Logo | Click the button to show or hide the logo you uploaded. Click Browse and select a graphic in JPG, JPEG, PNG, BMP, or GIF format that is smaller than 100KB to use as your logo. This logo will be displayed on the cover page of the report. |
Report Title | Enter a title to display on the cover page of your report. You can enter up to 144 printable characters. |
Email Title | This field allows you to enter a descriptive name for the report title (for example Zyxel MSP Threat Report). Up to 255 characters are allowed for the Email Title including special characters inside the square quotes [~!@#$%^&*()_+{}|:”<>?-=[]\;’,./]. |
Additional Recipient | Enter the email address of the additional recipient to receive the report. |
Cancel | Click Cancel to restore your previously saved settings. |
Save | Click Save to save your changes. |
Download and Share MSP Threat Report
1 Click View Report on the profile.
2 Select the Report Period and click Download to download the PDF report.
You can download reports up to one year old. Reports will automatically be removed from the list after one year. 3 Click Share to send the report to other email recipients.
MSP Threat Report Content
The MSP Threat Report includes a Cover Page and Overall Summary page by default. To add optional contents, click the profile to open the Profile Settings screen, and select the contents under the Content tab.
MSP > MSP Report > Profile Settings > Content
The following table describes the contents in the MSP Threat Report.
content | description |
|---|---|
Cover Page | Displays the report title, report period and customized logo. |
Overall Summary | Displays an overview of threat hits, sorted by organization, site and country. Values in black show the counts from this period, while red and green values indicate how much the counts increased or decreased compared to the last period. |
Threat Hits by Attack Type (Optional) | Displays the attacks grouped by type across all security services. |
Top Attacks and Affected Devices Overview (Optional) | Displays which attack types that occurred the most and the devices most affected. |
Threat Hit by Organization (Optional) | Displays up to 20 (at the time of writing) organizations with the largest increase in the number of attacks. |
Threat Hit by Device View (Optional) | Displays up to 50 (at the time of writing) devices with the largest increase in the number of attacks. |
Appendix (Optional) | Displays the organization name, device name, MAC address and serial number of the expired devices. |
Below is an example of the MSP Threat Report.
MSP Threat Report Example 