InCenter provides the Clavister CyberSecurity Score option with the monitoring feature of NetWall nodes. This option generates a set of "score" displays which are easily understood, snapshot summaries of the current security status for individual or groups of NetWall nodes, or an overall summary for all monitored nodes.

Scores can be displayed by selecting one of the menu options under the CyberSecurity Score heading in the navigation pane of the InCenter WebUI.

Log Data Collection and Score Calculation Frequency

The CyberSecurity Score feature works by calculating score parameters each day at midnight using the previous 24 hours of log messages received from monitored NetWall nodes. In other words, the score information presented by InCenter is a summary of the security status during the previous day. Note that the "midnight" time when the calculations are performed is determined by the time zone used by the InCenter server and not using the timezone in which individual nodes are located.

If InCenter has not yet received sufficient data, it will display the following message when a score display is requested.

The above message may also be displayed when the score display is requested for a particular node that has insufficient data but there is sufficient data for other nodes.

The Overview Option

The score Overview option will provide a summary for all monitored NetWall nodes. Below is an example of a typical summary display for all nodes.

By using the drop-down box on the upper-right, this display can be recalculated for individual nodes or node groups.

On the left side of this display is an alphabetical score between A (the highest level) and F (the lowest). This provides a quick indicator of overall security status.

On the right side is a threat indicator that takes a percentage value between 0 (the lowest threat level) and 100 (the highest threat level). Unlike the other measures which are averages, the threat indicator value is the highest value found among all the nodes or among those that are currently selected.

In between are colored bar meters that provide a score level between A and F for the following individual security categories:

Under the score display is a list of Top 3 Suggested Improvements which indicates suggested ways that the overall score could be improved.

The Details Option

The Details menu option presents a more detailed view of the score for each node.

An individual node can now be selected to provide a drill-down into the individual indicators that went into how the scores were calculated.

The colored bar on the right side of each indicator gives a measurement for the contribution of that factor to the overall score for that node. A red bar shows that the indicator made a significantly negative contribution and green shows a marginally negative contribution. The indicators are initially ordered with the most negative contributors first. The recommendation is for the administrator to address the most negative indicator first in order to improve the overall score for that node.

Using the Date Picker to See Earlier Scores

When a cybersecurity score is displayed, an earlier average score on a particular day can be displayed by using the date picker. The date picker is a drop-down box above all score displays.

Clicking the picker presents a day by day calendar which shows historial summary score values. By clicking on a day in the calendar, the complete score details for that day will be displayed.