Reseller-level Email Analytics provides detailed information relating to the Link Isolation and Attachment Sandboxing add-ons for Email Security Cloud and is made up of two parts - Link Click Analysis and Threat Explorer.
You can find these reports within the VIPRE Email Cloud console on the left-side menu under the heading Analytics. Select a topic below to learn more.
Link Click Analysis
Link Click Analysis provides details relating to links within received emails that users clicked. This content explains the data presented in this view.
Important
Link Click Analysis is only available for VIPRE Email Security Cloud customers with the Link Isolation add-on or the Advanced Threat Protection (ATP) package.
Threat Trend
The Threat Trend bar graph shows dates and times when users may have clicked potentially harmful links. You can filter the table by clicking on a specific point on the bar graph to show only that date/time based on the Time column.
Engines
- DeepLink - Items in the threat table labeled with DeepLink should be given special consideration as these could potentially indicate a new, unknown threat or a targeted attack.
- Standard - Items found with the Standard TDE are known to be malicious
You can filter the table by clicking on the desired Threat Detection Engine (Standard or DeepLink) in the donut chart to show only that category.
Categories
Links that are clicked are categorized in one of the following ways:
- Malicious - Items categorized as Malicious are known malicious sites
- Suspect - Items that have been identified as suspicious sites, possibly unknown threats
- Spam - Items that have been identified as spam based on your configured policies
In cases of items marked as Malicious, Suspect, or Spam, you can select that line item for more details such as the affected URL, the user who clicked the link, their IP and browser version, as well as the sending email address and when the email was received. You can filter the table by clicking on the desired category (Malicious or Suspect) in the donut chart to show only that category.
Top Domains
A list of the top 5 domains with suspicious or known malicious URLs sent to emails. You can filter the table by clicking on the desired domain in the Top Domains list to show only that domain under the URL column.
Top Link Clickers
A list of the top 5 users who click suspicious or known malicious URLs within their email. You can filter the table by clicking on the desired user in the Top Link Clickers list to show only that user under the Link Clicker column.
Top Customers
A list of the top 5 customers who have users clicking suspicious or known malicious URLs within their email. You can filter the table by clicking on the desired customer in the Top Customers list to show data specifically for that group.
Top Senders
A list of the top 5 email addresses that send suspicious or known malicious URLs via email. You can filter the table by clicking on the desired email address in the Top Senders list to show only that address under the Sender column.
Threat Explorer
Threat Explorer provides details about all types of threats within emails that users received. This content explains the data presented in this view.
Important
Threat Explorer is only available for VIPRE Email Security Cloud customers who have the Attachment Sandboxing add-on or the Advanced Threat Protection (ATP) package.
You can choose date ranges by clicking on the dates in the top-right corner.
Threat Trend
The Threat Trend bar graph shows dates when potentially threatening mail was received. You can filter the table by clicking on a specific point on the bar graph to show only that date/time based on the Time column.
Engines
- Sandbox - Attachment Sandboxing Add-on is required for this; indicates the percentage of potentially harmful attachments that were caught and quarantined
- Virus Scanner - Indicates the percentage of emails with potential viruses caught and quarantined
- Spam Scanner - Indicates the percentage of spam emails caught and quarantined
You can filter the table by clicking on the desired Threat Detection Engine (Sandbox, Virus Scanner, or Spam Scanner) in the donut chart to show only that category.
Categories
Emails that are received are categorized in one of the following ways:
- Suspect - Items categorized as Suspect are suspicious but not confirmed threats
- Malicious - Items categorized as Malicious are known threats
- Spam - Items categorized as Spam are based on your configured policies
- Bulk - Items categorized as Bulk are based on the bulk email filter and are generally “newsletter” type messages
- Phishing - Items categorized as Phishing are based on the Spam scanner and your configured policies
In all cases, you can select that line item for more details such as the sending email address and when the email was received, and more. You can filter the table by clicking on the desired category in the donut chart to show only that category.
Top Attack Vectors
A list of the top 5 types of attacks sent via email. (For example, 29.74% EXE, 24.03% ZIP, 13.04% URL would indicate 29.74% of the attacks were in the form of an executable file, 24.03% were in the form of a .zip file, and 13.04% were in the form of a malicious link.) You can filter the table by clicking on the desired vector in the Top Attack Vectors list to show only that category.
Top Recipients
A list of the top 5 email addresses that receive suspicious or known malicious messages. You can filter the table by clicking on the desired email address in the Top Recipients list to show only that address under the Recipient column.
Top Customers
A list of the top 5 customers who receive suspicious or known malicious messages. You can filter the table by clicking on the desired customer in the Top Customers list to show data specifically for that group.
Top Senders
A list of the top 5 email addresses that send suspicious or known malicious messages. You can filter the table by clicking on the desired email address in the Top Senders list to show only that address under the Sender column.