The Network tab gives a complete view of network traffic in the industrial network. Multiple Qualys Network Passive Sensors can be deployed across the network. Each Qualys Network Passive Sensor has access to traffic with source and destination details in the flows. The Network tab shows all sources and destinations of the given port and protocol. The network list view displays the different protocols being used in the network and how the assets are communicating.
The network table contains the list of network traffic with the following details:
- Source asset - Source asset type - When the asset was first and last seen communicating on the network - Destination asset - Destination asset type |
- Protocol/Transport protocol used for communication - Port on which they are communicating - Total traffic volume for the network - Ingress traffic volume for the network - Egress traffic for the network |
In the search bar, you can build QQL queries to narrow down the scope of your network traffic search by using the supported search tokens. For more information, see Search Tokens for Industrial Control System.
Use the left pane filters to search for network traffic grouped into various categories. After clicking a category in this list; your selection gets translated into a QQL query in the search bar, and the network traffic that fits into your selected category are displayed in the network traffic table.
