About the Corp Overview page

IMPORTANT

This guide only applies to Next-Gen WAF customers with access to the Next-Gen WAF control panel. If you have access to the Next-Gen WAF product in the Fastly control panel, check out our web interface guides for the Fastly control panel.

The Corp Overview page provides an at-a-glance view of all the sites in your corp, including which of your sites:

  • is seeing the most traffic.
  • is attacked the most.
  • is seeing the most blocked traffic.
  • has the most flagged, malicious IPs.

In addition to high-level stats, the Corp Overview page provides attack type and source breakdowns, enabling you to better visualize how your sites are being attacked.

Before you begin

Be sure you know how to access the web interface controls.

About the Corp Overview page

The Corp Overview page surfaces relevant data about your corp and its sites. To navigate to the Corp Overview page, click the name of your corp in the upper left corner of the web interface.

The Corp Overview page organizes data about your corp into the following sections:

  • Corp cards: cards that represent request metrics as graphs.
  • Site Summaries: a table listing the most frequent attack types and sources for a site.
  • Top Signals: tables containing signal data.

You can use the Corp Overview page controls to change the time frame over which to display data for the entire page.

Corp Overview page controls

Corp cards

The Corp Overview page surfaces request metrics for all of your sites through the following cards:

  • Request Volume: the number of requests your corp receives, the number of requests that have at least one attack signal, and the number of requests that were blocked.
  • Attack Requests: the number of malicious requests per site. The card displays a maximum of 10 sites.
  • Blocked Requests: the number of requests that were blocked. The card displays a maximum of 10 sites.

Hovering over any part of a graph displays a timestamp indictor that updates itself as you move your cursor.

Site Summaries table

The Site Summaries table highlights the most frequent attack types and attack sources (e.g., the regions where the attacks originated) for each site. You can use a search bar to filter the table by site and the site menu to view all sites, sites with attack requests, or sites without attack requests. The table contains these columns:

  • Site: the name of the site and the total number of requests the site has received.
  • Requests with Attack Signals: the top number represents the number of requests that were blocked due to threshold configurations (i.e., site alerts or templated rules). The bottom number represents the number of requests that have at least one attack signal.
  • Attack Signals: the most frequent attack types for that site.
  • Countries: the top three regions where the attacks originated.
  • Flagged IPs: the number of IP addresses that were flagged due to exceeding set thresholds in the specified time period.

Top Signals tables

The Top Signals section surfaces signal data from your corp in the following tables:

  • Attack Signals: displays data related to malicious requests.
  • Anomaly Signals: displays data related to abnormal requests (e.g., requests containing malformed data and requests originating from known scanners).
  • Corp Signals: displays data related to signals created at the corp level.

You can use a search bar to filter the tables by signal. The tables contain the following columns:

  • Signal: the name of the signal.
  • Total Requests: the number of requests that were tagged with the signal in your corp.
  • Top sites: the sites that had the highest number of requests with that signal.
  • Requests per Site: the number of requests tagged with that signal per site.

What's next

Dig deeper into details about the web interface controls.

Was this guide helpful?

Do not use this form to send sensitive information. If you need assistance, contact support. This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.