Exploring the GuardianKey's panel

In the GuardianKey’s administration panel you can set-up preferences for the detection engine and visualize your risks, events, and user’s interaction behaviours.

Overview



The administration panel can be accessed via web. The interface is easy and intuitive. It has:

  • Dashboards it is possible to have an overview oriented to risks, events or geographic.

  • Explore: you can search and explore events and users.

  • Settings: you can create organizations, authentication groups and policies, to be used by the detection engine.

The panel is included in the GuardianKey Auth Security product series, in which is deployed in your environment. Also, it can be used in the cloud services.

The features are presented in more details below.

Dashboards



The GuardianKey’s administration panel, currently, provides the following dashboards:

  • Risk: provides information about the accepted, mitigated, and pending risk. The accept risk is the sum of all events below the “accept” threshold. Mitigated risk is the risk related to the blocked events and threated events. The pending risk is the sum of event risks of the notified events.

  • Event: provides information about the number of events, based on each response type.

  • Geographic: provides the events ploted in the world map.

Dashboards are interactive. It is also possible to set time intervals for graphs and tables.

User details and authentication attempts

In any place of the panel, you can click in the username to open details about the specific user. In this page, there are the events and custom behaviors of the related user. There are:
  • A time slider to set the desired period.

  • Graph of events in time.

  • The events generated for the user.

  • Some histograms about the user behavior and context.

  • A timeline for the user's events.

Configuration



You can configure GuardianKey Auth Security to alert your users when the event's response is NOTIFY or HARD_NOTIFY.

GuardianKey supports two notification types:

  • E-mail via your SMTP: used to send event notifications to your users via a mailing server provided by you. You can use a GMail account, for example.

  • Web hook: in this case, GuardianKey will process the events to compute its risk and submit them via REST using the “Web hook URL”, inputed by you in the form. This is particular useful to collect the events in your log system. The response should be made in your side.

It is possible to customize the e-mails that are sent to users.

It is possible to configure policies, in which you can set thresholds for event's response. In this case, there are the following thresholds:

  • “Notify threshold”: events will be accepted below it and notified above it.

  • “Hard notify threshold”: for events with risk above this value, it will be suggested to the system to require more actions from the user (e.g., an extra authentication factor).

  • “Block threshold”: over this threshold, the user action will be blocked. User will not be notified about this via e-mail.