The Status Page

Introduction

The Status page lists Field Effect’s core services in once central area and reports on the status of each service. From this page, you can monitor the status of your organization’s Field Effect appliance, network monitoring, endpoint monitoring, cloud monitoring, and the DNS Firewall.

It’s important to know that while these services are broken out into separate line items, the Network Monitoring and Endpoint Monitoring sections are both facets of the Field Effect appliance itself.

For Partners:
This page may behave differently depending how the Organization Selector is set. When set to the provider view, every client will be shown as a line item that can be expanded. When using a specific client view, only the selected client’s statuses will be shown as line items.

Overview
The Status Page for Clients

Overview

The elements listed on the status page have the following refresh intervals:

Item	Refresh Intervals
Appliances	Check in every 15 minutes.
New Endpoint Agents	Check in as soon as they come online.
Existing Endpoints	Every 10 minutes to update online/offline status.
Existing Endpoints	Every 10 minutes to update feature statuses, endpoint risks, antivirus management status, and other properties.

The Status Page for Clients

If you're a direct Field Effect client, or a Field Effect partner using a specific client view, all your (or your end client's) service health and connectivity statuses can be viewed from this page.

Healthy services are indicated using a green icon, and any issues with a service or feature will be marked with a yellow or red icon, depending on the scenario. Any service that hasn’t been setup yet will be marked with a grey icon.

This section walks through the different services outlined on the page when using a specific client view, and the different statuses for each service.

1 - The Field Effect Appliance

The Field Effect appliance is a physical piece of hardware (or virtual, depending on your deployment) that captures the traffic flowing through your network, and analyzes it for any vulnerabilities, and suspicious or malicious activity. If your appliance stops receiving traffic, you will be notified in this area via a red status icon.

To learn more, visit our knowledge base chapters on virtual and physical network appliances.

2 - Network Monitoring

This section also relates to the network appliance, as network monitoring is powered by the appliance. The appliance's "core" represents the technology that analyzes traffic, and other data, to detect vulnerabilities or suspicious and malicious activity and report on it as required.

Every Field Effect MDR deployment will typically have at least one primary appliance (physical or virtual) that performs the actual data analysis. Some deployments may span several physical locations or networks, and in these cases, you may have one or more secondary appliances used to relay data to the primary appliance from each physical location or branch. To learn more, visit our chapters on virtual and physical network appliances.

This section also includes the hostname and Hardware ID for each sensor, which can be useful when troubleshooting a sensor with our Support team.

Hostname: a unique identification number given to the appliance by Field Effect for tracking.
- Example: 123-456-FE-1
Hardware ID: the serial number, last 6 characters of the MAC address, or other unique identifier provided by the manufacturer.
- Example: MF6F50B

Most network sensors will display a hardware ID that uses the serial number, whereas netflow sensors will display a Hardware ID that uses a fragment of their UUID.

If there are any issues with a sensor, it will be flagged in this list via a red icon.

3 - Endpoint Monitoring

The Endpoint Monitoring section will always show a green status, along with the number of online agents, including the total number of agents. Offline agents may be the result of a device that is powered of.

If you haven't set up any endpoint agents in your environment, this section will be shown as grey until endpoint agents are installed and reporting traffic to a sensor. Otherwise, this service will be marked as online (green) with an offline and online endpoint count.

4 - Cloud Monitoring

This section will list all of the cloud services you have enrolled for Field Effect Cloud monitoring. As you enroll services, they will be shown in the expandable list. Any services experiencing connectivity issues will be marked with a red icon, and remedying the issue is usually just a matter or reauthenticating the service.

5 - DNS Firewall

When deploying up Field Effect MDR, your organization should have set up a monitoring profile, which helps us understand your organization and tailor our services to it. When setting up your monitoring profile, your organization should have created a "connection" for each physical network in the company and added that connection's public IPs.

Public IPs are required to enable our DNS Firewall, and you can learn more by visiting our knowledge base article on Setting up the DNS Firewall. The image below shows a user setting up their Public IP connection for their headquarters.

Once your organization's public IP connections are created and the DNS Firewall is enabled, each connection will be shown in the DNS Firewall section. If a single location does not report traffic after one hour, the specific location (along with the main DNS Firewall status icon) will be shown as yellow.

Another scenario that can cause the DNS Firewall to take on a yellow status is when the DNS API is offline. While the locations are protected, their exact status and configuration details are temporarily unavailable. Therefore, all DNS locations will have a yellow status when the API is offline.

If the DNS location has never reported traffic, it will take on a grey status. This is usually the result of the gateway device not being configured to point to our DNS server. See, Setting Up the DNS Firewall for more on configuring gateway devices.