Detailed information about objects represented on the network interactions map is displayed in the details area. To display detailed information, you can select an object with the mouse (if you want to view the details of a group, you must first collapse the group).
For nodes, the following information is displayed:
If the node represents a device known to the application, the details area displays the same information that appears in the device table.
If the node represents a single device unknown to the application, the details area displays the MAC and/or IP addresses of the device (with the names of address spaces if extra address spaces have been added to the application).
The number of nodes that this node contains, taking into account the current filtering settings.
IP addresses displays the number of IP addresses of unknown devices and the first 100 IP addresses (with the address space names, if extra address spaces have been added to the application). This section is displayed if some unknown device nodes have IP addresses.
MAC addresses displays the number of MAC addresses of unknown devices and the first 100 MAC addresses (with the address space names, if extra address spaces have been added to the application). This section is displayed if some unknown device nodes have MAC addresses.
For groups, the following information is displayed:
Parent group displays the path to the group in the device group tree. If the group is at the top level of the hierarchy, N/A (this is a top-level group) is displayed.
The number of devices in this group and in all its child groups at all nesting levels.
Information about the number of objects with issues in the selected group and in its child groups at all nesting levels. If there no such objects exist, the security state is displayed as OK.
For links, the following information is displayed:
Severity is the icon corresponding to the maximum severity level of the events associated with the link. If no events are associated with the link, No events is displayed. Only events registered during the given object filtering period are taken into account. The current status of events is not taken into account.
Sections with basic information about the first and second parties of the interaction:
If an unknown device node is a party of the interaction, this section displays the name or address of the device, category, and address information (whereas for a device known to the application, the address information is displayed only for those network interfaces that were involved in the interaction). For a known device, the device status is also displayed.
If a collapsed group is a party of the interaction, this section displays the name of the group and the number of devices and child groups it contains.
If the common node of unknown devices is a party of the interaction, this section displays the name of the node, Unknown devices, and the number of nodes represented by this node.
Protocols is a section with a list of protocols involved in the interaction. For each protocol, the amount of transmitted data is indicated, calculated from the detected network packets. The section is not displayed if one of the parties to the interaction is the common node of unknown devices.