The Risk Engine section in the Admin Portal has 3 pages:
- Geolocation Live Map - in this page you can view logins attempts and filter them by username, activity type and period.
- Geolocation Fencing - in this page you can configure geolocation policies which enable location-based access restriction.
- Risk Engine under Settings - in this page you can configure the Risk Engine.
...
20.
...
1 - User name to search for.
2 - The type of activity you wish to be displayeddisplay. You may select one of the following:
Success - shows location and data of any successful signץsignin
Failure - shows location and data of any bad credential attempts or attempts from an unapproved device
Risky - shows location and data of any attempt from an IP that has bad IP reputation. For example due to password spraying attack
3 - The time period from which to start collecting the information.
In the following example, we can view all successful sign in attempts from the last year:
Geolocation Fencing
1 - The name of the policy
2 - Whether to apply the policy to a certain AD group/user or domain
3 - The group/user/domain to apply this policy to.
4 - Whether this policy will white list or blacklist login attempts.
5 - The countries that are relevant to this policy.