The Advanced IP Defense summary card displays the following metrics for the selected time range (last 7 days or last 30 days):

The summary card includes a trend indicator that compares the current period against the prior period, helping you identify increases or decreases in IP-based threat activity.

The Command Center breaks down alerted threats by severity level (Critical, High, Medium, Low, and Informational). This ranked list helps you prioritize investigation by focusing on the highest-severity alerts first. For each severity level, you can see the count of alerted threats and the top 5 security rules that allowed those threats, helping you identify policies that may need stricter enforcement.

This view shows the security policy rules that are generating the most Advanced IP Defense alerts. Rules that appear frequently in this list may indicate candidates for changing the action from Alert to Block, or may require additional investigation to determine whether the alerted traffic is legitimate or malicious. Use this information to iteratively tighten your Advanced IP Defense enforcement posture.

Advanced IP Defense also appears on the Executive Summary page as a security subscription card. The subscription card displays the overall status of your Advanced IP Defense deployment, including whether the subscription is active and the total threat count for the current period. This provides a quick health check for executives and security operations teams who need a high-level view without drilling into individual threat details.