ZyXEL Communications P-334WT Informações Técnicas descarregar pdf (Página 33)

All logs generated in P-334WT, including firewall logs and system logs are migrated to centralized logs. So you can view firewall

logs in Centralized logs.

Before you can view firewall logs there are two steps you need to do,

1. Enable log function in Centralized logs setup via either one of the following methods,

● Web configuration: Advanced/Logs/Log Settings, check Access Control and Attacks options depending on your real

situation.

● CI command: sys logs category [access | attack]

2. Enable log function in firewall default policy or in firewall rules.

After the above two steps, you can view firewall logs via

1. Web Configurator: Advanced/Logs

2. View the log by CI command: sys logs disp

You can also view Centralized logs via mail or syslog, please configure mail server or Unix Syslog server in Advanced/Logs/

Log Settings.

4. When does the Prestige generate the firewall alert?

The Prestige generates the alert when an attack is detected by the firewall and sends it via Email. So, to send the alert you must

configure the mail server and Email address using Web Configurator. You can also specify how frequently you want to receive

the alert via Web Configurator.

5. What does the alert show to us?

The alert shown in the Email is actually the evens of the attack. So, the Reason column shows Attack and the attack type. Please

see the example shown below.

# Time Packet Information Reason Action

127|Mar 15 0 |From:192.168.1.1 To:192.168.1.1 |attack |block

| 03:04:54|ICMP type:00008 code:00000 |land |

6. What is the difference between the log and alert?

A log entry is just added to the log inside the P-334WT and e-mailed together with all other log entries at the scheduled time as

configured. An alert is e-mailed immediately after an attacked is detected.

1 2 ... 28 29 30 31 32 33 34 35 36 37 38 ... 294 295

Sem comentários

ZyXEL Communications P-334WT Informações Técnicas Página 33