MSI Supero CSE-M35S Podręcznik Użytkownika Strona 261
- Strona / 309
- Spis treści
- ROZWIĄZYWANIE PROBLEMÓW
- BOOKMARKI
Oceniono. / 5. Na podstawie oceny klientów
ManageEngine Firewall Analyzer :: User Guide
260
Zoho Corp.
3. I am not getting Attack Reports in CheckPoint firewall?
Firewall Analyzer looks for the attribute attack in the CheckPoint firewall logs to
generate the attack reports.
4. Firewall Analyzer shows the destination site (example: www.yahoo.com) but it is
not showing the complete URL (example: www.yahoo.com/index.html)?
It looks for the attribute resource in the log.
Example log is as follows:
id=leafirewall time="16Aug2006 7:43:56" action="accept" orig="AHFW_1"
i/f_dir="outbound" i/f_name="eth0" has _accounting="1" product="VPN-1 &
FireWall-1" __policy_id_tag="product=VPN-1 & FireWall-1[db_tag={55E82635-
247B-44 B7-9E29-
42EDE0F57E2C};mgmt=FW_MGMT;date=1155671079;policy_name=N2H2_Filter
ed]" rule="22" rule_uid="{5A131CD7-BCBA -4859-AB39-43594A24931A}"
rule_name="HTTP Outbound" service_id="http" src="xxx.xxx.xxx.xxx"
s_port="2624" dst="xxx.xxx.xxx.xxx" service="http" proto="tcp"
xlatesrc="xxx.xxx.xxx.xxx" xlatesport="57700" xlatedport="Unknown" NAT
_rulenum="94" NAT_addtnl_rulenum="internal"
resource="http://www.yahoo.com/index.html" start_time="16Aug2006
7:43:56" segment_time="16Aug2006 7:43:56" elapsed="0:00:00" packets="11"
b ytes="1161" client_inbound_packets="6" client_outbound_packets="5"
server_inbound_packets="5" server_outbound_p ackets="6"
client_inbound_bytes="753" client_outbound_bytes="408"
server_inbound_bytes="408" server_outbound_by tes="753"
client_inbound_interface="eth0" client_outbound_interface="eth0"
server_inbound_interface="eth1" serv er_outbound_interface="eth1" __pos="7"
__nsons="0"
5. Why do I see zero results for kilobytes transferred in the reports for Check Point
firewall?
This could be happening because bandwidth information is not being captured in
the log file. Ensure that your Check Point firewall has been configured to generate
both regular and accounting log files. While regular log files contain information
regarding firewall activity, the accounting log file contains the bandwidth and
session information. Please refer the Configuring Check Point Firewall's section for
help on creating the accounting log file.
6. I am getting only Unknown Events in Event Overview graphs in the dashboard?
CheckPoint firewall logs do not have the priority or severity fields. Event Overview
graph groups Events based on severity. As there is no severity in check point
logs, Firewall Analyzer puts default value as Unknown severity and hence Event
Overview shows only Unknown Events. If you drill down that group or by clicking
the More link, you can get complete Events.
- Table of Contents 2
- Introduction 6
- About Firewall Analyzer 7
- Release Notes 8
- Supported Firewalls 10
- Installation and Setup 13
- Prerequisites 17
- Installing and Uninstalling 19
- Starting and Shutting Down 21
- Accessing the Web Client 24
- License Information 25
- Getting Started 26
- Using the Dashboard 27
- Using the Sub Tab 33
- Dashboard View Customization 37
- Firewall Analyzer Reports 39
- Firewall Reports 40
- Application Reports 46
- Traffic Reports 48
- Protocol Usage Reports 50
- Web Usage Reports 53
- Mail Usage Reports 56
- FTP Usage Reports 58
- Telnet Usage Reports 61
- Event Summary Reports 63
- VPN Reports 65
- Firewall Rules Report 69
- Inbound Outbound Reports 71
- Intranet Reports 73
- Internet Reports 75
- Security Reports 79
- Virus Reports 81
- Attack Reports 84
- Spam Reports 87
- Admin Reports 89
- URL Categories Reports 91
- Proxy Reports 100
- Live Reports 101
- Top Talkers 106
- Website Details 108
- Proxy Usage 110
- Trend Reports 114
- Protocol Trend Reports 115
- Traffic Trend Reports 116
- Event Trend Reports 117
- VPN Trend Reports 118
- Custom Reports 120
- Setting Log Filters 123
- Using Advanced Search 126
- Notifications 129
- Viewing Alerts 137
- Alerts Administration 138
- System Settings 140
- Simulating Firewall Logs 142
- Managing Syslog Servers 145
- Managing LEA Servers 146
- Managing Alert Profiles 148
- Configuring DNS Resolution 150
- DHCP/Proxy Logs 152
- Importing Log Files 157
- Viewing Device Details 161
- Archiving Log Files 162
- Unused Rules 165
- Ubuntu 9.1.10 175
- Fedora 12 175
- OpenSuSE 11.2 175
- CentOS 5.5 175
- Scheduling Reports 178
- Working Hour Configuration 180
- Report View Customization 181
- Admin Settings 184
- Setting up Intranets 187
- Adding Different Users 188
- Setting up the Mail Server 193
- Viewing Server Diagnostics 201
- Accessing the Database 202
- Devices 203
- SMS Settings 205
- Changing Account Settings 207
- Configuring Firewalls 208
- Concentrator 217
- Option 1 222
- Option 2 223
- Run ISA Management Console 229
- Configuring CyberGuard 230
- Configuring Cyberoam 231
- Configuring Snort 239
- Appliances 241
- Configuring Juniper Devices 242
- Configuring 3Com 246
- Configuring IPCop Firewalls 251
- Configure Proxy Server 252
- Tips and Tricks 255
- Troubleshooting Tips 267
- Other Tools and Utilities 273
- Configuring MSSQL Database 275
- Collector Server 301
- Using Ask ME 307
- Contacting Technical Support 308
Powiązane produkty i podręczniki dla Oprogramowanie MSI Supero CSE-M35S
Oprogramowanie MSI MS-96E0 Podręcznik Użytkownika
(100 strony)
(100 strony)
Oprogramowanie MSI MS-9856 Instrukcja Obsługi
(19 strony)
(19 strony)
© 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.033 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji