Motorola SBG900 User Manual page 40

Motorola user guide wireless cable modem gateway sbg900

Hide thumbs Also See for SBG900:

Guia do usuário (139 pages)

Quick installation manual (16 pages)

Setup manual (7 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

Table of Contents

Overview Installation Troubleshooting Contact

Firewall > LOGS

Option

Session Log

Blocking Log

Intrusion Log

Blacklist

Home

Configuration: Basic Gateway TCP/IP Wireless USB

Description

The Session Log shows data sessions that have occurred and tracked by the Firewall. To

enable logging of sessions, the Enable Session Log option must be selected in the Firewall

Logs Config Page. A firewall policy must be in effect for session events to be generated. If the

firewall policy is set to None then no new session entry will be generated.

The log entries correspond to data sessions that have occurred in the device that are

authorized by the normal firewall filters. Usually, this log shows the history of normal data

traffic. Though a session may be terminated early by the firewall due to policy or session

change, or if the session is later determined by the firewall to be an intrusion attack.

The Blocking Log shows firewall blocking events. To enable logging of blocking events, the

Enable Blocking Log option must be selected in the Firewall Logs Config Page. A firewall

policy must be in effect for blocking events to be generated. If the firewall policy is set to None

then no new blocking entry will be generated.

The log entries correspond to firewall blocking events that occur when unauthorized inbound

or outbound data packets are detected. Unauthorized data packets are those that use

protocols and/or ports that are not explicitly allowed by the current firewall policy. In addition,

data packets that are determined to be invalid due to session time-outs or reassembly

time-outs are also blocked.

The Intrusion Log shows the intrusions attempts that have occurred and stopped by the

firewall. To enable logging of intrusion events, the Enable Intrusion Log option must be

selected in the Firewall Logs Config Page. A firewall policy must be in effect for intrusion

events to be generated. If the firewall policy is set to None then no new intrusion entry will be

generated.

The log entries correspond to intrusion attacks that have been detected and stopped by the

firewall. The firewall is capable of detecting several well-known intrusion tactics that is used to

attack a network device. This log is a history of those intrusion events.

The Blacklist Log shows the IP addresses that have been determined by the firewall to have

breached the firewall policy of the SBG. A firewall policy must be in effect for blacklist entries

to be generated. If the firewall policy is set to None then no new blacklist entry will be

generated.

Once an IP address has been blacklisted, the firewall will block all traffic to and from that IP

address for 24 hours or when the SBG is rebooted. The user can manually clear the blacklist

by pressing the Clear button on the Blacklist Page. Clearing the blacklist table also allows

normal traffic to flow between the SBG and the formerly blacklisted entries

Exit

FAQ

Specifications Glossary License

SBG900 User Guide

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Motorola SBG900 User Manual page 40

Hide quick links:

Related Manuals for Motorola SBG900

Related Products for Motorola SBG900

Table of Contents