240. Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others. ZyXEL further reserves the right to make changes in any products described herein without notice.
(90) days from the date of receipt, and (b) any Support Services provided by ZyXEL shall be substantially as described in applicable written materials provided to you by ZyXEL, and ZyXEL support engineers will make commercially reasonable efforts to solve any problem issues.
• Brief description of the problem and the steps you took to solve it. METHOD SUPPORT E-MAIL TELEPHONE WEB SITE REGULAR MAIL LOCATION SALES E-MAIL FTP SITE support@zyxel.com.tw +886-3-578-3942 www.zyxel.com ZyXEL Communications Corp. CORPORATE www.europe.zyxel.com 6 Innovation Road II HEADQUARTERS Science Park sales@zyxel.com.tw +886-3-578-2439 ftp.zyxel.com Hsinchu 300 (WORLDWIDE) Taiwan ftp.europe.zyxel.com...
Page 6
+34-902-195-420 www.zyxel.es ZyXEL Communications Alejandro Villegas 33 SPAIN sales@zyxel.es +34-913-005-345 1º, 28043 Madrid Spain support@zyxel.se +46-31-744-7700 www.zyxel.se ZyXEL Communications A/S SWEDEN Sjöporten 4, 41764 Göteborg sales@zyxel.se +46-31-744-7701 Sweden support@ua.zyxel.com +380-44-247-69-78 www.ua.zyxel.com ZyXEL Ukraine 13, Pimonenko Str. UKRAINE sales@ua.zyxel.com +380-44-494-49-32...
2.1 Starting and Stopping the Vantage Report Server ..........26 2.2 E-Mail in the Vantage Report Server ..............26 2.3 Time in the Vantage Report Server ..............27 2.4 ZyXEL Device Configuration and Source Data ..........28 Chapter 3 The Web Configurator.................... 30 3.1 Web Configurator Requirements ................30 3.2 Web Configurator Access ..................30...
Page 8
Vantage Report User’s Guide 4.5 Anti-Virus Monitor ....................48 4.6 Anti-Spam Monitor ....................49 Chapter 5 Traffic ........................52 5.1 Bandwidth ......................52 5.1.1 Bandwidth Summary..................52 5.1.2 Bandwidth Summary Drill-Down ..............54 5.1.3 Bandwidth Top Protocols ................56 5.1.4 Bandwidth Top Protocols Drill-Down............58 5.1.5 Top Bandwidth Hosts .................60 5.1.6 Top Bandwidth Hosts Drill-Down ...............62 5.2 Web Traffic ......................63 5.2.1 Top Web Sites....................63...
Page 9
Vantage Report User’s Guide 6.1.2 Attack Summary Drill-Down..............104 6.1.3 Top Attack Sources..................106 6.1.4 Top Attack Sources Drill-Down ..............107 6.1.5 Top Attack Categories................109 6.1.6 Top Attack Categories Drill-Down ............111 6.2 Intrusion ......................113 6.2.1 Intrusion Summary...................113 6.2.2 Intrusion Summary Drill-Down ..............115 6.2.3 Top Intrusion Signatures ................117 6.2.4 Top Intrusion Signatures Drill-Down ............119 6.2.5 Top Intrusion Sources ................121...
Page 10
Vantage Report User’s Guide 7.2.1 Web Allowed Summary ................172 7.2.2 Web Allowed Summary Drill-Down............174 7.2.3 Top Allowed Web Sites ................176 7.2.4 Top Allowed Web Sites Drill-Down ............177 7.2.5 Top Allowed Web Hosts................179 7.2.6 Top Allowed Web Hosts Drill-Down ............181 Chapter 8 Authentication ......................
Page 11
Vantage Report User’s Guide Product Specifications ..................216 Appendix C Setting up Your Computer’s IP Address............218 Windows 2000/NT/XP .................... 218 Verifying Settings ....................222 Appendix D Log Descriptions....................224 Appendix E Open Software Announcements................. 240 Notice ........................240 Index........................276 Table of Contents...
Page 12
Vantage Report User’s Guide Table of Contents...
Page 13
Vantage Report User’s Guide List of Figures Figure 1 Typical Vantage Report Application ..............22 Figure 2 Web Configurator Login Screen ................31 Figure 3 Web Configurator Main Screen ................31 Figure 4 Device Window ..................... 33 Figure 5 Add Device, Edit Device, and Device Information Screens ........34 Figure 6 Device Window Right-Click Menu .................
Page 15
Vantage Report User’s Guide Figure 80 Security Policy > WEB Blocked > Top Hosts > Drill-Down ........168 Figure 81 Security Policy > WEB Blocked > By Category ..........169 Figure 82 Security Policy > WEB Blocked > By Category > Drill-Down ......171 Figure 83 Security Policy >...
Page 16
Vantage Report User’s Guide List of Figures...
Page 17
Table 1 Differences Between Standard Version and Professional Version ......24 Table 2 Processing Times by Menu Item ................27 Table 3 Configuration Requirements for ZyXEL Devices by Menu Item ......28 Table 4 Title Bar ......................... 32 Table 5 Device Window ...................... 33 Table 6 Function Window ....................
Vantage Report User’s Guide Preface Vantage Report is a cost-effective, browser-based global management solution that allows an administrator from any location to easily manage, monitor and gather statistics on ZyXEL devices located worldwide. About This User's Guide This manual is designed to guide you through the configuration of Vantage Report for its various applications.
1.2 Key Features • Device Monitors and Logs Monitor the status of all your ZyXEL devices in one application. You can also look at the logs for all your ZyXEL devices in Vantage Report. In normal operation, this information should be no older than thirty minutes, worst-case.
Generate reports for historical analysis. These reports include bandwidth usage, service usage, VPN usage, web filter (blocked sites), attack, intrusion, anti-virus, anti-spam, and authentication reports. (Some reports are not available for every ZyXEL device.) • Drill-Down Reports In most statistical reports, look at more details for clearer understanding and better decisions.
Vantage Report User’s Guide The following table shows some of the differences between the standard and professional version. Table 1 Differences Between Standard Version and Professional Version FEATURE STANDARD PROFESSIONAL number of supported devices up to 25 number of scheduled reports supported formats for scheduled reports PDF, HTML drill-down reports...
Vantage Report User’s Guide H A P T E R The Vantage Report Server This chapter explains several characteristics of the Vantage Report server. 2.1 Starting and Stopping the Vantage Report Server Note: Make sure the port Vantage Report uses for web services is not used by other applications, especially web servers.
• In Vantage Report, clock time is the time the Vantage Report server receives information (log entries or traffic statistics) from the ZyXEL devices, not the time the device puts in the entry. As soon as the Vantage Report server receives information, it replaces device times with the current time in the Vantage Report server.
* - The names of categories may be different for different devices. Use the category that is appropriate for each device. ** - The log viewers display whatever log entries the ZyXEL devices record, including log entries that may not be used in other reports.
Vantage Report User’s Guide H A P T E R The Web Configurator This chapter provides the minimum requirements to use the web configurator, describes how to access the web configurator, and explains each part of the main screen in the web configurator.
Vantage Report User’s Guide Figure 2 Web Configurator Login Screen Note: If you forget your password, enter your user name, and click Forget Password?. Vantage Report sends your password to the e-mail address (if any) for your User Name. See section 2.2 on page 26 for more information about e-mail in Vantage Report and...
(C), and the report window (D). The title bar provides some icons that are useful anytime. The device window displays and organizes the ZyXEL devices that can provide information to Vantage Report. The function window lists the reports you can generate and organizes these reports into categories.
Vantage Report User’s Guide Figure 4 Device Window Each numbered section above is described in the following table. Table 5 Device Window SECTION DESCRIPTION To add a device to Vantage report, • right click on root, and select Add Device. The Add Device screen appears in the device window.
Vantage Report User’s Guide When you add a device to Vantage report, you can specify the name, MAC address, type, and any notes for the device. When you click on the device, this information is displayed in the report window. When you edit a device, however, you can only edit the name and the notes. If you want to update the MAC address or device type, you have to delete the current device and add it again.
Vantage Report User’s Guide You can also right-click in the device window. If you do not right-click on a device, the following menu appears. If you right-click on a device, you can see the following menu items at the end of the menu. Figure 6 Device Window Right-Click Menu Click About Macromedia Flash Player 7...
Use this report to monitor the number of spam messages stopped by the selected device. Traffic Use these reports to look at how much traffic was handled by ZyXEL devices or who used the most bandwidth in a ZyXEL device. You can also look at traffic in various directions. Bandwidth Summary Use this report to look at the amount of traffic handled by the selected device by time interval.
Page 38
Use these reports to look at intrusion signatures, types of intrusions, severity of intrusions, and the top sources and destinations of intrusions that are logged on the selected ZyXEL device. Summary Use this report to look at the number of intrusions by time interval. You can also use this report to look at the top intrusion signatures in a specific time interval.
Page 39
Table 6 Function Window LEVEL 1/2 LEVEL 3 FUNCTION AntiVirus Use these reports to look at viruses that were detected by the ZyXEL device’s anti-virus feature. Summary Use this report to look at the number of virus occurrences by time interval. Top Viruses Use this report to look at the top viruses by number of occurrences.
Login (for management or monitoring purposes). Failed Login Use this screen to look at who tried to log in into the ZyXEL device (for management or monitoring purposes) but failed. Log Viewer Use these screens to look at all log entries or critical log entries for the selected ZyXEL device.
Vantage Report User’s Guide 3.6 Report Window The report window displays the monitor, statistical report, or screen that you select in the device window and the function window. The layout in the report window is similar for all monitors. Similarly, the layout is similar for all statistical reports. For other screens, the layout is different for each one.
Vantage Report User’s Guide Figure 10 Typical Monitor Layout Each numbered section above is described in the following table. Table 7 Typical Monitor Features SECTION DESCRIPTION Device Name, MAC: These fields are the same ones you entered when you added the device.
Vantage Report User’s Guide Figure 11 Report Window Right-Click Menu Click Settings... if you want to change the Flash settings on the Vantage Report server. In most cases, this is unnecessary. Click About Macromedia Flash Player 7... to get information about the current version of Flash. 3.6.2 Statistical Report Layout A typical statistical report is shown in Figure...
Vantage Report User’s Guide Table 8 Typical Statistical Report Features SECTION DESCRIPTION This field shows the menu items you selected to open this statistical report. This field displays the title of the statistical report. The title includes the date(s) you specified in section 5.
Vantage Report User’s Guide H A P T E R Monitor Use monitors to check the status of ZyXEL devices. See section 2.3 on page 27 for a related discussion about time. 4.1 Bandwidth Monitor Use this report to monitor the total amount of traffic handled by the selected device.
Vantage Report User’s Guide Table 9 Monitor > Bandwidth LABEL DESCRIPTION End Time This field displays the clock time (in 24-hour format) of the latest traffic statistics in the graph. Next Refresh Time This field displays how much time remains until Vantage Report automatically updates the screen.
Vantage Report User’s Guide Each field is described in the following table. Table 10 Monitor > Service LABEL DESCRIPTION title This field displays the title of the monitor. It does not include the service you select in the Service Type field. Service Type Select the service whose traffic you want to look at.
Vantage Report User’s Guide Figure 16 Monitor > Attack Each field is described in the following table. Table 11 Monitor > Attack LABEL DESCRIPTION title This field displays the title of the monitor. Start Time This field displays the clock time (in 24-hour format) of the earliest traffic statistics in the graph.
Vantage Report User’s Guide Click Monitor > Intrusion to open this screen. Figure 17 Monitor > Intrusion Each field is described in the following table. Table 12 Monitor > Intrusion LABEL DESCRIPTION title This field displays the title of the monitor. Start Time This field displays the clock time (in 24-hour format) of the earliest traffic statistics in the graph.
Vantage Report User’s Guide Click Monitor > AntiVirus to open this screen. Figure 18 Monitor > AntiVirus Each field is described in the following table. Table 13 Monitor > AntiVirus LABEL DESCRIPTION title This field displays the title of the monitor. Start Time This field displays the clock time (in 24-hour format) of the earliest traffic statistics in the graph.
Vantage Report User’s Guide Click Monitor > AntiSpam to open this screen. Figure 19 Monitor > AntiSpam Each field is described in the following table. Table 14 Monitor > AntiSpam LABEL DESCRIPTION title This field displays the title of the monitor. Start Time This field displays the clock time (in 24-hour format) of the earliest traffic statistics in the graph.
SMTP, and other protocols. 5.1 Bandwidth Use these reports to look at how much traffic was handled by ZyXEL devices, who used the most bandwidth in a ZyXEL device, and which protocols were used. You can also look at traffic in various directions.
Vantage Report User’s Guide Figure 20 Traffic > Bandwidth > Summary Each field is described in the following table. Table 15 Traffic > Bandwidth > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 15 Traffic > Bandwidth > Summary LABEL DESCRIPTION Last ... Days Use this field or Settings to specify what historical information is included in the report. Select how many days, ending (and including) today, you want to include. When you change this field, the report updates automatically.
Vantage Report User’s Guide Figure 21 Traffic > Bandwidth > Summary > Drill-Down Each field is described in the following table. Table 16 Traffic > Bandwidth > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 16 Traffic > Bandwidth > Summary > Drill-Down LABEL DESCRIPTION Color This field displays what color represents each service in the graph. Events This field displays the number of traffic events for each service in the selected time interval.
Vantage Report User’s Guide Figure 22 Traffic > Bandwidth > Top Protocol Each field is described in the following table. Table 17 Traffic > Bandwidth > Top Protocol LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 17 Traffic > Bandwidth > Top Protocol LABEL DESCRIPTION Last ... Days Use this field or Settings to specify what historical information is included in the report. Select how many days, ending (and including) today, you want to include. When you change this field, the report updates automatically.
Vantage Report User’s Guide Figure 23 Traffic > Bandwidth > Top Protocol > Drill-Down Each field is described in the following table. Table 18 Traffic > Bandwidth > Top Protocol > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 18 Traffic > Bandwidth > Top Protocol > Drill-Down LABEL DESCRIPTION % of MBytes This field displays what percentage of the selected service’s traffic was generated by each source. Total This entry displays the totals for the sources above. If the number of sources generating traffic using the selected service is greater than the maximum number of records displayed in this table, this total might be a little lower than the total in the main report.
Vantage Report User’s Guide Each field is described in the following table. Table 19 Traffic > Bandwidth > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. It does not include the Direction you select.
Vantage Report User’s Guide Table 19 Traffic > Bandwidth > Top Hosts LABEL DESCRIPTION % of MBytes This field displays what percentage of all traffic the device handled for each source. Total This entry displays the totals for the sources above. 5.1.6 Top Bandwidth Hosts Drill-Down Use this report to look at the top services used by any top source.
Vantage Report User’s Guide Each field is described in the following table. Table 20 Traffic > Bandwidth > Top Hosts > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. It does not include the Direction you select.
Vantage Report User’s Guide Figure 26 Traffic > WEB > Top Sites Each field is described in the following table. Table 21 Traffic > WEB > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 21 Traffic > WEB > Top Sites LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 27 Traffic > WEB > Top Sites > Drill-Down Each field is described in the following table. Table 22 Traffic > WEB > Top Sites > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 22 Traffic > WEB > Top Sites > Drill-Down LABEL DESCRIPTION % of MBytes This field displays what percentage of the selected destination’s web traffic was generated from each source. Total This entry displays the totals for the sources above. If the number of sources of traffic to the selected destination is greater than the maximum number of records displayed in this table, this total might be a little lower than the total in the main report.
Vantage Report User’s Guide Each field is described in the following table. Table 23 Traffic > WEB > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Vantage Report User’s Guide Click on a specific source in Traffic > WEB > Top Hosts to open this screen. Figure 29 Traffic > WEB > Top Hosts > Drill-Down Each field is described in the following table. Table 24 Traffic > WEB > Top Hosts > Drill-Down LABEL DESCRIPTION title...
Vantage Report User’s Guide Table 24 Traffic > WEB > Top Hosts > Drill-Down LABEL DESCRIPTION Events This field displays the number of traffic events from the selected source to each destination. MBytes This field displays how much traffic (in megabytes) was generated from the selected source to each destination.
Vantage Report User’s Guide Figure 30 Traffic > FTP > Top Sites Each field is described in the following table. Table 25 Traffic > FTP > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 25 Traffic > FTP > Top Sites LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 31 Traffic > FTP > Top Sites > Drill-Down Each field is described in the following table. Table 26 Traffic > FTP > Top Sites > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 26 Traffic > FTP > Top Sites > Drill-Down LABEL DESCRIPTION % of MBytes This field displays what percentage of the selected destination’s FTP traffic was generated from each source. Total This entry displays the totals for the sources above. If the number of sources of traffic to the selected destination is greater than the maximum number of records displayed in this table, this total might be a little lower than the total in the main report.
Vantage Report User’s Guide Each field is described in the following table. Table 27 Traffic > FTP > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Vantage Report User’s Guide Click on a specific source in Traffic > FTP > Top Hosts to open this screen. Figure 33 Traffic > FTP > Top Hosts > Drill-Down Each field is described in the following table. Table 28 Traffic > FTP > Top Hosts > Drill-Down LABEL DESCRIPTION title...
Vantage Report User’s Guide Table 28 Traffic > FTP > Top Hosts > Drill-Down LABEL DESCRIPTION Events This field displays the number of traffic events from the selected source to each destination. MBytes This field displays how much traffic (in megabytes) was generated from the selected source to each destination.
Vantage Report User’s Guide Figure 34 Traffic > MAIL > Top Sites Each field is described in the following table. Table 29 Traffic > MAIL > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 29 Traffic > MAIL > Top Sites LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 35 Traffic > MAIL > Top Sites > Drill-Down Each field is described in the following table. Table 30 Traffic > MAIL > Top Sites > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 30 Traffic > MAIL > Top Sites > Drill-Down LABEL DESCRIPTION % of MBytes This field displays what percentage of the selected destination’s mail traffic was generated from each source. Total This entry displays the totals for the sources above. If the number of sources of traffic to the selected destination is greater than the maximum number of records displayed in this table, this total might be a little lower than the total in the main report.
Vantage Report User’s Guide Each field is described in the following table. Table 31 Traffic > MAIL > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Vantage Report User’s Guide Click on a specific source in Traffic > MAIL > Top Hosts to open this screen. Figure 37 Traffic > MAIL > Top Hosts > Drill-Down Each field is described in the following table. Table 32 Traffic > MAIL > Top Hosts > Drill-Down LABEL DESCRIPTION title...
Note: To look at VPN usage reports, each ZyXEL device must record forwarded IPSec VPN traffic in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure IPSec is enabled.
Vantage Report User’s Guide Figure 38 Traffic > VPN > Top Peer Gateways Each field is described in the following table. Table 33 Traffic > VPN > Top Peer Gateways LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 33 Traffic > VPN > Top Peer Gateways LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 39 Traffic > VPN > Top Peer Gateways > Drill-Down Each field is described in the following table. Table 34 Traffic > VPN > Top Peer Gateways > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Note: To look at VPN usage reports, each ZyXEL device must record forwarded IPSec VPN traffic in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure IPSec is enabled.
Vantage Report User’s Guide Figure 40 Traffic > VPN > Top Hosts Each field is described in the following table. Table 35 Traffic > VPN > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 35 Traffic > VPN > Top Hosts LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 41 Traffic > VPN > Top Hosts > Drill-Down Each field is described in the following table. Table 36 Traffic > VPN > Top Hosts > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 36 Traffic > VPN > Top Hosts > Drill-Down LABEL DESCRIPTION % of MBytes This field displays what percentage of the selected source’s VPN traffic was sent to each destination. Total This entry displays the totals for the destinations above. If the number of destinations of traffic from the selected source is greater than the maximum number of records displayed in this table, this total might be a little lower than the total in the main report.
Vantage Report User’s Guide Each field is described in the following table. Table 37 Service > Customization > Customization LABEL DESCRIPTION Add a Known Use this drop-down box to add a service to the Customized Service drop-down Service box. • Select a pre-defined service from the drop-down list box, and click the Add button;...
Vantage Report User’s Guide Figure 43 Traffic > Customization > Top Destinations Each field is described in the following table. Table 38 Traffic > Customization > Top Destinations LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 38 Traffic > Customization > Top Destinations LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 44 Traffic > Customization > Top Destinations > Drill-Down Each field is described in the following table. Table 39 Traffic > Customization > Top Destinations > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 39 Traffic > Customization > Top Destinations > Drill-Down LABEL DESCRIPTION % of MBytes This field displays what percentage of the selected destination’s traffic using the selected service was generated from each source. Total This entry displays the totals for the sources above. If the number of sources of traffic to the selected destination is greater than the maximum number of records displayed in this table, this total might be a little lower than the total in the main report.
Vantage Report User’s Guide Each field is described in the following table. Table 40 Traffic > Customization > Top Sources LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Customized Service Select the service whose traffic you want to view.
Vantage Report User’s Guide 5.6.5 Top Sources of Other Traffic Drill-Down Use this report to look at the top destinations of other services’ traffic for any top source. The service is selected in the main report. Click on a specific source in Traffic > Customization > Top Sources to open this screen. Figure 46 Traffic >...
Page 101
Vantage Report User’s Guide Table 41 Traffic > Customization > Top Sources > Drill-Down LABEL DESCRIPTION Site This field displays the top destinations of the selected service’s traffic from the selected source, sorted by the amount of traffic attributed to each one. Each destination is identified by its IP address.
Vantage Report User’s Guide H A P T E R Network Attack Use these reports to look at Denial-of-Service (DoS) attacks that were detected by the ZyXEL device’s firewall 6.1 Attack Use this report to look at the number of DoS attacks by time interval, top sources and by category.
Vantage Report User’s Guide Figure 47 Network Attack > Attack > Summary Each field is described in the following table. Table 42 Network Attack > Attack > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 42 Network Attack > Attack > Summary LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 48 Network Attack > Attack > Summary > Drill-Down Each field is described in the following table. Table 43 Network Attack > Attack > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Use this report to look at the top sources of DoS attacks by number of attacks. Note: To look at attack reports, each ZyXEL device must record DoS attacks in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs >...
Vantage Report User’s Guide Each field is described in the following table. Table 44 Network Attack > Attack > Top Sources LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Vantage Report User’s Guide Click on a specific source in Network Attack > Attack > Top Sources to open this screen. Figure 50 Network Attack > Attack > Top Sources > Drill-Down Each field is described in the following table. Table 45 Network Attack >...
Use this report to look at the top categories of DoS attacks by number of attacks. Note: To look at attack reports, each ZyXEL device must record DoS attacks in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs >...
Vantage Report User’s Guide Figure 51 Network Attack > Attack > By Category Each field is described in the following table. Table 46 Network Attack > Attack > By Category LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 46 Network Attack > Attack > By Category LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 52 Network Attack > Attack > By Category > Drill-Down Each field is described in the following table. Table 47 Network Attack > Attack > By Category > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Use these reports to look at intrusion signatures, types of intrusions, severity of intrusions, and the top sources and destinations of intrusions that are logged on the selected ZyXEL device. Intrusions are caused by malicious or suspicious packets sent with the intent of causing harm, illegally accessing resources or interrupting service.
Vantage Report User’s Guide Figure 53 Network Attack > Intrusion > Summary Each field is described in the following table. Table 48 Network Attack > Intrusion > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 48 Network Attack > Intrusion > Summary LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
This field displays the severity of each intrusion signature. Type This field displays what kind of intrusion each intrusion signature is. This corresponds to IDP > Signature > Attack Type in most ZyXEL devices. Intrusions This field displays how many intrusions occurred in the selected time interval.
Use this report to look at the top intrusion signatures by number of intrusions. Note: To look at intrusion reports, each ZyXEL device must record intrusions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs >...
Vantage Report User’s Guide Figure 55 Network Attack > Intrusion > Top Intrusions Each field is described in the following table. Table 50 Network Attack > Intrusion > Top Intrusions LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
This field displays the severity of each intrusion signature. Type This field displays what kind of intrusion each intrusion signature is. This corresponds to IDP > Signature > Attack Type in most ZyXEL devices. Intrusions This field displays the number of intrusions by each intrusion signature.
Vantage Report User’s Guide Figure 56 Network Attack > Intrusion > Top Intrusions > Drill-Down Each field is described in the following table. Table 51 Network Attack > Intrusion > Top Intrusions > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Use this report to look at the top sources of intrusions by number of intrusions. Note: To look at intrusion reports, each ZyXEL device must record intrusions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs >...
Vantage Report User’s Guide Figure 57 Network Attack > Intrusion > Top Sources Each field is described in the following table. Table 52 Network Attack > Intrusion > Top Sources LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 52 Network Attack > Intrusion > Top Sources LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
This field displays the severity of each intrusion signature. Type This field displays what kind of intrusion each intrusion signature is. This corresponds to IDP > Signature > Attack Type in most ZyXEL devices. Intrusions This field displays the number of intrusions by the selected source using each intrusion signature.
Use this report to look at the top destinations of intrusions by number of intrusions. Note: To look at intrusion reports, each ZyXEL device must record intrusions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs >...
Vantage Report User’s Guide Figure 59 Intrusion > Top Destinations Each field is described in the following table. Table 54 Intrusion > Top Destinations LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 54 Intrusion > Top Destinations LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
This field displays the severity of each intrusion signature. Type This field displays what kind of intrusion each intrusion signature is. This corresponds to IDP > Signature > Attack Type in most ZyXEL devices. Intrusions This field displays the number of intrusions at the selected destination using each intrusion signature.
Alert (immediate action is required), Critical, Error, Warning, Notice, Informational, and Debug. Note: To look at intrusion reports, each ZyXEL device must record intrusions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs >...
Vantage Report User’s Guide Figure 61 Network Attack > Intrusion > By Severity Each field is described in the following table. Table 56 Network Attack > Intrusion > By Severity LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 56 Network Attack > Intrusion > By Severity LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
This field displays what color represents each intrusion signature in the graph. Severity This field displays the severity of each intrusion signature. Type This field displays what kind of intrusion each intrusion signature is. This corresponds to IDP > Signature > Attack Type in most ZyXEL devices. Chapter 6 Network Attack...
Back Click this to return to the main report. 6.3 AntiVirus Use these reports to look at viruses that were detected by the ZyXEL device’s anti-virus feature. Note: To look at anti-virus reports, each ZyXEL device must record anti-virus messages in its log. See the User’s Guide for each ZyXEL device for more information.
Vantage Report User’s Guide Figure 63 Network Attack > AntiVirus > Summary Each field is described in the following table. Table 58 Network Attack > AntiVirus > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 58 Network Attack > AntiVirus > Summary LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 64 Network Attack > AntiVirus > Summary > Drill-Down Each field is described in the following table. Table 59 Network Attack > AntiVirus > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Note: To look at anti-virus reports, each ZyXEL device must record anti-virus messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Virus is enabled.
Vantage Report User’s Guide Figure 65 Network Attack > AntiVirus > Top Viruses Each field is described in the following table. Table 60 Network Attack > AntiVirus > Top Viruses LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 60 Network Attack > AntiVirus > Top Viruses LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 66 Network Attack > AntiVirus > Top Viruses > Drill-Down Each field is described in the following table. Table 61 Network Attack > AntiVirus > Top Viruses > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Note: To look at anti-virus reports, each ZyXEL device must record anti-virus messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Virus is enabled.
Vantage Report User’s Guide Figure 67 Network Attack > AntiVirus > Top Sources Each field is described in the following table. Table 62 Network Attack > AntiVirus > Top Sources LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 62 Network Attack > AntiVirus > Top Sources LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 68 Network Attack > AntiVirus > Top Sources > Drill-Down Each field is described in the following table. Table 63 Network Attack > AntiVirus > Top Sources > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Note: To look at anti-virus reports, each ZyXEL device must record anti-virus messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Virus is enabled.
Vantage Report User’s Guide Figure 69 Network Attack > AntiVirus > Top Destinations Each field is described in the following table. Table 64 Network Attack > AntiVirus > Top Destinations LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
This entry displays the totals for the destinations above. 6.4 AntiSpam Use these reports to look at spam messages that were detected by the ZyXEL device’s anti- spam feature. You can also look at the top senders and sources of spam messages.
Note: To look at anti-spam reports, each ZyXEL device must record anti-spam messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Spam is enabled.
Vantage Report User’s Guide Table 65 Network Attack > AntiSpam > Summary LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 71 Network Attack > AntiSpam > Summary > Drill-Down Each field is described in the following table. Table 66 Network Attack > AntiSpam > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Note: To look at anti-spam reports, each ZyXEL device must record anti-spam messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Spam is enabled.
Vantage Report User’s Guide Figure 72 Network Attack > AntiSpam > Top Senders Each field is described in the following table. Table 67 Network Attack > AntiSpam > Top Senders LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Note: To look at anti-spam reports, each ZyXEL device must record anti-spam messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Spam is enabled.
Vantage Report User’s Guide Figure 73 Network Attack > AntiSpam > Top Sources Each field is described in the following table. Table 68 Network Attack > AntiSpam > Top Sources LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Note: To look at anti-spam reports, each ZyXEL device must record anti-spam messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Spam is enabled.
Vantage Report User’s Guide Figure 74 Network Attack > AntiSpam > By Score Each field is described in the following table. Table 69 Network Attack > AntiSpam > By Score LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 158
Vantage Report User’s Guide Table 69 Network Attack > AntiSpam > By Score LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
You can also look at the amount of traffic forwarded or blocked by time interval. Note: To look at security policy reports, each ZyXEL device must record forwarded web packets and blocked web packets in its log. See the User’s Guide for each ZyXEL device for more information.
Vantage Report User’s Guide Figure 75 Security Policy > WEB Blocked > Summary Each field is described in the following table. Table 70 Security Policy > WEB Blocked > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 70 Security Policy > WEB Blocked > Summary LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 76 Security Policy > WEB Blocked > Summary > Drill-Down Each field is described in the following table. Table 71 Security Policy > WEB Blocked > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Use this report to look at the top destinations of blocked web traffic. Note: To look at security policy reports, each ZyXEL device must record blocked web packets and blocked web packets in its log. See the User’s Guide for each ZyXEL device for more information.
Vantage Report User’s Guide Each field is described in the following table. Table 72 Security Policy > WEB Blocked > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Vantage Report User’s Guide Click on a specific destination in Security Policy > WEB Blocked > Top Sites to open this screen. Figure 78 Security Policy > WEB Blocked > Top Sites > Drill-Down Each field is described in the following table. Table 73 Security Policy >...
Use this report to look at the top sources of blocked web traffic. Note: To look at security policy reports, each ZyXEL device must record forwarded web packets and blocked web packets in its log. See the User’s Guide for each ZyXEL device for more information.
Vantage Report User’s Guide Figure 79 Security Policy > WEB Blocked > Top Hosts Each field is described in the following table. Table 74 Security Policy > WEB Blocked > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 74 Security Policy > WEB Blocked > Top Hosts LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 80 Security Policy > WEB Blocked > Top Hosts > Drill-Down Each field is described in the following table. Table 75 Security Policy > WEB Blocked > Top Hosts > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Use this report to look at the top categories of blocked web traffic. Note: To look at security policy reports, each ZyXEL device must record forwarded web packets and blocked web packets in its log. See the User’s Guide for each ZyXEL device for more information.
Vantage Report User’s Guide Each field is described in the following table. Table 76 Security Policy > WEB Blocked > By Category LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Vantage Report User’s Guide Click on a specific category in Security Policy > WEB Blocked > By Category to open this screen. Figure 82 Security Policy > WEB Blocked > By Category > Drill-Down Each field is described in the following table. Table 77 Security Policy >...
Use this report to look at the number of attempts to access allowed web sites by time interval. Note: To look at security policy reports, each ZyXEL device must record forwarded web packets and blocked web packets in its log. See the User’s Guide for each ZyXEL device for more information.
Vantage Report User’s Guide Figure 83 Security Policy > WEB Allowed > Summary Each field is described in the following table. Table 78 Security Policy > WEB Allowed > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 78 Security Policy > WEB Allowed > Summary LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 84 Security Policy > WEB Allowed > Summary > Drill-Down Each field is described in the following table. Table 79 Security Policy > WEB Allowed > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Use this report to look at the top destinations of forwarded web traffic. Note: To look at security policy reports, each ZyXEL device must record forwarded web packets and blocked web packets in its log. See the User’s Guide for each ZyXEL device for more information.
Vantage Report User’s Guide Each field is described in the following table. Table 80 Security Policy > WEB Allowed > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Vantage Report User’s Guide Click on a specific destination in Security Policy > WEB Allowed > Top Sites to open this screen. Figure 86 Security Policy > WEB Allowed > Top Sites > Drill-Down Each field is described in the following table. Table 81 Security Policy >...
Use this report to look at the top sources of forwarded web traffic. Note: To look at security policy reports, each ZyXEL device must record forwarded web packets and blocked web packets in its log. See the User’s Guide for each ZyXEL device for more information.
Vantage Report User’s Guide Figure 87 Security Policy > WEB Allowed > Top Hosts Each field is described in the following table. Table 82 Security Policy > WEB Allowed > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Vantage Report User’s Guide Table 82 Security Policy > WEB Allowed > Top Hosts LABEL DESCRIPTION Settings Use this field or Last ... Days to specify what historical information is included in the report. Click Settings. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Vantage Report User’s Guide Figure 88 Security Policy > WEB Allowed > Top Hosts > Drill-Down Each field is described in the following table. Table 83 Security Policy > WEB Allowed > Top Hosts > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 184
Vantage Report User’s Guide Table 83 Security Policy > WEB Allowed > Top Hosts > Drill-Down LABEL DESCRIPTION Total This entry displays the totals for the destinations above. If the number of destinations of attempts from the selected source is greater than the maximum number of records displayed in this table, this total might be a little lower than the total in the main report.
Use these screens to look at who successfully logged into the ZyXEL device (for management or monitoring purposes) or who tried to log in but failed. 8.1 Successful Login Screen Use this screen to look at who successfully logged into the ZyXEL device (for management or monitoring purposes). See section 2.4 on page 28 for more information about the source data used by the report.
Enter the page number you want to see, and click Go. 8.2 Failed Login Screen Use this screen to look at who tried to log in into the ZyXEL device (for management or monitoring purposes) but failed. See section 2.4 on page 28 for more information about the source data used by the report.
Report Display Settings screen appears. Time This field displays the time the Vantage Report server received the log entry from the ZyXEL device, not the time the user tried unsuccessfully to log into the device. Login User This field displays who tried unsuccessfully to log into the selected device.
H A P T E R Log Viewer Use these screens to look at all log entries or critical log entries for the selected ZyXEL device. 9.1 Regular Log Viewer Regular log entries are all the log entries that the selected device records. See section 2.3 on...
Vantage Report User’s Guide Figure 91 Log Viewer > All Logs The fields in the first three rows (and Search and Reset) appear when you open the report. The fields in the next three rows (above Search and Reset) appear if you do not select All Categories in the Category field and if you select Advanced Search.
Calendar icon to specify the date. Category This field depends on the model of the selected ZyXEL device. Select what type of log entries you want to see. You can also select All Categories. Advanced Search This field is disabled if Category is All Categories.
Vantage Report User’s Guide Click Log Viewer > Critical Logs to look at critical log entries. The screen is shown below. Unlike the Regular Log Viewer, the Critical Log Viewer does not have Service, Protocol, or Port fields because these fields are usually used for traffic logs, which are not critical.
Calendar icon to specify the date. Category This field depends on the model of the selected ZyXEL device. Select what type of log entries you want to see. You can also select All Categories. Advanced Search This field is disabled if Category is All Categories.
Vantage Report User’s Guide H A P T E R Schedule Report Use these screens to set up and maintain daily, weekly, and one-time reports that Vantage Report sends by e-mail. See section 2.2 on page 26 for more information about e-mail in Vantage Report.
Vantage Report User’s Guide Each field is described in the following table. Table 88 Schedule Reports > Schedule Reports LABEL DESCRIPTION Add (Daily Report) Click this to generate and send one or more statistical reports daily. Each report comes from the previous day’s information. The Customize Scheduled Report screen appears.
Vantage Report User’s Guide If you are using the standard version of Vantage Report, some reports are not available, so these reports are disabled in this screen. Each field is described in the following table. Table 89 Schedule Reports > Schedule Reports > Add (Daily Report) LABEL DESCRIPTION Destination E-mail...
Vantage Report User’s Guide Figure 95 Schedule Reports > Schedule Reports > Add (Weekly Report) If you are using the standard version of Vantage Report, some reports are not available, so Chapter 10 Schedule Report...
Vantage Report User’s Guide these reports are disabled in this screen. Each field is described in the following table. Table 90 Schedule Reports > Schedule Reports > Add (Weekly Report) LABEL DESCRIPTION Destination E-mail Enter the e-mail address(es) to which Vantage Report sends the selected Address report(s).
Vantage Report User’s Guide Note: This feature can send e-mail messages with very large attachments (2+ MB). Some SMTP mail servers might not accept such large messages. In this case, there is a way to send e-mail messages without the attachments. See the E- mail Attached Files field for more information.
Vantage Report User’s Guide If you are using the standard version of Vantage Report, some reports are not available, so these reports are disabled in this screen. Each field is described in the following table. Table 91 Schedule Reports > Schedule Reports > Add (Overtime Report) LABEL DESCRIPTION Destination E-mail...
Vantage Report User’s Guide H A P T E R System account can use the system screens to root • Maintain global reporting settings, such as how many days of logs to keep and default chart type • Maintain mail server settings •...
Vantage Report User’s Guide Figure 97 System > General Configuration Each field is described in the following table. Table 92 System > General Configuration LABEL DESCRIPTION Critical Log Select Enable if you want Vantage Report to start updating the critical log. Select Disable if you want Vantage Report to stop updating the critical log.
Vantage Report User’s Guide Use the Server Configuration screen to set up the SMTP mail server that Vantage Report uses for notifications and scheduled reports. See section 2.2 on page 26 for more information. Click System > Server Configuration to open the Server Configuration screen. Figure 98 System >...
Vantage Report User’s Guide 11.3.1 User Maintenance Summary Screen Click System > User Maintenance to open the User Maintenance summary screen. Figure 99 System > User Maintenance Other (non- ) users can only see their account in this screen. Each field is described root in the following table.
Vantage Report User’s Guide Figure 100 Add/Edit User Account Screen Each field is described in the following table. Table 95 Add/Edit User Account Screen LABEL DESCRIPTION User Name If you are editing an existing account, this field is read-only. It displays the user name used to log in.
Vantage Report User’s Guide 11.4.1 Data Backup and Data Restore Screen Note: Only the account can open this screen. root You can use this screen to backup or restore the settings in the General Configuration, Server Configuration, and User Maintenance screens. The backup format is XML. You cannot backup or restore the logs, traffic information, or other settings.
Vantage Report User’s Guide Figure 102 System > Data Maintenance > Device List Import & Export Each field is described in the following table. Table 97 System > Data Maintenance > Device List Import & Export LABEL DESCRIPTION Export Click this to look at or save the current device window in XML format. File Name / Browse Enter the XML file name that contains the devices you want to add.
Vantage Report User’s Guide Figure 103 System > Upgrade Each field is described in the following table. Table 98 System > Upgrade LABEL DESCRIPTION Package Path / Enter the path to the release of Vantage Report that you want to install. You can Browse also click Browse.
Vantage Report User’s Guide Figure 104 System > Registration The fields in this screen depend on what version (standard or professional) of Vantage Report you have and whether or not you have used the registration screens to log into myZyXEL.com. All the fields are described in the following table.
Vantage Report User’s Guide 11.6.2 Registration Screen Note: The Vantage Report server must be connected to the Internet to use this screen. To access this screen, click Trial or Upgrade in System > Registration. Figure 105 Registration Screen Some fields do not appear if you have already used this screen to log into myZyXEL.com, if you have a myZyXEL.com account, or if you are getting the trial version.The fields are described in the following table.
Vantage Report User’s Guide Table 100 Registration Screen LABEL DESCRIPTION Password If you are creating a new myZyXEL.com account, enter the password that you would like to use. Your password must be 6 - 20 alphanumeric characters or underscores( ) long. If you are using an existing myZyXEL.com account, enter the password for that account.
Report server. If the problem continues, contact your local vendor. There is information in some Make sure your ZyXEL devices support these reports. Check the reports, but there is no release notes for the current firmware version. information in others.
Product Specifications All values are accurate at the time of writing. Table 2 on page 27 for specifications about the time it takes the Vantage Report server to process information from ZyXEL devices. Table 101 Web Configurator Specifications FEATURE SPECIFICATION...
Vantage Report User’s Guide Appendix C Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/ME/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/ IP on your computer.
Vantage Report User’s Guide Figure 107 Windows XP: Start Menu 2 For Windows XP, click Network Connections. For Windows 2000/NT, click Network and Dial-up Connections. Figure 108 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties.
Vantage Report User’s Guide Figure 109 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and click Properties. Figure 110 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP).
Vantage Report User’s Guide • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields. Click Advanced. Figure 111 Windows XP: Advanced TCP/IP Settings 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK.
Vantage Report User’s Guide 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
Vantage Report User’s Guide Appendix D Log Descriptions This appendix provides descriptions of example device log messages. Log messages vary by device Table 104 System Maintenance Logs LOG MESSAGE DESCRIPTION The router has adjusted its time based on information from the Time calibration is time server.
Vantage Report User’s Guide Table 104 System Maintenance Logs (continued) LOG MESSAGE DESCRIPTION The router is saving configuration changes. Configuration Change: PC = 0x%x, Task ID = 0x%x Someone has logged on to the router’s SSH server. Successful SSH login Someone has failed to log on to the router’s SSH server.
Vantage Report User’s Guide Table 107 TCP Reset Logs LOG MESSAGE DESCRIPTION The router sent a TCP reset packet when a host was under a SYN Under SYN flood attack, flood attack (the TCP incomplete count is per destination host.) sent TCP RST The router sent a TCP reset packet when the number of TCP Exceed TCP MAX...
Vantage Report User’s Guide Table 109 ICMP Logs (continued) LOG MESSAGE DESCRIPTION The firewall allowed a triangle route session to pass Triangle route packet forwarded: through. ICMP The router blocked a packet that didn’t have a Packet without a NAT table entry corresponding NAT table entry.
Vantage Report User’s Guide Table 112 UPnP Logs LOG MESSAGE DESCRIPTION UPnP packets can pass through the firewall. UPnP pass through Firewall Table 113 Content Filtering Logs LOG MESSAGE DESCRIPTION The content of a requested web page matched a user defined keyword. %s: Keyword blocking The web site is not in a trusted domain, and the router blocks all traffic %s: Not in trusted web...
Vantage Report User’s Guide Table 115 IPSec Logs LOG MESSAGE DESCRIPTION The router received and discarded a packet with an incorrect Discard REPLAY packet sequence number. The router received a packet that has been altered. A third party may Inbound packet have altered or tampered with the packet.
Page 232
Vantage Report User’s Guide Table 116 IKE Logs (continued) LOG MESSAGE DESCRIPTION The router couldn’t resolve the IP address from the domain Cannot resolve Secure Gateway name that was used for the secure gateway address. Addr for rule <%d> The displayed ID information did not match between the two Peer ID: <peer id>...
Page 233
Vantage Report User’s Guide Table 116 IKE Logs (continued) LOG MESSAGE DESCRIPTION The router was not able to use extended authentication to XAUTH fail! Username: authenticate the listed username. <Username> The listed rule’s IKE phase 1 negotiation mode did not match Rule[%d] Phase 1 negotiation between the router and the peer.
Vantage Report User’s Guide Table 116 IKE Logs (continued) LOG MESSAGE DESCRIPTION The listed rule’s IKE phase 2 did not match between the router Rule [%d] phase 2 mismatch and the peer. The listed rule’s IKE phase 2 key lengths (with the AES Rule [%d] Phase 2 key length encryption algorithm) did not match between the router and mismatch...
Vantage Report User’s Guide Table 117 PKI Logs (continued) LOG MESSAGE DESCRIPTION The router received directory data that was too large (the size is listed) Rcvd data <size> too from the LDAP server whose address and port are recorded in the large! Max size Source field.
Vantage Report User’s Guide Table 118 Certificate Path Verification Failure Reason Codes (continued) CODE DESCRIPTION Database method failed. Path was not verified. Maximum path length reached. Table 119 802.1X Logs LOG MESSAGE DESCRIPTION A user was authenticated by the local user database. Local User Database accepts user.
Vantage Report User’s Guide Table 120 ACL Setting Notes PACKET DIRECTION DIRECTION DESCRIPTION (L to W) LAN to WAN ACL set for packets traveling from the LAN to the WAN. (W to L) WAN to LAN ACL set for packets traveling from the WAN to the LAN. (D to L) DMZ to LAN ACL set for packets traveling from the DMZ to the LAN.
Vantage Report User’s Guide Table 121 ICMP Notes (continued) TYPE CODE DESCRIPTION Time Exceeded Time to live exceeded in transit Fragment reassembly time exceeded Parameter Problem Pointer indicates the error Timestamp Timestamp request message Timestamp Reply Timestamp reply message Information Request Information request message Information Reply Information reply message...
No part may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, except the express written permission of ZyXEL Communications Corporation. This Product includes MySQL and Anomic under GNU GENERAL PUBLIC LICENSE GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc.
Page 242
Vantage Report User’s Guide To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have.
Page 243
Vantage Report User’s Guide Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program independent of having been made by running the Program).
Page 244
Vantage Report User’s Guide These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works.
Page 245
Vantage Report User’s Guide The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable.
Page 246
Vantage Report User’s Guide a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program.
Page 247
Vantage Report User’s Guide 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this.
Page 248
Vantage Report User’s Guide To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. ONE LINE TO GIVE THE PROGRAM'S NAME AND A BRIEF IDEA OF WHAT IT DOES.
Page 249
Vantage Report User’s Guide The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program.
Page 250
Vantage Report User’s Guide The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it.
Page 251
Vantage Report User’s Guide Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license.
Page 252
Vantage Report User’s Guide The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run.
Page 253
Vantage Report User’s Guide 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty;...
Page 254
Vantage Report User’s Guide These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works.
Page 255
Vantage Report User’s Guide If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code.
Page 256
Vantage Report User’s Guide You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License.
Page 257
Vantage Report User’s Guide It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. 7.
Page 258
Vantage Report User’s Guide 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License.
Page 259
Vantage Report User’s Guide Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation.
Page 260
Vantage Report User’s Guide How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License).
Page 261
Vantage Report User’s Guide Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. <signature of Ty Coon, 1 April 1990 Ty Coon, President of Vice That's all there is to it! This Product includes JDK under Binary Code License of Sun Microsystems, Inc.
Page 262
Vantage Report User’s Guide 2. LICENSE TO USE. Subject to the terms and conditions of this Agreement, including, but not limited to the Java Technology Restrictions of the Supplemental License Terms, Sun grants you a non-exclusive, non-transferable, limited license without license fees to reproduce and use internally Software complete and unmodified for the sole purpose of running Programs.
Page 263
Vantage Report User’s Guide negligence), or otherwise, exceed the amount paid by you for Software under this Agreement. The foregoing limitations will apply even if the above stated warranty fails of its essential purpose. Some states do not allow the exclusion of incidental or consequential damages, so some of the terms above may not be applicable to you.
Page 264
Vantage Report User’s Guide 12. SEVERABILITY. If any provision of this Agreement is held to be unenforceable, this Agreement will remain in effect with the provision omitted, unless omission would frustrate the intent of the parties, in which case this Agreement will immediately terminate. 13.
Page 265
Vantage Report User’s Guide from and against any damages, costs, liabilities, settlement amounts and/or expenses (including attorneys' fees) incurred in connection with any claim, lawsuit or action by any third party that arises or results from the use or distribution of any and all Programs and/or Software.
Page 266
Vantage Report User’s Guide Sun Microsystems, Inc. in the U.S. and other countries. This information must be placed on the Media label in such a manner as to only apply to the Sun Software; (vi) You must clearly identify the Software as Sun's product on the Media holder or Media label, and you may not state or imply that Sun is responsible for any third-party software contained on the Media;...
Page 267
Vantage Report User’s Guide All source code, binaries, documentation and other files distributed with Quartz Enterprise Job Scheduler are subject to the following license terms, and are held under the following copyright, unless otherwise noted within the individual files. Copyright James House (c) 2001-2004 All rights reserved.
Page 268
Vantage Report User’s Guide Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor"...
Page 269
Vantage Report User’s Guide "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof.
Page 270
Vantage Report User’s Guide 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License;...
Page 271
NOTE: Some components of the Vantage VRPT 2.3 incorporate source code covered under the GPL, LGPL, Sun Microsystems, Inc. Binary Code License, Quarz License and Apache License. To obtain the source code covered under those Licenses, please contact ZyXEL Communications Corporation at: ZyXEL Technical Support.
Page 272
License Agreement remains in full force and effect. Ownership of the Software, Documentation and all intellectual property rights therein shall remain at all times with ZyXEL. Any other use of the Software by any other entity is strictly forbidden and is a violation of this License Agreement.
Page 273
5.Confidentiality You acknowledge that the Software contains proprietary trade secrets of ZyXEL and you hereby agree to maintain the confidentiality of the Software using at least as great a degree of care as you use to maintain the confidentiality of your own most confidential information.
Page 274
This License Agreement is effective until it is terminated. You may terminate this License Agreement at any time by destroying or returning to ZyXEL all copies of the Software and Documentation in your possession or under your control. ZyXEL may terminate this License Agreement for any reason, including, but not limited to, if ZyXEL finds that you have violated any of the terms of this License Agreement.
Page 275
Vantage Report User’s Guide destroy or return to ZyXEL all copies of the Software and Documentation and to certify in writing that all known copies, including backup copies, have been destroyed. All provisions relating to confidentiality, proprietary rights, and non-disclosure shall survive the termination of this Software License Agreement.
Vantage Report User’s Guide Index Contact Information Contacting Customer Support copyright Add Device screen critical log entries additional ZyXEL device configuration enable/disable anti-spam critical log viewer monitors processing time source data source data statistical reports ZyXEL device configuration ZyXEL device configuration...
Page 278
See regular log entries. failed login log settings requirements source data log viewer ZyXEL device configuration critical log entries. See critical log viewer. Finland, Contact Information regular log entries. See regular log viewer. forget password 27, 31...
Page 279
Vantage Report User’s Guide source data ZyXEL device configuration Regular Mail North America Contact Information related documentation Norway, Contact Information report window 32, 40 number of devices typical layouts currently allowed reverse DNS 23, 43, 203 currently used increase allowed...
Page 280
ZyXEL device configuration stopping Support E-mail time in Sweden, Contact Information Vantage Report users. See users. syntax conventions versions system notification differences...
Page 281
Vantage Report User’s Guide events 65, 66, 68, 70 monitors statistical reports Worldwide Contact Information ZyXEL device 33, 34, 207 configuration device type setting edit basic information import in typical application MAC setting remove search for select source data. See source data.