Page 1 Vantage Report User’s Guide Version 3.0 10/2006 Edition 1 www.zyxel.com...
Page 3: About This User's Guide
Embedded web help for descriptions of individual screens and supplementary information. • ZyXEL Glossary and Web Site Please refer to www.zyxel.com for an online glossary of networking terms and additional support documentation. User Guide Feedback Help us help you. Send all User Guide-related comments, questions or suggestions for improvement to the following address, or use e-mail instead.
Page 4: Document Conventions
Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. Warnings tell you about things that could harm you or your device. Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations.
Page 5 Document Conventions Vantage Report User’s Guide...
Page 6 Document Conventions Vantage Report User’s Guide...
Page 7: Table Of Contents
Contents Overview Contents Overview Introduction ..........................29 Introducing Vantage Report ....................... 31 The Vantage Report Server ....................... 33 The Web Configurator ....................... 37 Monitor and Traffic ......................... 63 Monitor ............................65 Traffic ............................73 VPN ............................139 Network Attack and Security Policy ................... 183 Network Attack ........................
Page 8 Contents Overview Vantage Report User’s Guide...
Page 9: Table Of Contents
2.1 Starting and Stopping the Vantage Report Server ............... 33 2.2 E-Mail in the Vantage Report Server ................... 34 2.3 Time in the Vantage Report Server ..................34 2.4 ZyXEL Device Configuration and Source Data ..............35 Chapter 3 The Web Configurator ......................37 3.1 Web Configurator Requirements ..................
Page 10 Table of Contents Part II: Monitor and Traffic ..............63 Chapter 4 Monitor............................. 65 4.1 Bandwidth Monitor ....................... 65 4.2 Service Monitor ........................66 4.3 Attack Monitor ........................68 4.4 Intrusion Monitor ........................68 4.5 Anti-Virus Monitor ........................ 69 4.6 Anti-Spam Monitor ....................... 70 Chapter 5 Traffic ............................
Page 11 Table of Contents 5.4.5 Top Mail Users ......................122 5.4.6 Top Mail Users Drill-Down ..................124 5.5 Other Traffic ........................126 5.5.1 Platform Selection ....................126 5.5.2 Service Settings ...................... 126 5.5.3 Top Destinations of Other Traffic ................127 5.5.4 Top Destinations of Other Traffic Drill-Down ............129 5.5.5 Top Sources of Other Traffic ..................
Page 12 Table of Contents Part III: Network Attack and Security Policy........183 Chapter 7 Network Attack........................185 7.1 Attack ..........................185 7.1.1 Attack Summary ....................... 185 7.1.2 Attack Summary Drill-Down ..................187 7.1.3 Top Attacks ....................... 189 7.1.4 Top Attacks Drill-Down ..................... 191 7.1.5 Top Attack Sources ....................
Page 13 Table of Contents 8.1.1 Top Users Blocked ....................243 8.1.2 Top Packets Blocked ....................245 8.2 Application Access Control ....................247 8.2.1 Top Applications Blocked ..................247 8.2.2 Top Users Blocked ....................249 8.2.3 Top Applications Allowed ..................251 8.3 Blocked Web Accesses ..................... 253 8.3.1 Web Block Summary ....................
Page 14 Table of Contents 11.1 Scheduled Report Summary Screen ................299 11.2 Customize Daily Report Screen ..................301 11.3 Customize Weekly Report Screen ................... 304 11.4 Customize Overtime Report Screen ................307 11.5 Template List ........................310 11.6 Template Add/Edit ......................311 Part V: System and Troubleshooting ..........
Page 15 Table of Contents 13.1 Syslog Logs ........................372 Appendix D ZyWALL 1050 Log Descriptions ............... 375 Appendix E Open Software Announcements ............... 417 Appendix F Legal Information ....................447 Appendix G Customer Support .................... 449 Index............................453 Vantage Report User’s Guide...
Page 16 Table of Contents Vantage Report User’s Guide...
Page 17: List Of Figures
List of Figures List of Figures Figure 1 Typical Vantage Report Application ..................31 Figure 2 Web Configurator Login Screen ....................38 Figure 3 Web Configurator Main Screen ....................39 Figure 4 Device Window ......................... 41 Figure 5 Add/Edit Device and Add/Edit Folder Screens ................. 42 Figure 6 Device Window Right-Click Menu ....................
Page 18 List of Figures Figure 39 Traffic > WEB > Top Hosts > Drill-Down ................100 Figure 40 Traffic > WEB > Top Users ....................101 Figure 41 Traffic > WEB > Top Users > Drill-Down ................103 Figure 42 Traffic > FTP > Top Sites ...................... 105 Figure 43 Traffic >...
Page 19 List of Figures Figure 82 VPN > Remote Access > Top Destinations ................175 Figure 83 VPN > Remote Access > Top Destinations > Drill-Down ............. 177 Figure 84 VPN > Xauth> Successful Login ..................179 Figure 85 VPN > Xauth> Failed Login ....................180 Figure 86 Network Attack >...
Page 20 List of Figures Figure 125 Security Policy > WEB Blocked > Top Sites > Drill-Down ..........259 Figure 126 Security Policy > WEB Blocked > Top Hosts ..............260 Figure 127 Security Policy > WEB Blocked > Top Hosts > Drill-Down ..........262 Figure 128 Security Policy >...
Page 21 List of Figures Figure 168 System > Log Receiver By Device) ..................333 Figure 169 System > Log Receiver By Device > By Category ............. 334 Figure 170 System > About ........................334 Figure 171 Windows XP: Start Menu ....................346 Figure 172 Windows XP: Control Panel ....................
Page 22 List of Figures Vantage Report User’s Guide...
Page 23: List Of Tables
Table 1 Differences Between Basic Version and Full Version ............... 32 Table 2 Processing Times by Menu Item ....................34 Table 3 ZyNOS-based ZyXEL Device Configuration Requirements by Menu Item ....... 35 Table 4 ZyWALL 1050 Configuration Requirements by Menu Item ............36 Table 5 Title Bar .............................
Page 24 List of Tables Table 39 Traffic > FTP > Top Hosts ..................... 109 Table 40 Traffic > FTP > Top Hosts > Drill-Down ..................111 Table 41 Traffic > FTP > Top Users ......................112 Table 42 Traffic > FTP > Top Hosts > Drill-Down ..................114 Table 43 Traffic >...
Page 25 List of Tables Table 82 Network Attack > Attack > Top Attacks ................. 190 Table 83 Network Attack > Attack > Top Attacks > Drill-Down ............192 Table 84 Network Attack > Attack > Top Sources ................194 Table 85 Network Attack > Attack > Top Sources > Drill-Down ............196 Table 86 Network Attack >...
Page 26 List of Tables Table 125 Security Policy > WEB Blocked > By Category > Drill-Down ..........269 Table 126 Security Policy > WEB Allowed > Summary ............... 271 Table 127 Security Policy > WEB Allowed > Summary > Drill-Down ..........272 Table 128 Security Policy >...
Page 27 List of Tables Table 168 System Error Logs ......................353 Table 169 Access Control Logs ......................353 Table 170 TCP Reset Logs ........................354 Table 171 Packet Filter Logs ....................... 355 Table 172 ICMP Logs .......................... 355 Table 173 CDR Logs ........................... 355 Table 174 PPP Logs ..........................
Page 28 List of Tables Table 211 PKI Logs ..........................408 Table 212 Interface Logs ........................411 Table 213 Account Logs ........................414 Table 214 Port Grouping Logs ......................414 Table 215 Force Authentication Logs ....................414 Table 216 File Manager Logs ......................415 Vantage Report User’s Guide...
Page 29: Introduction
Introduction Introducing Vantage Report (31) The Vantage Report Server (33) The Web Configurator (37)
Page 31: Introducing Vantage Report
In this example, you use the web configurator (A) to set up the Vantage Report server (B). You also configure the ZyXEL devices (C) to send their logs and traffic statistics to the Vantage Report Server. The Vantage Report server collects this information. Then, you can •...
Page 32: Table 1 Differences Between Basic Version And Full Version
Chapter 1 Introducing Vantage Report This User’s Guide discusses the features in the full version. The following table shows some of the differences between the basic and full version. Table 1 Differences Between Basic Version and Full Version FEATURE BASIC FULL Number of supported devices up to 100...
Page 33: The Vantage Report Server
H A P T E R The Vantage Report Server This chapter explains several characteristics of the Vantage Report server. 2.1 Starting and Stopping the Vantage Report Server Make sure the port Vantage Report uses for web services is not used by other applications, especially web servers.
Page 34: E-Mail In The Vantage Report Server
• In Vantage Report, clock time is the time the Vantage Report server receives information (log entries or traffic statistics) from the ZyXEL devices, not the time the device puts in the entry. As soon as the Vantage Report server receives information, it replaces device times with the current time in the Vantage Report server.
Page 35: Zyxel Device Configuration And Source Data
* - The names of categories may be different for different devices. Use the category that is appropriate for each device. ** - The log viewers display whatever log entries the ZyXEL devices record, including log entries that may not be used in other reports.
Page 36: Table 4 Zywall 1050 Configuration Requirements By Menu Item
* - The names of categories may be different for different devices. Use the category that is appropriate for each device. *** - The log viewers display whatever log entries the ZyXEL devices record, including log entries that may not be used in other reports.
Page 37: The Web Configurator
H A P T E R The Web Configurator This chapter provides the minimum requirements to use the web configurator, describes how to access the web configurator, and explains each part of the main screen in the web configurator. 3.1 Web Configurator Requirements The web configurator is a browser-based interface that you can use to set up, manage, and use Vantage Report.
Page 38: Figure 2 Web Configurator Login Screen
Chapter 3 The Web Configurator Figure 2 Web Configurator Login Screen If you forget your password, enter your user name, and click Forget Password?. Vantage Report sends your password to the e-mail address (if any) for your User Name. See Section 2.2 on page 34 for more information about e-mail in Vantage Report and...
Page 39: Figure 3 Web Configurator Main Screen
(C), and the report window (D). The title bar provides some icons that are useful anytime. The device window displays and organizes the ZyXEL devices that can provide information to Vantage Report. The function window lists the reports you can generate and organizes these reports into categories.
Page 40: Title Bar
Chapter 3 The Web Configurator 3.3 Title Bar The title bar has three icons. These icons are explained in the table below. Table 5 Title Bar ICON DESCRIPTION The help icon opens the help page for the current screen in Vantage Report. The about icon opens a screen with the version of Vantage Report.
Page 41: Figure 4 Device Window
Chapter 3 The Web Configurator Figure 4 Device Window Each numbered section above is described in the following table. Table 6 Device Window SECTION DESCRIPTION To add a device to Vantage Report, • right click on root, and select Add Device. The Add Device screen appears in the device window.
Page 42: Figure 5 Add/Edit Device And Add/Edit Folder Screens
Chapter 3 The Web Configurator Table 6 Device Window SECTION DESCRIPTION To move a device in the device window tree • right-click on the device, and select Cut it. Then right-click the destination folder and select Paste to. To select which device is included in a report •...
Page 43: Function Window
Chapter 3 The Web Configurator Each field is explained in the following table. Table 7 Add/Edit Device and Add/Edit Folder Screen Fields LABEL DESCRIPTION Name Enter the name of the device or folder you want to add to Vantage Report. The device name can consist of alphanumeric characters, underscores( ), periods(.), or dashes(-), and it must be 1-28 characters long.
Page 44: Figure 7 Function Window
The dashboard gives a quick top level summary of activity across devices. The dashboard is available with the full version of Vantage Report. Monitor Use monitors to check the status of ZyXEL devices. Bandwidth Use this report to monitor the total amount of traffic handled by the selected device.
Page 45 LEVEL 3 FUNCTION Traffic Use these reports to look at how much traffic was handled by ZyXEL devices or who used the most bandwidth in a ZyXEL device. You can also look at traffic in various directions. Bandwidth Summary Use this report to look at the amount of traffic handled by the selected device by time interval.
Page 46 Chapter 3 The Web Configurator Table 8 Function Window LEVEL 1/2 LEVEL 3 FUNCTION Customization Customization Use the Service Settings screen to add, edit, or remove services whose traffic you can view in the other Service > Customization reports. Top Destinations Use this report to look at the top destinations of traffic for other services.
Page 47 Use these reports to look at intrusion signatures, types of intrusions, severity of intrusions, and the top sources and destinations of intrusions that are logged on the selected ZyXEL device. Summary Use this report to look at the number of intrusions by time interval. You can also use this report to look at the top intrusion signatures in a specific time interval.
Page 48 LEVEL 1/2 LEVEL 3 FUNCTION AntiVirus Use these reports to look at viruses that were detected by the ZyXEL device’s anti-virus feature. Summary Use this report to look at the number of virus occurrences by time interval. You can also use this report to look at the top viruses in a specific time interval.
Page 49 Successful Login Use this screen to look at who successfully logged into the ZyXEL device (for management or monitoring purposes). Failed Login Use this screen to look at who tried to log in into the ZyXEL device (for management or monitoring purposes) but failed. Session Per A device can limit a user’s maximum number of NAT sessions.
Page 50 Chapter 3 The Web Configurator Table 8 Function Window LEVEL 1/2 LEVEL 3 FUNCTION Template Use these screens to add and edit report templates. System root account can use all of the following screens. Other users can use the About screen and some features in User Management. General Use this screen to maintain global reporting settings, such as how many Configuration...
Page 51: Table 9 Function Differences For Basic And Full Versions
Chapter 3 The Web Configurator Table 9 Function differences for Basic and Full Versions FEATURE BASIC FULL NOTES Bandwidth Report by Direction Incoming Outgoing LAN-WAN LAN-DMZ LAN-LAN WAN-WAN WAN-DMZ WAN-LAN DMZ-WAN DMZ-DMZ DMZ-LAN Traffic > Bandwidth Bandwidth monitor is available for basic version.
Page 52: Report Window
Chapter 3 The Web Configurator Figure 8 Function Window Right-Click Menu Click About Macromedia Flash Player 8... to get information about the current version of Flash. 3.6 Report Window The report window displays the monitor, statistical report, or screen that you select in the device window and the function window.
Page 53: Figure 10 Report Window: Monitor And Statistical Report Examples
Chapter 3 The Web Configurator Figure 10 Report Window: Monitor and Statistical Report Examples monitor statistical report 3.6.2.1 Monitor Layout A typical monitor is shown in Figure Figure 11 Typical Monitor Layout Vantage Report User’s Guide...
Page 54: Figure 12 Report Window Right-Click Menu
Chapter 3 The Web Configurator Each numbered section above is described in the following table. Table 11 Typical Monitor Features SECTION DESCRIPTION Device Name, MAC: These fields are the same ones you entered when you added the device. (See Section 3.4 on page 40.) Print icon: Click this icon to print the current screen.
Page 55: Figure 13 Typical Statistical Report Layout
Chapter 3 The Web Configurator Figure 13 Typical Statistical Report Layout Each numbered section above is described in the following table. Table 12 Typical Statistical Report Features SECTION DESCRIPTION Device Name, MAC: These fields are the same ones you entered when you added the device.
Page 56: View Logs
Chapter 3 The Web Configurator Table 12 Typical Statistical Report Features SECTION DESCRIPTION Last Days, Settings: Use one of these fields to specify what historical information is included in the report. • Select how many days, ending (and including) today, in the Last Days drop-down list. •...
Page 57: Dashboard
Chapter 3 The Web Configurator Figure 15 View Logs Each field is described in the following table. Table 13 View Logs LABEL DESCRIPTION Time This field displays the time the Vantage Report server received the log entry, not the time the log entry was generated. Source:Port This field displays the source IP address and port (if any) of the event that generated the entry.
Page 58: Figure 16 Dashboard Initial View
Chapter 3 The Web Configurator The dashboard looks like this before you configure it. Figure 16 Dashboard Initial View The following screen appears after you click the “here” link. Figure 17 Dashboard Configure Vantage Report User’s Guide...
Page 59: Dashboard
Select devices and then the monitor or summary to display for each. You can select the same device in more that one section of the dashboard. Not every ZyXEL device supports every report. Only select a monitor or summary that the device supports.
Page 60: Figure 19 Dashboard Configured
Chapter 3 The Web Configurator Figure 19 Dashboard Configured Vantage Report User’s Guide...
Page 61: Table 14 Dashboard
Chapter 3 The Web Configurator The following table describes the dashboard icons. See the other sections in this user’s guide for details on the monitors and summaries. Table 14 Dashboard ICON DESCRIPTION The setting icon returns you to the dashboard configuration screen. The print icon prints the dashboard screen.
Page 62 Chapter 3 The Web Configurator Vantage Report User’s Guide...
Page 63: Monitor And Traffic
Monitor and Traffic Monitor (65) Traffic (73) VPN (139)
Page 65: Monitor
H A P T E R Monitor Use monitors to check the status of ZyXEL devices. See Section 2.3 on page 34 for a related discussion about time. 4.1 Bandwidth Monitor Use this report to monitor the total amount of traffic handled by the selected device.
Page 66: Service Monitor
Chapter 4 Monitor Table 15 Monitor > Bandwidth LABEL DESCRIPTION Port This field displays when you select Port in the Type field. Select the physical interface for which you want to view bandwidth usage. This field is not available with all models. Interface This field displays when you select Interface in the Type field.
Page 67: Figure 21 Monitor > Service
Chapter 4 Monitor Figure 21 Monitor > Service Each field is described in the following table. Table 16 Monitor > Service LABEL DESCRIPTION title This field displays the title of the monitor. It does not include the service you select in the Service Type field. Service Type Select the service whose traffic you want to look at.
Page 68: Attack Monitor
Chapter 4 Monitor 4.3 Attack Monitor Use this report to monitor the number of Denial-of-Service (DoS) attacks detected by the selected device’s firewall. Click Monitor > Attack to open this screen. Figure 22 Monitor > Attack Each field is described in the following table. Table 17 Monitor >...
Page 69: Anti-Virus Monitor
Chapter 4 Monitor Click Monitor > Intrusion to open this screen. Figure 23 Monitor > Intrusion Each field is described in the following table. Table 18 Monitor > Intrusion LABEL DESCRIPTION title This field displays the title of the monitor. Start Time This field displays the clock time (in 24-hour format) of the earliest traffic statistics in the graph.
Page 70: Anti-Spam Monitor
Chapter 4 Monitor Figure 24 Monitor > AntiVirus Each field is described in the following table. Table 19 Monitor > AntiVirus LABEL DESCRIPTION title This field displays the title of the monitor. Start Time This field displays the clock time (in 24-hour format) of the earliest traffic statistics in the graph.
Page 71: Figure 25 Monitor > Antispam
Chapter 4 Monitor Figure 25 Monitor > AntiSpam Each field is described in the following table. Table 20 Monitor > AntiSpam LABEL DESCRIPTION title This field displays the title of the monitor. Start Time This field displays the clock time (in 24-hour format) of the earliest traffic statistics in the graph.
Page 72 Chapter 4 Monitor Vantage Report User’s Guide...
Page 73: Traffic
SMTP, and other protocols. 5.1 Bandwidth Use these reports to look at how much traffic was handled by ZyXEL devices, who used the most bandwidth in a ZyXEL device, and which protocols were used. You can also look at traffic in various directions.
Page 74: Table 21 Traffic > Bandwidth > Summary
Chapter 5 Traffic Each field is described in the following table. Table 21 Traffic > Bandwidth > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Interface Select the logical interface for which you want to view bandwidth usage.
Page 75: Bandwidth Summary Drill-Down
Chapter 5 Traffic Table 21 Traffic > Bandwidth > Summary LABEL DESCRIPTION Hour (Day) This field displays each time interval in chronological order. If you select one day of historical information or less (in the Last ... Days or Settings field) and it is in the last seven days (today is day one), the time interval is hours (in 24-hour format).
Page 76: Figure 27 Traffic > Bandwidth > Summary > Drill-Down
Chapter 5 Traffic Figure 27 Traffic > Bandwidth > Summary > Drill-Down Each field is described in the following table. Table 22 Traffic > Bandwidth > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 77: Bandwidth Top Protocols
Chapter 5 Traffic Table 22 Traffic > Bandwidth > Summary > Drill-Down LABEL DESCRIPTION MBytes Transferred This field displays how much traffic (in megabytes) the device handled for each service in the selected time interval. % of MBytes This field displays what percentage of the time interval’s total traffic belonged to Transferred each service.
Page 78: Table 23 Traffic > Bandwidth > Top Protocols
Chapter 5 Traffic Each field is described in the following table. Table 23 Traffic > Bandwidth > Top Protocols LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. It does not include the Direction you select.
Page 79: Bandwidth Top Protocols Drill-Down
Chapter 5 Traffic Table 23 Traffic > Bandwidth > Top Protocols LABEL DESCRIPTION graph The graph displays the information in the table visually. • Click the pie view or the bar view icon. You can specify the Default Chart Type in System > General Configuration. •...
Page 80: Figure 29 Traffic > Bandwidth > Top Protocol > Drill-Down
Chapter 5 Traffic Figure 29 Traffic > Bandwidth > Top Protocol > Drill-Down Each field is described in the following table. Table 24 Traffic > Bandwidth > Top Protocol > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 81: Top Bandwidth Hosts
Chapter 5 Traffic Table 24 Traffic > Bandwidth > Top Protocol > Drill-Down LABEL DESCRIPTION % of Sessions This field displays what percentage of the selected service’s total number of traffic events came from each source. MBytes Transferred This field displays how much traffic (in megabytes) each source generated using the selected service.
Page 82: Figure 30 Traffic > Bandwidth > Top Hosts
Chapter 5 Traffic Figure 30 Traffic > Bandwidth > Top Hosts Each field is described in the following table. Table 25 Traffic > Bandwidth > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 83 Chapter 5 Traffic Table 25 Traffic > Bandwidth > Top Hosts LABEL DESCRIPTION Last ... Days Use this field or Settings to specify what historical information is included in the report. Select how many days, ending (and including) today, you want to include.
Page 84: Top Bandwidth Hosts Drill-Down
Chapter 5 Traffic Table 25 Traffic > Bandwidth > Top Hosts LABEL DESCRIPTION % of Sessions This field displays what percentage each source’s number of traffic events makes out of the total number of traffic events that match the settings you displayed in this report.
Page 85: Top Bandwidth Users
Chapter 5 Traffic Each field is described in the following table. Table 26 Traffic > Bandwidth > Top Hosts > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. It does not include the Direction you select.
Page 86: Figure 32 Traffic > Bandwidth > Top Users
Chapter 5 Traffic Figure 32 Traffic > Bandwidth > Top Users Each field is described in the following table. Table 27 Traffic > Bandwidth > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 87 Chapter 5 Traffic Table 27 Traffic > Bandwidth > Top Users LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 88: Top Bandwidth Users Drill-Down
Chapter 5 Traffic 5.1.8 Top Bandwidth Users Drill-Down Use this report to look at the top services used by any top bandwidth user. Click on a specific user in Traffic > Bandwidth > Top Users to open this screen. Figure 33 Traffic > Bandwidth > Top Users > Drill-Down Each field is described in the following table.
Page 89: Top Bandwidth Destinations
Chapter 5 Traffic Table 28 Traffic > Bandwidth > Top Users > Drill-Down LABEL DESCRIPTION Sessions This field displays the number of traffic events the selected user generated using each service. % of Sessions This field displays what percentage of the selected user’s total number of traffic events was generated using each service.
Page 90: Figure 34 Traffic > Bandwidth > Top Destinations
Chapter 5 Traffic Figure 34 Traffic > Bandwidth > Top Destinations Each field is described in the following table. Table 29 Traffic > Bandwidth > Top Destinations LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 91 Chapter 5 Traffic Table 29 Traffic > Bandwidth > Top Destinations LABEL DESCRIPTION Last ... Days Use this field or Settings to specify what historical information is included in the report. Select how many days, ending (and including) today, you want to include.
Page 92: Top Bandwidth Destinations Drill-Down
Chapter 5 Traffic Table 29 Traffic > Bandwidth > Top Destinations LABEL DESCRIPTION % of Sessions This field displays what percentage each destination’s number of traffic events makes out of the total number of traffic events that match the settings you displayed in this report.
Page 93: Web Traffic
Chapter 5 Traffic Each field is described in the following table. Table 30 Traffic > Bandwidth > Top Destinations > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
Page 94: Figure 36 Traffic > Web > Top Sites
Chapter 5 Traffic Figure 36 Traffic > WEB > Top Sites Each field is described in the following table. Table 31 Traffic > WEB > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 95 Chapter 5 Traffic Table 31 Traffic > WEB > Top Sites LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 96: Top Web Sites Drill-Down
Chapter 5 Traffic 5.2.2 Top Web Sites Drill-Down Use this report to look at the top sources of web traffic for any top destination. Click on a specific destination in Traffic > WEB > Top Sites to open this screen. Figure 37 Traffic >...
Page 97: Top Web Hosts
Chapter 5 Traffic Table 32 Traffic > WEB > Top Sites > Drill-Down LABEL DESCRIPTION Color This field displays what color represents each source in the graph. Sessions This field displays the number of traffic events from each source to the selected destination.
Page 98: Figure 38 Traffic > Web > Top Hosts
Chapter 5 Traffic Figure 38 Traffic > WEB > Top Hosts Each field is described in the following table. Table 33 Traffic > WEB > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 99: Top Web Hosts Drill-Down
Chapter 5 Traffic Table 33 Traffic > WEB > Top Hosts LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 100: Figure 39 Traffic > Web > Top Hosts > Drill-Down
Chapter 5 Traffic Click on a specific source in Traffic > WEB > Top Hosts to open this screen. Figure 39 Traffic > WEB > Top Hosts > Drill-Down Each field is described in the following table. Table 34 Traffic > WEB > Top Hosts > Drill-Down LABEL DESCRIPTION title...
Page 101: Top Web Users
Chapter 5 Traffic Table 34 Traffic > WEB > Top Hosts > Drill-Down LABEL DESCRIPTION % of MBytes This field displays what percentage of the selected source’s traffic was sent to Transferred each destination. Total This entry displays the totals for the destinations above. If the number of destinations of web traffic from the selected source is greater than the maximum number of records displayed in this table, this total might be a little lower than the total in the main report.
Page 102: Table 35 Traffic > Web > Top Users
Chapter 5 Traffic Each field is described in the following table. Table 35 Traffic > WEB > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Page 103: Top Web Users Drill-Down
Chapter 5 Traffic Table 35 Traffic > WEB > Top Users LABEL DESCRIPTION MBytes Transferred This field displays how much traffic (in megabytes) the device handled for each user. % of MBytes This field displays what percentage each user’s traffic makes out of the total Transferred traffic that matches the settings you displayed in this report.
Page 104: Ftp Traffic
Chapter 5 Traffic Each field is described in the following table. Table 36 Traffic > WEB > Top Users > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
Page 105: Figure 42 Traffic > Ftp > Top Sites
Chapter 5 Traffic Figure 42 Traffic > FTP > Top Sites Each field is described in the following table. Table 37 Traffic > FTP > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 106 Chapter 5 Traffic Table 37 Traffic > FTP > Top Sites LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 107: Top Ftp Sites Drill-Down
Chapter 5 Traffic 5.3.2 Top FTP Sites Drill-Down Use this report to look at the top sources of FTP traffic for any top destination. Click on a specific destination in Traffic > FTP > Top Sites to open this screen. Figure 43 Traffic >...
Page 108: Top Ftp Hosts
Chapter 5 Traffic Table 38 Traffic > FTP > Top Sites > Drill-Down LABEL DESCRIPTION % of Sessions This field displays what percentage of the selected destination’s total number of traffic events came from each source. MBytes Transferred This field displays how much traffic (in megabytes) was generated from each source to the selected destination.
Page 109: Table 39 Traffic > Ftp > Top Hosts
Chapter 5 Traffic Each field is described in the following table. Table 39 Traffic > FTP > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Page 110: Top Ftp Hosts Drill-Down
Chapter 5 Traffic Table 39 Traffic > FTP > Top Hosts LABEL DESCRIPTION MBytes Transferred This field displays how much traffic (in megabytes) the device handled for each source. % of MBytes This field displays what percentage each source’s traffic makes out of the total Transferred traffic that matches the settings you displayed in this report.
Page 111: Top Ftp Users
Chapter 5 Traffic Each field is described in the following table. Table 40 Traffic > FTP > Top Hosts > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
Page 112: Figure 46 Traffic > Ftp > Top Users
Chapter 5 Traffic Figure 46 Traffic > FTP > Top Users Each field is described in the following table. Table 41 Traffic > FTP > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 113: Top Ftp Users Drill-Down
Chapter 5 Traffic Table 41 Traffic > FTP > Top Users LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 114: Figure 47 Traffic > Ftp > Top Users > Drill-Down
Chapter 5 Traffic Figure 47 Traffic > FTP > Top Users > Drill-Down Each field is described in the following table. Table 42 Traffic > FTP > Top Hosts > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 115: Mail Traffic
Chapter 5 Traffic Table 42 Traffic > FTP > Top Hosts > Drill-Down LABEL DESCRIPTION MBytes Transferred This field displays how much traffic (in megabytes) was generated from the selected user to each destination. % of MBytes This field displays what percentage of the selected user’s total traffic was sent Transferred to each destination.
Page 116: Figure 48 Traffic > Mail > Top Sites
Chapter 5 Traffic Figure 48 Traffic > MAIL > Top Sites Each field is described in the following table. Table 43 Traffic > MAIL > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 117 Chapter 5 Traffic Table 43 Traffic > MAIL > Top Sites LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 118: Top Mail Sites Drill-Down
Chapter 5 Traffic 5.4.2 Top Mail Sites Drill-Down Use this report to look at the top sources of mail traffic for any top destination. Click on a specific destination in Traffic > MAIL > Top Sites to open this screen. Figure 49 Traffic >...
Page 119: Top Mail Hosts
Chapter 5 Traffic Table 44 Traffic > MAIL > Top Sites > Drill-Down LABEL DESCRIPTION % of Sessions This field displays what percentage of the selected destination’s total number of traffic events came from each source. MBytes Transferred This field displays how much traffic (in megabytes) came from each source to the selected destination.
Page 120: Table 45 Traffic > Mail > Top Hosts
Chapter 5 Traffic Each field is described in the following table. Table 45 Traffic > MAIL > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Page 121: Top Mail Hosts Drill-Down
Chapter 5 Traffic Table 45 Traffic > MAIL > Top Hosts LABEL DESCRIPTION MBytes Transferred This field displays how much traffic (in megabytes) the device handled for each source. % of MBytes This field displays what percentage each source’s traffic makes out of the total Transferred traffic that matches the settings you displayed in this report.
Page 122: Top Mail Users
Chapter 5 Traffic Each field is described in the following table. Table 46 Traffic > MAIL > Top Hosts > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
Page 123: Figure 52 Traffic > Mail > Top Users
Chapter 5 Traffic Figure 52 Traffic > MAIL > Top Users Each field is described in the following table. Table 47 Traffic > MAIL > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 124: Top Mail Users Drill-Down
Chapter 5 Traffic Table 47 Traffic > MAIL > Top Users LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 125: Figure 53 Traffic > Mail > Top Users > Drill-Down
Chapter 5 Traffic Figure 53 Traffic > MAIL > Top Users > Drill-Down Each field is described in the following table. Table 48 Traffic > MAIL > Top Users > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 126: Other Traffic
Then click Next. 5.5.2 Service Settings The following screen displays after you select the ZyXEL firmware platform. Use this screen to add, edit, or remove services that you can view in Other Traffic reports. These services appear in the Customized Services drop-down box.
Page 127: Top Destinations Of Other Traffic
Chapter 5 Traffic Figure 55 Traffic > Customization > Customization (Service Settings) Each field is described in the following table. Table 49 Service > Customization > Customization (Service Settings) LABEL DESCRIPTION Add a Known Use this drop-down box to add a service to the Customized Service drop-down Service box.
Page 128: Figure 56 Traffic > Customization > Top Destinations
Chapter 5 Traffic Click Traffic > Customization > Top Destinations to open this screen. Figure 56 Traffic > Customization > Top Destinations Each field is described in the following table. Table 50 Traffic > Customization > Top Destinations LABEL DESCRIPTION title This field displays the title of the statistical report.
Page 129: Top Destinations Of Other Traffic Drill-Down
Chapter 5 Traffic Table 50 Traffic > Customization > Top Destinations LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 130: Figure 57 Traffic > Customization > Top Destinations > Drill-Down
Chapter 5 Traffic Click on a specific destination in Traffic > Customization > Top Destinations to open this screen. Figure 57 Traffic > Customization > Top Destinations > Drill-Down Each field is described in the following table. Table 51 Traffic > Customization > Top Destinations > Drill-Down LABEL DESCRIPTION title...
Page 131: Top Sources Of Other Traffic
Chapter 5 Traffic Table 51 Traffic > Customization > Top Destinations > Drill-Down LABEL DESCRIPTION View Logs Click this icon to see the logs that go with the record. Total This entry displays the totals for the sources above. If the number of sources of traffic to the selected destination is greater than the maximum number of records displayed in this table, this total might be a little lower than the total in the main report.
Page 132 Chapter 5 Traffic Table 52 Traffic > Customization > Top Sources LABEL DESCRIPTION Last ... Days Use this field or Settings to specify what historical information is included in the report. Select how many days, ending (and including) today, you want to include.
Page 133: Top Sources Of Other Traffic Drill-Down
Chapter 5 Traffic Table 52 Traffic > Customization > Top Sources LABEL DESCRIPTION MBytes Transferred This field displays how much traffic (in megabytes) the device handled for each source. % of MBytes This field displays what percentage each source’s traffic makes out of the total Transferred traffic that matches the settings you displayed in this report.
Page 134: Top Other Traffic Users
Chapter 5 Traffic Table 53 Traffic > Customization > Top Sources > Drill-Down LABEL DESCRIPTION Destination This field displays the top destinations of the selected service’s traffic from the selected source, sorted by the amount of traffic attributed to each one. Each destination is identified by its IP address.
Page 135: Table 54 Traffic > Customization > Top Users
Chapter 5 Traffic Each field is described in the following table. Table 54 Traffic > Customization > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Customized Service Select the service whose traffic you want to view.
Page 136: Top Users Of Other Traffic Drill-Down
Chapter 5 Traffic Table 54 Traffic > Customization > Top Users LABEL DESCRIPTION % of Sessions This field displays what percentage each user’s number of traffic events makes out of the total number of traffic events for the time range of the report. MBytes Transferred This field displays how much traffic (in megabytes) the device handled for each user.
Page 137: Table 55 Traffic > Customization > Top Users > Drill-Down
Chapter 5 Traffic Each field is described in the following table. Table 55 Traffic > Customization > Top Users > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
Page 138 Chapter 5 Traffic Vantage Report User’s Guide...
Page 139: Vpn
To look at VPN usage reports, each ZyXEL device must record forwarded IPSec VPN traffic in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure IPSec is enabled.
Page 140: Vpn Traffic Monitor
Chapter 6 VPN Each field is described in the following table. Table 56 VPN > Site-to-Site > Link Status LABEL DESCRIPTION Site This column displays the names of peer IPSec routers. Each IPSec router is identified by the name of the phase 1 IKE SA (also known as the gateway policy).
Page 141: Top Vpn Peer Gateways
Chapter 6 VPN Each field is described in the following table. Table 57 VPN > Site-to-Site > Traffic Monitor LABEL DESCRIPTION Site Select a peer IPSec router. Tunnel Select a VPN tunnel. Select All to display the total traffic for the device’s VPN tunnels with the selected site.
Page 142: Figure 64 Vpn > Site-To-Site > Top Peer Gateways
Chapter 6 VPN Figure 64 VPN > Site-to-Site > Top Peer Gateways Each field is described in the following table. Table 58 VPN > Site-to-Site > Top Peer Gateways LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 143: Top Vpn Peer Gateways Drill-Down
Chapter 6 VPN Table 58 VPN > Site-to-Site > Top Peer Gateways LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 144: Figure 65 Vpn > Site-To-Site > Top Peer Gateways > Drill-Down
Chapter 6 VPN Click on a specific destination in VPN > Site-to-Site > Top Peer Gateways to open this screen. Figure 65 VPN > Site-to-Site > Top Peer Gateways > Drill-Down Each field is described in the following table. Table 59 VPN > Site-to-Site > Top Peer Gateways > Drill-Down LABEL DESCRIPTION title...
Page 145: Top Vpn Sites
Chapter 6 VPN Table 59 VPN > Site-to-Site > Top Peer Gateways > Drill-Down LABEL DESCRIPTION Sessions This field displays the number of traffic events from each source to the selected destination. % of Sessions This field displays what percentage each source’s number of traffic events makes out of the total number of traffic events for the selected destination.
Page 146: Table 60 Vpn > Site-To-Site > Top Sites
Chapter 6 VPN Each field is described in the following table. Table 60 VPN > Site-to-Site > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Page 147: Top Vpn Sites Drill-Down
Chapter 6 VPN Table 60 VPN > Site-to-Site > Top Sites LABEL DESCRIPTION MBytes Transferred This field displays how much traffic (in megabytes) the device handled for each site. % of MBytes This field displays what percentage of VPN traffic the device handled for each Transferred site.
Page 148: Top Vpn Tunnels
Chapter 6 VPN Each field is described in the following table. Table 61 VPN > Site-to-Site > Top Sites > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
Page 149: Figure 68 Vpn > Site-To-Site > Top Tunnels
Chapter 6 VPN Figure 68 VPN > Site-to-Site > Top Tunnels Each field is described in the following table. Table 62 VPN > Site-to-Site > Top Tunnels LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 150 Chapter 6 VPN Table 62 VPN > Site-to-Site > Top Tunnels LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 151: Top Vpn Tunnels Drill-Down
Chapter 6 VPN 6.1.8 Top VPN Tunnels Drill-Down Use this report to look at the top senders or receivers of VPN traffic for a top VPN tunnel. Click on a specific destination in VPN > Site-to-Site > Top Tunnels to open this screen. Figure 69 VPN >...
Page 152: Top Vpn Protocols
Chapter 6 VPN Table 63 VPN > Site-to-Site > Top Tunnels > Drill-Down LABEL DESCRIPTION Sessions This field displays the number of traffic events from each host to the selected VPN tunnel. % of Sessions This field displays what percentage each host’s number of traffic events makes out of the total number of traffic events for the selected VPN tunnel.
Page 153: Table 64 Vpn > Site-To-Site > Top Protocols
Chapter 6 VPN Each field is described in the following table. Table 64 VPN > Site-to-Site > Top Protocols LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Site Select a peer IPSec router.
Page 154: Top Vpn Protocols Drill-Down
Chapter 6 VPN Table 64 VPN > Site-to-Site > Top Protocols LABEL DESCRIPTION graph The graph displays the information in the table visually. • Click the pie view or the bar view icon. You can specify the Default Chart Type in System > General Configuration. •...
Page 155: Figure 71 Vpn > Site-To-Site > Top Protocols > Drill-Down
Chapter 6 VPN Figure 71 VPN > Site-to-Site > Top Protocols > Drill-Down Each field is described in the following table. Table 65 VPN > Site-to-Site > Top Protocols > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 156: Top Vpn Hosts
Chapter 6 VPN Table 65 VPN > Site-to-Site > Top Protocols > Drill-Down LABEL DESCRIPTION % of MBytes This field displays what percentage of the selected VPN traffic was for each Transferred host. View Logs Click this icon to see the logs that go with the record. Total This entry displays the totals for the hosts above.
Page 157: Table 66 Vpn > Site-To-Site > Top Hosts
Chapter 6 VPN Each field is described in the following table. Table 66 VPN > Site-to-Site > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Site Select a peer IPSec router.
Page 158 Chapter 6 VPN Table 66 VPN > Site-to-Site > Top Hosts LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 159: Top Vpn Hosts Drill-Down
Chapter 6 VPN Table 66 VPN > Site-to-Site > Top Hosts LABEL DESCRIPTION View Logs Click this icon to see the logs that go with the record. Total This entry displays the totals for the hosts above. 6.1.12 Top VPN Hosts Drill-Down Use this report to look at the services sent through VPN from a top sender or to a top receiver.
Page 160: Top Vpn Users
Chapter 6 VPN Table 67 VPN > Site-to-Site > Top Hosts > Drill-Down LABEL DESCRIPTION Protocol This field displays the top services of VPN traffic from the selected host, sorted by the amount of traffic attributed to each one. Each service is identified by its IP address. Color This field displays what color represents each protocol in the graph.
Page 161: Figure 74 Vpn > Site-To-Site > Top Users
Chapter 6 VPN Figure 74 VPN > Site-to-Site > Top Users Each field is described in the following table. Table 68 VPN > Site-to-Site > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 162 Chapter 6 VPN Table 68 VPN > Site-to-Site > Top Users LABEL DESCRIPTION Last ... Days Use this field or Settings to specify what historical information is included in the report. Select how many days, ending (and including) today, you want to include.
Page 163: Top Vpn Users Drill-Down
Chapter 6 VPN Table 68 VPN > Site-to-Site > Top Users LABEL DESCRIPTION % of Sessions This field displays what percentage each user’s number of traffic events makes out of the total number of traffic events that match the settings you displayed in this report.
Page 164: Top Vpn Destinations
Chapter 6 VPN Each field is described in the following table. Table 69 VPN > Site-to-Site > Top Users > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
Page 165: Figure 76 Vpn > Site-To-Site > Top Destinations
Chapter 6 VPN Figure 76 VPN > Site-to-Site > Top Destinations Each field is described in the following table. Table 70 VPN > Site-to-Site > Top Destinations LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 166 Chapter 6 VPN Table 70 VPN > Site-to-Site > Top Destinations LABEL DESCRIPTION Last ... Days Use this field or Settings to specify what historical information is included in the report. Select how many days, ending (and including) today, you want to include.
Page 167: Top Vpn Destinations Drill-Down
Chapter 6 VPN Table 70 VPN > Site-to-Site > Top Destinations LABEL DESCRIPTION % of Sessions This field displays what percentage each destination’s number of traffic events makes out of the total number of traffic events that match the settings you displayed in this report.
Page 168: Vpn Remote Access
Chapter 6 VPN Each field is described in the following table. Table 71 VPN > Site-to-Site > Top Destinations > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
Page 169: Vpn User Status
Chapter 6 VPN Figure 78 VPN > Remote Access > Total Users And Traffic Each field is described in the following table. Table 72 VPN > Remote Access > Total Users And Traffic Start Time This field displays the clock time (in 24-hour format) of the earliest traffic statistics in the graph.
Page 170: Top Vpn Protocols
Chapter 6 VPN Figure 79 VPN > Remote Access > User Status Each field is described in the following table. Table 73 VPN > Remote Access > User Status LABEL DESCRIPTION User Status Select Online to display the list of users that are using a remote access connection to the device.
Page 171: Figure 80 Vpn > Remote Access > Top Protocols
Chapter 6 VPN Figure 80 VPN > Remote Access > Top Protocols Each field is described in the following table. Table 74 VPN > Remote Access > Top Protocols LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 172 Chapter 6 VPN Table 74 VPN > Remote Access > Top Protocols LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 173: Top Vpn Protocols Drill-Down
Chapter 6 VPN 6.2.4 Top VPN Protocols Drill-Down Use this report to look at the top remote access senders or receivers of any top service. Click on a specific service in VPN > Remote Access > Top Protocols to open this screen. Figure 81 VPN >...
Page 174: Top Vpn Destinations
Chapter 6 VPN Table 75 VPN > Remote Access > Top Protocols > Drill-Down LABEL DESCRIPTION Sessions This field displays the number of traffic events for each host. % of Sessions This field displays what percentage each host’s number of traffic events makes out of the total number of traffic events for the selected VPN traffic.
Page 175: Figure 82 Vpn > Remote Access > Top Destinations
Chapter 6 VPN Figure 82 VPN > Remote Access > Top Destinations Each field is described in the following table. Table 76 VPN > Remote Access > Top Destinations LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 176 Chapter 6 VPN Table 76 VPN > Remote Access > Top Destinations LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 177: Top Vpn Destinations Drill-Down
Chapter 6 VPN 6.2.6 Top VPN Destinations Drill-Down Use this report to look at the remote access hosts that sent the most traffic to the selected top destination. Click on a specific destination in VPN > Remote Access > Top Destinations to open this screen.
Page 178: Xauth
Chapter 6 VPN Table 77 VPN > Remote Access > Top Destinations > Drill-Down LABEL DESCRIPTION Host This field displays the top sources that sent remote access VPN traffic to the selected destination, sorted by the amount of traffic attributed to each one. Each source is identified by its IP address.
Page 179: Figure 84 Vpn > Xauth> Successful Login
Chapter 6 VPN Figure 84 VPN > Xauth> Successful Login Each field is described in the following table. Table 78 VPN > Xauth> Successful Login LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 180: Vpn Failed Login
Chapter 6 VPN 6.3.2 VPN Failed Login Use this report to monitor the total number of users that have made unsuccessful attempts to log in to use one of the device’s VPN tunnels. Click VPN > Xauth> Failed Login to open this screen. Figure 85 VPN >...
Page 181 Chapter 6 VPN Table 79 VPN > Xauth> Failed Login LABEL DESCRIPTION Source IP This is the IP address from which the user attempted to log into one of the device’s VPN tunnels. Total This entry displays the total number of users on the current page of the report. If you want to see a different page of the report, type the number of the page in the field.
Page 182 Chapter 6 VPN Vantage Report User’s Guide...
Page 183: Network Attack And Security Policy
Network Attack and Security Policy Network Attack (185) Security Policy (243)
Page 185: Network Attack
H A P T E R Network Attack Use these reports to look at Denial-of-Service (DoS) attacks that were detected by the ZyXEL device’s firewall. 7.1 Attack Use this report to look at the number of DoS attacks by time interval, top sources and by category.
Page 186: Figure 86 Network Attack > Attack > Summary
Chapter 7 Network Attack Figure 86 Network Attack > Attack > Summary Each field is described in the following table. Table 80 Network Attack > Attack > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 187: Attack Summary Drill-Down
Chapter 7 Network Attack Table 80 Network Attack > Attack > Summary LABEL DESCRIPTION graph The graph displays the information in the table visually. • Click the pie view or the bar view icon. You can specify the Default Chart Type in System >...
Page 188: Figure 87 Network Attack > Attack > Summary > Drill-Down
Chapter 7 Network Attack Figure 87 Network Attack > Attack > Summary > Drill-Down Each field is described in the following table. Table 81 Network Attack > Attack > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 189: Top Attacks
Use this report to look at the top kinds of DoS attacks by number of attacks. To look at attack reports, each ZyXEL device must record DoS attacks in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs >...
Page 190: Figure 88 Network Attack > Attack > Top Attacks
Chapter 7 Network Attack Figure 88 Network Attack > Attack > Top Attacks Each field is described in the following table. Table 82 Network Attack > Attack > Top Attacks LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 191: Top Attacks Drill-Down
Chapter 7 Network Attack Table 82 Network Attack > Attack > Top Attacks LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 192: Figure 89 Network Attack > Attack > Top Attacks > Drill-Down
Chapter 7 Network Attack Figure 89 Network Attack > Attack > Top Attacks > Drill-Down Each field is described in the following table. Table 83 Network Attack > Attack > Top Attacks > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 193: Top Attack Sources
Use this report to look at the top sources of DoS attacks by number of attacks. To look at attack reports, each ZyXEL device must record DoS attacks in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs >...
Page 194: Figure 90 Network Attack > Attack > Top Sources
Chapter 7 Network Attack Figure 90 Network Attack > Attack > Top Sources Each field is described in the following table. Table 84 Network Attack > Attack > Top Sources LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 195: Top Attack Sources Drill-Down
Chapter 7 Network Attack Table 84 Network Attack > Attack > Top Sources LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 196: Figure 91 Network Attack > Attack > Top Sources > Drill-Down
Chapter 7 Network Attack Figure 91 Network Attack > Attack > Top Sources > Drill-Down Each field is described in the following table. Table 85 Network Attack > Attack > Top Sources > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 197: Attack Types
Use this report to look at the categories of DoS attacks by number of attacks. To look at attack reports, each ZyXEL device must record DoS attacks in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs >...
Page 198: Attack Types Drill-Down
Chapter 7 Network Attack Each field is described in the following table. Table 86 Network Attack > Attack > By Type LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Page 199: Figure 93 Network Attack > Attack > By Type > Drill-Down
Chapter 7 Network Attack Figure 93 Network Attack > Attack > By Type > Drill-Down Each field is described in the following table. Table 87 Network Attack > Attack > By Type > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 200: Intrusion
Use these reports to look at intrusion signatures, types of intrusions, severity of intrusions, and the top sources and destinations of intrusions that are logged on the selected ZyXEL device. Intrusions are caused by malicious or suspicious packets sent with the intent of causing harm, illegally accessing resources or interrupting service.
Page 201: Intrusion Summary Drill-Down
Chapter 7 Network Attack Each field is described in the following table. Table 88 Network Attack > Intrusion > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Page 202: Figure 95 Network Attack > Intrusion > Summary > Drill-Down
This field displays the severity of each intrusion signature. Type This field displays what kind of intrusion each intrusion signature is. This corresponds to IDP > Signature > Attack Type in most ZyXEL devices. Intrusions This field displays how many intrusions occurred in the selected time interval.
Page 203: Top Intrusion Signatures
To look at intrusion reports, each ZyXEL device must record intrusions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure IDP is enabled. Then, go to IDP >...
Page 204: Table 90 Network Attack > Intrusion > Top Intrusions
This field displays the severity of each intrusion signature. Type This field displays what kind of intrusion each intrusion signature is. This corresponds to IDP > Signature > Attack Type in most ZyXEL devices. Intrusions This field displays the number of intrusions by each intrusion signature.
Page 205: Top Intrusion Signatures Drill-Down
Chapter 7 Network Attack 7.2.4 Top Intrusion Signatures Drill-Down Use this report to look at the top sources of intrusions for any top signature. Click on a specific intrusion signature in Network Attack > Intrusion > Top Intrusions to open this screen. Figure 97 Network Attack >...
Page 206: Top Intrusion Sources
To look at intrusion reports, each ZyXEL device must record intrusions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure IDP is enabled. Then, go to IDP >...
Page 207: Figure 98 Network Attack > Intrusion > Top Sources
Chapter 7 Network Attack Figure 98 Network Attack > Intrusion > Top Sources Each field is described in the following table. Table 92 Network Attack > Intrusion > Top Sources LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 208: Top Intrusion Sources Drill-Down
Chapter 7 Network Attack Table 92 Network Attack > Intrusion > Top Sources LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 209: Figure 99 Network Attack > Intrusion > Top Sources > Drill-Down
This field displays the severity of each intrusion signature. Type This field displays what kind of intrusion each intrusion signature is. This corresponds to IDP > Signature > Attack Type in most ZyXEL devices. Intrusions This field displays the number of intrusions by the selected source using each intrusion signature.
Page 210: Top Intrusion Destinations
To look at intrusion reports, each ZyXEL device must record intrusions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure IDP is enabled. Then, go to IDP >...
Page 211: Table 94 Intrusion > Top Destinations
Chapter 7 Network Attack Each field is described in the following table. Table 94 Intrusion > Top Destinations LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Page 212: Top Intrusion Destinations Drill-Down
This field displays what color represents each intrusion signature in the graph. Severity This field displays the severity of each intrusion signature. Type This field displays what kind of intrusion each intrusion signature is. This corresponds to IDP > Signature > Attack Type in most ZyXEL devices. Vantage Report User’s Guide...
Page 213: Intrusion Severities
To look at intrusion reports, each ZyXEL device must record intrusions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure IDP is enabled. Then, go to IDP >...
Page 214: Figure 102 Network Attack > Intrusion > By Severity
Chapter 7 Network Attack Figure 102 Network Attack > Intrusion > By Severity Each field is described in the following table. Table 96 Network Attack > Intrusion > By Severity LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 215: Intrusion Severities Drill-Down
Chapter 7 Network Attack Table 96 Network Attack > Intrusion > By Severity LABEL DESCRIPTION graph The graph displays the information in the table visually. • Click the pie view or the bar view icon. You can specify the Default Chart Type in System >...
Page 216: Figure 103 Network Attack > Intrusion > By Severity > Drill-Down
This field displays the severity of each intrusion signature. Type This field displays what kind of intrusion each intrusion signature is. This corresponds to IDP > Signature > Attack Type in most ZyXEL devices. Intrusions This field displays the number of intrusions of the selected severity using each intrusion signature.
Page 217: Antivirus
Back Click this to return to the main report. 7.3 AntiVirus Use these reports to look at viruses that were detected by the ZyXEL device’s anti-virus feature. 7.3.1 Virus Summary Use this report to look at the number of virus occurrences by time interval.
Page 218: Virus Summary Drill-Down
Chapter 7 Network Attack Each field is described in the following table. Table 98 Network Attack > AntiVirus > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Page 219: Figure 105 Network Attack > Antivirus > Summary > Drill-Down
Chapter 7 Network Attack Figure 105 Network Attack > AntiVirus > Summary > Drill-Down Each field is described in the following table. Table 99 Network Attack > AntiVirus > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 220: Top Viruses
Use this report to look at the top viruses by number of occurrences. To look at anti-virus reports, each ZyXEL device must record anti-virus messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Virus is enabled.
Page 221: Figure 106 Network Attack > Antivirus > Top Viruses
Chapter 7 Network Attack Figure 106 Network Attack > AntiVirus > Top Viruses Each field is described in the following table. Table 100 Network Attack > AntiVirus > Top Viruses LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 222: Top Viruses Drill-Down
Chapter 7 Network Attack Table 100 Network Attack > AntiVirus > Top Viruses LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 223: Figure 107 Network Attack > Antivirus > Top Viruses > Drill-Down
Chapter 7 Network Attack Figure 107 Network Attack > AntiVirus > Top Viruses > Drill-Down Each field is described in the following table. Table 101 Network Attack > AntiVirus > Top Viruses > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 224: Top Virus Sources
Use this report to look at the top sources of virus occurrences by number of occurrences. To look at anti-virus reports, each ZyXEL device must record anti-virus messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Virus is enabled.
Page 225: Figure 108 Network Attack > Antivirus > Top Sources
Chapter 7 Network Attack Figure 108 Network Attack > AntiVirus > Top Sources Each field is described in the following table. Table 102 Network Attack > AntiVirus > Top Sources LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 226: Top Virus Sources Drill-Down
Chapter 7 Network Attack Table 102 Network Attack > AntiVirus > Top Sources LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 227: Figure 109 Network Attack > Antivirus > Top Sources > Drill-Down
Chapter 7 Network Attack Figure 109 Network Attack > AntiVirus > Top Sources > Drill-Down Each field is described in the following table. Table 103 Network Attack > AntiVirus > Top Sources > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 228: Top Virus Destinations
Use this report to look at the top destinations of virus occurrences by number of occurrences. To look at anti-virus reports, each ZyXEL device must record anti-virus messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Virus is enabled.
Page 229: Figure 110 Network Attack > Antivirus > Top Destinations
Chapter 7 Network Attack Figure 110 Network Attack > AntiVirus > Top Destinations Each field is described in the following table. Table 104 Network Attack > AntiVirus > Top Destinations LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 230: Top Virus Destinations Drill-Down
Chapter 7 Network Attack Table 104 Network Attack > AntiVirus > Top Destinations LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 231: Figure 111 Network Attack > Antivirus > Top Destinations > Drill-Down
Chapter 7 Network Attack Figure 111 Network Attack > AntiVirus > Top Destinations > Drill-Down Each field is described in the following table. Table 105 Network Attack > AntiVirus > Top Destinations > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 232: Antispam
Click this to return to the main report. 7.4 AntiSpam Use these reports to look at spam messages that were detected by the ZyXEL device’s anti- spam feature. You can also look at the top senders and sources of spam messages.
Page 233: Figure 112 Network Attack > Antispam > Summary
Chapter 7 Network Attack Figure 112 Network Attack > AntiSpam > Summary Each field is described in the following table. Table 106 Network Attack > AntiSpam > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 234: Spam Summary Drill-Down
Chapter 7 Network Attack Table 106 Network Attack > AntiSpam > Summary LABEL DESCRIPTION graph The graph displays the information in the table visually. • Click the pie view or the bar view icon. You can specify the Default Chart Type in System >...
Page 235: Figure 113 Network Attack > Antispam > Summary > Drill-Down
Chapter 7 Network Attack Figure 113 Network Attack > AntiSpam > Summary > Drill-Down Each field is described in the following table. Table 107 Network Attack > AntiSpam > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 236: Top Spam Senders
SMTP servers, there are two entries for the sender, one with each SMTP server. To look at anti-spam reports, each ZyXEL device must record anti-spam messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Spam is enabled.
Page 237: Figure 114 Network Attack > Antispam > Top Senders
Chapter 7 Network Attack Figure 114 Network Attack > AntiSpam > Top Senders Each field is described in the following table. Table 108 Network Attack > AntiSpam > Top Senders LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 238: Top Spam Sources
Use this report to look at the top sources of spam messages by number of messages. To look at anti-spam reports, each ZyXEL device must record anti-spam messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Spam is enabled.
Page 239: Figure 115 Network Attack > Antispam > Top Sources
Chapter 7 Network Attack Click Network Attack > AntiSpam > Top Sources to open this screen. Figure 115 Network Attack > AntiSpam > Top Sources Each field is described in the following table. Table 109 Network Attack > AntiSpam > Top Sources LABEL DESCRIPTION title...
Page 240: Spam Scores
Use this report to look at the scores calculated for spam messages by number of messages. To look at anti-spam reports, each ZyXEL device must record anti-spam messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Spam is enabled.
Page 241: Figure 116 Network Attack > Antispam > By Score
Chapter 7 Network Attack Click Network Attack > AntiSpam > By Score to open this screen. Figure 116 Network Attack > AntiSpam > By Score Each field is described in the following table. Table 110 Network Attack > AntiSpam > By Score LABEL DESCRIPTION title...
Page 242 Chapter 7 Network Attack Table 110 Network Attack > AntiSpam > By Score LABEL DESCRIPTION graph The graph displays the information in the table visually. • Click the pie view or the bar view icon. You can specify the Default Chart Type in System >...
Page 243: Security Policy
To look at firewall access control reports, each ZyXEL device must record blocked packets and users in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Access Control is enabled.
Page 244: Figure 117 Security Policy > Firewall Access Control > Top Users Blocked
Chapter 8 Security Policy Figure 117 Security Policy > Firewall Access Control > Top Users Blocked Each field is described in the following table. Table 111 Security Policy > Firewall Access Control > Top Users Blocked LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 245: Top Packets Blocked
To look at firewall access control reports, each ZyXEL device must record blocked packets and users in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Access Control is enabled.
Page 246: Figure 118 Security Policy > Firewall Access Control > Top Packets Blocked
Chapter 8 Security Policy Click Security Policy > Firewall Access Control > Top Packets Blocked to open this screen. Figure 118 Security Policy > Firewall Access Control > Top Packets Blocked Each field is described in the following table. Table 112 Security Policy > Firewall Access Control > Top Packets Blocked LABEL DESCRIPTION title...
Page 247: Application Access Control
Chapter 8 Security Policy Table 112 Security Policy > Firewall Access Control > Top Packets Blocked LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Page 248: Figure 119 Security Policy > Application Access Control > Top Applications Blocked
To look at application access control reports, each ZyXEL device must record allowed applications and blocked applications and users in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Application Patrol is enabled.
Page 249: Top Users Blocked
To look at security policy reports, each ZyXEL device must record users blocked by the application patrol in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Application Patrol is enabled.
Page 250: Figure 120 Security Policy > Application Access Control > Top Users Blocked
Chapter 8 Security Policy Click Security Policy > Application Access Control > Top Users Blocked to open this screen. Figure 120 Security Policy > Application Access Control > Top Users Blocked Each field is described in the following table. Table 114 Security Policy > Application Access Control > Top Applications Blocked LABEL DESCRIPTION title...
Page 251: Top Applications Allowed
Use this report to look at the applications for which the device allowed the most connections. To look at security policy reports, each ZyXEL device must record forwarded applications in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Application Patrol is enabled.
Page 252: Figure 121 Security Policy > Application Access Control > Top Applications Allowed
Chapter 8 Security Policy Click Security Policy > Application Access Control > Top Applications Allowed to open this screen. Figure 121 Security Policy > Application Access Control > Top Applications Allowed Each field is described in the following table. Table 115 Security Policy > Application Access Control > Top Applications Allowed LABEL DESCRIPTION title...
Page 253: Blocked Web Accesses
Chapter 8 Security Policy Table 115 Security Policy > Application Access Control > Top Applications Allowed LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Page 254: Web Block Summary
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Page 255: Web Block Summary Drill-Down
Chapter 8 Security Policy Table 116 Security Policy > WEB Blocked > Summary LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Page 256: Figure 123 Security Policy > Web Blocked > Summary > Drill-Down
Chapter 8 Security Policy Figure 123 Security Policy > WEB Blocked > Summary > Drill-Down Each field is described in the following table. Table 117 Security Policy > WEB Blocked > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 257: Top Blocked Web Sites
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Page 258: Table 118 Security Policy > Web Blocked > Top Sites
Chapter 8 Security Policy Each field is described in the following table. Table 118 Security Policy > WEB Blocked > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Page 259: Top Blocked Web Sites Drill-Down
Chapter 8 Security Policy 8.3.4 Top Blocked Web Sites Drill-Down Use this report to look at the top sources for any top destination of blocked web traffic. Click on a specific destination in Security Policy > WEB Blocked > Top Sites to open this screen.
Page 260: Top Blocked Web Hosts
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Page 261: Table 120 Security Policy > Web Blocked > Top Hosts
Chapter 8 Security Policy Each field is described in the following table. Table 120 Security Policy > WEB Blocked > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Page 262: Top Blocked Web Hosts Drill-Down
Chapter 8 Security Policy 8.3.6 Top Blocked Web Hosts Drill-Down Use this report to look at the top destinations for any top source of blocked web traffic. Click on a specific source in Security Policy > WEB Blocked > Top Hosts to open this screen.
Page 263: Top Blocked Web Users
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Page 264: Figure 128 Security Policy > Web Blocked > Top Users
Chapter 8 Security Policy Figure 128 Security Policy > WEB Blocked > Top Users Each field is described in the following table. Table 122 Security Policy > WEB Blocked > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 265: Top Blocked Web Users Drill-Down
Chapter 8 Security Policy Table 122 Security Policy > WEB Blocked > Top Users LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Page 266: Figure 129 Security Policy > Web Blocked > Top Users > Drill-Down
Chapter 8 Security Policy Figure 129 Security Policy > WEB Blocked > Top Users > Drill-Down Each field is described in the following table. Table 123 Security Policy > WEB Blocked > Top Users > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 267: Blocked Web Categories
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Page 268: Blocked Web Categories Drill-Down
Chapter 8 Security Policy Each field is described in the following table. Table 124 Security Policy > WEB Blocked > By Category LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Page 269: Figure 131 Security Policy > Web Blocked > By Category > Drill-Down
Chapter 8 Security Policy Figure 131 Security Policy > WEB Blocked > By Category > Drill-Down Each field is described in the following table. Table 125 Security Policy > WEB Blocked > By Category > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 270: Allowed Web Accesses
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Page 271: Web Allowed Summary Drill-Down
Chapter 8 Security Policy Each field is described in the following table. Table 126 Security Policy > WEB Allowed > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Page 272: Figure 133 Security Policy > Web Allowed > Summary > Drill-Down
Chapter 8 Security Policy Click on a specific time interval in Security Policy > WEB Allowed > Summary to open this screen. Figure 133 Security Policy > WEB Allowed > Summary > Drill-Down Each field is described in the following table. Table 127 Security Policy >...
Page 273: Top Allowed Web Sites
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Page 274: Figure 134 Security Policy > Web Allowed > Top Sites
Chapter 8 Security Policy Figure 134 Security Policy > WEB Allowed > Top Sites Each field is described in the following table. Table 128 Security Policy > WEB Allowed > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 275: Top Allowed Web Sites Drill-Down
Chapter 8 Security Policy Table 128 Security Policy > WEB Allowed > Top Sites LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Page 276: Figure 135 Security Policy > Web Allowed > Top Sites > Drill-Down
Chapter 8 Security Policy Figure 135 Security Policy > WEB Allowed > Top Sites > Drill-Down Each field is described in the following table. Table 129 Security Policy > WEB Allowed > Top Sites > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 277: Top Allowed Web Hosts
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Page 278: Table 130 Security Policy > Web Allowed > Top Hosts
Chapter 8 Security Policy Each field is described in the following table. Table 130 Security Policy > WEB Allowed > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Page 279: Top Allowed Web Hosts Drill-Down
Chapter 8 Security Policy 8.4.6 Top Allowed Web Hosts Drill-Down Use this report to look at the top destinations for any top source of forwarded web traffic. Click on a specific source in Security Policy > WEB Allowed > Top Hosts to open this screen.
Page 280: Top Allowed Web Users
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Page 281: Figure 138 Security Policy > Web Allowed > Top Users
Chapter 8 Security Policy Figure 138 Security Policy > WEB Allowed > Top Users Each field is described in the following table. Table 132 Security Policy > WEB Allowed > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 282: Top Allowed Web Users Drill-Down
Chapter 8 Security Policy Table 132 Security Policy > WEB Allowed > Top Users LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Page 283: Figure 139 Security Policy > Web Allowed > Top Users > Drill-Down
Chapter 8 Security Policy Figure 139 Security Policy > WEB Allowed > Top Users > Drill-Down Each field is described in the following table. Table 133 Security Policy > WEB Allowed > Top Users > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 284 Chapter 8 Security Policy Table 133 Security Policy > WEB Allowed > Top Users > Drill-Down LABEL DESCRIPTION Total This entry displays the totals for the destinations above. If the number of destinations of attempts from the selected user is greater than the maximum number of records displayed in this table, this total might be a little lower than the total in the main report.
Page 285: Event, Log Viewer And Schedule Report
Event, Log Viewer and Schedule Report Event (287) Log Viewer (295) Schedule Report (299)
Page 287: Event
H A P T E R Event Use these screens to look at who successfully logged into the ZyXEL device or who tried to log in but failed. 9.1 Successful Logins Use this screen to look at who successfully logged into the ZyXEL device. See Section 2.4 on...
Page 288: Failed Logins
Enter the page number you want to see, and click Go. 9.2 Failed Logins Use this screen to look at who tried to log in into the ZyXEL device (for management or monitoring purposes) but failed. See Section 2.4 on page 35 for more information about the source data used by the report.
Page 289: Figure 141 Event > Login > Failed Login
Report Display Settings screen appears. Time This field displays the time the Vantage Report server received the log entry from the ZyXEL device, not the time the user tried unsuccessfully to log into the device. Login User This field displays who tried unsuccessfully to log into the selected device.
Page 290: Top Sessions Per Host
To use this screen, the ZyXEL device must record instances of hosts exceeding the maximum number of NAT sessions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure System Maintenance is enabled.
Page 291: Table 136 Event > Session Per Host > Top Hosts
Chapter 9 Event Each field is described in the following table. Table 136 Event > Session Per Host > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Page 292: Top Sessions Per User
To use this screen, the ZyXEL device must record instances of users exceeding the maximum number of NAT sessions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure System Maintenance is enabled.
Page 293: Table 137 Event > Session Per Host > Top Users
Chapter 9 Event Each field is described in the following table. Table 137 Event > Session Per Host > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Page 294 Chapter 9 Event Vantage Report User’s Guide...
Page 295: Log Viewer
H A P T E R Log Viewer Use these screens to look at all log entries for the selected ZyXEL device. 10.1 Log Viewer Use this screen to view logs that the devices send to Vantage Report. Click Log Viewer > All Logs to look at all log entries. The screen is shown next. See Section 2.3 on page 34...
Page 296: Figure 144 Log Viewer > All Logs
Chapter 10 Log Viewer Figure 144 Log Viewer > All Logs The fields in the first three rows (and Search and Reset) appear when you open the report. The fields in the next three rows (above Search and Reset) appear if you do not select All Categories in the Category field and select Advanced Search.
Page 297 LABEL DESCRIPTION Category This field depends on the model of the selected ZyXEL device. Select what type of log entries you want to see. You can also select All Categories. Advanced Search This field is disabled if Category is All Categories. Select this if you want to use other search criteria to look at log entries.
Page 298 Chapter 10 Log Viewer Vantage Report User’s Guide...
Page 299: Schedule Report
H A P T E R Schedule Report Use the summary screens to set up and maintain daily, weekly, and one-time reports that Vantage Report sends by e-mail. See Section 2.2 on page 34 for more information about e- mail in Vantage Report. Use the template screens to add and edit report templates. 11.1 Scheduled Report Summary Screen To send scheduled reports by e-mail, you have to enter the SMTP mail server settings.
Page 300: Figure 145 Schedule Report > Summary
Chapter 11 Schedule Report Figure 145 Schedule Report > Summary Each field is described in the following table. Table 139 Schedule Report > Summary LABEL DESCRIPTION Add (Daily Report) Click this to generate and send one or more statistical reports daily. Each report comes from the previous day’s information.
Page 301: Customize Daily Report Screen
Chapter 11 Schedule Report Table 139 Schedule Report > Summary LABEL DESCRIPTION First .. Last Click First, Last, or a specific page number to look at the scheduled reports on that page. Some choices are not available, depending on the number of pages.s Enter the page number you want to see, and click Go.
Page 302: Figure 146 Schedule Report > Summary > Add (Daily Report))
Chapter 11 Schedule Report Figure 146 Schedule Report > Summary > Add (Daily Report)) Vantage Report User’s Guide...
Page 303: Table 140 Schedule Report > Summary > Add (Daily Report)
Chapter 11 Schedule Report Each field is described in the following table. Table 140 Schedule Report > Summary > Add (Daily Report) LABEL DESCRIPTION Destination E-mail Enter the e-mail address(es) to which Vantage Report sends the selected Address report(s). Use a comma to separate each e-mail address. Do not put a space after the comma.
Page 304: Customize Weekly Report Screen
Chapter 11 Schedule Report Table 140 Schedule Report > Summary > Add (Daily Report) LABEL DESCRIPTION E-mail Attached Select this if you want Vantage Report to send the selected report(s) as Files attachment(s). Vantage Report also saves the selected report(s) on the Vantage Report server.
Page 305: Figure 147 Schedule Report > Summary > Add (Weekly Report)
Chapter 11 Schedule Report Figure 147 Schedule Report > Summary > Add (Weekly Report) Vantage Report User’s Guide...
Page 306: Table 141 Schedule Report > Summary > Add (Weekly Report)
Chapter 11 Schedule Report Each field is described in the following table. Table 141 Schedule Report > Summary > Add (Weekly Report) LABEL DESCRIPTION Destination E-mail Enter the e-mail address(es) to which Vantage Report sends the selected Address report(s). Use a comma to separate each e-mail address. Do not put a space after the comma.
Page 307: Customize Overtime Report Screen
Chapter 11 Schedule Report Table 141 Schedule Report > Summary > Add (Weekly Report) LABEL DESCRIPTION E-mail Attached Select this if you want Vantage Report to send the selected report(s) as Files attachment(s). Vantage Report also saves the selected report(s) on the Vantage Report server.
Page 308: Figure 148 Schedule Report > Summary > Add (Overtime Report)
Chapter 11 Schedule Report Figure 148 Schedule Report > Summary > Add (Overtime Report) Vantage Report User’s Guide...
Page 309: Table 142 Schedule Report > Summary > Add (Overtime Report)
Chapter 11 Schedule Report Each field is described in the following table. Table 142 Schedule Report > Summary > Add (Overtime Report) LABEL DESCRIPTION Destination E-mail Enter the e-mail address(es) to which Vantage Report sends the selected Address report(s). Use a comma to separate each e-mail address. Do not put a space after the comma.
Page 310: Template List
Chapter 11 Schedule Report Table 142 Schedule Report > Summary > Add (Overtime Report) LABEL DESCRIPTION E-mail Body Enter the text you want to appear in the main body of the e-mail message Vantage Report sends. The body must be 1-255 printable ASCII characters long.
Page 311: Template Add/Edit
Chapter 11 Schedule Report Figure 149 Schedule Report > Template Each field is described in the following table. Table 143 Schedule Report > Template LABEL DESCRIPTION Select this check box, and click Delete to delete the report template. Index This is the number of this template in the list. This field is a sequential value, and it is not associated with a specific scheduled report.
Page 312: Figure 150 Schedule Report > Template > Add
Chapter 11 Schedule Report Figure 150 Schedule Report > Template > Add Each field is described in the following table. Table 144 Schedule Report > Template > Add LABEL DESCRIPTION Template View This section of the screen displays a sample of the report layout. PDF Template Click this button to view a sample of a report in PDF format.
Page 313 Chapter 11 Schedule Report Table 144 Schedule Report > Template > Add LABEL DESCRIPTION Template Title Enter the title that you want to appear at the top of the reports generated using this template. Use up to 50 ASCII characters. Spaces are allowed. Template Logo Type the location of the file that you want to display as the logo in the report or click Browse ...
Page 314 Chapter 11 Schedule Report Vantage Report User’s Guide...
Page 315: System And Troubleshooting
System and Troubleshooting System (317) Troubleshooting (335)
Page 317: System
H A P T E R System account can use the system screens to root • Maintain global reporting settings, such as how many days of logs to keep and default chart type • Maintain mail server settings • Add, remove, or edit users who can access Vantage Report •...
Page 318: Configuring For Hostname Reverse
IP address in the field. If it does not find the host name, it only displays the IP address. This feature might increase the amount of time it takes to display statistical reports, however. You also need to configure the host computers and ZyXEL device (see Section 12.1.1 on page 318).
Page 319: Figure 152 Windows Xp: Start Menu
• Configure any software firewalls installed on the host computers to allow NetBIOS packets from the Vantage server. • Set the ZyXEL device to allow NetBIOS traffic between interfaces. You need to configure both the individual interface screens (like LAN, WAN, DMZ) and the firewall to allow NetBIOS packets from the Vantage server.
Page 320: Figure 153 Windows Xp: Control Panel
Chapter 12 System Figure 153 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties. Figure 154 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and click Properties.
Page 321: Figure 155 Windows Xp: Local Area Connection Properties
Chapter 12 System Figure 155 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). Click WINS. Figure 156 Windows XP: Advanced TCP/IP Settings: WINS 6 Select the Default NetBIOS setting and click OK. Vantage Report User’s Guide...
Page 322: Server Configuration Screen
Chapter 12 System 7 Click OK to close the Local Area Connection Properties window. 8 Turn on your ZyXEL device and restart your computer (if prompted). 12.2 Server Configuration Screen Only the account can open this screen. root Use the Server Configuration screen to set up mail server and web server configuration for Vantage Report.
Page 323: User Management Screens
Chapter 12 System Table 146 System > Server Configuration LABEL DESCRIPTION Send Test E-mail to Note: You should click Apply before you click Test. Administrator Click this to send a test message from the Vantage Report account to the e- mail address, if any, for the root user account.
Page 324: Add/Edit User Account Screen
Chapter 12 System Table 147 System > User Management LABEL DESCRIPTION Description This field displays the description for the user account. Status This field displays whether or not the user is logged in to Vantage Report. off line - this user is not currently logged in on line - this user is currently logged in Click this to create a new user account.
Page 325: Data Maintenance Screens
Chapter 12 System Table 148 Add/Edit User Account Screen LABEL DESCRIPTION Description Enter the description for the user account. Apply Click this to save your settings and close the screen. Reset Click this to change the settings in this screen to the last-saved values. Cancel Click this to close the screen without saving any changes.
Page 326: Device List Export And Device List Import Screen
Chapter 12 System Each field is described in the following table. Table 149 System > Data Maintenance > Configuration LABEL DESCRIPTION Backup Click this to look at or save the current settings in the General Configuration, Server Configuration, and User Management screens. Vantage Report saves the current settings in XML format.
Page 327: Upgrade Screen
Chapter 12 System 12.5 Upgrade Screen Only the account can open this screen. root Before you use this screen, read the documentation for the new release to make sure you understand the upgrade process. Use this screen to install new releases of Vantage Report. Do not use this screen to upgrade to the full version.
Page 328: Registration Summary Screen
Chapter 12 System Vantage Report uses myZyXEL.com for registration and activation. You have to use the registration screens to log into myZyXEL.com. You cannot log in to myZyXEL.com separately to register or activate Vantage Report. The following information may be required for registration. Table 152 Information for Using an Existing MyZyXEL.com Account If you want to use an existing myZyXEL.com account, you need your ...
Page 329: Registration Screen
Chapter 12 System Table 154 System > Registration LABEL DESCRIPTION Supported Maximum This field appears if you have the full version. Nodes It displays the maximum number of devices Vantage Report can currently support, regardless of the number of licenses you purchase. You can never increase the number of devices in Vantage Report higher than this value, regardless of how many licenses you have.
Page 330: Log Receiver Screens
Chapter 12 System Some fields do not appear if you have already used this screen to log into myZyXEL.com, if you have a myZyXEL.com account, or if you are getting the trial version.The fields are described in the following table. Table 155 Registration Screen LABEL DESCRIPTION...
Page 331: Log Receiver By Day > By Device Screen
Chapter 12 System To access this screen, click System > Log Receiver > By Day(Summary). Figure 165 System > Log Receiver By Day(Summary) All the fields are described in the following table. Table 156 System > Log Receiver By Day(Summary) LABEL DESCRIPTION Time...
Page 332: Log Receiver By Day > By Device > By Category Screen
Chapter 12 System Table 157 System > Log Receiver By Day(Summary) > By Device LABEL DESCRIPTION Log Number This field displays how many logs were received from each device on the day you clicked. % of Log Number This field displays what percent of the day’s total logs came from each device. 12.7.3 Log Receiver By Day >...
Page 333: Log Receiver By Device > By Category Screen
Chapter 12 System Figure 168 System > Log Receiver By Device) All the fields are described in the following table. Table 159 System > Log Receiver By Device LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 334: About Screen
Chapter 12 System Figure 169 System > Log Receiver By Device > By Category All the fields are described in the following table. Table 160 System > Log Receiver By Device > By Category LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the dates you specified in the summary screen and the MAC address of the device that you selected.
Page 335: Troubleshooting
Report server. If the problem continues, contact your local vendor. There is information in some Make sure your ZyXEL devices support these reports. Check the reports, but there is no release notes for the current firmware version. information in others.
Page 336 Chapter 13 Troubleshooting Vantage Report User’s Guide...
Page 337: Appendices And Index
Appendices and Index This part contains the following chapters. • Product Specifications (339) • Setting up Your Computer’s IP Address (345) • ZyNOS Log Descriptions (351) • Open Software Announcements (417) • Legal Information (447) • Customer Support (449) • Index (453)
Page 339: Appendix A Product Specifications
Product Specifications All values are accurate at the time of writing. Table 2 on page 34 for specifications about the time it takes the Vantage Report server to process information from ZyXEL devices. Table 162 Web Configurator Specifications FEATURE SPECIFICATION...
Page 340: Table 166 Vrpt 3.0 Device And Feature Support
Monitor the status of all your ZyXEL devices in one application. You can Logs also look at the logs for all your ZyXEL devices in Vantage Report. In normal operation, this information should be no older than five minutes, worst-case.
Page 341 Appendix A Product Specifications Table 166 VRPT 3.0 Device and Feature Support ZYWALL 3.63 / 3.64 / MENU ITEM 3.62 4.00 1.01 3.40 2.00 3.65 ZYWALL ZYWALL ZYWALL P-662 ZYWALL 2 / 10W 5 / 35 / 70 1050 P-652 5 / 35 / 70 Summary N / A...
Page 342 Appendix A Product Specifications Table 166 VRPT 3.0 Device and Feature Support ZYWALL 3.63 / 3.64 / MENU ITEM 3.62 4.00 1.01 3.40 2.00 3.65 ZYWALL ZYWALL ZYWALL P-662 ZYWALL 2 / 10W 5 / 35 / 70 1050 P-652 5 / 35 / 70 Total Users &...
Page 343 Appendix A Product Specifications Table 166 VRPT 3.0 Device and Feature Support ZYWALL 3.63 / 3.64 / MENU ITEM 3.62 4.00 1.01 3.40 2.00 3.65 ZYWALL ZYWALL ZYWALL P-662 ZYWALL 2 / 10W 5 / 35 / 70 1050 P-652 5 / 35 / 70 Firewall Access...
Page 344 Appendix A Product Specifications Table 166 VRPT 3.0 Device and Feature Support ZYWALL 3.63 / 3.64 / MENU ITEM 3.62 4.00 1.01 3.40 2.00 3.65 ZYWALL ZYWALL ZYWALL P-662 ZYWALL 2 / 10W 5 / 35 / 70 1050 P-652 5 / 35 / 70 Log Viewer All Logs...
Page 345: Appendix B Setting Up Your Computer's Ip Address
P P E N D I X Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/ME/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/ IP on your computer.
Page 346: Figure 171 Windows Xp: Start Menu
Appendix B Setting up Your Computer’s IP Address Figure 171 Windows XP: Start Menu 2 For Windows XP, click Network Connections. For Windows 2000/NT, click Network and Dial-up Connections. Figure 172 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties. Vantage Report User’s Guide...
Page 347: Figure 173 Windows Xp: Control Panel: Network Connections: Properties
Appendix B Setting up Your Computer’s IP Address Figure 173 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and click Properties. Figure 174 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP).
Page 348: Figure 175 Windows Xp: Advanced Tcp/Ip Settings
Appendix B Setting up Your Computer’s IP Address Figure 175 Windows XP: Advanced TCP/IP Settings 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: •...
Page 349: Figure 176 Windows Xp: Internet Protocol (Tcp/Ip) Properties
8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click OK to close the Local Area Connection Properties window. 10 Turn on your ZyXEL device and restart your computer (if prompted). Verifying Settings 1 Click Start, All Programs, Accessories and then Command Prompt.
Page 350 Appendix B Setting up Your Computer’s IP Address Vantage Report User’s Guide...
Page 351: Appendix C Zynos Log Descriptions
P P E N D I X ZyNOS Log Descriptions This appendix provides descriptions of example log messages for ZyNOS-based devices. Log messages vary by device. Table 167 System Maintenance Logs LOG MESSAGE DESCRIPTION The router has adjusted its time based on information from the Time calibration is time server.
Page 352 Appendix C ZyNOS Log Descriptions Table 167 System Maintenance Logs (continued) LOG MESSAGE DESCRIPTION The router was not able to connect to the NTP server. Connect to NTP server fail The router dropped an ICMP packet that was too large. Too large ICMP packet has been dropped An SMT management session has started.
Page 353: Table 168 System Error Logs
Appendix C ZyNOS Log Descriptions Table 168 System Error Logs LOG MESSAGE DESCRIPTION This attempt to create a NAT session exceeds the maximum %s exceeds the max. number of NAT session table entries allowed to be created per number of session per host.
Page 354: Table 170 Tcp Reset Logs
Appendix C ZyNOS Log Descriptions Table 169 Access Control Logs (continued) LOG MESSAGE DESCRIPTION A packet from the WAN (TCP or UDP) matched a cone Firewall allowed a packet that NAT session and the device forwarded it to the LAN. matched a NAT session: [ TCP | UDP ] The firewall allowed access for a packet that matched a...
Page 355: Table 171 Packet Filter Logs
Appendix C ZyNOS Log Descriptions Table 171 Packet Filter Logs LOG MESSAGE DESCRIPTION Attempted access matched a configured filter rule (denoted by [ TCP | UDP | ICMP | IGMP | its set and rule number) and was blocked or forwarded Generic ] packet filter according to the rule.
Page 356: Table 174 Ppp Logs
Appendix C ZyNOS Log Descriptions Table 174 PPP Logs LOG MESSAGE DESCRIPTION The PPP connection’s Link Control Protocol stage has started. ppp:LCP Starting The PPP connection’s Link Control Protocol stage is opening. ppp:LCP Opening The PPP connection’s Challenge Handshake Authentication Protocol stage is ppp:CHAP Opening opening.
Page 357: Table 177 Attack Logs
Appendix C ZyNOS Log Descriptions Table 176 Content Filtering Logs (continued) LOG MESSAGE DESCRIPTION When the content filter is not on according to the time schedule or you didn't select the "Block Matched Web Site” check box, the system forwards the web content. The external content filtering server did not respond within the timeout Waiting content filter period.
Page 358: Table 178 Remote Management Logs
Appendix C ZyNOS Log Descriptions Table 177 Attack Logs (continued) LOG MESSAGE DESCRIPTION The firewall classified an ICMP packet with no source routing entry ip spoofing - no routing as an IP spoofing attack. entry ICMP (type:%d, code:%d) The firewall detected an ICMP vulnerability attack. vulnerability ICMP (type:%d, code:%d) The firewall detected an ICMP traceroute attack.
Page 359: Table 179 Wireless Logs
Appendix C ZyNOS Log Descriptions Table 178 Remote Management Logs LOG MESSAGE DESCRIPTION Attempted use of SNMP service was blocked according Remote Management: SNMP denied to remote management settings. Attempted use of DNS service was blocked according to Remote Management: DNS denied remote management settings.
Page 360: Table 181 Ike Logs
Appendix C ZyNOS Log Descriptions Table 180 IPSec Logs (continued) LOG MESSAGE DESCRIPTION The device received a ping response when checking the specified Rule [%s] receives an VPN tunnel's connectivity. echo reply from peer The device disconnected all IPSec tunnels. Delete all tunnels Table 181 IKE Logs LOG MESSAGE...
Page 361 Appendix C ZyNOS Log Descriptions Table 181 IKE Logs (continued) LOG MESSAGE DESCRIPTION IKE uses ISAKMP to transmit data. Each ISAKMP packet Recv <packet> contains many different types of payloads. All of them show in the LOG. Refer to RFC2408 – ISAKMP for a list of all ISAKMP payload types.
Page 362 Appendix C ZyNOS Log Descriptions Table 181 IKE Logs (continued) LOG MESSAGE DESCRIPTION The router was not able to use extended authentication to XAUTH fail! My name: authenticate the listed username. <Username> The listed rule’s IKE phase 1 negotiation mode did not match Rule[%d] Phase 1 negotiation between the router and the peer.
Page 363: Table 182 Pki Logs
Appendix C ZyNOS Log Descriptions Table 181 IKE Logs (continued) LOG MESSAGE DESCRIPTION The listed rule’s IKE phase 2 did not match between the router Rule [%d] phase 2 mismatch and the peer. The listed rule’s IKE phase 2 key lengths (with the AES Rule [%d] Phase 2 key length encryption algorithm) did not match between the router and mismatch...
Page 364 Appendix C ZyNOS Log Descriptions Table 182 PKI Logs (continued) LOG MESSAGE DESCRIPTION The router received a corrupted certification authority certificate from Failed to decode the the LDAP server whose address and port are recorded in the Source received ca cert field.
Page 365: Table 183 802.1X Logs
Appendix C ZyNOS Log Descriptions CODE DESCRIPTION CRL was not added to the cache. CRL decoding failed. CRL is not currently valid, but in the future. CRL contains duplicate serial numbers. Time interval is not continuous. Time information not available. Database method failed due to timeout.
Page 366: Table 184 Acl Setting Notes
Appendix C ZyNOS Log Descriptions Table 183 802.1X Logs (continued) LOG MESSAGE DESCRIPTION The local user database is operating as the Use Local User Database to authentication server. authenticate user. Use RADIUS to authenticate user. The RADIUS server is operating as the authentication server.
Page 367 Appendix C ZyNOS Log Descriptions Table 185 ICMP Notes (continued) TYPE CODE DESCRIPTION Net unreachable Host unreachable Protocol unreachable Port unreachable A packet that needed fragmentation was dropped because it was set to Don't Fragment (DF) Source route failed Source Quench A gateway may discard internet datagrams if it does not have the buffer space needed to queue the datagrams for output to the next network on the route to the destination network.
Page 368: Table 186 Idp Logs
Appendix C ZyNOS Log Descriptions Table 186 IDP Logs LOG MESSAGE DESCRIPTION The buffer for holding IDP information such as the signature file version The buffer size is was too small to hold any more information. too small! There was a format error in the configuration backup file that someone The format of the attempted to load into the system.
Page 369 Appendix C ZyNOS Log Descriptions Table 187 AV Logs (continued) LOG MESSAGE DESCRIPTION The device detected a virus in a SMTP connection. The format of %s is SMTP Virus infected “ID” Virus ID number, virus name, filename. For example, - %s! ID:30001,CIH.Win95,/game.exe.
Page 370: Table 188 As Logs
Appendix C ZyNOS Log Descriptions Table 187 AV Logs (continued) LOG MESSAGE DESCRIPTION The system blocked scanning files in POP3 connections. POP3 Block. The session is over The format of %s is %FILENAME%. maximun ZIP sessions For example, game.zip." The system destroyed unsupported zip files. Zip file unsupported - %s! Table 188 AS Logs...
Page 371: Table 189 As Directions For Multiple Wan Devices
Appendix C ZyNOS Log Descriptions Table 188 AS Logs (continued) LOG MESSAGE DESCRIPTION Load the anti-spam fixed runtime settings failed. Load the anti-spam fixed runtime settings failed - ret_code:%d Load the anti-spam variable runtime settings Load the anti-spam variable runtime failed.
Page 372: Syslog Logs
Appendix C ZyNOS Log Descriptions 13.1 Syslog Logs There are two types of syslog: event logs and traffic logs. The device generates an event log when a system event occurs, for example, when a user logs in or the device is under attack. The device generates a traffic log when a "session"...
Page 373: Table 192 Rfc-2408 Isakmp Payload Types
Appendix C ZyNOS Log Descriptions Table 191 Syslog Logs (continued) LOG MESSAGE DESCRIPTION This message is sent by the device ("RAS" displays as the Event Log: <Facility*8 + system name if you haven’t configured one) at the time Severity>Mon dd hr:mm:ss when this syslog is generated.
Page 374 Appendix C ZyNOS Log Descriptions Table 192 RFC-2408 ISAKMP Payload Types (continued) LOG DISPLAY PAYLOAD TYPE Notification NOTFY Delete Vendor ID Vantage Report User’s Guide...
Page 375: Appendix D Zywall 1050 Log Descriptions
P P E N D I X ZyWALL 1050 Log Descriptions This appendix provides descriptions of example log messages for the ZyWALL 1050. Table 193 Content Filter Logs LOG MESSAGE DESCRIPTION An administrator turned the content filter on. Content filter has been enabled An administrator turned the content filter off.
Page 376 Appendix D ZyWALL 1050 Log Descriptions Table 195 Blocked Web Site Logs (continued) LOG MESSAGE DESCRIPTION Content filter rating service is temporarily unavailable and access to the %s: Service is web site was blocked due to: unavailable 1. Can't resolve rating server IP (No DNS) 2.
Page 377: Table 196 User Logs
Appendix D ZyWALL 1050 Log Descriptions Table 196 User Logs LOG MESSAGE DESCRIPTION The specified user signed in. %s %s has logged in from %s 1st %s: Administrator|Limited-Admin|User|Ext-User|Guest 2nd %s: username 3rd %s: service name (HTTP/HTTPS, FTP, telnet, SSH, console) NOTE field: %s means username.
Page 378: Table 197 Myzyxel.com Logs
Appendix D ZyWALL 1050 Log Descriptions Table 197 myZyXEL.com Logs LOG MESSAGE DESCRIPTION The device was not able to send a registration message to Send registration MyZyXEL.com. message to MyZyXEL.com server has failed. The device sent packets to the MyZyXEL.com server, but did not Get server response receive a response.
Page 379 Appendix D ZyWALL 1050 Log Descriptions Table 197 myZyXEL.com Logs (continued) LOG MESSAGE DESCRIPTION The service expiration day check failed, this log will append an error Service expiration message returned by the MyZyXEL.com server. check has failed:%s. %s: error message returned by myZyXEL.com server The service expiration day check was successful.
Page 380 Appendix D ZyWALL 1050 Log Descriptions Table 197 myZyXEL.com Logs (continued) LOG MESSAGE DESCRIPTION The device received an incomplete response from the update server Update has failed. and it caused a parsing error for the device. Because of lack must fields.
Page 381 Appendix D ZyWALL 1050 Log Descriptions Table 197 myZyXEL.com Logs (continued) LOG MESSAGE DESCRIPTION The daily check for service expiration failed, an error message returned Expiration daily-check by the MyZyXEL.com server will be appended to this log. has failed:%s. %s: error message returned by myZyXEL.com server The device received an incomplete response to the daily service Do expiration daily- expiration check and the packets caused a parsing error for the device.
Page 382: Table 198 Idp Logs
Appendix D ZyWALL 1050 Log Descriptions Table 197 myZyXEL.com Logs (continued) LOG MESSAGE DESCRIPTION Verification of a server’s certificate failed because there is a self-signed Self signed certificate in the server’s certificate chain. certificate in certificate chain. The device verified a server’s certificate while processing an HTTPS Verify peer connection.
Page 383 Appendix D ZyWALL 1050 Log Descriptions Table 198 IDP Logs (continued) LOG MESSAGE DESCRIPTION IDP service is not registered. IDP service packet inspection feature and IDP service is not signature update will both be deactivated. registered. Packet Inspection feature will not be activated. IDP service trial license is expired.
Page 384 Appendix D ZyWALL 1050 Log Descriptions Table 198 IDP Logs (continued) LOG MESSAGE DESCRIPTION Get custom rule number failed. Get custom signature number error. Custom signature adding failed. Rule content length is too long. Add custom signature error: signature <sid> is over length.
Page 385: Table 199 Application Patrol Logs
Appendix D ZyWALL 1050 Log Descriptions Table 198 IDP Logs (continued) LOG MESSAGE DESCRIPTION IDP signature update failed. Extract signature package to /tmp/sig IDP sigature update failed. failed. Fail to extract temporary file. IDP signature update failed. Sig_check_update check failed. IDP signature update failed.
Page 386 Appendix D ZyWALL 1050 Log Descriptions Table 199 Application Patrol Logs (continued) LOG MESSAGE DESCRIPTION Application patrol daemon (process) failed to unlock shared memory. System fatal error: 60018004. Error generating application patrol semaphore key. System fatal error: 60018005. Application patrol daemon (process) fails to create share memory. System fatal error: 60018006.
Page 387: Table 200 Ike Logs
Appendix D ZyWALL 1050 Log Descriptions Table 199 Application Patrol Logs (continued) LOG MESSAGE DESCRIPTION Deactivation of application patrol has succeeded. Deactivate App Patrol has succeeded. Initialization application patrol has succeeded. Initialize App. Patrol has succeeded. Packets logging. 1st %s: Protocol Name, 2nd %s: Category Name, 3rd App Patrol Name=%s %s: Default Rule or Exception Rule, 1st %d: Rule Index, 4th %s: TCP Type=%s %s=%d...
Page 388 Appendix D ZyWALL 1050 Log Descriptions Table 200 IKE Logs (continued) LOG MESSAGE DESCRIPTION %s is the tunnel name. When negotiating Phase-2 and checking IPsec [ID] : Tunnel [%s] SAs or the ID is IPv6 ID. Phase 2 Remote ID mismatch %s is the tunnel name.
Page 389 Appendix D ZyWALL 1050 Log Descriptions Table 200 IKE Logs (continued) LOG MESSAGE DESCRIPTION %s is the tunnel name. When negotiating Phase-2, the SA protocol did [SA] : Tunnel [%s] not match. Phase 2 SA protocol mismatch %s is the tunnel name. When negotiating Phase-2, the SA sequence [SA] : Tunnel [%s] SA size did not match.
Page 390 Appendix D ZyWALL 1050 Log Descriptions Table 200 IKE Logs (continued) LOG MESSAGE DESCRIPTION %s:%s is peer IP:Port. The device sent a DPD response sent to the Send DPD response to peer. "%s:%s" This is a combined message for outgoing IKE packets. Send:[ID]%s[SA]%s[KE]% s[ID]%s[CERT]%s[CR]%s[ HASH]%s[SIG]%s[NONCE]%...
Page 391: Table 201 Ipsec Logs
Appendix D ZyWALL 1050 Log Descriptions Table 200 IKE Logs (continued) LOG MESSAGE DESCRIPTION The variables represent the phase 1 name, tunnel name, old SPI, new Tunnel SPI and the xauth name (optional). The tunnel was rekeyed [%s:%s:0x%x:0x%x:%s] successfully. rekeyed successfully The variables represent the phase 1 name and tunnel name.
Page 392: Table 202 Firewall Logs
Appendix D ZyWALL 1050 Log Descriptions Table 201 IPSec Logs (continued) LOG MESSAGE DESCRIPTION %s is the VPN connection name. An administrator disabled the VPN VPN connection %s was connection. disabled. %s is the VPN connection name. An administrator enabled the VPN VPN connection %s was connection.
Page 393: Table 203 Sessions Limit Logs
Appendix D ZyWALL 1050 Log Descriptions Table 203 Sessions Limit Logs LOG MESSAGE DESCRIPTION %d is maximum sessions per host. Maximum sessions per host (%d) was exceeded. Table 204 Policy Route Logs LOG MESSAGE DESCRIPTION Policy routing can't activate BWM feature. Cann't open bwm_entries Policy routing can't detect link up/down status.
Page 394: Table 205 Built-In Services Logs
Appendix D ZyWALL 1050 Log Descriptions Table 204 Policy Route Logs (continued) LOG MESSAGE DESCRIPTION Rule is moved. Policy-route rule %d was moved to %d. 1st %d: the original policy route rule number 2nd %d: the new policy route rule number Rule is deleted.
Page 395 Appendix D ZyWALL 1050 Log Descriptions Table 205 Built-in Services Logs (continued) LOG MESSAGE DESCRIPTION An administrator assigned a nonexistent certificate to FTP. FTP certificate:%s does not exist. %s is certificate name assigned by user An administrator changed the port number for FTP. FTP port has been changed to port %s.
Page 396 Appendix D ZyWALL 1050 Log Descriptions Table 205 Built-in Services Logs (continued) LOG MESSAGE DESCRIPTION An administrator inserted a new rule. DNS access control rule %u has been %u is rule number inserted. An administrator appended a new rule. DNS access control rule %u has been %u is rule number appended...
Page 397: Table 206 System Logs
Appendix D ZyWALL 1050 Log Descriptions Table 205 Built-in Services Logs (continued) LOG MESSAGE DESCRIPTION A new built-in service access control rule was appended. Access control rule %u of %s was appended. %u is the index of the access control rule. %s is HTTP/HTTPS/SSH/SNMP/FTP/TELNET.
Page 398 Appendix D ZyWALL 1050 Log Descriptions Table 206 System Logs (continued) LOG MESSAGE DESCRIPTION A packet was received but it is not an ARP response packet. Received packet is not an ARP response packet The device received an ARP response. Receive an ARP response The device received an ARP response from the listed source.
Page 399 Appendix D ZyWALL 1050 Log Descriptions Table 206 System Logs (continued) LOG MESSAGE DESCRIPTION Update profile failed because the response was strange, %s is the Update the profile %s profile name. has failed because of strange server response. Update profile succeeded, because the IP address of profile is Update the profile %s unchanged, %s is the profile name.
Page 400 Appendix D ZyWALL 1050 Log Descriptions Table 206 System Logs (continued) LOG MESSAGE DESCRIPTION Update profile failed, and show the response message, 1st %s is the Update the profile %s profile name, 2nd %s is the reason. has failed because %s. Update profile failed because unknown error.
Page 401: Table 207 Connectivity Check Logs
Appendix D ZyWALL 1050 Log Descriptions Table 206 System Logs (continued) LOG MESSAGE DESCRIPTION DDNS profile cannot be updated for HA IP address because HA iface is Update the profile %s PPP and not connected, %s is the profile name. has failed because the HA interface was not connected.
Page 402 Appendix D ZyWALL 1050 Log Descriptions Table 207 Connectivity Check Logs (continued) LOG MESSAGE DESCRIPTION The connectivity check process can't get the gateway IP address for Can't get gateway IP the specified interface. of %s interface %s: interface name The connectivity check process can't get memory from OS. Can't alloc memory The connectivity check process can't load module for check link-status.
Page 403: Table 208 Device Ha Logs
Appendix D ZyWALL 1050 Log Descriptions Table 208 Device HA Logs LOG MESSAGE DESCRIPTION An VRRP group has been created, %s: the name of VRRP group. Device HA VRRP Group %s has been added. An VRRP group has been modified, %s: the name of VRRP group. Device HA VRRP group %s has been modified.
Page 404 Appendix D ZyWALL 1050 Log Descriptions Table 208 Device HA Logs (continued) LOG MESSAGE DESCRIPTION The firmware version on the Backup cannot be resolved to check if it is Backup firmware the same as on the Master. A Backup device only synchronizes from version can not be the Master if the Master and the Backup have the same firmware recognized.
Page 405: Table 209 Routing Protocol Logs
Appendix D ZyWALL 1050 Log Descriptions Table 208 Device HA Logs (continued) LOG MESSAGE DESCRIPTION Master configuration file does not exist. Skip updating ZySH Startup Configuration. 1st %s: error string, 2ed %s: the syncing object System internal error: %s. Skip updating %s. Master configuration file is empty.
Page 406 Appendix D ZyWALL 1050 Log Descriptions Table 209 Routing Protocol Logs (continued) LOG MESSAGE DESCRIPTION RIP global version has been changed to version 1 or 2. RIP global version has been changed to %s. RIP redistribute OSPF routes has been enabled. RIP redistribute OSPF routes has been enabled.
Page 407: Table 210 Nat Logs
Appendix D ZyWALL 1050 Log Descriptions Table 209 Routing Protocol Logs (continued) LOG MESSAGE DESCRIPTION RIP v2-broadcast on interface %s has been disabled. %s: Interface RIP v2-broadcast on Name interface %s has been disabled. Device-HA is currently running on the interface %s, so all the local OSPF on interface %s service have to be stopped including OSPF.
Page 408: Table 211 Pki Logs
Appendix D ZyWALL 1050 Log Descriptions Table 210 NAT Logs (continued) LOG MESSAGE DESCRIPTION Extra FTP ALG port has been changed. Extra signal port of FTP ALG has been modified. Default FTP ALG port has been changed. Signal port of FTP ALG has been modified.
Page 409 Appendix D ZyWALL 1050 Log Descriptions Table 211 PKI Logs (continued) LOG MESSAGE DESCRIPTION The router created a certificate request with the specified name. Generate certifiate request "%s" successfully The router was not able to create a certificate request with the specified Generate certifiate name.
Page 410 Appendix D ZyWALL 1050 Log Descriptions Table 211 PKI Logs (continued) LOG MESSAGE DESCRIPTION The device imported a PKCS#7 format certificate into Trusted Import PKCS#7 Certificates. %s is the certificate request name. certificate "%s" into "Trusted Certificate" successfully The device was not able to decode an imported certificate. %s is Decode imported certificate the request name certificate "%s"...
Page 411: Table 212 Interface Logs
Appendix D ZyWALL 1050 Log Descriptions CODE DESCRIPTION Certificate was not valid in the time interval. (Not used) Certificate is not valid. Certificate signature was not verified correctly. Certificate was revoked by a CRL. Certificate was not added to the cache. Certificate decoding failed.
Page 412 Appendix D ZyWALL 1050 Log Descriptions Table 212 Interface Logs (continued) LOG MESSAGE DESCRIPTION A user tried to dial the AUX interface, but the AUX interface does not Please type phone have a phone number set. number of interface AUX first then dial again.
Page 413 Appendix D ZyWALL 1050 Log Descriptions Table 212 Interface Logs (continued) LOG MESSAGE DESCRIPTION Port statistics log. This log will be sent to the VRPT server. name=%s,status=%s,TxPk ts=%u, 1st %s: physical port name, 2nd %s: physical port status, 1st %u: physical port Tx packets, 2nd %u: physical port Rx packets, 3rd %u: RxPkts=%u,Colli.=%u,Tx physical port packets collisions, 4th %u: physical port Tx Bytes/s, 5th...
Page 414: Table 213 Account Logs
Appendix D ZyWALL 1050 Log Descriptions Table 213 Account Logs LOG MESSAGE DESCRIPTION Account %s %s has been A user deleted an ISP account profile. deleted. 1st %s: profile type, 2nd %se: profile name. Account %s %s has been A user changed an ISP account profile’s options. changed.
Page 415: Table 216 File Manager Logs
Appendix D ZyWALL 1050 Log Descriptions Table 216 File Manager Logs LOG MESSAGE DESCRIPTION Apply configuration failed, this log will be what CLI command is and ERROR:#%s, %s what error message is. 1st %s is CLI command. 2nd %s is error message when apply CLI command. Apply configuration failed, this log will be what CLI command is and WARNING:#%s, %s what warning message is.
Page 416 Appendix D ZyWALL 1050 Log Descriptions Vantage Report User’s Guide...
Page 417: Appendix E Open Software Announcements
No part may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, except the express written permission of ZyXEL Communications Corporation. This Product includes MySQL and Anomic under GNU GENERAL PUBLIC LICENSE GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc.
Page 418 Appendix E Open Software Announcements For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code.
Page 419 Appendix E Open Software Announcements 2.You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a.
Page 420 Appendix E Open Software Announcements b.Accompany it with a written offer, valid for at least three years, to give any third-party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange;...
Page 421 Appendix E Open Software Announcements 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License.
Page 422 Appendix E Open Software Announcements 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this.
Page 423 Appendix E Open Software Announcements This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;...
Page 424 Appendix E Open Software Announcements applications with the library. If this is what you want to do, use the GNU Library General Public License instead of this License. This product includes Hibemate and Ifreechart under GNU LESSER GENERAL PUBLIC LICENSE GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc.
Page 425 Appendix E Open Software Announcements We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library.
Page 426 Appendix E Open Software Announcements Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow.
Page 427 Appendix E Open Software Announcements 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty;...
Page 428 Appendix E Open Software Announcements Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library.
Page 429 Appendix E Open Software Announcements When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not.
Page 430 Appendix E Open Software Announcements c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution.
Page 431 Appendix E Open Software Announcements 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it.
Page 432 Appendix E Open Software Announcements 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number.
Page 433 Appendix E Open Software Announcements If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License).
Page 434 Appendix E Open Software Announcements Sun Microsystems, Inc. Binary Code License Agreement for the JAVA 2 PLATFORM STANDARD EDITION DEVELOPMENT KIT 5.0 SUN MICROSYSTEMS, INC. ("SUN") IS WILLING TO LICENSE THE SOFTWARE IDENTIFIED BELOW TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS BINARY CODE LICENSE AGREEMENT AND SUPPLEMENTAL LICENSE TERMS (COLLECTIVELY "AGREEMENT").
Page 435 Appendix E Open Software Announcements entire liability under this limited warranty will be at Sun's option to replace Software media or refund the fee paid for Software. Any implied warranties on the Software are limited to 90 days. Some states do not allow limitations on duration of an implied warranty, so the above may not apply to you.
Page 436 Appendix E Open Software Announcements 10. U.S. GOVERNMENT RESTRICTED RIGHTS. If Software is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Software and accompanying documentation will be only as set forth in this Agreement;...
Page 437 Appendix E Open Software Announcements software intended to replace any component(s) of the Software, (iv) you do not remove or alter any proprietary legends or notices contained in the Software, (v) you only distribute the Software subject to a license agreement that protects Sun's interests consistent with the terms contained in this Agreement, and (vi) you agree to defend and indemnify Sun and its licensors from and against any damages, costs, liabilities, settlement amounts and/or expenses (including attorneys' fees) incurred in connection with any claim, lawsuit or action by any...
Page 438 Appendix E Open Software Announcements J2SE, and all trademarks and logos based on Java are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. This information must be placed on the Media label in such a manner as to only apply to the Sun Software; (vi) You must clearly identify the Software as Sun's product on the Media holder or Media label, and you may not state or imply that Sun is responsible for any third-party software contained on the Media;...
Page 439 Appendix E Open Software Announcements All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Page 440 Appendix E Open Software Announcements "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.
Page 441 Appendix E Open Software Announcements 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty- free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form.
Page 442 Appendix E Open Software Announcements statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License.
Page 443 License Agreement remains in full force and effect. Ownership of the Software, Documentation and all intellectual property rights therein shall remain at all times with ZyXEL. Any other use of the Software by any other entity is strictly forbidden and is a violation of this License Agreement.
Page 444 DAYS FROM THE DATE OF PURCHASE OF THE SOFTWARE, AND NO WARRANTIES SHALL APPLY AFTER THAT PERIOD. 7.Limitation of Liability IN NO EVENT WILL ZyXEL BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY INCIDENTAL OR CONSEQUENTIAL DAMAGES (INCLUDING, WITHOUT LIMITATION, INDIRECT, SPECIAL, PUNITIVE, OR EXEMPLARY DAMAGES FOR...
Page 445 This License Agreement is effective until it is terminated. You may terminate this License Agreement at any time by destroying or returning to ZyXEL all copies of the Software and Documentation in your possession or under your control. ZyXEL may terminate this License Agreement for any reason, including, but not limited to, if ZyXEL finds that you have violated any of the terms of this License Agreement.
Page 446 Software and Documentation shall not be assigned by you without the prior written consent of ZyXEL. Any waiver or modification of this License Agreement shall only be effective if it is in writing and signed by both parties hereto. If any part of this License...
Page 447: Appendix F Legal Information
417. Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others. ZyXEL further reserves the right to make changes in any products described herein without notice.
Page 448 Appendix F Legal Information CUSTOMER REMEDIES. ZyXEL's and its suppliers' entire liability and your exclusive remedy shall be, at ZyXEL's option, either (a) return of the price paid, if any, or (b) repair or replacement of the SOFTWARE that does not meet ZyXEL's Limited Warranty and which is returned to ZyXEL with a copy of your receipt.
Page 449: Appendix G Customer Support
• Telephone: +506-2017878 • Fax: +506-2015098 • Web Site: www.zyxel.co.cr • FTP Site: ftp.zyxel.co.cr • Regular Mail: ZyXEL Costa Rica, Plaza Roble Escazú, Etapa El Patio, Tercer Piso, San José, Costa Rica Czech Republic • E-mail: info@cz.zyxel.com • Telephone: +420-241-091-350 •...
Page 450 • E-mail: info@zyxel.fr • Telephone: +33-4-72-52-97-97 • Fax: +33-4-72-52-19-20 • Web Site: www.zyxel.fr • Regular Mail: ZyXEL France, 1 rue des Vergers, Bat. 1 / C, 69760 Limonest, France Germany • Support E-mail: support@zyxel.de • Sales E-mail: sales@zyxel.de • Telephone: +49-2405-6909-0 •...
Page 451 • Sales E-mail: sales@zyxel.com • Telephone: +1-800-255-4101, +1-714-632-0882 • Fax: +1-714-632-0858 • Web Site: www.us.zyxel.com • FTP Site: ftp.us.zyxel.com • Regular Mail: ZyXEL Communications Inc., 1130 N. Miller St., Anaheim, CA 92806- 2001, U.S.A. Norway • Support E-mail: support@zyxel.no • Sales E-mail: sales@zyxel.no •...
Page 452 Appendix G Customer Support • Web Site: www.zyxel.es • Regular Mail: ZyXEL Communications, Arte, 21 5ª planta, 28033 Madrid, Spain Sweden • Support E-mail: support@zyxel.se • Sales E-mail: sales@zyxel.se • Telephone: +46-31-744-7700 • Fax: +46-31-744-7701 • Web Site: www.zyxel.se • Regular Mail: ZyXEL Communications A/S, Sjöporten 4, 41764 Göteborg, Sweden Ukraine •...
Page 453: Index
Index Index general restore screens about icon SMTP mail server Add Device screen users additional ZyXEL device configuration contact information allowed web access 35, 270 copyright anti-spam customer support monitors customized report templates source data 35, 36 customized service field...
Page 454 31, 295 how used log settings requirements failed login log viewer source data 35, 36 regular log entries. See regular log viewer. ZyXEL device configuration 35, 36 Login screen features logout icon firmware low free disk mark platform versions...
Page 455 35, 36 table ZyXEL device configuration 35, 36 title related documentation typical layout report templates VPN traffic web allowed report window 39, 52 web blocked...
Page 456 Index setting e-mail in port number successful login processing time source data 35, 36 source data ZyXEL device configuration 35, 36 starting syntax conventions stopping system notification time in low free disk mark setting Vantage Report users. See users. versions...
Page 457 Index ZyNOS ZyWALL 1050 126, 340 ZyXEL device 41, 42, 326 configuration device type setting 43, 52 edit basic information feature support import in typical application MAC setting 43, 52 move remove search for select source data. See source data.
Page 458 Index Vantage Report User’s Guide...

This manual is also suitable for:

Vantage report

ZyXEL Communications VANTAGE REPORT - V3.0 User Manual

Chapter 1 Introducing Vantage Report

Chapter 2 The Vantage Report Server

Chapter 3 The Web Configurator

Chapter 4 Monitor

Chapter 5 Traffic

Chapter 6 VPN

Chapter 7 Network Attack

Quick Links

Troubleshooting

Related Manuals for ZyXEL Communications VANTAGE REPORT - V3.0

Summary of Contents for ZyXEL Communications VANTAGE REPORT - V3.0