Embedded web help for descriptions of individual screens and supplementary information. • ZyXEL Glossary and Web Site Please refer to www.zyxel.com for an online glossary of networking terms and additional support documentation. User Guide Feedback Help us help you. Send all User Guide-related comments, questions or suggestions for improvement to the following address, or use e-mail instead.
Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. Warnings tell you about things that could harm you or your device. Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations.
2.1 Starting and Stopping the Vantage Report Server ............... 33 2.2 E-Mail in the Vantage Report Server ................... 34 2.3 Time in the Vantage Report Server ..................34 2.4 ZyXEL Device Configuration and Source Data ..............35 Chapter 3 The Web Configurator ......................37 3.1 Web Configurator Requirements ..................
Page 11
Table of Contents 5.4.5 Top Mail Users ......................122 5.4.6 Top Mail Users Drill-Down ..................124 5.5 Other Traffic ........................126 5.5.1 Platform Selection ....................126 5.5.2 Service Settings ...................... 126 5.5.3 Top Destinations of Other Traffic ................127 5.5.4 Top Destinations of Other Traffic Drill-Down ............129 5.5.5 Top Sources of Other Traffic ..................
Page 12
Table of Contents Part III: Network Attack and Security Policy........183 Chapter 7 Network Attack........................185 7.1 Attack ..........................185 7.1.1 Attack Summary ....................... 185 7.1.2 Attack Summary Drill-Down ..................187 7.1.3 Top Attacks ....................... 189 7.1.4 Top Attacks Drill-Down ..................... 191 7.1.5 Top Attack Sources ....................
Page 13
Table of Contents 8.1.1 Top Users Blocked ....................243 8.1.2 Top Packets Blocked ....................245 8.2 Application Access Control ....................247 8.2.1 Top Applications Blocked ..................247 8.2.2 Top Users Blocked ....................249 8.2.3 Top Applications Allowed ..................251 8.3 Blocked Web Accesses ..................... 253 8.3.1 Web Block Summary ....................
Page 14
Table of Contents 11.1 Scheduled Report Summary Screen ................299 11.2 Customize Daily Report Screen ..................301 11.3 Customize Weekly Report Screen ................... 304 11.4 Customize Overtime Report Screen ................307 11.5 Template List ........................310 11.6 Template Add/Edit ......................311 Part V: System and Troubleshooting ..........
Page 15
Table of Contents 13.1 Syslog Logs ........................372 Appendix D ZyWALL 1050 Log Descriptions ............... 375 Appendix E Open Software Announcements ............... 417 Appendix F Legal Information ....................447 Appendix G Customer Support .................... 449 Index............................453 Vantage Report User’s Guide...
Page 16
Table of Contents Vantage Report User’s Guide...
Page 20
List of Figures Figure 125 Security Policy > WEB Blocked > Top Sites > Drill-Down ..........259 Figure 126 Security Policy > WEB Blocked > Top Hosts ..............260 Figure 127 Security Policy > WEB Blocked > Top Hosts > Drill-Down ..........262 Figure 128 Security Policy >...
Page 21
List of Figures Figure 168 System > Log Receiver By Device) ..................333 Figure 169 System > Log Receiver By Device > By Category ............. 334 Figure 170 System > About ........................334 Figure 171 Windows XP: Start Menu ....................346 Figure 172 Windows XP: Control Panel ....................
Page 22
List of Figures Vantage Report User’s Guide...
Table 1 Differences Between Basic Version and Full Version ............... 32 Table 2 Processing Times by Menu Item ....................34 Table 3 ZyNOS-based ZyXEL Device Configuration Requirements by Menu Item ....... 35 Table 4 ZyWALL 1050 Configuration Requirements by Menu Item ............36 Table 5 Title Bar .............................
Page 24
List of Tables Table 39 Traffic > FTP > Top Hosts ..................... 109 Table 40 Traffic > FTP > Top Hosts > Drill-Down ..................111 Table 41 Traffic > FTP > Top Users ......................112 Table 42 Traffic > FTP > Top Hosts > Drill-Down ..................114 Table 43 Traffic >...
Page 25
List of Tables Table 82 Network Attack > Attack > Top Attacks ................. 190 Table 83 Network Attack > Attack > Top Attacks > Drill-Down ............192 Table 84 Network Attack > Attack > Top Sources ................194 Table 85 Network Attack > Attack > Top Sources > Drill-Down ............196 Table 86 Network Attack >...
Page 26
List of Tables Table 125 Security Policy > WEB Blocked > By Category > Drill-Down ..........269 Table 126 Security Policy > WEB Allowed > Summary ............... 271 Table 127 Security Policy > WEB Allowed > Summary > Drill-Down ..........272 Table 128 Security Policy >...
In this example, you use the web configurator (A) to set up the Vantage Report server (B). You also configure the ZyXEL devices (C) to send their logs and traffic statistics to the Vantage Report Server. The Vantage Report server collects this information. Then, you can •...
Chapter 1 Introducing Vantage Report This User’s Guide discusses the features in the full version. The following table shows some of the differences between the basic and full version. Table 1 Differences Between Basic Version and Full Version FEATURE BASIC FULL Number of supported devices up to 100...
H A P T E R The Vantage Report Server This chapter explains several characteristics of the Vantage Report server. 2.1 Starting and Stopping the Vantage Report Server Make sure the port Vantage Report uses for web services is not used by other applications, especially web servers.
• In Vantage Report, clock time is the time the Vantage Report server receives information (log entries or traffic statistics) from the ZyXEL devices, not the time the device puts in the entry. As soon as the Vantage Report server receives information, it replaces device times with the current time in the Vantage Report server.
* - The names of categories may be different for different devices. Use the category that is appropriate for each device. ** - The log viewers display whatever log entries the ZyXEL devices record, including log entries that may not be used in other reports.
* - The names of categories may be different for different devices. Use the category that is appropriate for each device. *** - The log viewers display whatever log entries the ZyXEL devices record, including log entries that may not be used in other reports.
H A P T E R The Web Configurator This chapter provides the minimum requirements to use the web configurator, describes how to access the web configurator, and explains each part of the main screen in the web configurator. 3.1 Web Configurator Requirements The web configurator is a browser-based interface that you can use to set up, manage, and use Vantage Report.
Chapter 3 The Web Configurator Figure 2 Web Configurator Login Screen If you forget your password, enter your user name, and click Forget Password?. Vantage Report sends your password to the e-mail address (if any) for your User Name. See Section 2.2 on page 34 for more information about e-mail in Vantage Report and...
(C), and the report window (D). The title bar provides some icons that are useful anytime. The device window displays and organizes the ZyXEL devices that can provide information to Vantage Report. The function window lists the reports you can generate and organizes these reports into categories.
Chapter 3 The Web Configurator 3.3 Title Bar The title bar has three icons. These icons are explained in the table below. Table 5 Title Bar ICON DESCRIPTION The help icon opens the help page for the current screen in Vantage Report. The about icon opens a screen with the version of Vantage Report.
Chapter 3 The Web Configurator Figure 4 Device Window Each numbered section above is described in the following table. Table 6 Device Window SECTION DESCRIPTION To add a device to Vantage Report, • right click on root, and select Add Device. The Add Device screen appears in the device window.
Chapter 3 The Web Configurator Table 6 Device Window SECTION DESCRIPTION To move a device in the device window tree • right-click on the device, and select Cut it. Then right-click the destination folder and select Paste to. To select which device is included in a report •...
Chapter 3 The Web Configurator Each field is explained in the following table. Table 7 Add/Edit Device and Add/Edit Folder Screen Fields LABEL DESCRIPTION Name Enter the name of the device or folder you want to add to Vantage Report. The device name can consist of alphanumeric characters, underscores( ), periods(.), or dashes(-), and it must be 1-28 characters long.
The dashboard gives a quick top level summary of activity across devices. The dashboard is available with the full version of Vantage Report. Monitor Use monitors to check the status of ZyXEL devices. Bandwidth Use this report to monitor the total amount of traffic handled by the selected device.
Page 45
LEVEL 3 FUNCTION Traffic Use these reports to look at how much traffic was handled by ZyXEL devices or who used the most bandwidth in a ZyXEL device. You can also look at traffic in various directions. Bandwidth Summary Use this report to look at the amount of traffic handled by the selected device by time interval.
Page 46
Chapter 3 The Web Configurator Table 8 Function Window LEVEL 1/2 LEVEL 3 FUNCTION Customization Customization Use the Service Settings screen to add, edit, or remove services whose traffic you can view in the other Service > Customization reports. Top Destinations Use this report to look at the top destinations of traffic for other services.
Page 47
Use these reports to look at intrusion signatures, types of intrusions, severity of intrusions, and the top sources and destinations of intrusions that are logged on the selected ZyXEL device. Summary Use this report to look at the number of intrusions by time interval. You can also use this report to look at the top intrusion signatures in a specific time interval.
Page 48
LEVEL 1/2 LEVEL 3 FUNCTION AntiVirus Use these reports to look at viruses that were detected by the ZyXEL device’s anti-virus feature. Summary Use this report to look at the number of virus occurrences by time interval. You can also use this report to look at the top viruses in a specific time interval.
Page 49
Successful Login Use this screen to look at who successfully logged into the ZyXEL device (for management or monitoring purposes). Failed Login Use this screen to look at who tried to log in into the ZyXEL device (for management or monitoring purposes) but failed. Session Per A device can limit a user’s maximum number of NAT sessions.
Page 50
Chapter 3 The Web Configurator Table 8 Function Window LEVEL 1/2 LEVEL 3 FUNCTION Template Use these screens to add and edit report templates. System root account can use all of the following screens. Other users can use the About screen and some features in User Management. General Use this screen to maintain global reporting settings, such as how many Configuration...
Chapter 3 The Web Configurator Table 9 Function differences for Basic and Full Versions FEATURE BASIC FULL NOTES Bandwidth Report by Direction Incoming Outgoing LAN-WAN LAN-DMZ LAN-LAN WAN-WAN WAN-DMZ WAN-LAN DMZ-WAN DMZ-DMZ DMZ-LAN Traffic > Bandwidth Bandwidth monitor is available for basic version.
Chapter 3 The Web Configurator Figure 8 Function Window Right-Click Menu Click About Macromedia Flash Player 8... to get information about the current version of Flash. 3.6 Report Window The report window displays the monitor, statistical report, or screen that you select in the device window and the function window.
Chapter 3 The Web Configurator Each numbered section above is described in the following table. Table 11 Typical Monitor Features SECTION DESCRIPTION Device Name, MAC: These fields are the same ones you entered when you added the device. (See Section 3.4 on page 40.) Print icon: Click this icon to print the current screen.
Chapter 3 The Web Configurator Figure 13 Typical Statistical Report Layout Each numbered section above is described in the following table. Table 12 Typical Statistical Report Features SECTION DESCRIPTION Device Name, MAC: These fields are the same ones you entered when you added the device.
Chapter 3 The Web Configurator Table 12 Typical Statistical Report Features SECTION DESCRIPTION Last Days, Settings: Use one of these fields to specify what historical information is included in the report. • Select how many days, ending (and including) today, in the Last Days drop-down list. •...
Chapter 3 The Web Configurator Figure 15 View Logs Each field is described in the following table. Table 13 View Logs LABEL DESCRIPTION Time This field displays the time the Vantage Report server received the log entry, not the time the log entry was generated. Source:Port This field displays the source IP address and port (if any) of the event that generated the entry.
Chapter 3 The Web Configurator The dashboard looks like this before you configure it. Figure 16 Dashboard Initial View The following screen appears after you click the “here” link. Figure 17 Dashboard Configure Vantage Report User’s Guide...
Select devices and then the monitor or summary to display for each. You can select the same device in more that one section of the dashboard. Not every ZyXEL device supports every report. Only select a monitor or summary that the device supports.
Chapter 3 The Web Configurator The following table describes the dashboard icons. See the other sections in this user’s guide for details on the monitors and summaries. Table 14 Dashboard ICON DESCRIPTION The setting icon returns you to the dashboard configuration screen. The print icon prints the dashboard screen.
Page 62
Chapter 3 The Web Configurator Vantage Report User’s Guide...
H A P T E R Monitor Use monitors to check the status of ZyXEL devices. See Section 2.3 on page 34 for a related discussion about time. 4.1 Bandwidth Monitor Use this report to monitor the total amount of traffic handled by the selected device.
Chapter 4 Monitor Table 15 Monitor > Bandwidth LABEL DESCRIPTION Port This field displays when you select Port in the Type field. Select the physical interface for which you want to view bandwidth usage. This field is not available with all models. Interface This field displays when you select Interface in the Type field.
Chapter 4 Monitor Figure 21 Monitor > Service Each field is described in the following table. Table 16 Monitor > Service LABEL DESCRIPTION title This field displays the title of the monitor. It does not include the service you select in the Service Type field. Service Type Select the service whose traffic you want to look at.
Chapter 4 Monitor 4.3 Attack Monitor Use this report to monitor the number of Denial-of-Service (DoS) attacks detected by the selected device’s firewall. Click Monitor > Attack to open this screen. Figure 22 Monitor > Attack Each field is described in the following table. Table 17 Monitor >...
Chapter 4 Monitor Click Monitor > Intrusion to open this screen. Figure 23 Monitor > Intrusion Each field is described in the following table. Table 18 Monitor > Intrusion LABEL DESCRIPTION title This field displays the title of the monitor. Start Time This field displays the clock time (in 24-hour format) of the earliest traffic statistics in the graph.
Chapter 4 Monitor Figure 24 Monitor > AntiVirus Each field is described in the following table. Table 19 Monitor > AntiVirus LABEL DESCRIPTION title This field displays the title of the monitor. Start Time This field displays the clock time (in 24-hour format) of the earliest traffic statistics in the graph.
Chapter 4 Monitor Figure 25 Monitor > AntiSpam Each field is described in the following table. Table 20 Monitor > AntiSpam LABEL DESCRIPTION title This field displays the title of the monitor. Start Time This field displays the clock time (in 24-hour format) of the earliest traffic statistics in the graph.
SMTP, and other protocols. 5.1 Bandwidth Use these reports to look at how much traffic was handled by ZyXEL devices, who used the most bandwidth in a ZyXEL device, and which protocols were used. You can also look at traffic in various directions.
Chapter 5 Traffic Each field is described in the following table. Table 21 Traffic > Bandwidth > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Interface Select the logical interface for which you want to view bandwidth usage.
Chapter 5 Traffic Table 21 Traffic > Bandwidth > Summary LABEL DESCRIPTION Hour (Day) This field displays each time interval in chronological order. If you select one day of historical information or less (in the Last ... Days or Settings field) and it is in the last seven days (today is day one), the time interval is hours (in 24-hour format).
Chapter 5 Traffic Figure 27 Traffic > Bandwidth > Summary > Drill-Down Each field is described in the following table. Table 22 Traffic > Bandwidth > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 5 Traffic Table 22 Traffic > Bandwidth > Summary > Drill-Down LABEL DESCRIPTION MBytes Transferred This field displays how much traffic (in megabytes) the device handled for each service in the selected time interval. % of MBytes This field displays what percentage of the time interval’s total traffic belonged to Transferred each service.
Chapter 5 Traffic Each field is described in the following table. Table 23 Traffic > Bandwidth > Top Protocols LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. It does not include the Direction you select.
Chapter 5 Traffic Table 23 Traffic > Bandwidth > Top Protocols LABEL DESCRIPTION graph The graph displays the information in the table visually. • Click the pie view or the bar view icon. You can specify the Default Chart Type in System > General Configuration. •...
Chapter 5 Traffic Figure 29 Traffic > Bandwidth > Top Protocol > Drill-Down Each field is described in the following table. Table 24 Traffic > Bandwidth > Top Protocol > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 5 Traffic Table 24 Traffic > Bandwidth > Top Protocol > Drill-Down LABEL DESCRIPTION % of Sessions This field displays what percentage of the selected service’s total number of traffic events came from each source. MBytes Transferred This field displays how much traffic (in megabytes) each source generated using the selected service.
Chapter 5 Traffic Figure 30 Traffic > Bandwidth > Top Hosts Each field is described in the following table. Table 25 Traffic > Bandwidth > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 83
Chapter 5 Traffic Table 25 Traffic > Bandwidth > Top Hosts LABEL DESCRIPTION Last ... Days Use this field or Settings to specify what historical information is included in the report. Select how many days, ending (and including) today, you want to include.
Chapter 5 Traffic Table 25 Traffic > Bandwidth > Top Hosts LABEL DESCRIPTION % of Sessions This field displays what percentage each source’s number of traffic events makes out of the total number of traffic events that match the settings you displayed in this report.
Chapter 5 Traffic Each field is described in the following table. Table 26 Traffic > Bandwidth > Top Hosts > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. It does not include the Direction you select.
Chapter 5 Traffic Figure 32 Traffic > Bandwidth > Top Users Each field is described in the following table. Table 27 Traffic > Bandwidth > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 87
Chapter 5 Traffic Table 27 Traffic > Bandwidth > Top Users LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 5 Traffic 5.1.8 Top Bandwidth Users Drill-Down Use this report to look at the top services used by any top bandwidth user. Click on a specific user in Traffic > Bandwidth > Top Users to open this screen. Figure 33 Traffic > Bandwidth > Top Users > Drill-Down Each field is described in the following table.
Chapter 5 Traffic Table 28 Traffic > Bandwidth > Top Users > Drill-Down LABEL DESCRIPTION Sessions This field displays the number of traffic events the selected user generated using each service. % of Sessions This field displays what percentage of the selected user’s total number of traffic events was generated using each service.
Chapter 5 Traffic Figure 34 Traffic > Bandwidth > Top Destinations Each field is described in the following table. Table 29 Traffic > Bandwidth > Top Destinations LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 91
Chapter 5 Traffic Table 29 Traffic > Bandwidth > Top Destinations LABEL DESCRIPTION Last ... Days Use this field or Settings to specify what historical information is included in the report. Select how many days, ending (and including) today, you want to include.
Chapter 5 Traffic Table 29 Traffic > Bandwidth > Top Destinations LABEL DESCRIPTION % of Sessions This field displays what percentage each destination’s number of traffic events makes out of the total number of traffic events that match the settings you displayed in this report.
Chapter 5 Traffic Each field is described in the following table. Table 30 Traffic > Bandwidth > Top Destinations > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
Chapter 5 Traffic Figure 36 Traffic > WEB > Top Sites Each field is described in the following table. Table 31 Traffic > WEB > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 95
Chapter 5 Traffic Table 31 Traffic > WEB > Top Sites LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 5 Traffic 5.2.2 Top Web Sites Drill-Down Use this report to look at the top sources of web traffic for any top destination. Click on a specific destination in Traffic > WEB > Top Sites to open this screen. Figure 37 Traffic >...
Chapter 5 Traffic Table 32 Traffic > WEB > Top Sites > Drill-Down LABEL DESCRIPTION Color This field displays what color represents each source in the graph. Sessions This field displays the number of traffic events from each source to the selected destination.
Chapter 5 Traffic Figure 38 Traffic > WEB > Top Hosts Each field is described in the following table. Table 33 Traffic > WEB > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 5 Traffic Table 33 Traffic > WEB > Top Hosts LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 5 Traffic Click on a specific source in Traffic > WEB > Top Hosts to open this screen. Figure 39 Traffic > WEB > Top Hosts > Drill-Down Each field is described in the following table. Table 34 Traffic > WEB > Top Hosts > Drill-Down LABEL DESCRIPTION title...
Chapter 5 Traffic Table 34 Traffic > WEB > Top Hosts > Drill-Down LABEL DESCRIPTION % of MBytes This field displays what percentage of the selected source’s traffic was sent to Transferred each destination. Total This entry displays the totals for the destinations above. If the number of destinations of web traffic from the selected source is greater than the maximum number of records displayed in this table, this total might be a little lower than the total in the main report.
Chapter 5 Traffic Each field is described in the following table. Table 35 Traffic > WEB > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Chapter 5 Traffic Table 35 Traffic > WEB > Top Users LABEL DESCRIPTION MBytes Transferred This field displays how much traffic (in megabytes) the device handled for each user. % of MBytes This field displays what percentage each user’s traffic makes out of the total Transferred traffic that matches the settings you displayed in this report.
Chapter 5 Traffic Each field is described in the following table. Table 36 Traffic > WEB > Top Users > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
Chapter 5 Traffic Figure 42 Traffic > FTP > Top Sites Each field is described in the following table. Table 37 Traffic > FTP > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 106
Chapter 5 Traffic Table 37 Traffic > FTP > Top Sites LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 5 Traffic 5.3.2 Top FTP Sites Drill-Down Use this report to look at the top sources of FTP traffic for any top destination. Click on a specific destination in Traffic > FTP > Top Sites to open this screen. Figure 43 Traffic >...
Chapter 5 Traffic Table 38 Traffic > FTP > Top Sites > Drill-Down LABEL DESCRIPTION % of Sessions This field displays what percentage of the selected destination’s total number of traffic events came from each source. MBytes Transferred This field displays how much traffic (in megabytes) was generated from each source to the selected destination.
Chapter 5 Traffic Each field is described in the following table. Table 39 Traffic > FTP > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Chapter 5 Traffic Table 39 Traffic > FTP > Top Hosts LABEL DESCRIPTION MBytes Transferred This field displays how much traffic (in megabytes) the device handled for each source. % of MBytes This field displays what percentage each source’s traffic makes out of the total Transferred traffic that matches the settings you displayed in this report.
Chapter 5 Traffic Each field is described in the following table. Table 40 Traffic > FTP > Top Hosts > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
Chapter 5 Traffic Figure 46 Traffic > FTP > Top Users Each field is described in the following table. Table 41 Traffic > FTP > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 5 Traffic Table 41 Traffic > FTP > Top Users LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 5 Traffic Figure 47 Traffic > FTP > Top Users > Drill-Down Each field is described in the following table. Table 42 Traffic > FTP > Top Hosts > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 5 Traffic Table 42 Traffic > FTP > Top Hosts > Drill-Down LABEL DESCRIPTION MBytes Transferred This field displays how much traffic (in megabytes) was generated from the selected user to each destination. % of MBytes This field displays what percentage of the selected user’s total traffic was sent Transferred to each destination.
Chapter 5 Traffic Figure 48 Traffic > MAIL > Top Sites Each field is described in the following table. Table 43 Traffic > MAIL > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 117
Chapter 5 Traffic Table 43 Traffic > MAIL > Top Sites LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 5 Traffic 5.4.2 Top Mail Sites Drill-Down Use this report to look at the top sources of mail traffic for any top destination. Click on a specific destination in Traffic > MAIL > Top Sites to open this screen. Figure 49 Traffic >...
Chapter 5 Traffic Table 44 Traffic > MAIL > Top Sites > Drill-Down LABEL DESCRIPTION % of Sessions This field displays what percentage of the selected destination’s total number of traffic events came from each source. MBytes Transferred This field displays how much traffic (in megabytes) came from each source to the selected destination.
Chapter 5 Traffic Each field is described in the following table. Table 45 Traffic > MAIL > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Chapter 5 Traffic Table 45 Traffic > MAIL > Top Hosts LABEL DESCRIPTION MBytes Transferred This field displays how much traffic (in megabytes) the device handled for each source. % of MBytes This field displays what percentage each source’s traffic makes out of the total Transferred traffic that matches the settings you displayed in this report.
Chapter 5 Traffic Each field is described in the following table. Table 46 Traffic > MAIL > Top Hosts > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
Chapter 5 Traffic Figure 52 Traffic > MAIL > Top Users Each field is described in the following table. Table 47 Traffic > MAIL > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 5 Traffic Table 47 Traffic > MAIL > Top Users LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 5 Traffic Figure 53 Traffic > MAIL > Top Users > Drill-Down Each field is described in the following table. Table 48 Traffic > MAIL > Top Users > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Then click Next. 5.5.2 Service Settings The following screen displays after you select the ZyXEL firmware platform. Use this screen to add, edit, or remove services that you can view in Other Traffic reports. These services appear in the Customized Services drop-down box.
Chapter 5 Traffic Figure 55 Traffic > Customization > Customization (Service Settings) Each field is described in the following table. Table 49 Service > Customization > Customization (Service Settings) LABEL DESCRIPTION Add a Known Use this drop-down box to add a service to the Customized Service drop-down Service box.
Chapter 5 Traffic Click Traffic > Customization > Top Destinations to open this screen. Figure 56 Traffic > Customization > Top Destinations Each field is described in the following table. Table 50 Traffic > Customization > Top Destinations LABEL DESCRIPTION title This field displays the title of the statistical report.
Chapter 5 Traffic Table 50 Traffic > Customization > Top Destinations LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 5 Traffic Click on a specific destination in Traffic > Customization > Top Destinations to open this screen. Figure 57 Traffic > Customization > Top Destinations > Drill-Down Each field is described in the following table. Table 51 Traffic > Customization > Top Destinations > Drill-Down LABEL DESCRIPTION title...
Chapter 5 Traffic Table 51 Traffic > Customization > Top Destinations > Drill-Down LABEL DESCRIPTION View Logs Click this icon to see the logs that go with the record. Total This entry displays the totals for the sources above. If the number of sources of traffic to the selected destination is greater than the maximum number of records displayed in this table, this total might be a little lower than the total in the main report.
Page 132
Chapter 5 Traffic Table 52 Traffic > Customization > Top Sources LABEL DESCRIPTION Last ... Days Use this field or Settings to specify what historical information is included in the report. Select how many days, ending (and including) today, you want to include.
Chapter 5 Traffic Table 52 Traffic > Customization > Top Sources LABEL DESCRIPTION MBytes Transferred This field displays how much traffic (in megabytes) the device handled for each source. % of MBytes This field displays what percentage each source’s traffic makes out of the total Transferred traffic that matches the settings you displayed in this report.
Chapter 5 Traffic Table 53 Traffic > Customization > Top Sources > Drill-Down LABEL DESCRIPTION Destination This field displays the top destinations of the selected service’s traffic from the selected source, sorted by the amount of traffic attributed to each one. Each destination is identified by its IP address.
Chapter 5 Traffic Each field is described in the following table. Table 54 Traffic > Customization > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Customized Service Select the service whose traffic you want to view.
Chapter 5 Traffic Table 54 Traffic > Customization > Top Users LABEL DESCRIPTION % of Sessions This field displays what percentage each user’s number of traffic events makes out of the total number of traffic events for the time range of the report. MBytes Transferred This field displays how much traffic (in megabytes) the device handled for each user.
Chapter 5 Traffic Each field is described in the following table. Table 55 Traffic > Customization > Top Users > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
To look at VPN usage reports, each ZyXEL device must record forwarded IPSec VPN traffic in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure IPSec is enabled.
Chapter 6 VPN Each field is described in the following table. Table 56 VPN > Site-to-Site > Link Status LABEL DESCRIPTION Site This column displays the names of peer IPSec routers. Each IPSec router is identified by the name of the phase 1 IKE SA (also known as the gateway policy).
Chapter 6 VPN Each field is described in the following table. Table 57 VPN > Site-to-Site > Traffic Monitor LABEL DESCRIPTION Site Select a peer IPSec router. Tunnel Select a VPN tunnel. Select All to display the total traffic for the device’s VPN tunnels with the selected site.
Chapter 6 VPN Figure 64 VPN > Site-to-Site > Top Peer Gateways Each field is described in the following table. Table 58 VPN > Site-to-Site > Top Peer Gateways LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 6 VPN Table 58 VPN > Site-to-Site > Top Peer Gateways LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 6 VPN Click on a specific destination in VPN > Site-to-Site > Top Peer Gateways to open this screen. Figure 65 VPN > Site-to-Site > Top Peer Gateways > Drill-Down Each field is described in the following table. Table 59 VPN > Site-to-Site > Top Peer Gateways > Drill-Down LABEL DESCRIPTION title...
Chapter 6 VPN Table 59 VPN > Site-to-Site > Top Peer Gateways > Drill-Down LABEL DESCRIPTION Sessions This field displays the number of traffic events from each source to the selected destination. % of Sessions This field displays what percentage each source’s number of traffic events makes out of the total number of traffic events for the selected destination.
Chapter 6 VPN Each field is described in the following table. Table 60 VPN > Site-to-Site > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Chapter 6 VPN Table 60 VPN > Site-to-Site > Top Sites LABEL DESCRIPTION MBytes Transferred This field displays how much traffic (in megabytes) the device handled for each site. % of MBytes This field displays what percentage of VPN traffic the device handled for each Transferred site.
Chapter 6 VPN Each field is described in the following table. Table 61 VPN > Site-to-Site > Top Sites > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
Chapter 6 VPN Figure 68 VPN > Site-to-Site > Top Tunnels Each field is described in the following table. Table 62 VPN > Site-to-Site > Top Tunnels LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 150
Chapter 6 VPN Table 62 VPN > Site-to-Site > Top Tunnels LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 6 VPN 6.1.8 Top VPN Tunnels Drill-Down Use this report to look at the top senders or receivers of VPN traffic for a top VPN tunnel. Click on a specific destination in VPN > Site-to-Site > Top Tunnels to open this screen. Figure 69 VPN >...
Chapter 6 VPN Table 63 VPN > Site-to-Site > Top Tunnels > Drill-Down LABEL DESCRIPTION Sessions This field displays the number of traffic events from each host to the selected VPN tunnel. % of Sessions This field displays what percentage each host’s number of traffic events makes out of the total number of traffic events for the selected VPN tunnel.
Chapter 6 VPN Each field is described in the following table. Table 64 VPN > Site-to-Site > Top Protocols LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Site Select a peer IPSec router.
Chapter 6 VPN Table 64 VPN > Site-to-Site > Top Protocols LABEL DESCRIPTION graph The graph displays the information in the table visually. • Click the pie view or the bar view icon. You can specify the Default Chart Type in System > General Configuration. •...
Chapter 6 VPN Figure 71 VPN > Site-to-Site > Top Protocols > Drill-Down Each field is described in the following table. Table 65 VPN > Site-to-Site > Top Protocols > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 6 VPN Table 65 VPN > Site-to-Site > Top Protocols > Drill-Down LABEL DESCRIPTION % of MBytes This field displays what percentage of the selected VPN traffic was for each Transferred host. View Logs Click this icon to see the logs that go with the record. Total This entry displays the totals for the hosts above.
Chapter 6 VPN Each field is described in the following table. Table 66 VPN > Site-to-Site > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Site Select a peer IPSec router.
Page 158
Chapter 6 VPN Table 66 VPN > Site-to-Site > Top Hosts LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 6 VPN Table 66 VPN > Site-to-Site > Top Hosts LABEL DESCRIPTION View Logs Click this icon to see the logs that go with the record. Total This entry displays the totals for the hosts above. 6.1.12 Top VPN Hosts Drill-Down Use this report to look at the services sent through VPN from a top sender or to a top receiver.
Chapter 6 VPN Table 67 VPN > Site-to-Site > Top Hosts > Drill-Down LABEL DESCRIPTION Protocol This field displays the top services of VPN traffic from the selected host, sorted by the amount of traffic attributed to each one. Each service is identified by its IP address. Color This field displays what color represents each protocol in the graph.
Chapter 6 VPN Figure 74 VPN > Site-to-Site > Top Users Each field is described in the following table. Table 68 VPN > Site-to-Site > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 162
Chapter 6 VPN Table 68 VPN > Site-to-Site > Top Users LABEL DESCRIPTION Last ... Days Use this field or Settings to specify what historical information is included in the report. Select how many days, ending (and including) today, you want to include.
Chapter 6 VPN Table 68 VPN > Site-to-Site > Top Users LABEL DESCRIPTION % of Sessions This field displays what percentage each user’s number of traffic events makes out of the total number of traffic events that match the settings you displayed in this report.
Chapter 6 VPN Each field is described in the following table. Table 69 VPN > Site-to-Site > Top Users > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
Chapter 6 VPN Figure 76 VPN > Site-to-Site > Top Destinations Each field is described in the following table. Table 70 VPN > Site-to-Site > Top Destinations LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 166
Chapter 6 VPN Table 70 VPN > Site-to-Site > Top Destinations LABEL DESCRIPTION Last ... Days Use this field or Settings to specify what historical information is included in the report. Select how many days, ending (and including) today, you want to include.
Chapter 6 VPN Table 70 VPN > Site-to-Site > Top Destinations LABEL DESCRIPTION % of Sessions This field displays what percentage each destination’s number of traffic events makes out of the total number of traffic events that match the settings you displayed in this report.
Chapter 6 VPN Each field is described in the following table. Table 71 VPN > Site-to-Site > Top Destinations > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields. graph The graph displays the information in the table visually.
Chapter 6 VPN Figure 78 VPN > Remote Access > Total Users And Traffic Each field is described in the following table. Table 72 VPN > Remote Access > Total Users And Traffic Start Time This field displays the clock time (in 24-hour format) of the earliest traffic statistics in the graph.
Chapter 6 VPN Figure 79 VPN > Remote Access > User Status Each field is described in the following table. Table 73 VPN > Remote Access > User Status LABEL DESCRIPTION User Status Select Online to display the list of users that are using a remote access connection to the device.
Chapter 6 VPN Figure 80 VPN > Remote Access > Top Protocols Each field is described in the following table. Table 74 VPN > Remote Access > Top Protocols LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 172
Chapter 6 VPN Table 74 VPN > Remote Access > Top Protocols LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 6 VPN 6.2.4 Top VPN Protocols Drill-Down Use this report to look at the top remote access senders or receivers of any top service. Click on a specific service in VPN > Remote Access > Top Protocols to open this screen. Figure 81 VPN >...
Chapter 6 VPN Table 75 VPN > Remote Access > Top Protocols > Drill-Down LABEL DESCRIPTION Sessions This field displays the number of traffic events for each host. % of Sessions This field displays what percentage each host’s number of traffic events makes out of the total number of traffic events for the selected VPN traffic.
Chapter 6 VPN Figure 82 VPN > Remote Access > Top Destinations Each field is described in the following table. Table 76 VPN > Remote Access > Top Destinations LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 176
Chapter 6 VPN Table 76 VPN > Remote Access > Top Destinations LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 6 VPN 6.2.6 Top VPN Destinations Drill-Down Use this report to look at the remote access hosts that sent the most traffic to the selected top destination. Click on a specific destination in VPN > Remote Access > Top Destinations to open this screen.
Chapter 6 VPN Table 77 VPN > Remote Access > Top Destinations > Drill-Down LABEL DESCRIPTION Host This field displays the top sources that sent remote access VPN traffic to the selected destination, sorted by the amount of traffic attributed to each one. Each source is identified by its IP address.
Chapter 6 VPN Figure 84 VPN > Xauth> Successful Login Each field is described in the following table. Table 78 VPN > Xauth> Successful Login LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 6 VPN 6.3.2 VPN Failed Login Use this report to monitor the total number of users that have made unsuccessful attempts to log in to use one of the device’s VPN tunnels. Click VPN > Xauth> Failed Login to open this screen. Figure 85 VPN >...
Page 181
Chapter 6 VPN Table 79 VPN > Xauth> Failed Login LABEL DESCRIPTION Source IP This is the IP address from which the user attempted to log into one of the device’s VPN tunnels. Total This entry displays the total number of users on the current page of the report. If you want to see a different page of the report, type the number of the page in the field.
H A P T E R Network Attack Use these reports to look at Denial-of-Service (DoS) attacks that were detected by the ZyXEL device’s firewall. 7.1 Attack Use this report to look at the number of DoS attacks by time interval, top sources and by category.
Chapter 7 Network Attack Figure 86 Network Attack > Attack > Summary Each field is described in the following table. Table 80 Network Attack > Attack > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 7 Network Attack Table 80 Network Attack > Attack > Summary LABEL DESCRIPTION graph The graph displays the information in the table visually. • Click the pie view or the bar view icon. You can specify the Default Chart Type in System >...
Chapter 7 Network Attack Figure 87 Network Attack > Attack > Summary > Drill-Down Each field is described in the following table. Table 81 Network Attack > Attack > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Use this report to look at the top kinds of DoS attacks by number of attacks. To look at attack reports, each ZyXEL device must record DoS attacks in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs >...
Chapter 7 Network Attack Figure 88 Network Attack > Attack > Top Attacks Each field is described in the following table. Table 82 Network Attack > Attack > Top Attacks LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 7 Network Attack Table 82 Network Attack > Attack > Top Attacks LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 7 Network Attack Figure 89 Network Attack > Attack > Top Attacks > Drill-Down Each field is described in the following table. Table 83 Network Attack > Attack > Top Attacks > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Use this report to look at the top sources of DoS attacks by number of attacks. To look at attack reports, each ZyXEL device must record DoS attacks in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs >...
Chapter 7 Network Attack Figure 90 Network Attack > Attack > Top Sources Each field is described in the following table. Table 84 Network Attack > Attack > Top Sources LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 7 Network Attack Table 84 Network Attack > Attack > Top Sources LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 7 Network Attack Figure 91 Network Attack > Attack > Top Sources > Drill-Down Each field is described in the following table. Table 85 Network Attack > Attack > Top Sources > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Use this report to look at the categories of DoS attacks by number of attacks. To look at attack reports, each ZyXEL device must record DoS attacks in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs >...
Chapter 7 Network Attack Each field is described in the following table. Table 86 Network Attack > Attack > By Type LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Chapter 7 Network Attack Figure 93 Network Attack > Attack > By Type > Drill-Down Each field is described in the following table. Table 87 Network Attack > Attack > By Type > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Use these reports to look at intrusion signatures, types of intrusions, severity of intrusions, and the top sources and destinations of intrusions that are logged on the selected ZyXEL device. Intrusions are caused by malicious or suspicious packets sent with the intent of causing harm, illegally accessing resources or interrupting service.
Chapter 7 Network Attack Each field is described in the following table. Table 88 Network Attack > Intrusion > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
This field displays the severity of each intrusion signature. Type This field displays what kind of intrusion each intrusion signature is. This corresponds to IDP > Signature > Attack Type in most ZyXEL devices. Intrusions This field displays how many intrusions occurred in the selected time interval.
To look at intrusion reports, each ZyXEL device must record intrusions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure IDP is enabled. Then, go to IDP >...
This field displays the severity of each intrusion signature. Type This field displays what kind of intrusion each intrusion signature is. This corresponds to IDP > Signature > Attack Type in most ZyXEL devices. Intrusions This field displays the number of intrusions by each intrusion signature.
Chapter 7 Network Attack 7.2.4 Top Intrusion Signatures Drill-Down Use this report to look at the top sources of intrusions for any top signature. Click on a specific intrusion signature in Network Attack > Intrusion > Top Intrusions to open this screen. Figure 97 Network Attack >...
To look at intrusion reports, each ZyXEL device must record intrusions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure IDP is enabled. Then, go to IDP >...
Chapter 7 Network Attack Figure 98 Network Attack > Intrusion > Top Sources Each field is described in the following table. Table 92 Network Attack > Intrusion > Top Sources LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 7 Network Attack Table 92 Network Attack > Intrusion > Top Sources LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
This field displays the severity of each intrusion signature. Type This field displays what kind of intrusion each intrusion signature is. This corresponds to IDP > Signature > Attack Type in most ZyXEL devices. Intrusions This field displays the number of intrusions by the selected source using each intrusion signature.
To look at intrusion reports, each ZyXEL device must record intrusions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure IDP is enabled. Then, go to IDP >...
Chapter 7 Network Attack Each field is described in the following table. Table 94 Intrusion > Top Destinations LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
This field displays what color represents each intrusion signature in the graph. Severity This field displays the severity of each intrusion signature. Type This field displays what kind of intrusion each intrusion signature is. This corresponds to IDP > Signature > Attack Type in most ZyXEL devices. Vantage Report User’s Guide...
To look at intrusion reports, each ZyXEL device must record intrusions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure IDP is enabled. Then, go to IDP >...
Chapter 7 Network Attack Figure 102 Network Attack > Intrusion > By Severity Each field is described in the following table. Table 96 Network Attack > Intrusion > By Severity LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 7 Network Attack Table 96 Network Attack > Intrusion > By Severity LABEL DESCRIPTION graph The graph displays the information in the table visually. • Click the pie view or the bar view icon. You can specify the Default Chart Type in System >...
This field displays the severity of each intrusion signature. Type This field displays what kind of intrusion each intrusion signature is. This corresponds to IDP > Signature > Attack Type in most ZyXEL devices. Intrusions This field displays the number of intrusions of the selected severity using each intrusion signature.
Back Click this to return to the main report. 7.3 AntiVirus Use these reports to look at viruses that were detected by the ZyXEL device’s anti-virus feature. 7.3.1 Virus Summary Use this report to look at the number of virus occurrences by time interval.
Chapter 7 Network Attack Each field is described in the following table. Table 98 Network Attack > AntiVirus > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Chapter 7 Network Attack Figure 105 Network Attack > AntiVirus > Summary > Drill-Down Each field is described in the following table. Table 99 Network Attack > AntiVirus > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Use this report to look at the top viruses by number of occurrences. To look at anti-virus reports, each ZyXEL device must record anti-virus messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Virus is enabled.
Chapter 7 Network Attack Figure 106 Network Attack > AntiVirus > Top Viruses Each field is described in the following table. Table 100 Network Attack > AntiVirus > Top Viruses LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 7 Network Attack Table 100 Network Attack > AntiVirus > Top Viruses LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 7 Network Attack Figure 107 Network Attack > AntiVirus > Top Viruses > Drill-Down Each field is described in the following table. Table 101 Network Attack > AntiVirus > Top Viruses > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Use this report to look at the top sources of virus occurrences by number of occurrences. To look at anti-virus reports, each ZyXEL device must record anti-virus messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Virus is enabled.
Chapter 7 Network Attack Figure 108 Network Attack > AntiVirus > Top Sources Each field is described in the following table. Table 102 Network Attack > AntiVirus > Top Sources LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 7 Network Attack Table 102 Network Attack > AntiVirus > Top Sources LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 7 Network Attack Figure 109 Network Attack > AntiVirus > Top Sources > Drill-Down Each field is described in the following table. Table 103 Network Attack > AntiVirus > Top Sources > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Use this report to look at the top destinations of virus occurrences by number of occurrences. To look at anti-virus reports, each ZyXEL device must record anti-virus messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Virus is enabled.
Chapter 7 Network Attack Figure 110 Network Attack > AntiVirus > Top Destinations Each field is described in the following table. Table 104 Network Attack > AntiVirus > Top Destinations LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 7 Network Attack Table 104 Network Attack > AntiVirus > Top Destinations LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 7 Network Attack Figure 111 Network Attack > AntiVirus > Top Destinations > Drill-Down Each field is described in the following table. Table 105 Network Attack > AntiVirus > Top Destinations > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Click this to return to the main report. 7.4 AntiSpam Use these reports to look at spam messages that were detected by the ZyXEL device’s anti- spam feature. You can also look at the top senders and sources of spam messages.
Chapter 7 Network Attack Figure 112 Network Attack > AntiSpam > Summary Each field is described in the following table. Table 106 Network Attack > AntiSpam > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 7 Network Attack Table 106 Network Attack > AntiSpam > Summary LABEL DESCRIPTION graph The graph displays the information in the table visually. • Click the pie view or the bar view icon. You can specify the Default Chart Type in System >...
Chapter 7 Network Attack Figure 113 Network Attack > AntiSpam > Summary > Drill-Down Each field is described in the following table. Table 107 Network Attack > AntiSpam > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
SMTP servers, there are two entries for the sender, one with each SMTP server. To look at anti-spam reports, each ZyXEL device must record anti-spam messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Spam is enabled.
Chapter 7 Network Attack Figure 114 Network Attack > AntiSpam > Top Senders Each field is described in the following table. Table 108 Network Attack > AntiSpam > Top Senders LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Use this report to look at the top sources of spam messages by number of messages. To look at anti-spam reports, each ZyXEL device must record anti-spam messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Spam is enabled.
Chapter 7 Network Attack Click Network Attack > AntiSpam > Top Sources to open this screen. Figure 115 Network Attack > AntiSpam > Top Sources Each field is described in the following table. Table 109 Network Attack > AntiSpam > Top Sources LABEL DESCRIPTION title...
Use this report to look at the scores calculated for spam messages by number of messages. To look at anti-spam reports, each ZyXEL device must record anti-spam messages in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Anti- Spam is enabled.
Chapter 7 Network Attack Click Network Attack > AntiSpam > By Score to open this screen. Figure 116 Network Attack > AntiSpam > By Score Each field is described in the following table. Table 110 Network Attack > AntiSpam > By Score LABEL DESCRIPTION title...
Page 242
Chapter 7 Network Attack Table 110 Network Attack > AntiSpam > By Score LABEL DESCRIPTION graph The graph displays the information in the table visually. • Click the pie view or the bar view icon. You can specify the Default Chart Type in System >...
To look at firewall access control reports, each ZyXEL device must record blocked packets and users in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Access Control is enabled.
Chapter 8 Security Policy Figure 117 Security Policy > Firewall Access Control > Top Users Blocked Each field is described in the following table. Table 111 Security Policy > Firewall Access Control > Top Users Blocked LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
To look at firewall access control reports, each ZyXEL device must record blocked packets and users in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Access Control is enabled.
Chapter 8 Security Policy Click Security Policy > Firewall Access Control > Top Packets Blocked to open this screen. Figure 118 Security Policy > Firewall Access Control > Top Packets Blocked Each field is described in the following table. Table 112 Security Policy > Firewall Access Control > Top Packets Blocked LABEL DESCRIPTION title...
Chapter 8 Security Policy Table 112 Security Policy > Firewall Access Control > Top Packets Blocked LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date.
To look at application access control reports, each ZyXEL device must record allowed applications and blocked applications and users in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Application Patrol is enabled.
To look at security policy reports, each ZyXEL device must record users blocked by the application patrol in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Application Patrol is enabled.
Chapter 8 Security Policy Click Security Policy > Application Access Control > Top Users Blocked to open this screen. Figure 120 Security Policy > Application Access Control > Top Users Blocked Each field is described in the following table. Table 114 Security Policy > Application Access Control > Top Applications Blocked LABEL DESCRIPTION title...
Use this report to look at the applications for which the device allowed the most connections. To look at security policy reports, each ZyXEL device must record forwarded applications in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Application Patrol is enabled.
Chapter 8 Security Policy Click Security Policy > Application Access Control > Top Applications Allowed to open this screen. Figure 121 Security Policy > Application Access Control > Top Applications Allowed Each field is described in the following table. Table 115 Security Policy > Application Access Control > Top Applications Allowed LABEL DESCRIPTION title...
Chapter 8 Security Policy Table 115 Security Policy > Application Access Control > Top Applications Allowed LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date.
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Chapter 8 Security Policy Table 116 Security Policy > WEB Blocked > Summary LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date. The date range can be up to 30 days long, but you cannot include days that are older than Store Log Days in System >...
Chapter 8 Security Policy Figure 123 Security Policy > WEB Blocked > Summary > Drill-Down Each field is described in the following table. Table 117 Security Policy > WEB Blocked > Summary > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Chapter 8 Security Policy Each field is described in the following table. Table 118 Security Policy > WEB Blocked > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Chapter 8 Security Policy 8.3.4 Top Blocked Web Sites Drill-Down Use this report to look at the top sources for any top destination of blocked web traffic. Click on a specific destination in Security Policy > WEB Blocked > Top Sites to open this screen.
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Chapter 8 Security Policy Each field is described in the following table. Table 120 Security Policy > WEB Blocked > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Chapter 8 Security Policy 8.3.6 Top Blocked Web Hosts Drill-Down Use this report to look at the top destinations for any top source of blocked web traffic. Click on a specific source in Security Policy > WEB Blocked > Top Hosts to open this screen.
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Chapter 8 Security Policy Figure 128 Security Policy > WEB Blocked > Top Users Each field is described in the following table. Table 122 Security Policy > WEB Blocked > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 8 Security Policy Table 122 Security Policy > WEB Blocked > Top Users LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Chapter 8 Security Policy Figure 129 Security Policy > WEB Blocked > Top Users > Drill-Down Each field is described in the following table. Table 123 Security Policy > WEB Blocked > Top Users > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Chapter 8 Security Policy Each field is described in the following table. Table 124 Security Policy > WEB Blocked > By Category LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Chapter 8 Security Policy Figure 131 Security Policy > WEB Blocked > By Category > Drill-Down Each field is described in the following table. Table 125 Security Policy > WEB Blocked > By Category > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Chapter 8 Security Policy Each field is described in the following table. Table 126 Security Policy > WEB Allowed > Summary LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Chapter 8 Security Policy Click on a specific time interval in Security Policy > WEB Allowed > Summary to open this screen. Figure 133 Security Policy > WEB Allowed > Summary > Drill-Down Each field is described in the following table. Table 127 Security Policy >...
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Chapter 8 Security Policy Figure 134 Security Policy > WEB Allowed > Top Sites Each field is described in the following table. Table 128 Security Policy > WEB Allowed > Top Sites LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 8 Security Policy Table 128 Security Policy > WEB Allowed > Top Sites LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Chapter 8 Security Policy Figure 135 Security Policy > WEB Allowed > Top Sites > Drill-Down Each field is described in the following table. Table 129 Security Policy > WEB Allowed > Top Sites > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Chapter 8 Security Policy Each field is described in the following table. Table 130 Security Policy > WEB Allowed > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
Chapter 8 Security Policy 8.4.6 Top Allowed Web Hosts Drill-Down Use this report to look at the top destinations for any top source of forwarded web traffic. Click on a specific source in Security Policy > WEB Allowed > Top Hosts to open this screen.
See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure Allow Web Sites and Block Web Sites are enabled.
Chapter 8 Security Policy Figure 138 Security Policy > WEB Allowed > Top Users Each field is described in the following table. Table 132 Security Policy > WEB Allowed > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 8 Security Policy Table 132 Security Policy > WEB Allowed > Top Users LABEL DESCRIPTION Settings Use these fields to specify what historical information is included in the report. Click the settings icon. The Report Display Settings screen appears. Select a specific Start Date and End Date.
Chapter 8 Security Policy Figure 139 Security Policy > WEB Allowed > Top Users > Drill-Down Each field is described in the following table. Table 133 Security Policy > WEB Allowed > Top Users > Drill-Down LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the date(s) you specified in the Last Days or Settings fields.
Page 284
Chapter 8 Security Policy Table 133 Security Policy > WEB Allowed > Top Users > Drill-Down LABEL DESCRIPTION Total This entry displays the totals for the destinations above. If the number of destinations of attempts from the selected user is greater than the maximum number of records displayed in this table, this total might be a little lower than the total in the main report.
H A P T E R Event Use these screens to look at who successfully logged into the ZyXEL device or who tried to log in but failed. 9.1 Successful Logins Use this screen to look at who successfully logged into the ZyXEL device. See Section 2.4 on...
Enter the page number you want to see, and click Go. 9.2 Failed Logins Use this screen to look at who tried to log in into the ZyXEL device (for management or monitoring purposes) but failed. See Section 2.4 on page 35 for more information about the source data used by the report.
Report Display Settings screen appears. Time This field displays the time the Vantage Report server received the log entry from the ZyXEL device, not the time the user tried unsuccessfully to log into the device. Login User This field displays who tried unsuccessfully to log into the selected device.
To use this screen, the ZyXEL device must record instances of hosts exceeding the maximum number of NAT sessions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure System Maintenance is enabled.
Chapter 9 Event Each field is described in the following table. Table 136 Event > Session Per Host > Top Hosts LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
To use this screen, the ZyXEL device must record instances of users exceeding the maximum number of NAT sessions in its log. See the User’s Guide for each ZyXEL device for more information. In most devices, go to Logs > Log Settings, and make sure System Maintenance is enabled.
Chapter 9 Event Each field is described in the following table. Table 137 Event > Session Per Host > Top Users LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields. Last ...
H A P T E R Log Viewer Use these screens to look at all log entries for the selected ZyXEL device. 10.1 Log Viewer Use this screen to view logs that the devices send to Vantage Report. Click Log Viewer > All Logs to look at all log entries. The screen is shown next. See Section 2.3 on page 34...
Chapter 10 Log Viewer Figure 144 Log Viewer > All Logs The fields in the first three rows (and Search and Reset) appear when you open the report. The fields in the next three rows (above Search and Reset) appear if you do not select All Categories in the Category field and select Advanced Search.
Page 297
LABEL DESCRIPTION Category This field depends on the model of the selected ZyXEL device. Select what type of log entries you want to see. You can also select All Categories. Advanced Search This field is disabled if Category is All Categories. Select this if you want to use other search criteria to look at log entries.
H A P T E R Schedule Report Use the summary screens to set up and maintain daily, weekly, and one-time reports that Vantage Report sends by e-mail. See Section 2.2 on page 34 for more information about e- mail in Vantage Report. Use the template screens to add and edit report templates. 11.1 Scheduled Report Summary Screen To send scheduled reports by e-mail, you have to enter the SMTP mail server settings.
Chapter 11 Schedule Report Figure 145 Schedule Report > Summary Each field is described in the following table. Table 139 Schedule Report > Summary LABEL DESCRIPTION Add (Daily Report) Click this to generate and send one or more statistical reports daily. Each report comes from the previous day’s information.
Chapter 11 Schedule Report Table 139 Schedule Report > Summary LABEL DESCRIPTION First .. Last Click First, Last, or a specific page number to look at the scheduled reports on that page. Some choices are not available, depending on the number of pages.s Enter the page number you want to see, and click Go.
Chapter 11 Schedule Report Each field is described in the following table. Table 140 Schedule Report > Summary > Add (Daily Report) LABEL DESCRIPTION Destination E-mail Enter the e-mail address(es) to which Vantage Report sends the selected Address report(s). Use a comma to separate each e-mail address. Do not put a space after the comma.
Chapter 11 Schedule Report Table 140 Schedule Report > Summary > Add (Daily Report) LABEL DESCRIPTION E-mail Attached Select this if you want Vantage Report to send the selected report(s) as Files attachment(s). Vantage Report also saves the selected report(s) on the Vantage Report server.
Chapter 11 Schedule Report Each field is described in the following table. Table 141 Schedule Report > Summary > Add (Weekly Report) LABEL DESCRIPTION Destination E-mail Enter the e-mail address(es) to which Vantage Report sends the selected Address report(s). Use a comma to separate each e-mail address. Do not put a space after the comma.
Chapter 11 Schedule Report Table 141 Schedule Report > Summary > Add (Weekly Report) LABEL DESCRIPTION E-mail Attached Select this if you want Vantage Report to send the selected report(s) as Files attachment(s). Vantage Report also saves the selected report(s) on the Vantage Report server.
Chapter 11 Schedule Report Each field is described in the following table. Table 142 Schedule Report > Summary > Add (Overtime Report) LABEL DESCRIPTION Destination E-mail Enter the e-mail address(es) to which Vantage Report sends the selected Address report(s). Use a comma to separate each e-mail address. Do not put a space after the comma.
Chapter 11 Schedule Report Table 142 Schedule Report > Summary > Add (Overtime Report) LABEL DESCRIPTION E-mail Body Enter the text you want to appear in the main body of the e-mail message Vantage Report sends. The body must be 1-255 printable ASCII characters long.
Chapter 11 Schedule Report Figure 149 Schedule Report > Template Each field is described in the following table. Table 143 Schedule Report > Template LABEL DESCRIPTION Select this check box, and click Delete to delete the report template. Index This is the number of this template in the list. This field is a sequential value, and it is not associated with a specific scheduled report.
Chapter 11 Schedule Report Figure 150 Schedule Report > Template > Add Each field is described in the following table. Table 144 Schedule Report > Template > Add LABEL DESCRIPTION Template View This section of the screen displays a sample of the report layout. PDF Template Click this button to view a sample of a report in PDF format.
Page 313
Chapter 11 Schedule Report Table 144 Schedule Report > Template > Add LABEL DESCRIPTION Template Title Enter the title that you want to appear at the top of the reports generated using this template. Use up to 50 ASCII characters. Spaces are allowed. Template Logo Type the location of the file that you want to display as the logo in the report or click Browse ...
H A P T E R System account can use the system screens to root • Maintain global reporting settings, such as how many days of logs to keep and default chart type • Maintain mail server settings • Add, remove, or edit users who can access Vantage Report •...
IP address in the field. If it does not find the host name, it only displays the IP address. This feature might increase the amount of time it takes to display statistical reports, however. You also need to configure the host computers and ZyXEL device (see Section 12.1.1 on page 318).
• Configure any software firewalls installed on the host computers to allow NetBIOS packets from the Vantage server. • Set the ZyXEL device to allow NetBIOS traffic between interfaces. You need to configure both the individual interface screens (like LAN, WAN, DMZ) and the firewall to allow NetBIOS packets from the Vantage server.
Chapter 12 System Figure 153 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties. Figure 154 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and click Properties.
Chapter 12 System Figure 155 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). Click WINS. Figure 156 Windows XP: Advanced TCP/IP Settings: WINS 6 Select the Default NetBIOS setting and click OK. Vantage Report User’s Guide...
Chapter 12 System 7 Click OK to close the Local Area Connection Properties window. 8 Turn on your ZyXEL device and restart your computer (if prompted). 12.2 Server Configuration Screen Only the account can open this screen. root Use the Server Configuration screen to set up mail server and web server configuration for Vantage Report.
Chapter 12 System Table 146 System > Server Configuration LABEL DESCRIPTION Send Test E-mail to Note: You should click Apply before you click Test. Administrator Click this to send a test message from the Vantage Report account to the e- mail address, if any, for the root user account.
Chapter 12 System Table 147 System > User Management LABEL DESCRIPTION Description This field displays the description for the user account. Status This field displays whether or not the user is logged in to Vantage Report. off line - this user is not currently logged in on line - this user is currently logged in Click this to create a new user account.
Chapter 12 System Table 148 Add/Edit User Account Screen LABEL DESCRIPTION Description Enter the description for the user account. Apply Click this to save your settings and close the screen. Reset Click this to change the settings in this screen to the last-saved values. Cancel Click this to close the screen without saving any changes.
Chapter 12 System Each field is described in the following table. Table 149 System > Data Maintenance > Configuration LABEL DESCRIPTION Backup Click this to look at or save the current settings in the General Configuration, Server Configuration, and User Management screens. Vantage Report saves the current settings in XML format.
Chapter 12 System 12.5 Upgrade Screen Only the account can open this screen. root Before you use this screen, read the documentation for the new release to make sure you understand the upgrade process. Use this screen to install new releases of Vantage Report. Do not use this screen to upgrade to the full version.
Chapter 12 System Vantage Report uses myZyXEL.com for registration and activation. You have to use the registration screens to log into myZyXEL.com. You cannot log in to myZyXEL.com separately to register or activate Vantage Report. The following information may be required for registration. Table 152 Information for Using an Existing MyZyXEL.com Account If you want to use an existing myZyXEL.com account, you need your ...
Chapter 12 System Table 154 System > Registration LABEL DESCRIPTION Supported Maximum This field appears if you have the full version. Nodes It displays the maximum number of devices Vantage Report can currently support, regardless of the number of licenses you purchase. You can never increase the number of devices in Vantage Report higher than this value, regardless of how many licenses you have.
Chapter 12 System Some fields do not appear if you have already used this screen to log into myZyXEL.com, if you have a myZyXEL.com account, or if you are getting the trial version.The fields are described in the following table. Table 155 Registration Screen LABEL DESCRIPTION...
Chapter 12 System To access this screen, click System > Log Receiver > By Day(Summary). Figure 165 System > Log Receiver By Day(Summary) All the fields are described in the following table. Table 156 System > Log Receiver By Day(Summary) LABEL DESCRIPTION Time...
Chapter 12 System Table 157 System > Log Receiver By Day(Summary) > By Device LABEL DESCRIPTION Log Number This field displays how many logs were received from each device on the day you clicked. % of Log Number This field displays what percent of the day’s total logs came from each device. 12.7.3 Log Receiver By Day >...
Chapter 12 System Figure 168 System > Log Receiver By Device) All the fields are described in the following table. Table 159 System > Log Receiver By Device LABEL DESCRIPTION title This field displays the title of the statistical report. The title includes the date(s) you specified in the Last Days or Settings fields.
Chapter 12 System Figure 169 System > Log Receiver By Device > By Category All the fields are described in the following table. Table 160 System > Log Receiver By Device > By Category LABEL DESCRIPTION title This field displays the title of the drill-down report. The title includes the dates you specified in the summary screen and the MAC address of the device that you selected.
Report server. If the problem continues, contact your local vendor. There is information in some Make sure your ZyXEL devices support these reports. Check the reports, but there is no release notes for the current firmware version. information in others.
Appendices and Index This part contains the following chapters. • Product Specifications (339) • Setting up Your Computer’s IP Address (345) • ZyNOS Log Descriptions (351) • Open Software Announcements (417) • Legal Information (447) • Customer Support (449) • Index (453)
Product Specifications All values are accurate at the time of writing. Table 2 on page 34 for specifications about the time it takes the Vantage Report server to process information from ZyXEL devices. Table 162 Web Configurator Specifications FEATURE SPECIFICATION...
Monitor the status of all your ZyXEL devices in one application. You can Logs also look at the logs for all your ZyXEL devices in Vantage Report. In normal operation, this information should be no older than five minutes, worst-case.
P P E N D I X Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/ME/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/ IP on your computer.
Appendix B Setting up Your Computer’s IP Address Figure 171 Windows XP: Start Menu 2 For Windows XP, click Network Connections. For Windows 2000/NT, click Network and Dial-up Connections. Figure 172 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties. Vantage Report User’s Guide...
Appendix B Setting up Your Computer’s IP Address Figure 173 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and click Properties. Figure 174 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP).
Appendix B Setting up Your Computer’s IP Address Figure 175 Windows XP: Advanced TCP/IP Settings 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: •...
8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click OK to close the Local Area Connection Properties window. 10 Turn on your ZyXEL device and restart your computer (if prompted). Verifying Settings 1 Click Start, All Programs, Accessories and then Command Prompt.
Page 350
Appendix B Setting up Your Computer’s IP Address Vantage Report User’s Guide...
P P E N D I X ZyNOS Log Descriptions This appendix provides descriptions of example log messages for ZyNOS-based devices. Log messages vary by device. Table 167 System Maintenance Logs LOG MESSAGE DESCRIPTION The router has adjusted its time based on information from the Time calibration is time server.
Page 352
Appendix C ZyNOS Log Descriptions Table 167 System Maintenance Logs (continued) LOG MESSAGE DESCRIPTION The router was not able to connect to the NTP server. Connect to NTP server fail The router dropped an ICMP packet that was too large. Too large ICMP packet has been dropped An SMT management session has started.
Appendix C ZyNOS Log Descriptions Table 168 System Error Logs LOG MESSAGE DESCRIPTION This attempt to create a NAT session exceeds the maximum %s exceeds the max. number of NAT session table entries allowed to be created per number of session per host.
Appendix C ZyNOS Log Descriptions Table 169 Access Control Logs (continued) LOG MESSAGE DESCRIPTION A packet from the WAN (TCP or UDP) matched a cone Firewall allowed a packet that NAT session and the device forwarded it to the LAN. matched a NAT session: [ TCP | UDP ] The firewall allowed access for a packet that matched a...
Appendix C ZyNOS Log Descriptions Table 171 Packet Filter Logs LOG MESSAGE DESCRIPTION Attempted access matched a configured filter rule (denoted by [ TCP | UDP | ICMP | IGMP | its set and rule number) and was blocked or forwarded Generic ] packet filter according to the rule.
Appendix C ZyNOS Log Descriptions Table 174 PPP Logs LOG MESSAGE DESCRIPTION The PPP connection’s Link Control Protocol stage has started. ppp:LCP Starting The PPP connection’s Link Control Protocol stage is opening. ppp:LCP Opening The PPP connection’s Challenge Handshake Authentication Protocol stage is ppp:CHAP Opening opening.
Appendix C ZyNOS Log Descriptions Table 176 Content Filtering Logs (continued) LOG MESSAGE DESCRIPTION When the content filter is not on according to the time schedule or you didn't select the "Block Matched Web Site” check box, the system forwards the web content. The external content filtering server did not respond within the timeout Waiting content filter period.
Appendix C ZyNOS Log Descriptions Table 177 Attack Logs (continued) LOG MESSAGE DESCRIPTION The firewall classified an ICMP packet with no source routing entry ip spoofing - no routing as an IP spoofing attack. entry ICMP (type:%d, code:%d) The firewall detected an ICMP vulnerability attack. vulnerability ICMP (type:%d, code:%d) The firewall detected an ICMP traceroute attack.
Appendix C ZyNOS Log Descriptions Table 178 Remote Management Logs LOG MESSAGE DESCRIPTION Attempted use of SNMP service was blocked according Remote Management: SNMP denied to remote management settings. Attempted use of DNS service was blocked according to Remote Management: DNS denied remote management settings.
Appendix C ZyNOS Log Descriptions Table 180 IPSec Logs (continued) LOG MESSAGE DESCRIPTION The device received a ping response when checking the specified Rule [%s] receives an VPN tunnel's connectivity. echo reply from peer The device disconnected all IPSec tunnels. Delete all tunnels Table 181 IKE Logs LOG MESSAGE...
Page 361
Appendix C ZyNOS Log Descriptions Table 181 IKE Logs (continued) LOG MESSAGE DESCRIPTION IKE uses ISAKMP to transmit data. Each ISAKMP packet Recv <packet> contains many different types of payloads. All of them show in the LOG. Refer to RFC2408 – ISAKMP for a list of all ISAKMP payload types.
Page 362
Appendix C ZyNOS Log Descriptions Table 181 IKE Logs (continued) LOG MESSAGE DESCRIPTION The router was not able to use extended authentication to XAUTH fail! My name: authenticate the listed username. <Username> The listed rule’s IKE phase 1 negotiation mode did not match Rule[%d] Phase 1 negotiation between the router and the peer.
Appendix C ZyNOS Log Descriptions Table 181 IKE Logs (continued) LOG MESSAGE DESCRIPTION The listed rule’s IKE phase 2 did not match between the router Rule [%d] phase 2 mismatch and the peer. The listed rule’s IKE phase 2 key lengths (with the AES Rule [%d] Phase 2 key length encryption algorithm) did not match between the router and mismatch...
Page 364
Appendix C ZyNOS Log Descriptions Table 182 PKI Logs (continued) LOG MESSAGE DESCRIPTION The router received a corrupted certification authority certificate from Failed to decode the the LDAP server whose address and port are recorded in the Source received ca cert field.
Appendix C ZyNOS Log Descriptions CODE DESCRIPTION CRL was not added to the cache. CRL decoding failed. CRL is not currently valid, but in the future. CRL contains duplicate serial numbers. Time interval is not continuous. Time information not available. Database method failed due to timeout.
Appendix C ZyNOS Log Descriptions Table 183 802.1X Logs (continued) LOG MESSAGE DESCRIPTION The local user database is operating as the Use Local User Database to authentication server. authenticate user. Use RADIUS to authenticate user. The RADIUS server is operating as the authentication server.
Page 367
Appendix C ZyNOS Log Descriptions Table 185 ICMP Notes (continued) TYPE CODE DESCRIPTION Net unreachable Host unreachable Protocol unreachable Port unreachable A packet that needed fragmentation was dropped because it was set to Don't Fragment (DF) Source route failed Source Quench A gateway may discard internet datagrams if it does not have the buffer space needed to queue the datagrams for output to the next network on the route to the destination network.
Appendix C ZyNOS Log Descriptions Table 186 IDP Logs LOG MESSAGE DESCRIPTION The buffer for holding IDP information such as the signature file version The buffer size is was too small to hold any more information. too small! There was a format error in the configuration backup file that someone The format of the attempted to load into the system.
Page 369
Appendix C ZyNOS Log Descriptions Table 187 AV Logs (continued) LOG MESSAGE DESCRIPTION The device detected a virus in a SMTP connection. The format of %s is SMTP Virus infected “ID” Virus ID number, virus name, filename. For example, - %s! ID:30001,CIH.Win95,/game.exe.
Appendix C ZyNOS Log Descriptions Table 187 AV Logs (continued) LOG MESSAGE DESCRIPTION The system blocked scanning files in POP3 connections. POP3 Block. The session is over The format of %s is %FILENAME%. maximun ZIP sessions For example, game.zip." The system destroyed unsupported zip files. Zip file unsupported - %s! Table 188 AS Logs...
Appendix C ZyNOS Log Descriptions 13.1 Syslog Logs There are two types of syslog: event logs and traffic logs. The device generates an event log when a system event occurs, for example, when a user logs in or the device is under attack. The device generates a traffic log when a "session"...
Appendix C ZyNOS Log Descriptions Table 191 Syslog Logs (continued) LOG MESSAGE DESCRIPTION This message is sent by the device ("RAS" displays as the Event Log: <Facility*8 + system name if you haven’t configured one) at the time Severity>Mon dd hr:mm:ss when this syslog is generated.
Page 374
Appendix C ZyNOS Log Descriptions Table 192 RFC-2408 ISAKMP Payload Types (continued) LOG DISPLAY PAYLOAD TYPE Notification NOTFY Delete Vendor ID Vantage Report User’s Guide...
P P E N D I X ZyWALL 1050 Log Descriptions This appendix provides descriptions of example log messages for the ZyWALL 1050. Table 193 Content Filter Logs LOG MESSAGE DESCRIPTION An administrator turned the content filter on. Content filter has been enabled An administrator turned the content filter off.
Page 376
Appendix D ZyWALL 1050 Log Descriptions Table 195 Blocked Web Site Logs (continued) LOG MESSAGE DESCRIPTION Content filter rating service is temporarily unavailable and access to the %s: Service is web site was blocked due to: unavailable 1. Can't resolve rating server IP (No DNS) 2.
Appendix D ZyWALL 1050 Log Descriptions Table 196 User Logs LOG MESSAGE DESCRIPTION The specified user signed in. %s %s has logged in from %s 1st %s: Administrator|Limited-Admin|User|Ext-User|Guest 2nd %s: username 3rd %s: service name (HTTP/HTTPS, FTP, telnet, SSH, console) NOTE field: %s means username.
Appendix D ZyWALL 1050 Log Descriptions Table 197 myZyXEL.com Logs LOG MESSAGE DESCRIPTION The device was not able to send a registration message to Send registration MyZyXEL.com. message to MyZyXEL.com server has failed. The device sent packets to the MyZyXEL.com server, but did not Get server response receive a response.
Page 379
Appendix D ZyWALL 1050 Log Descriptions Table 197 myZyXEL.com Logs (continued) LOG MESSAGE DESCRIPTION The service expiration day check failed, this log will append an error Service expiration message returned by the MyZyXEL.com server. check has failed:%s. %s: error message returned by myZyXEL.com server The service expiration day check was successful.
Page 380
Appendix D ZyWALL 1050 Log Descriptions Table 197 myZyXEL.com Logs (continued) LOG MESSAGE DESCRIPTION The device received an incomplete response from the update server Update has failed. and it caused a parsing error for the device. Because of lack must fields.
Page 381
Appendix D ZyWALL 1050 Log Descriptions Table 197 myZyXEL.com Logs (continued) LOG MESSAGE DESCRIPTION The daily check for service expiration failed, an error message returned Expiration daily-check by the MyZyXEL.com server will be appended to this log. has failed:%s. %s: error message returned by myZyXEL.com server The device received an incomplete response to the daily service Do expiration daily- expiration check and the packets caused a parsing error for the device.
Appendix D ZyWALL 1050 Log Descriptions Table 197 myZyXEL.com Logs (continued) LOG MESSAGE DESCRIPTION Verification of a server’s certificate failed because there is a self-signed Self signed certificate in the server’s certificate chain. certificate in certificate chain. The device verified a server’s certificate while processing an HTTPS Verify peer connection.
Page 383
Appendix D ZyWALL 1050 Log Descriptions Table 198 IDP Logs (continued) LOG MESSAGE DESCRIPTION IDP service is not registered. IDP service packet inspection feature and IDP service is not signature update will both be deactivated. registered. Packet Inspection feature will not be activated. IDP service trial license is expired.
Page 384
Appendix D ZyWALL 1050 Log Descriptions Table 198 IDP Logs (continued) LOG MESSAGE DESCRIPTION Get custom rule number failed. Get custom signature number error. Custom signature adding failed. Rule content length is too long. Add custom signature error: signature <sid> is over length.
Appendix D ZyWALL 1050 Log Descriptions Table 199 Application Patrol Logs (continued) LOG MESSAGE DESCRIPTION Deactivation of application patrol has succeeded. Deactivate App Patrol has succeeded. Initialization application patrol has succeeded. Initialize App. Patrol has succeeded. Packets logging. 1st %s: Protocol Name, 2nd %s: Category Name, 3rd App Patrol Name=%s %s: Default Rule or Exception Rule, 1st %d: Rule Index, 4th %s: TCP Type=%s %s=%d...
Page 388
Appendix D ZyWALL 1050 Log Descriptions Table 200 IKE Logs (continued) LOG MESSAGE DESCRIPTION %s is the tunnel name. When negotiating Phase-2 and checking IPsec [ID] : Tunnel [%s] SAs or the ID is IPv6 ID. Phase 2 Remote ID mismatch %s is the tunnel name.
Page 389
Appendix D ZyWALL 1050 Log Descriptions Table 200 IKE Logs (continued) LOG MESSAGE DESCRIPTION %s is the tunnel name. When negotiating Phase-2, the SA protocol did [SA] : Tunnel [%s] not match. Phase 2 SA protocol mismatch %s is the tunnel name. When negotiating Phase-2, the SA sequence [SA] : Tunnel [%s] SA size did not match.
Page 390
Appendix D ZyWALL 1050 Log Descriptions Table 200 IKE Logs (continued) LOG MESSAGE DESCRIPTION %s:%s is peer IP:Port. The device sent a DPD response sent to the Send DPD response to peer. "%s:%s" This is a combined message for outgoing IKE packets. Send:[ID]%s[SA]%s[KE]% s[ID]%s[CERT]%s[CR]%s[ HASH]%s[SIG]%s[NONCE]%...
Appendix D ZyWALL 1050 Log Descriptions Table 200 IKE Logs (continued) LOG MESSAGE DESCRIPTION The variables represent the phase 1 name, tunnel name, old SPI, new Tunnel SPI and the xauth name (optional). The tunnel was rekeyed [%s:%s:0x%x:0x%x:%s] successfully. rekeyed successfully The variables represent the phase 1 name and tunnel name.
Appendix D ZyWALL 1050 Log Descriptions Table 201 IPSec Logs (continued) LOG MESSAGE DESCRIPTION %s is the VPN connection name. An administrator disabled the VPN VPN connection %s was connection. disabled. %s is the VPN connection name. An administrator enabled the VPN VPN connection %s was connection.
Appendix D ZyWALL 1050 Log Descriptions Table 204 Policy Route Logs (continued) LOG MESSAGE DESCRIPTION Rule is moved. Policy-route rule %d was moved to %d. 1st %d: the original policy route rule number 2nd %d: the new policy route rule number Rule is deleted.
Page 395
Appendix D ZyWALL 1050 Log Descriptions Table 205 Built-in Services Logs (continued) LOG MESSAGE DESCRIPTION An administrator assigned a nonexistent certificate to FTP. FTP certificate:%s does not exist. %s is certificate name assigned by user An administrator changed the port number for FTP. FTP port has been changed to port %s.
Page 396
Appendix D ZyWALL 1050 Log Descriptions Table 205 Built-in Services Logs (continued) LOG MESSAGE DESCRIPTION An administrator inserted a new rule. DNS access control rule %u has been %u is rule number inserted. An administrator appended a new rule. DNS access control rule %u has been %u is rule number appended...
Appendix D ZyWALL 1050 Log Descriptions Table 205 Built-in Services Logs (continued) LOG MESSAGE DESCRIPTION A new built-in service access control rule was appended. Access control rule %u of %s was appended. %u is the index of the access control rule. %s is HTTP/HTTPS/SSH/SNMP/FTP/TELNET.
Page 398
Appendix D ZyWALL 1050 Log Descriptions Table 206 System Logs (continued) LOG MESSAGE DESCRIPTION A packet was received but it is not an ARP response packet. Received packet is not an ARP response packet The device received an ARP response. Receive an ARP response The device received an ARP response from the listed source.
Page 399
Appendix D ZyWALL 1050 Log Descriptions Table 206 System Logs (continued) LOG MESSAGE DESCRIPTION Update profile failed because the response was strange, %s is the Update the profile %s profile name. has failed because of strange server response. Update profile succeeded, because the IP address of profile is Update the profile %s unchanged, %s is the profile name.
Page 400
Appendix D ZyWALL 1050 Log Descriptions Table 206 System Logs (continued) LOG MESSAGE DESCRIPTION Update profile failed, and show the response message, 1st %s is the Update the profile %s profile name, 2nd %s is the reason. has failed because %s. Update profile failed because unknown error.
Appendix D ZyWALL 1050 Log Descriptions Table 206 System Logs (continued) LOG MESSAGE DESCRIPTION DDNS profile cannot be updated for HA IP address because HA iface is Update the profile %s PPP and not connected, %s is the profile name. has failed because the HA interface was not connected.
Page 402
Appendix D ZyWALL 1050 Log Descriptions Table 207 Connectivity Check Logs (continued) LOG MESSAGE DESCRIPTION The connectivity check process can't get the gateway IP address for Can't get gateway IP the specified interface. of %s interface %s: interface name The connectivity check process can't get memory from OS. Can't alloc memory The connectivity check process can't load module for check link-status.
Appendix D ZyWALL 1050 Log Descriptions Table 208 Device HA Logs LOG MESSAGE DESCRIPTION An VRRP group has been created, %s: the name of VRRP group. Device HA VRRP Group %s has been added. An VRRP group has been modified, %s: the name of VRRP group. Device HA VRRP group %s has been modified.
Page 404
Appendix D ZyWALL 1050 Log Descriptions Table 208 Device HA Logs (continued) LOG MESSAGE DESCRIPTION The firmware version on the Backup cannot be resolved to check if it is Backup firmware the same as on the Master. A Backup device only synchronizes from version can not be the Master if the Master and the Backup have the same firmware recognized.
Appendix D ZyWALL 1050 Log Descriptions Table 208 Device HA Logs (continued) LOG MESSAGE DESCRIPTION Master configuration file does not exist. Skip updating ZySH Startup Configuration. 1st %s: error string, 2ed %s: the syncing object System internal error: %s. Skip updating %s. Master configuration file is empty.
Page 406
Appendix D ZyWALL 1050 Log Descriptions Table 209 Routing Protocol Logs (continued) LOG MESSAGE DESCRIPTION RIP global version has been changed to version 1 or 2. RIP global version has been changed to %s. RIP redistribute OSPF routes has been enabled. RIP redistribute OSPF routes has been enabled.
Appendix D ZyWALL 1050 Log Descriptions Table 209 Routing Protocol Logs (continued) LOG MESSAGE DESCRIPTION RIP v2-broadcast on interface %s has been disabled. %s: Interface RIP v2-broadcast on Name interface %s has been disabled. Device-HA is currently running on the interface %s, so all the local OSPF on interface %s service have to be stopped including OSPF.
Appendix D ZyWALL 1050 Log Descriptions Table 210 NAT Logs (continued) LOG MESSAGE DESCRIPTION Extra FTP ALG port has been changed. Extra signal port of FTP ALG has been modified. Default FTP ALG port has been changed. Signal port of FTP ALG has been modified.
Page 409
Appendix D ZyWALL 1050 Log Descriptions Table 211 PKI Logs (continued) LOG MESSAGE DESCRIPTION The router created a certificate request with the specified name. Generate certifiate request "%s" successfully The router was not able to create a certificate request with the specified Generate certifiate name.
Page 410
Appendix D ZyWALL 1050 Log Descriptions Table 211 PKI Logs (continued) LOG MESSAGE DESCRIPTION The device imported a PKCS#7 format certificate into Trusted Import PKCS#7 Certificates. %s is the certificate request name. certificate "%s" into "Trusted Certificate" successfully The device was not able to decode an imported certificate. %s is Decode imported certificate the request name certificate "%s"...
Appendix D ZyWALL 1050 Log Descriptions CODE DESCRIPTION Certificate was not valid in the time interval. (Not used) Certificate is not valid. Certificate signature was not verified correctly. Certificate was revoked by a CRL. Certificate was not added to the cache. Certificate decoding failed.
Page 412
Appendix D ZyWALL 1050 Log Descriptions Table 212 Interface Logs (continued) LOG MESSAGE DESCRIPTION A user tried to dial the AUX interface, but the AUX interface does not Please type phone have a phone number set. number of interface AUX first then dial again.
Page 413
Appendix D ZyWALL 1050 Log Descriptions Table 212 Interface Logs (continued) LOG MESSAGE DESCRIPTION Port statistics log. This log will be sent to the VRPT server. name=%s,status=%s,TxPk ts=%u, 1st %s: physical port name, 2nd %s: physical port status, 1st %u: physical port Tx packets, 2nd %u: physical port Rx packets, 3rd %u: RxPkts=%u,Colli.=%u,Tx physical port packets collisions, 4th %u: physical port Tx Bytes/s, 5th...
Appendix D ZyWALL 1050 Log Descriptions Table 213 Account Logs LOG MESSAGE DESCRIPTION Account %s %s has been A user deleted an ISP account profile. deleted. 1st %s: profile type, 2nd %se: profile name. Account %s %s has been A user changed an ISP account profile’s options. changed.
Appendix D ZyWALL 1050 Log Descriptions Table 216 File Manager Logs LOG MESSAGE DESCRIPTION Apply configuration failed, this log will be what CLI command is and ERROR:#%s, %s what error message is. 1st %s is CLI command. 2nd %s is error message when apply CLI command. Apply configuration failed, this log will be what CLI command is and WARNING:#%s, %s what warning message is.
No part may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, except the express written permission of ZyXEL Communications Corporation. This Product includes MySQL and Anomic under GNU GENERAL PUBLIC LICENSE GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc.
Page 418
Appendix E Open Software Announcements For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code.
Page 419
Appendix E Open Software Announcements 2.You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a.
Page 420
Appendix E Open Software Announcements b.Accompany it with a written offer, valid for at least three years, to give any third-party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange;...
Page 421
Appendix E Open Software Announcements 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License.
Page 422
Appendix E Open Software Announcements 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this.
Page 423
Appendix E Open Software Announcements This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;...
Page 424
Appendix E Open Software Announcements applications with the library. If this is what you want to do, use the GNU Library General Public License instead of this License. This product includes Hibemate and Ifreechart under GNU LESSER GENERAL PUBLIC LICENSE GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc.
Page 425
Appendix E Open Software Announcements We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library.
Page 426
Appendix E Open Software Announcements Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow.
Page 427
Appendix E Open Software Announcements 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty;...
Page 428
Appendix E Open Software Announcements Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library.
Page 429
Appendix E Open Software Announcements When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not.
Page 430
Appendix E Open Software Announcements c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution.
Page 431
Appendix E Open Software Announcements 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it.
Page 432
Appendix E Open Software Announcements 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number.
Page 433
Appendix E Open Software Announcements If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License).
Page 434
Appendix E Open Software Announcements Sun Microsystems, Inc. Binary Code License Agreement for the JAVA 2 PLATFORM STANDARD EDITION DEVELOPMENT KIT 5.0 SUN MICROSYSTEMS, INC. ("SUN") IS WILLING TO LICENSE THE SOFTWARE IDENTIFIED BELOW TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS BINARY CODE LICENSE AGREEMENT AND SUPPLEMENTAL LICENSE TERMS (COLLECTIVELY "AGREEMENT").
Page 435
Appendix E Open Software Announcements entire liability under this limited warranty will be at Sun's option to replace Software media or refund the fee paid for Software. Any implied warranties on the Software are limited to 90 days. Some states do not allow limitations on duration of an implied warranty, so the above may not apply to you.
Page 436
Appendix E Open Software Announcements 10. U.S. GOVERNMENT RESTRICTED RIGHTS. If Software is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Software and accompanying documentation will be only as set forth in this Agreement;...
Page 437
Appendix E Open Software Announcements software intended to replace any component(s) of the Software, (iv) you do not remove or alter any proprietary legends or notices contained in the Software, (v) you only distribute the Software subject to a license agreement that protects Sun's interests consistent with the terms contained in this Agreement, and (vi) you agree to defend and indemnify Sun and its licensors from and against any damages, costs, liabilities, settlement amounts and/or expenses (including attorneys' fees) incurred in connection with any claim, lawsuit or action by any...
Page 438
Appendix E Open Software Announcements J2SE, and all trademarks and logos based on Java are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. This information must be placed on the Media label in such a manner as to only apply to the Sun Software; (vi) You must clearly identify the Software as Sun's product on the Media holder or Media label, and you may not state or imply that Sun is responsible for any third-party software contained on the Media;...
Page 439
Appendix E Open Software Announcements All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Page 440
Appendix E Open Software Announcements "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.
Page 441
Appendix E Open Software Announcements 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty- free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form.
Page 442
Appendix E Open Software Announcements statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License.
Page 443
License Agreement remains in full force and effect. Ownership of the Software, Documentation and all intellectual property rights therein shall remain at all times with ZyXEL. Any other use of the Software by any other entity is strictly forbidden and is a violation of this License Agreement.
Page 444
DAYS FROM THE DATE OF PURCHASE OF THE SOFTWARE, AND NO WARRANTIES SHALL APPLY AFTER THAT PERIOD. 7.Limitation of Liability IN NO EVENT WILL ZyXEL BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY INCIDENTAL OR CONSEQUENTIAL DAMAGES (INCLUDING, WITHOUT LIMITATION, INDIRECT, SPECIAL, PUNITIVE, OR EXEMPLARY DAMAGES FOR...
Page 445
This License Agreement is effective until it is terminated. You may terminate this License Agreement at any time by destroying or returning to ZyXEL all copies of the Software and Documentation in your possession or under your control. ZyXEL may terminate this License Agreement for any reason, including, but not limited to, if ZyXEL finds that you have violated any of the terms of this License Agreement.
Page 446
Software and Documentation shall not be assigned by you without the prior written consent of ZyXEL. Any waiver or modification of this License Agreement shall only be effective if it is in writing and signed by both parties hereto. If any part of this License...
417. Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others. ZyXEL further reserves the right to make changes in any products described herein without notice.
Page 448
Appendix F Legal Information CUSTOMER REMEDIES. ZyXEL's and its suppliers' entire liability and your exclusive remedy shall be, at ZyXEL's option, either (a) return of the price paid, if any, or (b) repair or replacement of the SOFTWARE that does not meet ZyXEL's Limited Warranty and which is returned to ZyXEL with a copy of your receipt.
Index Index general restore screens about icon SMTP mail server Add Device screen users additional ZyXEL device configuration contact information allowed web access 35, 270 copyright anti-spam customer support monitors customized report templates source data 35, 36 customized service field...
Page 454
31, 295 how used log settings requirements failed login log viewer source data 35, 36 regular log entries. See regular log viewer. ZyXEL device configuration 35, 36 Login screen features logout icon firmware low free disk mark platform versions...
Page 455
35, 36 table ZyXEL device configuration 35, 36 title related documentation typical layout report templates VPN traffic web allowed report window 39, 52 web blocked...
Page 456
Index setting e-mail in port number successful login processing time source data 35, 36 source data ZyXEL device configuration 35, 36 starting syntax conventions stopping system notification time in low free disk mark setting Vantage Report users. See users. versions...
Page 457
Index ZyNOS ZyWALL 1050 126, 340 ZyXEL device 41, 42, 326 configuration device type setting 43, 52 edit basic information feature support import in typical application MAC setting 43, 52 move remove search for select source data. See source data.