1. Manuals
  2. Brands
  3. Alcatel-Lucent Manuals
  4. Server
  5. Security Management Server (SMS) Release 9.4
  6. Technical overview

Logging - Alcatel-Lucent Security Management Server (SMS) Release 9.4 Technical Overview

Hide thumbs Also See for Security Management Server (SMS) Release 9.4:
Table of Contents

Advertisement

Alcatel-Lucent VPN Firewall Brick

Logging

...................................................................................................................................................................................................................................
Overview
All logging is performed in real-time from the Brick device to its management server
(SMS, as described below). Log messages are sent via TCP for reliable delivery,
encrypted over a mutually-authenticated channel. This logging mechanism has been
empirically tested to range from 0.1% to about 1% of the inband data rate (in
bits-per-second) depending on the application-layer protocol mix.
The Brick device generates the following types of log messages:
• Session logs
• Administrative Event logs
• Proactive Monitoring Statistic logs
• User Authentication logs
• VPN logs
The log data that is collected can be viewed in real-time or as historical data.
Session Logs
The following details pertain to session logs:
• One log message is sent on session establishment, one is sent on session
completion. Session completions are explicit for TCP-based sessions, and based on
timeouts for all other IP sessions. Session logs are sent in a batch if possible, but
not held more than a fraction of a second to avoid troubleshooting latency. All
session logs contain at least the following information (this is only a brief example;
many fields are available in each log record):
• Date/Time stamp
• Physical Brick name
• Virtual Firewall Name
• Firewall Rule Number
• VLAN ID
• Source and Destination IP address information
• Source and Destination Layer-4 port information
• Source and Destination NAT addresses and ports (if applicable)
Session Completion Logs additionally contain:
• Session Duration
• Packet Counts (forward & reverse)
• Byte Counts (forward & reverse)
• Bad TCP packet counts (if applicable, forward and reverse)
...................................................................................................................................................................................................................................
1-30
Security Appliance
260-100-022R9.4
Issue 1, June 2009

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Security Management Server (SMS) Release 9.4 and is the answer not in the manual?

Questions and answers

Related Manuals for Alcatel-Lucent Security Management Server (SMS) Release 9.4

Related Products for Alcatel-Lucent Security Management Server (SMS) Release 9.4

Table of Contents