ZyXEL P-650R, P-652HW Support Notes

Vantage Report
Centralized Logging & Reporting Analyzer
Support Notes
Version 2.2
June. 2005
ZyWALL P1 Support Notes
All contents copyright (c) 2005 ZyXEL Communications Corporation.
FAQ ...............................................................................................................................3
Product FAQ ..........................................................................................................3
What is Vantage Report (VRPT) ?.................................................................3
Which operating systems are supported by VRPT Server ?..........................3
Which reports are supported by VRPT ? ....................................................... 3
Which types of devices are by VRPT ? .........................................................3
How many devices are supported by VRPT ? ...............................................4
Which components are included by VRPT ?.................................................4
How to install VRPT server on the PC ? .......................................................4
How to access VRPT ?...................................................................................4
How long will raw data (device logs) be stored in VRPT database ?............5
Application Notes.........................................................................................................6
General Application Notes .....................................................................................6
Adding device to device maintenance list of VRPT......................................6
How to forward device log to VRPT for analysis and report ?......................7
How to enable traffic log feature on ZyWALL ?...........................................9
VRPT Server Setup...................................................................................... 10
Advanced Application Notes ...............................................................................12
Using Schedule Report ................................................................................12
How to check bandwidth usage ?.................................................................14
How to check Intrusion events ?..................................................................15
Trouble Shooting ........................................................................................................17
What to check if you can not access the GUI of VRPT Server? .........................17
Why can’t I get the PIE chart, even no data in monitor?.....................................17
ZyWALL P1 Support Notes
All contents copyright (c) 2005 ZyXEL Communications Corporation.
Product FAQ
What is Vantage Report (VRPT) ?
Vantage Report (VRPT), a web-based centralized reporting system for quickly and conveniently collecting and analyzing a distributed network, provides system administrator a simple and direct method of monitoring multiple ZyWALL Internet security and IDP appliances. VRPT 2.2 supports Bandwidth usage/Service/Web Filter/Attack/Intrusion/Authentication reports. Administrator can generate a report by online-query or schedule report daily/weekly.
Which operating systems are supported by VRPT Server ?
Windows 2000/XP now. Linux is not available for this version.
Which reports are supported by VRPT ?
VRPT can analyze and generate reports based on syslog from ZyWALL series and ZyWALL IDP10. There are two types of logs from devices: Event log and Traffic log. Event logs include many kinds of message which are related to the events on ZyWALL & IDP10. For example: DoS/DDoS attack, Web Access Block, Network Intrusion and so on. The other type of log, traffic log, is for statistic report about traffic passing through the device. When a session is initiated, ZyWALL, starts monitoring the traffic usage and send a log to VRPT when the session is terminated. Traffic log contains some information like source/destination/protocol/traffic load and so on. VRPT can generate Bandwidth/Service report based on the information.
Which types of devices are by VRPT ?
ZyWALL IDP10 with firmware 2.00
ZyWALL 2/10W with firmware 3.62
ZyWALL 5 with firmware 3.62 and later
ZyWALL 35/70 with firmware 3.63 and later
Therefore, no Bandwidth/Service report for ZyWALL 2/10W due to traffic log support.
ZyWALL P1 Support Notes
All contents copyright (c) 2005 ZyXEL Communications Corporation.
How many devices are supported by VRPT ?
There is not limitation on the device number. However, we recommend less than 25 units according to estimated logs and performance.
Which components are included by VRPT ?
VRPT includes a Kiwi syslog receiver for collecting device log, MySQL database for storing the log for further analysis, an analysis/reporting module to generate report according to user’s request and schedule setting, tomcat web server to provide user-friendly interface.
How to install VRPT server on the PC ?
Please refer the hardware/software requirement and quick start guide (QSG) for installation procedure. Installation could be a very simple and straight forward. Just to remind that VRPT installation wizard will install KiWi syslog/MySQL/Tomcat on your computer. Make sure these applications are not running before installation.
How to access VRPT ?
Once you install VRPT server, you can access VRPT by browser. Currently we only support IE 6.0 and later. Please type http://<VRPT Server IP>:8080/vrpt in the URL field. Press enter and a pop-up window will be prompt for login. If you can not see the window, please check your browser setting and make sure pop-up is not blocked.
ZyWALL P1 Support Notes
All contents copyright (c) 2005 ZyXEL Communications Corporation.
Default username/password is root/root.
How long will raw data (device logs) be stored in VRPT database ?
Under System>>General Config, user can decide Log store days. VRPT will keep only those logs which are within the value.
Old logs will be purged from system and saved as CSV file. These CSV files will be located under <VRPT installation directory> (default C:\Program Files\ZyXEL\Vantage Report) \backup. User can read the CSV file by Microsoft Excel. The naming will be something like auto_20050317000003.csv. It means the log file is formed on 03/17/2005 at 00:00:03.
Raw data (CSV files) can be imported to VRPT database through System>>CSV Import.
+ 12 hidden pages