Zyxel VANTAGE REPORT user manual

Vantage Report

User’s Guide

Version 3.0 10/2006 Edition 1
www.zyxel.com

About This User's Guide

About This User's Guide
Intended Audience
This manual is intended for people who want to configure the Vantage Report using the web configurator. You should have at least a basic knowledge of TCP/IP networking concepts and topology.
Related Documentation
• Included CD Refer to the included CD for support documents.
• Quick Start Guide The Quick Start Guide is designed to help you get up and running right away.
• Vantage Report Online Help Embedded web help for descriptions of individual screens and supplementary
information.
• ZyXEL Glossary and Web Site Please refer to www.zyxel.com
support documentation.
for an online glossary of networking terms and additional
User Guide Feedback
Help us help you. Send all User Guide-related comments, questions or suggestions for improvement to the following address, or use e-mail instead. Thank you!
The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan.
E-mail: techwriters@zyxel.com.tw
3

Document Conventions

Document Conventions
Warnings and Notes
These are how warnings and notes are shown in this User’s Guide.
1 Warnings tell you about things that could harm you or your device.
" Notes tell you other important information (for example, other things you may
need to configure or helpful tips) or recommendations.
Syntax Conventions
• The version number on the title page is the version of Vantage Report that is documented in this User’s Guide.
• Enter means for you to type one or more characters and press the carriage return. Select or Choose means for you to use one of the predefined choices.
• The choices of a menu item are in Bold Arial font.
• Mouse action sequences are denoted using a right angle bracket (>). For example, click
Traffic > WEB > Top Hosts means first click Traffic, then click WEB and finally click Top Hosts.
Icons Used in Figures
Figures in this User’s Guide may use the following generic icons.
Computer Server Networking Device
4
This product is recyclable. Dispose of it properly.
Vantage Report User’s Guide
Document Conventions
5
Document Conventions
6
Vantage Report User’s Guide

Contents Overview

Contents Overview
Introduction ............................................................................................................................ 29
Introducing Vantage Report ....................................................................................................... 31
The Vantage Report Server ....................................................................................................... 33
The Web Configurator ............................................................................................................... 37
Monitor and Traffic ................................................................................................................. 63
Monitor ....................................................................................................................................... 65
Traffic ......................................................................................................................................... 73
VPN ......................................................................................................................................... 139
Network Attack and Security Policy ...................................................................................183
Network Attack ........................................................................................................................ 185
Security Policy ......................................................................................................................... 243
Event, Log Viewer and Schedule Report ...........................................................................285
Event ....................................................................................................................................... 287
Log Viewer ............................................................................................................................... 295
Schedule Report ...................................................................................................................... 299
System and Troubleshooting .............................................................................................. 315
System ..................................................................................................................................... 317
Troubleshooting ....................................................................................................................... 335
Appendices and Index ......................................................................................................... 337
7
Contents Overview
8
Vantage Report User’s Guide

Table of Contents

Table of Contents
About This User's Guide ..........................................................................................................3
Document Conventions............................................................................................................4
Contents Overview ...................................................................................................................7
Table of Contents...................................................................................................................... 9
List of Figures ......................................................................................................................... 17
List of Tables...........................................................................................................................23
Part I: Introduction................................................................................. 29
Chapter 1
Introducing Vantage Report ...................................................................................................31
1.1 Introduction .......................................................................................................................... 31
1.2 Versions ............................................................................................................................... 31
Chapter 2
The Vantage Report Server ....................................................................................................33
2.1 Starting and Stopping the Vantage Report Server ............................................................... 33
2.2 E-Mail in the Vantage Report Server ................................................................................... 34
2.3 Time in the Vantage Report Server ...................................................................................... 34
2.4 ZyXEL Device Configuration and Source Data .................................................................... 35
Chapter 3
The Web Configurator ............................................................................................................37
3.1 Web Configurator Requirements ......................................................................................... 37
3.2 Web Configurator Access ....................................................................................................37
3.3 Title Bar ............................................................................................................................... 40
3.4 Device Window .................................................................................................................... 40
3.5 Function Window ................................................................................................................. 43
3.6 Report Window .................................................................................................................... 52
3.6.1 Device Information Screen ........................................................................................ 52
3.6.2 Monitors and Statistical Reports ................................................................................. 52
3.6.3 View Logs ................................................................................................................... 56
3.7 Dashboard ........................................................................................................................... 57
3.8 Dashboard ........................................................................................................................... 59
9
Table of Contents
Part II: Monitor and Traffic .................................................................... 63
Chapter 4
Monitor..................................................................................................................................... 65
4.1 Bandwidth Monitor ............................................................................................................... 65
4.2 Service Monitor .................................................................................................................... 66
4.3 Attack Monitor ...................................................................................................................... 68
4.4 Intrusion Monitor .................................................................................................................. 68
4.5 Anti-Virus Monitor ................................................................................................................ 69
4.6 Anti-Spam Monitor ............................................................................................................... 70
Chapter 5
Traffic....................................................................................................................................... 73
5.1 Bandwidth ............................................................................................................................ 73
5.1.1 Bandwidth Summary .................................................................................................. 73
5.1.2 Bandwidth Summary Drill-Down ................................................................................ 75
5.1.3 Bandwidth Top Protocols ............................................................................................ 77
5.1.4 Bandwidth Top Protocols Drill-Down .......................................................................... 79
5.1.5 Top Bandwidth Hosts ................................................................................................. 81
5.1.6 Top Bandwidth Hosts Drill-Down ................................................................................ 84
5.1.7 Top Bandwidth Users ................................................................................................. 85
5.1.8 Top Bandwidth Users Drill-Down ................................................................................ 88
5.1.9 Top Bandwidth Destinations ....................................................................................... 89
5.1.10 Top Bandwidth Destinations Drill-Down ................................................................... 92
5.2 Web Traffic ........................................................................................................................... 93
5.2.1 Top Web Sites ............................................................................................................93
5.2.2 Top Web Sites Drill-Down .......................................................................................... 96
5.2.3 Top Web Hosts ........................................................................................................... 97
5.2.4 Top Web Hosts Drill-Down ......................................................................................... 99
5.2.5 Top Web Users ......................................................................................................... 101
5.2.6 Top Web Users Drill-Down ....................................................................................... 103
5.3 FTP Traffic ......................................................................................................................... 104
5.3.1 Top FTP Sites ........................................................................................................... 104
5.3.2 Top FTP Sites Drill-Down ......................................................................................... 107
5.3.3 Top FTP Hosts ......................................................................................................... 108
5.3.4 Top FTP Hosts Drill-Down .........................................................................................110
5.3.5 Top FTP Users .......................................................................................................... 111
5.3.6 Top FTP Users Drill-Down .........................................................................................113
5.4 Mail Traffic ..........................................................................................................................115
5.4.1 Top Mail Sites ............................................................................................................115
5.4.2 Top Mail Sites Drill-Down ..........................................................................................118
5.4.3 Top Mail Hosts ...........................................................................................................119
5.4.4 Top Mail Hosts Drill-Down ........................................................................................ 121
10
Vantage Report User’s Guide
Table of Contents
5.4.5 Top Mail Users ......................................................................................................... 122
5.4.6 Top Mail Users Drill-Down ........................................................................................ 124
5.5 Other Traffic ....................................................................................................................... 126
5.5.1 Platform Selection .................................................................................................... 126
5.5.2 Service Settings ...................................................................................................... 126
5.5.3 Top Destinations of Other Traffic .............................................................................. 127
5.5.4 Top Destinations of Other Traffic Drill-Down ............................................................ 129
5.5.5 Top Sources of Other Traffic .................................................................................... 131
5.5.6 Top Sources of Other Traffic Drill-Down ................................................................... 133
5.5.7 Top Other Traffic Users ............................................................................................ 134
5.5.8 Top Users of Other Traffic Drill-Down ....................................................................... 136
Chapter 6
VPN......................................................................................................................................... 139
6.1 VPN Site-to-Site ................................................................................................................ 139
6.1.1 VPN Link Status ....................................................................................................... 139
6.1.2 VPN Traffic Monitor .................................................................................................. 140
6.1.3 Top VPN Peer Gateways ......................................................................................... 141
6.1.4 Top VPN Peer Gateways Drill-Down ........................................................................ 143
6.1.5 Top VPN Sites .......................................................................................................... 145
6.1.6 Top VPN Sites Drill-Down ........................................................................................ 147
6.1.7 Top VPN Tunnels ..................................................................................................... 148
6.1.8 Top VPN Tunnels Drill-Down .................................................................................... 151
6.1.9 Top VPN Protocols ................................................................................................... 152
6.1.10 Top VPN Protocols Drill-Down ............................................................................... 154
6.1.11 Top VPN Hosts ....................................................................................................... 156
6.1.12 Top VPN Hosts Drill-Down ..................................................................................... 159
6.1.13 Top VPN Users ....................................................................................................... 160
6.1.14 Top VPN Users Drill-Down ..................................................................................... 163
6.1.15 Top VPN Destinations ............................................................................................ 164
6.1.16 Top VPN Destinations Drill-Down ........................................................................... 167
6.2 VPN Remote Access ........................................................................................................ 168
6.2.1 VPN Total Users and Traffic ..................................................................................... 168
6.2.2 VPN User Status ...................................................................................................... 169
6.2.3 Top VPN Protocols ................................................................................................... 170
6.2.4 Top VPN Protocols Drill-Down ................................................................................. 173
6.2.5 Top VPN Destinations .............................................................................................. 174
6.2.6 Top VPN Destinations Drill-Down ............................................................................. 177
6.3 Xauth ................................................................................................................................. 178
6.3.1 VPN Successful Login .............................................................................................. 178
6.3.2 VPN Failed Login ..................................................................................................... 180
11
Table of Contents
Part III: Network Attack and Security Policy...................................... 183
Chapter 7
Network Attack...................................................................................................................... 185
7.1 Attack ................................................................................................................................. 185
7.1.1 Attack Summary ....................................................................................................... 185
7.1.2 Attack Summary Drill-Down ..................................................................................... 187
7.1.3 Top Attacks ............................................................................................................... 189
7.1.4 Top Attacks Drill-Down ............................................................................................. 191
7.1.5 Top Attack Sources .................................................................................................. 193
7.1.6 Top Attack Sources Drill-Down ................................................................................. 195
7.1.7 Attack Types .............................................................................................................197
7.1.8 Attack Types Drill-Down ........................................................................................... 198
7.2 Intrusion ............................................................................................................................. 200
7.2.1 Intrusion Summary ................................................................................................... 200
7.2.2 Intrusion Summary Drill-Down ................................................................................. 201
7.2.3 Top Intrusion Signatures .......................................................................................... 203
7.2.4 Top Intrusion Signatures Drill-Down ......................................................................... 205
7.2.5 Top Intrusion Sources .............................................................................................. 206
7.2.6 Top Intrusion Sources Drill-Down ............................................................................. 208
7.2.7 Top Intrusion Destinations ........................................................................................ 210
7.2.8 Top Intrusion Destinations Drill-Down ...................................................................... 212
7.2.9 Intrusion Severities ................................................................................................... 213
7.2.10 Intrusion Severities Drill-Down ............................................................................... 215
7.3 AntiVirus ............................................................................................................................ 217
7.3.1 Virus Summary ......................................................................................................... 217
7.3.2 Virus Summary Drill-Down ....................................................................................... 218
7.3.3 Top Viruses ..............................................................................................................220
7.3.4 Top Viruses Drill-Down ............................................................................................. 222
7.3.5 Top Virus Sources .................................................................................................... 224
7.3.6 Top Virus Sources Drill-Down ................................................................................. 226
7.3.7 Top Virus Destinations ............................................................................................. 228
7.3.8 Top Virus Destinations Drill-Down ............................................................................ 230
7.4 AntiSpam ........................................................................................................................... 232
7.4.1 Spam Summary ........................................................................................................ 232
7.4.2 Spam Summary Drill-Down ...................................................................................... 234
7.4.3 Top Spam Senders ................................................................................................... 236
7.4.4 Top Spam Sources ................................................................................................... 238
7.4.5 Spam Scores ............................................................................................................ 240
Chapter 8
Security Policy ...................................................................................................................... 243
8.1 Firewall Access Control ..................................................................................................... 243
12
Vantage Report User’s Guide
Table of Contents
8.1.1 Top Users Blocked ................................................................................................... 243
8.1.2 Top Packets Blocked ................................................................................................ 245
8.2 Application Access Control ................................................................................................ 247
8.2.1 Top Applications Blocked ......................................................................................... 247
8.2.2 Top Users Blocked ................................................................................................... 249
8.2.3 Top Applications Allowed ......................................................................................... 251
8.3 Blocked Web Accesses ..................................................................................................... 253
8.3.1 Web Block Summary ................................................................................................ 254
8.3.2 Web Block Summary Drill-Down .............................................................................. 255
8.3.3 Top Blocked Web Sites ............................................................................................ 257
8.3.4 Top Blocked Web Sites Drill-Down ........................................................................... 259
8.3.5 Top Blocked Web Hosts ........................................................................................... 260
8.3.6 Top Blocked Web Hosts Drill-Down .......................................................................... 262
8.3.7 Top Blocked Web Users ........................................................................................... 263
8.3.8 Top Blocked Web Users Drill-Down ......................................................................... 265
8.3.9 Blocked Web Categories .......................................................................................... 267
8.3.10 Blocked Web Categories Drill-Down ...................................................................... 268
8.4 Allowed Web Accesses ..................................................................................................... 270
8.4.1 Web Allowed Summary ............................................................................................ 270
8.4.2 Web Allowed Summary Drill-Down .......................................................................... 271
8.4.3 Top Allowed Web Sites ............................................................................................ 273
8.4.4 Top Allowed Web Sites Drill-Down ........................................................................... 275
8.4.5 Top Allowed Web Hosts ........................................................................................... 277
8.4.6 Top Allowed Web Hosts Drill-Down .......................................................................... 279
8.4.7 Top Allowed Web Users ........................................................................................... 280
8.4.8 Top Allowed Web Users Drill-Down ......................................................................... 282
Part IV: Event, Log Viewer and Schedule Report.............................. 285
Chapter 9
Event ...................................................................................................................................... 287
9.1 Successful Logins .............................................................................................................. 287
9.2 Failed Logins ..................................................................................................................... 288
9.3 Top Sessions Per Host ......................................................................................................290
9.4 Top Sessions Per User ......................................................................................................292
Chapter 10
Log Viewer............................................................................................................................. 295
10.1 Log Viewer ....................................................................................................................... 295
Chapter 11
Schedule Report ...................................................................................................................299
13
Table of Contents
11.1 Scheduled Report Summary Screen ............................................................................... 299
11.2 Customize Daily Report Screen ....................................................................................... 301
11.3 Customize Weekly Report Screen ................................................................................... 304
11.4 Customize Overtime Report Screen ................................................................................ 307
11.5 Template List .................................................................................................................... 310
11.6 Template Add/Edit .............................................................................................................311
Part V: System and Troubleshooting ................................................. 315
Chapter 12
System ................................................................................................................................... 317
12.1 General Configuration Screen ......................................................................................... 317
12.1.1 Configuring for Hostname Reverse ........................................................................ 318
12.2 Server Configuration Screen ........................................................................................... 322
12.3 User Management Screens ............................................................................................. 323
12.3.1 User Management Summary Screen ..................................................................... 323
12.3.2 Add/Edit User Account Screen ............................................................................... 324
12.4 Data Maintenance Screens ............................................................................................. 325
12.4.1 Data Backup and Data Restore Screen ................................................................. 325
12.4.2 Device List Export and Device List Import Screen ................................................. 326
12.5 Upgrade Screen .............................................................................................................. 327
12.6 Registration Screens ....................................................................................................... 327
12.6.1 Registration Summary Screen ............................................................................... 328
12.6.2 Registration Screen ................................................................................................ 329
12.7 Log Receiver Screens ..................................................................................................... 330
12.7.1 Log Receiver By Day Screen ................................................................................. 330
12.7.2 Log Receiver By Day > By Device Screen ............................................................. 331
12.7.3 Log Receiver By Day > By Device > By Category Screen ..................................... 332
12.7.4 Log Receiver By Device Screen ............................................................................ 332
12.7.5 Log Receiver By Device > By Category Screen ................................................... 333
12.8 About Screen ................................................................................................................... 334
Chapter 13
Troubleshooting ....................................................................................................................335
Part VI: Appendices and Index ........................................................... 337
Appendix A Product Specifications.......................................................................................339
Appendix B Setting up Your Computer’s IP Address............................................................ 345
Appendix C ZyNOS Log Descriptions .................................................................................. 351
14
Vantage Report User’s Guide
Table of Contents
13.1 Syslog Logs ..................................................................................................................... 372
Appendix D ZyWALL 1050 Log Descriptions ....................................................................... 375
Appendix E Open Software Announcements .......................................................................417
Appendix F Legal Information ..............................................................................................447
Appendix G Customer Support ............................................................................................449
Index....................................................................................................................................... 453
15
Table of Contents
16
Vantage Report User’s Guide

List of Figures

List of Figures
Figure 1 Typical Vantage Report Application .......................................................................................... 31
Figure 2 Web Configurator Login Screen ............................................................................................... 38
Figure 3 Web Configurator Main Screen ................................................................................................ 39
Figure 4 Device Window ......................................................................................................................... 41
Figure 5 Add/Edit Device and Add/Edit Folder Screens ......................................................................... 42
Figure 6 Device Window Right-Click Menu ............................................................................................ 43
Figure 7 Function Window ...................................................................................................................... 44
Figure 8 Function Window Right-Click Menu ......................................................................................... 52
Figure 9 Device Information Screen ....................................................................................................... 52
Figure 10 Report Window: Monitor and Statistical Report Examples ..................................................... 53
Figure 11 Typical Monitor Layout ............................................................................................................ 53
Figure 12 Report Window Right-Click Menu .......................................................................................... 54
Figure 13 Typical Statistical Report Layout ............................................................................................ 55
Figure 14 Report Window Right-Click Menu .......................................................................................... 56
Figure 15 View Logs ............................................................................................................................... 57
Figure 16 Dashboard Initial View ............................................................................................................ 58
Figure 17 Dashboard Configure ............................................................................................................. 58
Figure 18 Dashboard Select Device and Monitor or Summary .............................................................. 59
Figure 19 Dashboard Configured ........................................................................................................... 60
Figure 20 Monitor > Bandwidth ............................................................................................................... 65
Figure 21 Monitor > Service ................................................................................................................... 67
Figure 22 Monitor > Attack ..................................................................................................................... 68
Figure 23 Monitor > Intrusion .................................................................................................................. 69
Figure 24 Monitor > AntiVirus ................................................................................................................. 70
Figure 25 Monitor > AntiSpam ................................................................................................................ 71
Figure 26 Traffic > Bandwidth > Summary ............................................................................................. 73
Figure 27 Traffic > Bandwidth > Summary > Drill-Down ......................................................................... 76
Figure 28 Traffic > Bandwidth > Top Protocols ....................................................................................... 77
Figure 29 Traffic > Bandwidth > Top Protocol > Drill-Down .................................................................... 80
Figure 30 Traffic > Bandwidth > Top Hosts ............................................................................................. 82
Figure 31 Traffic > Bandwidth > Top Hosts > Drill-Down ........................................................................ 84
Figure 32 Traffic > Bandwidth > Top Users ............................................................................................ 86
Figure 33 Traffic > Bandwidth > Top Users > Drill-Down ........................................................................ 88
Figure 34 Traffic > Bandwidth > Top Destinations .................................................................................. 90
Figure 35 Traffic > Bandwidth > Top Destinations > Drill-Down ............................................................. 92
Figure 36 Traffic > WEB > Top Sites ...................................................................................................... 94
Figure 37 Traffic > WEB > Top Sites > Drill-Down .................................................................................. 96
Figure 38 Traffic > WEB > Top Hosts ..................................................................................................... 98
17
List of Figures
Figure 39 Traffic > WEB > Top Hosts > Drill-Down ...............................................................................100
Figure 40 Traffic > WEB > Top Users ................................................................................................... 101
Figure 41 Traffic > WEB > Top Users > Drill-Down .............................................................................. 103
Figure 42 Traffic > FTP > Top Sites ...................................................................................................... 105
Figure 43 Traffic > FTP > Top Sites > Drill-Down ................................................................................. 107
Figure 44 Traffic > FTP > Top Hosts ..................................................................................................... 108
Figure 45 Traffic > FTP > Top Hosts > Drill-Down .................................................................................110
Figure 46 Traffic > FTP > Top Users .....................................................................................................112
Figure 47 Traffic > FTP > Top Users > Drill-Down .................................................................................114
Figure 48 Traffic > MAIL > Top Sites .....................................................................................................116
Figure 49 Traffic > MAIL > Top Sites > Drill-Down .................................................................................118
Figure 50 Traffic > MAIL > Top Hosts ....................................................................................................119
Figure 51 Traffic > MAIL > Top Hosts > Drill-Down ..............................................................................121
Figure 52 Traffic > MAIL > Top Users ................................................................................................... 123
Figure 53 Traffic > MAIL > Top Users > Drill-Down ..............................................................................125
Figure 54 Traffic > Customization > Customization (Platform Selection) ............................................. 126
Figure 55 Traffic > Customization > Customization (Service Settings) ................................................ 127
Figure 56 Traffic > Customization > Top Destinations .......................................................................... 128
Figure 57 Traffic > Customization > Top Destinations > Drill-Down ..................................................... 130
Figure 58 Traffic > Customization > Top Sources ................................................................................. 131
Figure 59 Traffic > Customization > Top Sources > Drill-Down ............................................................ 133
Figure 60 Traffic > Customization > Top Users .................................................................................... 134
Figure 61 Traffic > Customization > Top Users > Drill-Down ................................................................ 136
Figure 62 VPN > Site-to-Site > Link Status .......................................................................................... 139
Figure 63 VPN > Site-to-Site > Traffic Monitor ..................................................................................... 140
Figure 64 VPN > Site-to-Site > Top Peer Gateways ............................................................................. 142
Figure 65 VPN > Site-to-Site > Top Peer Gateways > Drill-Down ........................................................ 144
Figure 66 VPN > Site-to-Site > Top Sites ............................................................................................. 145
Figure 67 VPN > Site-to-Site > Top Sites > Drill-Down ......................................................................... 147
Figure 68 VPN > Site-to-Site > Top Tunnels ......................................................................................... 149
Figure 69 VPN > Site-to-Site > Top Tunnels > Drill-Down .................................................................... 151
Figure 70 VPN > Site-to-Site > Top Protocols ...................................................................................... 152
Figure 71 VPN > Site-to-Site > Top Protocols > Drill-Down .................................................................. 155
Figure 72 VPN > Site-to-Site > Top Hosts ............................................................................................ 156
Figure 73 VPN > Site-to-Site > Top Hosts > Drill-Down ....................................................................... 159
Figure 74 VPN > Site-to-Site > Top Users ............................................................................................ 161
Figure 75 VPN > Site-to-Site > Top Users > Drill-Down ....................................................................... 163
Figure 76 VPN > Site-to-Site > Top Destinations ................................................................................. 165
Figure 77 VPN > Site-to-Site > Top Destinations > Drill-Down ............................................................. 167
Figure 78 VPN > Remote Access > Total Users And Traffic ................................................................ 169
Figure 79 VPN > Remote Access > User Status .................................................................................. 170
Figure 80 VPN > Remote Access > Top Protocols .............................................................................. 171
Figure 81 VPN > Remote Access > Top Protocols > Drill-Down ......................................................... 173
18
Vantage Report User’s Guide
List of Figures
Figure 82 VPN > Remote Access > Top Destinations .......................................................................... 175
Figure 83 VPN > Remote Access > Top Destinations > Drill-Down ..................................................... 177
Figure 84 VPN > Xauth> Successful Login ......................................................................................... 179
Figure 85 VPN > Xauth> Failed Login ................................................................................................. 180
Figure 86 Network Attack > Attack > Summary ....................................................................................186
Figure 87 Network Attack > Attack > Summary > Drill-Down ............................................................... 188
Figure 88 Network Attack > Attack > Top Attacks ................................................................................. 190
Figure 89 Network Attack > Attack > Top Attacks > Drill-Down ............................................................ 192
Figure 90 Network Attack > Attack > Top Sources ............................................................................... 194
Figure 91 Network Attack > Attack > Top Sources > Drill-Down .......................................................... 196
Figure 92 Network Attack > Attack > By Type ...................................................................................... 197
Figure 93 Network Attack > Attack > By Type > Drill-Down ................................................................. 199
Figure 94 Network Attack > Intrusion > Summary ................................................................................ 200
Figure 95 Network Attack > Intrusion > Summary > Drill-Down ........................................................... 202
Figure 96 Network Attack > Intrusion > Top Intrusions ......................................................................... 203
Figure 97 Network Attack > Intrusion > Top Intrusions > Drill-Down .................................................... 205
Figure 98 Network Attack > Intrusion > Top Sources ........................................................................... 207
Figure 99 Network Attack > Intrusion > Top Sources > Drill-Down ....................................................... 209
Figure 100 Intrusion > Top Destinations ............................................................................................... 210
Figure 101 Network Attack > Intrusion > Top Destinations > Drill-Down .............................................. 212
Figure 102 Network Attack > Intrusion > By Severity ........................................................................... 214
Figure 103 Network Attack > Intrusion > By Severity > Drill-Down ...................................................... 216
Figure 104 Network Attack > AntiVirus > Summary ............................................................................. 217
Figure 105 Network Attack > AntiVirus > Summary > Drill-Down ......................................................... 219
Figure 106 Network Attack > AntiVirus > Top Viruses .......................................................................... 221
Figure 107 Network Attack > AntiVirus > Top Viruses > Drill-Down ..................................................... 223
Figure 108 Network Attack > AntiVirus > Top Sources ......................................................................... 225
Figure 109 Network Attack > AntiVirus > Top Sources > Drill-Down .................................................... 227
Figure 110 Network Attack > AntiVirus > Top Destinations .................................................................. 229
Figure 111 Network Attack > AntiVirus > Top Destinations > Drill-Down .............................................. 231
Figure 112 Network Attack > AntiSpam > Summary ............................................................................. 233
Figure 113 Network Attack > AntiSpam > Summary > Drill-Down ........................................................ 235
Figure 114 Network Attack > AntiSpam > Top Senders ........................................................................ 237
Figure 115 Network Attack > AntiSpam > Top Sources ........................................................................ 239
Figure 116 Network Attack > AntiSpam > By Score ............................................................................. 241
Figure 117 Security Policy > Firewall Access Control > Top Users Blocked ........................................ 244
Figure 118 Security Policy > Firewall Access Control > Top Packets Blocked ..................................... 246
Figure 119 Security Policy > Application Access Control > Top Applications Blocked ......................... 248
Figure 120 Security Policy > Application Access Control > Top Users Blocked ................................... 250
Figure 121 Security Policy > Application Access Control > Top Applications Allowed ......................... 252
Figure 122 Security Policy > WEB Blocked > Summary ...................................................................... 254
Figure 123 Security Policy > WEB Blocked > Summary > Drill-Down .................................................. 256
Figure 124 Security Policy > WEB Blocked > Top Sites ....................................................................... 257
19
List of Figures
Figure 125 Security Policy > WEB Blocked > Top Sites > Drill-Down .................................................. 259
Figure 126 Security Policy > WEB Blocked > Top Hosts ...................................................................... 260
Figure 127 Security Policy > WEB Blocked > Top Hosts > Drill-Down ................................................. 262
Figure 128 Security Policy > WEB Blocked > Top Users ..................................................................... 264
Figure 129 Security Policy > WEB Blocked > Top Users > Drill-Down ................................................. 266
Figure 130 Security Policy > WEB Blocked > By Category .................................................................. 267
Figure 131 Security Policy > WEB Blocked > By Category > Drill-Down ............................................. 269
Figure 132 Security Policy > WEB Allowed > Summary ...................................................................... 270
Figure 133 Security Policy > WEB Allowed > Summary > Drill-Down .................................................. 272
Figure 134 Security Policy > WEB Allowed > Top Sites ....................................................................... 274
Figure 135 Security Policy > WEB Allowed > Top Sites > Drill-Down .................................................. 276
Figure 136 Security Policy > WEB Allowed > Top Hosts ...................................................................... 277
Figure 137 Security Policy > WEB Allowed > Top Hosts > Drill-Down ................................................. 279
Figure 138 Security Policy > WEB Allowed > Top Users ...................................................................... 281
Figure 139 Security Policy > WEB Allowed > Top Users > Drill-Down ................................................. 283
Figure 140 Event > Login > Successful Login ...................................................................................... 287
Figure 141 Event > Login > Failed Login .............................................................................................. 289
Figure 142 Event > Session Per Host > Top Hosts .............................................................................. 290
Figure 143 Event > Session Per Host > Top Users .............................................................................. 292
Figure 144 Log Viewer > All Logs ......................................................................................................... 296
Figure 145 Schedule Report > Summary ............................................................................................. 300
Figure 146 Schedule Report > Summary > Add (Daily Report)) .......................................................... 302
Figure 147 Schedule Report > Summary > Add (Weekly Report) ........................................................ 305
Figure 148 Schedule Report > Summary > Add (Overtime Report) ..................................................... 308
Figure 149 Schedule Report > Template ...............................................................................................311
Figure 150 Schedule Report > Template > Add ................................................................................... 312
Figure 151 System > General Configuration ........................................................................................ 318
Figure 152 Windows XP: Start Menu .................................................................................................... 319
Figure 153 Windows XP: Control Panel ............................................................................................... 320
Figure 154 Windows XP: Control Panel: Network Connections: Properties ......................................... 320
Figure 155 Windows XP: Local Area Connection Properties ............................................................... 321
Figure 156 Windows XP: Advanced TCP/IP Settings: WINS ............................................................... 321
Figure 157 System > Server Configuration .......................................................................................... 322
Figure 158 System > User Management .............................................................................................. 323
Figure 159 Add/Edit User Account Screen ........................................................................................... 324
Figure 160 System > Data Maintenance > Configuration ..................................................................... 325
Figure 161 System > Data Maintenance > Device List ........................................................................ 326
Figure 162 System > Upgrade .............................................................................................................. 327
Figure 163 System > Registration ........................................................................................................ 328
Figure 164 Registration Screen ............................................................................................................ 329
Figure 165 System > Log Receiver By Day(Summary) ........................................................................ 331
Figure 166 System > Log Receiver By Day(Summary) > By Device ................................................... 331
Figure 167 System > Log Receiver By Day(Summary) > By Device > By Category ............................ 332
20
Vantage Report User’s Guide
List of Figures
Figure 168 System > Log Receiver By Device) ....................................................................................333
Figure 169 System > Log Receiver By Device > By Category ............................................................. 334
Figure 170 System > About .................................................................................................................. 334
Figure 171 Windows XP: Start Menu .................................................................................................... 346
Figure 172 Windows XP: Control Panel ............................................................................................... 346
Figure 173 Windows XP: Control Panel: Network Connections: Properties ......................................... 347
Figure 174 Windows XP: Local Area Connection Properties ............................................................... 347
Figure 175 Windows XP: Advanced TCP/IP Settings .......................................................................... 348
Figure 176 Windows XP: Internet Protocol (TCP/IP) Properties .......................................................... 349
21
List of Figures
22
Vantage Report User’s Guide

List of Tables

List of Tables
Table 1 Differences Between Basic Version and Full Version ............................................................... 32
Table 2 Processing Times by Menu Item ............................................................................................... 34
Table 3 ZyNOS-based ZyXEL Device Configuration Requirements by Menu Item ............................... 35
Table 4 ZyWALL 1050 Configuration Requirements by Menu Item ....................................................... 36
Table 5 Title Bar ..................................................................................................................................... 40
Table 6 Device Window ......................................................................................................................... 41
Table 7 Add/Edit Device and Add/Edit Folder Screen Fields ................................................................. 43
Table 8 Function Window ...................................................................................................................... 44
Table 9 Function differences for Basic and Full Versions ......................................................................51
Table 10 Device Information Screen Fields ........................................................................................... 52
Table 11 Typical Monitor Features ......................................................................................................... 54
Table 12 Typical Statistical Report Features .......................................................................................... 55
Table 13 View Logs ............................................................................................................................... 57
Table 14 Dashboard .............................................................................................................................. 61
Table 15 Monitor > Bandwidth ............................................................................................................... 65
Table 16 Monitor > Service .................................................................................................................... 67
Table 17 Monitor > Attack ...................................................................................................................... 68
Table 18 Monitor > Intrusion .................................................................................................................. 69
Table 19 Monitor > AntiVirus .................................................................................................................. 70
Table 20 Monitor > AntiSpam ................................................................................................................. 71
Table 21 Traffic > Bandwidth > Summary .............................................................................................. 74
Table 22 Traffic > Bandwidth > Summary > Drill-Down ......................................................................... 76
Table 23 Traffic > Bandwidth > Top Protocols ....................................................................................... 78
Table 24 Traffic > Bandwidth > Top Protocol > Drill-Down ..................................................................... 80
Table 25 Traffic > Bandwidth > Top Hosts ............................................................................................. 82
Table 26 Traffic > Bandwidth > Top Hosts > Drill-Down .........................................................................85
Table 27 Traffic > Bandwidth > Top Users ............................................................................................. 86
Table 28 Traffic > Bandwidth > Top Users > Drill-Down ........................................................................ 88
Table 29 Traffic > Bandwidth > Top Destinations ................................................................................... 90
Table 30 Traffic > Bandwidth > Top Destinations > Drill-Down .............................................................. 93
Table 31 Traffic > WEB > Top Sites ....................................................................................................... 94
Table 32 Traffic > WEB > Top Sites > Drill-Down .................................................................................. 96
Table 33 Traffic > WEB > Top Hosts ...................................................................................................... 98
Table 34 Traffic > WEB > Top Hosts > Drill-Down ...............................................................................100
Table 35 Traffic > WEB > Top Users .................................................................................................... 102
Table 36 Traffic > WEB > Top Users > Drill-Down ...............................................................................104
Table 37 Traffic > FTP > Top Sites ...................................................................................................... 105
Table 38 Traffic > FTP > Top Sites > Drill-Down .................................................................................. 107
23
List of Tables
Table 39 Traffic > FTP > Top Hosts ..................................................................................................... 109
Table 40 Traffic > FTP > Top Hosts > Drill-Down ..................................................................................111
Table 41 Traffic > FTP > Top Users ......................................................................................................112
Table 42 Traffic > FTP > Top Hosts > Drill-Down ..................................................................................114
Table 43 Traffic > MAIL > Top Sites ......................................................................................................116
Table 44 Traffic > MAIL > Top Sites > Drill-Down .................................................................................118
Table 45 Traffic > MAIL > Top Hosts .................................................................................................... 120
Table 46 Traffic > MAIL > Top Hosts > Drill-Down ............................................................................... 122
Table 47 Traffic > MAIL > Top Users ................................................................................................... 123
Table 48 Traffic > MAIL > Top Users > Drill-Down ............................................................................... 125
Table 49 Service > Customization > Customization (Service Settings) ............................................... 127
Table 50 Traffic > Customization > Top Destinations ...........................................................................128
Table 51 Traffic > Customization > Top Destinations > Drill-Down ...................................................... 130
Table 52 Traffic > Customization > Top Sources ................................................................................. 131
Table 53 Traffic > Customization > Top Sources > Drill-Down ............................................................. 133
Table 54 Traffic > Customization > Top Users ..................................................................................... 135
Table 55 Traffic > Customization > Top Users > Drill-Down ................................................................ 137
Table 56 VPN > Site-to-Site > Link Status .......................................................................................... 140
Table 57 VPN > Site-to-Site > Traffic Monitor ...................................................................................... 141
Table 58 VPN > Site-to-Site > Top Peer Gateways ............................................................................. 142
Table 59 VPN > Site-to-Site > Top Peer Gateways > Drill-Down ......................................................... 144
Table 60 VPN > Site-to-Site > Top Sites .............................................................................................. 146
Table 61 VPN > Site-to-Site > Top Sites > Drill-Down ......................................................................... 148
Table 62 VPN > Site-to-Site > Top Tunnels ......................................................................................... 149
Table 63 VPN > Site-to-Site > Top Tunnels > Drill-Down .................................................................... 151
Table 64 VPN > Site-to-Site > Top Protocols ....................................................................................... 153
Table 65 VPN > Site-to-Site > Top Protocols > Drill-Down .................................................................. 155
Table 66 VPN > Site-to-Site > Top Hosts ............................................................................................. 157
Table 67 VPN > Site-to-Site > Top Hosts > Drill-Down ........................................................................ 159
Table 68 VPN > Site-to-Site > Top Users ............................................................................................ 161
Table 69 VPN > Site-to-Site > Top Users > Drill-Down ........................................................................ 164
Table 70 VPN > Site-to-Site > Top Destinations .................................................................................. 165
Table 71 VPN > Site-to-Site > Top Destinations > Drill-Down ............................................................. 168
Table 72 VPN > Remote Access > Total Users And Traffic ................................................................. 169
Table 73 VPN > Remote Access > User Status ................................................................................... 170
Table 74 VPN > Remote Access > Top Protocols ............................................................................... 171
Table 75 VPN > Remote Access > Top Protocols > Drill-Down .......................................................... 173
Table 76 VPN > Remote Access > Top Destinations ........................................................................... 175
Table 77 VPN > Remote Access > Top Destinations > Drill-Down ...................................................... 177
Table 78 VPN > Xauth> Successful Login ........................................................................................... 179
Table 79 VPN > Xauth> Failed Login .................................................................................................. 180
Table 80 Network Attack > Attack > Summary ....................................................................................186
Table 81 Network Attack > Attack > Summary > Drill-Down ................................................................ 188
24
Vantage Report User’s Guide
List of Tables
Table 82 Network Attack > Attack > Top Attacks ................................................................................. 190
Table 83 Network Attack > Attack > Top Attacks > Drill-Down ............................................................ 192
Table 84 Network Attack > Attack > Top Sources ................................................................................194
Table 85 Network Attack > Attack > Top Sources > Drill-Down ........................................................... 196
Table 86 Network Attack > Attack > By Type ....................................................................................... 198
Table 87 Network Attack > Attack > By Type > Drill-Down .................................................................. 199
Table 88 Network Attack > Intrusion > Summary ................................................................................ 201
Table 89 Network Attack > Intrusion > Summary > Drill-Down ............................................................ 202
Table 90 Network Attack > Intrusion > Top Intrusions ......................................................................... 204
Table 91 Network Attack > Intrusion > Top Intrusions > Drill-Down ..................................................... 205
Table 92 Network Attack > Intrusion > Top Sources ............................................................................ 207
Table 93 Network Attack > Intrusion > Top Sources > Drill-Down ....................................................... 209
Table 94 Intrusion > Top Destinations ...................................................................................................211
Table 95 Network Attack > Intrusion > Top Destinations > Drill-Down ................................................. 212
Table 96 Network Attack > Intrusion > By Severity .............................................................................. 214
Table 97 Network Attack > Intrusion > By Severity > Drill-Down ......................................................... 216
Table 98 Network Attack > AntiVirus > Summary ................................................................................ 218
Table 99 Network Attack > AntiVirus > Summary > Drill-Down ........................................................... 219
Table 100 Network Attack > AntiVirus > Top Viruses ........................................................................... 221
Table 101 Network Attack > AntiVirus > Top Viruses > Drill-Down ...................................................... 223
Table 102 Network Attack > AntiVirus > Top Sources ......................................................................... 225
Table 103 Network Attack > AntiVirus > Top Sources > Drill-Down ..................................................... 227
Table 104 Network Attack > AntiVirus > Top Destinations ................................................................... 229
Table 105 Network Attack > AntiVirus > Top Destinations > Drill-Down .............................................. 231
Table 106 Network Attack > AntiSpam > Summary ............................................................................. 233
Table 107 Network Attack > AntiSpam > Summary > Drill-Down ........................................................ 235
Table 108 Network Attack > AntiSpam > Top Senders ........................................................................ 237
Table 109 Network Attack > AntiSpam > Top Sources ........................................................................ 239
Table 110 Network Attack > AntiSpam > By Score .............................................................................. 241
Table 111 Security Policy > Firewall Access Control > Top Users Blocked ......................................... 244
Table 112 Security Policy > Firewall Access Control > Top Packets Blocked ...................................... 246
Table 113 Security Policy > Application Access Control > Top Applications Blocked .......................... 248
Table 114 Security Policy > Application Access Control > Top Applications Blocked .......................... 250
Table 115 Security Policy > Application Access Control > Top Applications Allowed .......................... 252
Table 116 Security Policy > WEB Blocked > Summary ....................................................................... 254
Table 117 Security Policy > WEB Blocked > Summary > Drill-Down .................................................. 256
Table 118 Security Policy > WEB Blocked > Top Sites ........................................................................ 258
Table 119 Security Policy > WEB Blocked > Top Sites > Drill-Down ................................................... 259
Table 120 Security Policy > WEB Blocked > Top Hosts ...................................................................... 261
Table 121 Security Policy > WEB Blocked > Top Hosts > Drill-Down .................................................. 262
Table 122 Security Policy > WEB Blocked > Top Users ...................................................................... 264
Table 123 Security Policy > WEB Blocked > Top Users > Drill-Down ................................................. 266
Table 124 Security Policy > WEB Blocked > By Category .................................................................. 268
25
List of Tables
Table 125 Security Policy > WEB Blocked > By Category > Drill-Down .............................................. 269
Table 126 Security Policy > WEB Allowed > Summary ....................................................................... 271
Table 127 Security Policy > WEB Allowed > Summary > Drill-Down .................................................. 272
Table 128 Security Policy > WEB Allowed > Top Sites ........................................................................ 274
Table 129 Security Policy > WEB Allowed > Top Sites > Drill-Down ................................................... 276
Table 130 Security Policy > WEB Allowed > Top Hosts ...................................................................... 278
Table 131 Security Policy > WEB Allowed > Top Hosts > Drill-Down .................................................. 279
Table 132 Security Policy > WEB Allowed > Top Users ...................................................................... 281
Table 133 Security Policy > WEB Allowed > Top Users > Drill-Down .................................................. 283
Table 134 Event > Login > Successful Login ....................................................................................... 288
Table 135 Event > Device Login > Failed Login .................................................................................. 289
Table 136 Event > Session Per Host > Top Hosts ............................................................................... 291
Table 137 Event > Session Per Host > Top Users ............................................................................... 293
Table 138 Log Viewer > All Logs ......................................................................................................... 296
Table 139 Schedule Report > Summary .............................................................................................. 300
Table 140 Schedule Report > Summary > Add (Daily Report) ............................................................ 303
Table 141 Schedule Report > Summary > Add (Weekly Report) ........................................................ 306
Table 142 Schedule Report > Summary > Add (Overtime Report) ..................................................... 309
Table 143 Schedule Report > Template ................................................................................................311
Table 144 Schedule Report > Template > Add ....................................................................................312
Table 145 System > General Configuration ......................................................................................... 318
Table 146 System > Server Configuration ........................................................................................... 322
Table 147 System > User Management .............................................................................................. 323
Table 148 Add/Edit User Account Screen ........................................................................................... 324
Table 149 System > Data Maintenance > Configuration ..................................................................... 326
Table 150 System > Data Maintenance > Device List ......................................................................... 326
Table 151 System > Upgrade .............................................................................................................. 327
Table 152 Information for Using an Existing MyZyXEL.com Account .................................................. 328
Table 153 Information for Upgrading the Version or Number of Devices ............................................ 328
Table 154 System > Registration ......................................................................................................... 328
Table 155 Registration Screen ............................................................................................................ 330
Table 156 System > Log Receiver By Day(Summary) ........................................................................ 331
Table 157 System > Log Receiver By Day(Summary) > By Device .................................................... 331
Table 158 System > Log Receiver By Day(Summary) > By Device > By Category ............................ 332
Table 159 System > Log Receiver By Device ...................................................................................... 333
Table 160 System > Log Receiver By Device > By Category .............................................................. 334
Table 161 Troubleshooting .................................................................................................................. 335
Table 162 Web Configurator Specifications ......................................................................................... 339
Table 163 System Notifications Specifications .................................................................................... 339
Table 164 Feature Specifications ......................................................................................................... 339
Table 165 Key Features ....................................................................................................................... 339
Table 166 VRPT 3.0 Device and Feature Support .............................................................................. 340
Table 167 System Maintenance Logs .................................................................................................. 351
26
Vantage Report User’s Guide
List of Tables
Table 168 System Error Logs .............................................................................................................. 353
Table 169 Access Control Logs ........................................................................................................... 353
Table 170 TCP Reset Logs .................................................................................................................. 354
Table 171 Packet Filter Logs ............................................................................................................... 355
Table 172 ICMP Logs .......................................................................................................................... 355
Table 173 CDR Logs ........................................................................................................................... 355
Table 174 PPP Logs ............................................................................................................................ 356
Table 175 UPnP Logs .......................................................................................................................... 356
Table 176 Content Filtering Logs ......................................................................................................... 356
Table 177 Attack Logs ......................................................................................................................... 357
Table 178 Remote Management Logs ................................................................................................. 358
Table 179 Wireless Logs ..................................................................................................................... 359
Table 180 IPSec Logs .......................................................................................................................... 359
Table 181 IKE Logs ............................................................................................................................. 360
Table 182 PKI Logs ............................................................................................................................. 363
Table 183 802.1X Logs ........................................................................................................................ 365
Table 184 ACL Setting Notes .............................................................................................................. 366
Table 185 ICMP Notes ......................................................................................................................... 366
Table 186 IDP Logs ............................................................................................................................. 368
Table 187 AV Logs ............................................................................................................................... 368
Table 188 AS Logs .............................................................................................................................. 370
Table 189 AS Directions for Multiple WAN Devices ............................................................................. 371
Table 190 AS Directions for Single WAN Devices ............................................................................... 371
Table 191 Syslog Logs ........................................................................................................................ 372
Table 192 RFC-2408 ISAKMP Payload Types .................................................................................... 373
Table 193 Content Filter Logs .............................................................................................................. 375
Table 194 Forward Web Site Logs ...................................................................................................... 375
Table 195 Blocked Web Site Logs ....................................................................................................... 375
Table 196 User Logs ............................................................................................................................ 377
Table 197 myZyXEL.com Logs ............................................................................................................ 378
Table 198 IDP Logs ............................................................................................................................. 382
Table 199 Application Patrol Logs ....................................................................................................... 385
Table 200 IKE Logs ............................................................................................................................. 387
Table 201 IPSec Logs .......................................................................................................................... 391
Table 202 Firewall Logs ....................................................................................................................... 392
Table 203 Sessions Limit Logs ............................................................................................................ 393
Table 204 Policy Route Logs ............................................................................................................... 393
Table 205 Built-in Services Logs ......................................................................................................... 394
Table 206 System Logs ....................................................................................................................... 397
Table 207 Connectivity Check Logs .................................................................................................... 401
Table 208 Device HA Logs .................................................................................................................. 403
Table 209 Routing Protocol Logs ......................................................................................................... 405
Table 210 NAT Logs ............................................................................................................................ 407
27
List of Tables
Table 211 PKI Logs .............................................................................................................................. 408
Table 212 Interface Logs ......................................................................................................................411
Table 213 Account Logs ...................................................................................................................... 414
Table 214 Port Grouping Logs ............................................................................................................. 414
Table 215 Force Authentication Logs .................................................................................................. 414
Table 216 File Manager Logs .............................................................................................................. 415
28
Vantage Report User’s Guide
PART I

Introduction

Introducing Vantage Report (31)
The Vantage Report Server (33)
The Web Configurator (37)
29
30
Loading...
+ 428 hidden pages