User Guide
Page 3
.... More help for descriptions of individual screens and supplementary information. • ZyXEL Glossary and Web Site Please refer to www.zyxel.com for people who want to : techwriters@zyxel.com.tw Thank you! Vantage Report User's Guide 3 Related Information • Download software and documentation (User's Guide, Quick Start Guide, Datasheet, Support Notes) from one of the FTP sites: Europe: ftp...
.... More help for descriptions of individual screens and supplementary information. • ZyXEL Glossary and Web Site Please refer to www.zyxel.com for people who want to : techwriters@zyxel.com.tw Thank you! Vantage Report User's Guide 3 Related Information • Download software and documentation (User's Guide, Quick Start Guide, Datasheet, Support Notes) from one of the FTP sites: Europe: ftp...
User Guide
Page 4
... Brief description of answers to efficiently use the User Guide, Quick Start Guide and Command Line Interface Reference Guide in which you bought the device. Please have a specific question about ZyXEL products. • Forum This contains discussions on ZyXEL products. See http://www.zyxel.com/web/contact_us.php for the latest product ...; Warranty Information. • Date that cannot be solved by the methods listed above, you cannot contact your vendor, then contact a ZyXEL office for the region in order to better understand how to solve it. 4 Vantage Report User's Guide
... Brief description of answers to efficiently use the User Guide, Quick Start Guide and Command Line Interface Reference Guide in which you bought the device. Please have a specific question about ZyXEL products. • Forum This contains discussions on ZyXEL products. See http://www.zyxel.com/web/contact_us.php for the latest product ...; Warranty Information. • Date that cannot be solved by the methods listed above, you cannot contact your vendor, then contact a ZyXEL office for the region in order to better understand how to solve it. 4 Vantage Report User's Guide
User Guide
Page 5
...important information (for you may use one or more characters and press the carriage return. Computer Server Prestige Device ZyWALL Device User VPN Tunnel Internet Vantage Report User's Guide 5 Select or Choose means for you about things that is the version of a menu item are in Bold Arial ...; Mouse action sequences are shown in this User's Guide. Warnings tell you to type one of the predefined choices. • The choices of Vantage Report that could harm you or your device. Icons Used in Figures Figures in this User's Guide may need to configure or helpful tips) ...
...important information (for you may use one or more characters and press the carriage return. Computer Server Prestige Device ZyWALL Device User VPN Tunnel Internet Vantage Report User's Guide 5 Select or Choose means for you about things that is the version of a menu item are in Bold Arial ...; Mouse action sequences are shown in this User's Guide. Warnings tell you to type one of the predefined choices. • The choices of Vantage Report that could harm you or your device. Icons Used in Figures Figures in this User's Guide may need to configure or helpful tips) ...
User Guide
Page 6
Document Conventions Your product is marked with general waste. WEEE stands for Waste Electronics and Electrical Equipment. Used electrical and electronic equipment should not be treated separately. 6 Vantage Report User's Guide It means that used electrical and electronic products should be mixed with this symbol, which is known as the WEEE mark.
Document Conventions Your product is marked with general waste. WEEE stands for Waste Electronics and Electrical Equipment. Used electrical and electronic equipment should not be treated separately. 6 Vantage Report User's Guide It means that used electrical and electronic products should be mixed with this symbol, which is known as the WEEE mark.
User Guide
Page 7
Contents Overview Contents Overview Introduction ...19 Introducing Vantage Report ...21 The Vantage Report Server ...23 The Web Configurator ...33 Monitors, Reports and Logs 63 Monitor ...65 Network Traffic ...95 Secure Remote Access ...183 Network Security ...269 E-Mail Security ...333 Web Security ...383 Security Policy Enforcement ...443 Event ...499 Schedule Report ...509 Logs ...527 System Setting, User Management and Troubleshooting 547 System Setting ...549 User Management ...577 Troubleshooting ...583 Appendices and Index ...587 Vantage Report User's Guide 7
Contents Overview Contents Overview Introduction ...19 Introducing Vantage Report ...21 The Vantage Report Server ...23 The Web Configurator ...33 Monitors, Reports and Logs 63 Monitor ...65 Network Traffic ...95 Secure Remote Access ...183 Network Security ...269 E-Mail Security ...333 Web Security ...383 Security Policy Enforcement ...443 Event ...499 Schedule Report ...509 Logs ...527 System Setting, User Management and Troubleshooting 547 System Setting ...549 User Management ...577 Troubleshooting ...583 Appendices and Index ...587 Vantage Report User's Guide 7
User Guide
Page 9
... About This User's Guide ...3 Document Conventions...5 Contents Overview ...7 Table of Contents...9 Part I: Introduction 19 Chapter 1 Introducing Vantage Report 21 1.1 Introduction ...21 1.2 License Versions ...22 1.3 Hardware Requirements ...22 Chapter 2 The Vantage Report Server ...23 2.1 Starting and Stopping the Vantage Report Server 23 2.2 E-Mail in the Vantage Report Server 24 2.3 Time in the Vantage Report Server 25 2.4 Common Terms ...25 2.5 Common Icons ...27 2.6 ZyXEL Device...
... About This User's Guide ...3 Document Conventions...5 Contents Overview ...7 Table of Contents...9 Part I: Introduction 19 Chapter 1 Introducing Vantage Report 21 1.1 Introduction ...21 1.2 License Versions ...22 1.3 Hardware Requirements ...22 Chapter 2 The Vantage Report Server ...23 2.1 Starting and Stopping the Vantage Report Server 23 2.2 E-Mail in the Vantage Report Server 24 2.3 Time in the Vantage Report Server 25 2.4 Common Terms ...25 2.5 Common Icons ...27 2.6 ZyXEL Device...
User Guide
Page 10
Table of Contents Part II: Monitors, Reports and Logs 63 Chapter 4 Monitor...65 4.1 Monitor (Folder) ...65 4.1.1 Customize the Column Fields 66 4.2 Dashboard ...67 4.3 Dashboard ...69 4.4 CPU Usage Monitor ...71 4.5 Memory Usage Monitor ...... Drill-Down 99 5.1.3 Bandwidth Top Protocols 100 5.1.4 Bandwidth Top Protocols Drill-Down 104 5.1.5 Top Bandwidth Hosts 106 5.1.6 Top Bandwidth Hosts Drill-Down 110 5.1.7 Top Bandwidth Users 112 5.1.8 Top Bandwidth Users Drill-Down 115 10 Vantage Report User's Guide
Table of Contents Part II: Monitors, Reports and Logs 63 Chapter 4 Monitor...65 4.1 Monitor (Folder) ...65 4.1.1 Customize the Column Fields 66 4.2 Dashboard ...67 4.3 Dashboard ...69 4.4 CPU Usage Monitor ...71 4.5 Memory Usage Monitor ...... Drill-Down 99 5.1.3 Bandwidth Top Protocols 100 5.1.4 Bandwidth Top Protocols Drill-Down 104 5.1.5 Top Bandwidth Hosts 106 5.1.6 Top Bandwidth Hosts Drill-Down 110 5.1.7 Top Bandwidth Users 112 5.1.8 Top Bandwidth Users Drill-Down 115 10 Vantage Report User's Guide
User Guide
Page 11
... Top Secure Remote Access Sites 191 6.1.6 Top Secure Remote Access Sites Drill-Down 194 6.1.7 Top Secure Remote Access Tunnels 196 Vantage Report User's Guide 11 Table of Contents 5.1.9 Top Bandwidth Destinations 117 5.1.10 Top Bandwidth Destinations Drill-Down 121 5.2 Web Traffic ...123 5.2.1 ...5.4.2 Top Mail Sites Drill-Down 156 5.4.3 Top Mail Hosts ...158 5.4.4 Top Mail Hosts Drill-Down 161 5.4.5 Top Mail Users ...163 5.4.6 Top Mail Users Drill-Down 166 5.5 Other Traffic ...168 5.5.1 Platform Selection 169 5.5.2 Service Settings ...169 5.5.3 Top Destinations of Other Traffic 170...
... Top Secure Remote Access Sites 191 6.1.6 Top Secure Remote Access Sites Drill-Down 194 6.1.7 Top Secure Remote Access Tunnels 196 Vantage Report User's Guide 11 Table of Contents 5.1.9 Top Bandwidth Destinations 117 5.1.10 Top Bandwidth Destinations Drill-Down 121 5.2 Web Traffic ...123 5.2.1 ...5.4.2 Top Mail Sites Drill-Down 156 5.4.3 Top Mail Hosts ...158 5.4.4 Top Mail Hosts Drill-Down 161 5.4.5 Top Mail Users ...163 5.4.6 Top Mail Users Drill-Down 166 5.5 Other Traffic ...168 5.5.1 Platform Selection 169 5.5.2 Service Settings ...169 5.5.3 Top Destinations of Other Traffic 170...
User Guide
Page 12
...Secure Remote Access Applications 256 6.3.8 Top Secure Remote Access Applications Drill-Down 259 6.3.9 Secure Remote Access Top Users 261 6.3.10 Secure Remote Access Top Users Drill-Down 263 6.4 Xauth ...265 6.4.1 Secure Remote Access Successful Login 265 6.4.2 Secure Remote Access Failed Login...275 7.2.1 Attack Summary ...275 7.2.2 Attack Summary Drill-Down 278 7.2.3 Top Attacks ...279 7.2.4 Top Attacks Drill-Down 282 12 Vantage Report User's Guide Table of Contents 6.1.8 Top Secure Remote Access Tunnels Drill-Down 199 6.1.9 Top Secure Remote Access Protocols 201 6.1.10 Top Secure ...
...Secure Remote Access Applications 256 6.3.8 Top Secure Remote Access Applications Drill-Down 259 6.3.9 Secure Remote Access Top Users 261 6.3.10 Secure Remote Access Top Users Drill-Down 263 6.4 Xauth ...265 6.4.1 Secure Remote Access Successful Login 265 6.4.2 Secure Remote Access Failed Login...275 7.2.1 Attack Summary ...275 7.2.2 Attack Summary Drill-Down 278 7.2.3 Top Attacks ...279 7.2.4 Top Attacks Drill-Down 282 12 Vantage Report User's Guide Table of Contents 6.1.8 Top Secure Remote Access Tunnels Drill-Down 199 6.1.9 Top Secure Remote Access Protocols 201 6.1.10 Top Secure ...
User Guide
Page 13
... 348 8.2 Spam ...349 8.2.1 Spam Summary ...349 8.2.2 Spam Summary Drill-Down 352 8.2.3 Top Spam Senders 353 8.2.4 Top Spam Sources 356 8.2.5 Spam Scores ...359 8.3 Intrusion Hits ...361 Vantage Report User's Guide 13
... 348 8.2 Spam ...349 8.2.1 Spam Summary ...349 8.2.2 Spam Summary Drill-Down 352 8.2.3 Top Spam Senders 353 8.2.4 Top Spam Sources 356 8.2.5 Spam Scores ...359 8.3 Intrusion Hits ...361 Vantage Report User's Guide 13
User Guide
Page 14
...383 9.1.2 Security Threat Summary Drill-Down 385 9.1.3 Security Threat Top Web Sites 387 9.1.4 Security Threat Top Sites Drill-Down 390 9.1.5 Security Threat Top Users 391 9.1.6 Security Threat Top Users Drill-Down 394 9.1.7 Security Threat Top Hosts 395 9.1.8 Security Threat Top Hosts Drill-Down 398 9.1.9 Security Threat Categories 399 9.1.10 Security Threat Categories...428 9.3.6 Top Intrusion Hits Sources Drill-Down 431 9.3.7 Top Intrusion Hits Destinations 433 9.3.8 Top Intrusion Hits Destinations Drill-Down 436 9.3.9 Intrusion Hits Severities 438 14 Vantage Report User's Guide
...383 9.1.2 Security Threat Summary Drill-Down 385 9.1.3 Security Threat Top Web Sites 387 9.1.4 Security Threat Top Sites Drill-Down 390 9.1.5 Security Threat Top Users 391 9.1.6 Security Threat Top Users Drill-Down 394 9.1.7 Security Threat Top Hosts 395 9.1.8 Security Threat Top Hosts Drill-Down 398 9.1.9 Security Threat Categories 399 9.1.10 Security Threat Categories...428 9.3.6 Top Intrusion Hits Sources Drill-Down 431 9.3.7 Top Intrusion Hits Destinations 433 9.3.8 Top Intrusion Hits Destinations Drill-Down 436 9.3.9 Intrusion Hits Severities 438 14 Vantage Report User's Guide
User Guide
Page 15
....3.2 Summary Drill-Down 469 10.3.3 Top Blocked Sites 471 10.3.4 Top Blocked Sites Drill-Down 474 10.3.5 Top Blocked Users 476 10.3.6 Top Blocked Users Drill-Down 479 10.3.7 Top Blocked Hosts 480 10.3.8 Top Blocked Hosts Drill-Down 483 10.3.9 Blocked Web Categories 484... 488 10.4.1 Top Applications Blocked 488 10.4.2 Top Users Blocked 491 10.4.3 Top Applications Allowed 494 Chapter 11 Event ...499 11.1 Successful Logins ...499 11.2 Failed Logins ...501 11.3 Top Sessions Per Host ...502 11.4 Top Sessions Per User ...505 Chapter 12 Schedule Report ...509 Vantage Report User's Guide 15
....3.2 Summary Drill-Down 469 10.3.3 Top Blocked Sites 471 10.3.4 Top Blocked Sites Drill-Down 474 10.3.5 Top Blocked Users 476 10.3.6 Top Blocked Users Drill-Down 479 10.3.7 Top Blocked Hosts 480 10.3.8 Top Blocked Hosts Drill-Down 483 10.3.9 Blocked Web Categories 484... 488 10.4.1 Top Applications Blocked 488 10.4.2 Top Users Blocked 491 10.4.3 Top Applications Allowed 494 Chapter 11 Event ...499 11.1 Successful Logins ...499 11.2 Failed Logins ...501 11.3 Top Sessions Per Host ...502 11.4 Top Sessions Per User ...505 Chapter 12 Schedule Report ...509 Vantage Report User's Guide 15
User Guide
Page 16
....5 Log Archiving ...538 13.5.1 File Archiving Settings 538 13.5.2 View Archived Files 541 13.5.3 Log Transfer ...543 13.6 Log Remove ...544 Part III: System Setting, User Management and Troubleshooting .. 547 Chapter 14 System Setting ...549 14.1 General Configuration Screen 549 14.1.1 Configuring for Hostname Reverse 551 14.2 Server Configuration Screen 554....5.2 Registration > Upgrade Screen 560 14.6 Notification ...561 14.6.1 Add/Edit a Notification 563 14.7 Rule-Based Alert ...565 14.7.1 Add/Edit a Rule-based Alert 566 16 Vantage Report User's Guide
....5 Log Archiving ...538 13.5.1 File Archiving Settings 538 13.5.2 View Archived Files 541 13.5.3 Log Transfer ...543 13.6 Log Remove ...544 Part III: System Setting, User Management and Troubleshooting .. 547 Chapter 14 System Setting ...549 14.1 General Configuration Screen 549 14.1.1 Configuring for Hostname Reverse 551 14.2 Server Configuration Screen 554....5.2 Registration > Upgrade Screen 560 14.6 Notification ...561 14.6.1 Add/Edit a Notification 563 14.7 Rule-Based Alert ...565 14.7.1 Add/Edit a Rule-based Alert 566 16 Vantage Report User's Guide
User Guide
Page 17
Table of Contents Chapter 15 User Management ...577 15.1 Group Screen ...577 15.1.1 Group > Add/Edit Group Screen 578 15.2 Account Screen ...579 15.2.1 Account > Add/Edit User Account Screen 580 Chapter 16 Troubleshooting...583 Part IV: Appendices and Index 587 Appendix A Product Specifications 589 Appendix B ZyWALL USG Series and ZyWALL 1050 Log Descriptions 599 Appendix C ZyNOS Log Descriptions 645 Appendix D Open Software Announcements 671 Appendix E Legal Information 709 Index...711 Vantage Report User's Guide 17
Table of Contents Chapter 15 User Management ...577 15.1 Group Screen ...577 15.1.1 Group > Add/Edit Group Screen 578 15.2 Account Screen ...579 15.2.1 Account > Add/Edit User Account Screen 580 Chapter 16 Troubleshooting...583 Part IV: Appendices and Index 587 Appendix A Product Specifications 589 Appendix B ZyWALL USG Series and ZyWALL 1050 Log Descriptions 599 Appendix C ZyNOS Log Descriptions 645 Appendix D Open Software Announcements 671 Appendix E Legal Information 709 Index...711 Vantage Report User's Guide 17
User Guide
Page 21
... • monitor the whole network • look at historical reports about network performance and events • examine device logs Vantage Report User's Guide 21 Then, you use the web configurator (A) to set up the Vantage Report server (B). See Appendix A on ZyXEL devices located worldwide. You also configure the ZyXEL devices (C) to send their logs and traffic statistics to easily...
... • monitor the whole network • look at historical reports about network performance and events • examine device logs Vantage Report User's Guide 21 Then, you use the web configurator (A) to set up the Vantage Report server (B). See Appendix A on ZyXEL devices located worldwide. You also configure the ZyXEL devices (C) to send their logs and traffic statistics to easily...
User Guide
Page 22
... REQUIRED (GB/ DAY) 512 MB 0 - 1 1 GB 1 - 12 1 GB 12 - 24 22 Vantage Report User's Guide Purchase EVantage Report license keys to add more devices you can also send statistical reports to you by e-mail. 1.2 License Versions This is independent from the version number, 3.6 for more information. 1.3...The more powerful your computer, the more devices. Note: This User's Guide discusses the features in the full version. There are two versions of Vantage Report, the basic version and the full version. Register Vantage Report to use the full version to manage one device. See ...
... REQUIRED (GB/ DAY) 512 MB 0 - 1 1 GB 1 - 12 1 GB 12 - 24 22 Vantage Report User's Guide Purchase EVantage Report license keys to add more devices you can also send statistical reports to you by e-mail. 1.2 License Versions This is independent from the version number, 3.6 for more information. 1.3...The more powerful your computer, the more devices. Note: This User's Guide discusses the features in the full version. There are two versions of Vantage Report, the basic version and the full version. Register Vantage Report to use the full version to manage one device. See ...
User Guide
Page 23
.... To open this service starts automatically when you log in to start, stop, or configure this service. Vantage Report User's Guide 23 The Services screen opens. By default, this screen: 1 In Windows 2000, click Start > Settings > Control... > Performance and Maintenance > Administrative Tools > Services. CHAPTER 2 The Vantage Report Server This chapter explains several characteristics of the Vantage Report server. 2.1 Starting and Stopping the Vantage Report Server Note: Make sure the port Vantage Report uses for web services is not used by other applications, especially web ...
.... To open this service starts automatically when you log in to start, stop, or configure this service. Vantage Report User's Guide 23 The Services screen opens. By default, this screen: 1 In Windows 2000, click Start > Settings > Control... > Performance and Maintenance > Administrative Tools > Services. CHAPTER 2 The Vantage Report Server This chapter explains several characteristics of the Vantage Report server. 2.1 Starting and Stopping the Vantage Report Server Note: Make sure the port Vantage Report uses for web services is not used by other applications, especially web ...
User Guide
Page 24
..., it sends e-mail to configure the SMTP mail server. The Services screen opens. 4 Right-click on page 549. 24 Vantage Report User's Guide See Section 14.2 on page 555). In some situations, however, the Vantage Report server starts or stops receive logs. Select Properties to any valid e-mail address. One of these messages are warnings; in...
..., it sends e-mail to configure the SMTP mail server. The Services screen opens. 4 Right-click on page 549. 24 Vantage Report User's Guide See Section 14.2 on page 555). In some situations, however, the Vantage Report server starts or stops receive logs. Select Properties to any valid e-mail address. One of these messages are warnings; in...
User Guide
Page 25
... way the information is the time the Vantage Report server receives information (log entries or traffic statistics) from the ZyXEL devices, not the time the device puts in the Login screen. ZyNOS models include ZyWALL 5, ZyWALL 35, and ZyWALL 70, etc. Vantage Report User's Guide 25 A user clicks Forget Password? The Vantage Report server sends an e-mail message to the...
... way the information is the time the Vantage Report server receives information (log entries or traffic statistics) from the ZyXEL devices, not the time the device puts in the Login screen. ZyNOS models include ZyWALL 5, ZyWALL 35, and ZyWALL 70, etc. Vantage Report User's Guide 25 A user clicks Forget Password? The Vantage Report server sends an e-mail message to the...
User Guide
Page 26
... the device with an IP address. In this example, incoming VPN traffic is encrypted data that the ZyXEL Device receives from VPN tunnels (A) and the traffic sent back (B). Figure 5 Outgoing VPN Traffic A B 26 Vantage Report User's Guide Figure 4 Incoming VPN Traffic A Outgoing VPN Traffic B A diagram is allowed to display details in following figure. Figure 2 Remote...
... the device with an IP address. In this example, incoming VPN traffic is encrypted data that the ZyXEL Device receives from VPN tunnels (A) and the traffic sent back (B). Figure 5 Outgoing VPN Traffic A B 26 Vantage Report User's Guide Figure 4 Incoming VPN Traffic A Outgoing VPN Traffic B A diagram is allowed to display details in following figure. Figure 2 Remote...