User Guide
Page 3
... • Download software and documentation (User's Guide, Quick Start Guide, Datasheet, Support Notes) from one of the FTP sites: Europe: ftp://ftp.zyxel.dk/Vantage_Report Rest of World: ftp://ftp.zyxel.com/Vantage_Report • Vantage Report Online Help Embedded web help is intended for an online glossary of networking terms and additional support documentation.
... • Download software and documentation (User's Guide, Quick Start Guide, Datasheet, Support Notes) from one of the FTP sites: Europe: ftp://ftp.zyxel.dk/Vantage_Report Rest of World: ftp://ftp.zyxel.com/Vantage_Report • Vantage Report Online Help Embedded web help is intended for an online glossary of networking terms and additional support documentation.
User Guide
Page 4
... cannot be here. Learn from this link. About This User's Guide • Download Library Search for contact information. See http://www.zyxel.com/web/contact_us.php for the latest product updates and documentation from others who use your product. • Knowledge Base If you have... you received your experiences as well. Please have a specific question about ZyXEL products. • Forum This contains discussions on ZyXEL products. Read the Tech Doc Overview to find out how to solve it. 4 Vantage Report User's Guide If you took to efficiently use the User Guide, Quick...
... cannot be here. Learn from this link. About This User's Guide • Download Library Search for contact information. See http://www.zyxel.com/web/contact_us.php for the latest product updates and documentation from others who use your product. • Knowledge Base If you have... you received your experiences as well. Please have a specific question about ZyXEL products. • Forum This contains discussions on ZyXEL products. Read the Tech Doc Overview to find out how to solve it. 4 Vantage Report User's Guide If you took to efficiently use the User Guide, Quick...
User Guide
Page 5
Computer Server Prestige Device ZyWALL Device User VPN Tunnel Internet Vantage Report User's Guide 5 Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are denoted using a right angle bracket (>). Note: Notes tell you ... Top Hosts. Icons Used in Figures Figures in this User's Guide. Syntax Conventions • The version number on the title page is the version of Vantage Report that could harm you about things that is documented in this User's Guide may need to configure or helpful tips) or recommendations.
Computer Server Prestige Device ZyWALL Device User VPN Tunnel Internet Vantage Report User's Guide 5 Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are denoted using a right angle bracket (>). Note: Notes tell you ... Top Hosts. Icons Used in Figures Figures in this User's Guide. Syntax Conventions • The version number on the title page is the version of Vantage Report that could harm you about things that is documented in this User's Guide may need to configure or helpful tips) or recommendations.
User Guide
Page 6
Document Conventions Your product is marked with general waste. WEEE stands for Waste Electronics and Electrical Equipment. It means that used electrical and electronic products should be mixed with this symbol, which is known as the WEEE mark. Used electrical and electronic equipment should not be treated separately. 6 Vantage Report User's Guide
Document Conventions Your product is marked with general waste. WEEE stands for Waste Electronics and Electrical Equipment. It means that used electrical and electronic products should be mixed with this symbol, which is known as the WEEE mark. Used electrical and electronic equipment should not be treated separately. 6 Vantage Report User's Guide
User Guide
Page 7
Contents Overview Contents Overview Introduction ...19 Introducing Vantage Report ...21 The Vantage Report Server ...23 The Web Configurator ...33 Monitors, Reports and Logs 63 Monitor ...65 Network Traffic ...95 Secure Remote Access ...183 Network Security ...269 E-Mail Security ...333 Web Security ...383 Security Policy Enforcement ...443 Event ...499 Schedule Report ...509 Logs ...527 System Setting, User Management and Troubleshooting 547 System Setting ...549 User Management ...577 Troubleshooting ...583 Appendices and Index ...587 Vantage Report User's Guide 7
Contents Overview Contents Overview Introduction ...19 Introducing Vantage Report ...21 The Vantage Report Server ...23 The Web Configurator ...33 Monitors, Reports and Logs 63 Monitor ...65 Network Traffic ...95 Secure Remote Access ...183 Network Security ...269 E-Mail Security ...333 Web Security ...383 Security Policy Enforcement ...443 Event ...499 Schedule Report ...509 Logs ...527 System Setting, User Management and Troubleshooting 547 System Setting ...549 User Management ...577 Troubleshooting ...583 Appendices and Index ...587 Vantage Report User's Guide 7
User Guide
Page 9
... of Contents...9 Part I: Introduction 19 Chapter 1 Introducing Vantage Report 21 1.1 Introduction ...21 1.2 License Versions ...22 1.3 Hardware Requirements ...22 Chapter 2 The Vantage Report Server ...23 2.1 Starting and Stopping the Vantage Report Server 23 2.2 E-Mail in the Vantage Report Server 24 2.3 Time in the Vantage Report Server 25 2.4 Common Terms ...25 2.5 Common Icons ...27 2.6 ZyXEL Device Configuration and Source Data 27 Chapter 3 The...
... of Contents...9 Part I: Introduction 19 Chapter 1 Introducing Vantage Report 21 1.1 Introduction ...21 1.2 License Versions ...22 1.3 Hardware Requirements ...22 Chapter 2 The Vantage Report Server ...23 2.1 Starting and Stopping the Vantage Report Server 23 2.2 E-Mail in the Vantage Report Server 24 2.3 Time in the Vantage Report Server 25 2.4 Common Terms ...25 2.5 Common Icons ...27 2.6 ZyXEL Device Configuration and Source Data 27 Chapter 3 The...
User Guide
Page 10
Table of Contents Part II: Monitors, Reports and Logs 63 Chapter 4 Monitor...65 4.1 Monitor (Folder) ...65 4.1.1 Customize the Column Fields 66 4.2 Dashboard ...67 4.3 Dashboard ...69 4.4 CPU Usage Monitor ...71 4.5 Memory Usage Monitor ...... Protocols Drill-Down 104 5.1.5 Top Bandwidth Hosts 106 5.1.6 Top Bandwidth Hosts Drill-Down 110 5.1.7 Top Bandwidth Users 112 5.1.8 Top Bandwidth Users Drill-Down 115 10 Vantage Report User's Guide
Table of Contents Part II: Monitors, Reports and Logs 63 Chapter 4 Monitor...65 4.1 Monitor (Folder) ...65 4.1.1 Customize the Column Fields 66 4.2 Dashboard ...67 4.3 Dashboard ...69 4.4 CPU Usage Monitor ...71 4.5 Memory Usage Monitor ...... Protocols Drill-Down 104 5.1.5 Top Bandwidth Hosts 106 5.1.6 Top Bandwidth Hosts Drill-Down 110 5.1.7 Top Bandwidth Users 112 5.1.8 Top Bandwidth Users Drill-Down 115 10 Vantage Report User's Guide
User Guide
Page 11
... Peer Gateways Drill-Down 189 6.1.5 Top Secure Remote Access Sites 191 6.1.6 Top Secure Remote Access Sites Drill-Down 194 6.1.7 Top Secure Remote Access Tunnels 196 Vantage Report User's Guide 11 Table of Contents 5.1.9 Top Bandwidth Destinations 117 5.1.10 Top Bandwidth Destinations Drill-Down 121 5.2 Web Traffic ...123 5.2.1 Top Web Sites ...123 5.2.2 Top...
... Peer Gateways Drill-Down 189 6.1.5 Top Secure Remote Access Sites 191 6.1.6 Top Secure Remote Access Sites Drill-Down 194 6.1.7 Top Secure Remote Access Tunnels 196 Vantage Report User's Guide 11 Table of Contents 5.1.9 Top Bandwidth Destinations 117 5.1.10 Top Bandwidth Destinations Drill-Down 121 5.2 Web Traffic ...123 5.2.1 Top Web Sites ...123 5.2.2 Top...
User Guide
Page 12
... Blocked 269 7.1.2 Top Packets Blocked 272 7.2 Attack ...275 7.2.1 Attack Summary ...275 7.2.2 Attack Summary Drill-Down 278 7.2.3 Top Attacks ...279 7.2.4 Top Attacks Drill-Down 282 12 Vantage Report User's Guide
... Blocked 269 7.1.2 Top Packets Blocked 272 7.2 Attack ...275 7.2.1 Attack Summary ...275 7.2.2 Attack Summary Drill-Down 278 7.2.3 Top Attacks ...279 7.2.4 Top Attacks Drill-Down 282 12 Vantage Report User's Guide
User Guide
Page 13
... 348 8.2 Spam ...349 8.2.1 Spam Summary ...349 8.2.2 Spam Summary Drill-Down 352 8.2.3 Top Spam Senders 353 8.2.4 Top Spam Sources 356 8.2.5 Spam Scores ...359 8.3 Intrusion Hits ...361 Vantage Report User's Guide 13
... 348 8.2 Spam ...349 8.2.1 Spam Summary ...349 8.2.2 Spam Summary Drill-Down 352 8.2.3 Top Spam Senders 353 8.2.4 Top Spam Sources 356 8.2.5 Spam Scores ...359 8.3 Intrusion Hits ...361 Vantage Report User's Guide 13
User Guide
Page 14
... 428 9.3.6 Top Intrusion Hits Sources Drill-Down 431 9.3.7 Top Intrusion Hits Destinations 433 9.3.8 Top Intrusion Hits Destinations Drill-Down 436 9.3.9 Intrusion Hits Severities 438 14 Vantage Report User's Guide
... 428 9.3.6 Top Intrusion Hits Sources Drill-Down 431 9.3.7 Top Intrusion Hits Destinations 433 9.3.8 Top Intrusion Hits Destinations Drill-Down 436 9.3.9 Intrusion Hits Severities 438 14 Vantage Report User's Guide
User Guide
Page 15
... Event ...499 11.1 Successful Logins ...499 11.2 Failed Logins ...501 11.3 Top Sessions Per Host ...502 11.4 Top Sessions Per User ...505 Chapter 12 Schedule Report ...509 Vantage Report User's Guide 15
... Event ...499 11.1 Successful Logins ...499 11.2 Failed Logins ...501 11.3 Top Sessions Per Host ...502 11.4 Top Sessions Per User ...505 Chapter 12 Schedule Report ...509 Vantage Report User's Guide 15
User Guide
Page 16
Table of Contents 12.1 Scheduled Report Summary Screen 509 12.2 Customize Daily Report Screen 510 12.3 Customize Weekly Report Screen 518 12.4 Customize Overtime Report Screen 520 12.5 Configure Template List 522 12.6 Template Add/Edit ...523 12.7 Logo Template ...523 12.8 Logo Template Add/Edit 524 Chapter 13 Logs .......5.2 Registration > Upgrade Screen 560 14.6 Notification ...561 14.6.1 Add/Edit a Notification 563 14.7 Rule-Based Alert ...565 14.7.1 Add/Edit a Rule-based Alert 566 16 Vantage Report User's Guide
Table of Contents 12.1 Scheduled Report Summary Screen 509 12.2 Customize Daily Report Screen 510 12.3 Customize Weekly Report Screen 518 12.4 Customize Overtime Report Screen 520 12.5 Configure Template List 522 12.6 Template Add/Edit ...523 12.7 Logo Template ...523 12.8 Logo Template Add/Edit 524 Chapter 13 Logs .......5.2 Registration > Upgrade Screen 560 14.6 Notification ...561 14.6.1 Add/Edit a Notification 563 14.7 Rule-Based Alert ...565 14.7.1 Add/Edit a Rule-based Alert 566 16 Vantage Report User's Guide
User Guide
Page 17
Table of Contents Chapter 15 User Management ...577 15.1 Group Screen ...577 15.1.1 Group > Add/Edit Group Screen 578 15.2 Account Screen ...579 15.2.1 Account > Add/Edit User Account Screen 580 Chapter 16 Troubleshooting...583 Part IV: Appendices and Index 587 Appendix A Product Specifications 589 Appendix B ZyWALL USG Series and ZyWALL 1050 Log Descriptions 599 Appendix C ZyNOS Log Descriptions 645 Appendix D Open Software Announcements 671 Appendix E Legal Information 709 Index...711 Vantage Report User's Guide 17
Table of Contents Chapter 15 User Management ...577 15.1 Group Screen ...577 15.1.1 Group > Add/Edit Group Screen 578 15.2 Account Screen ...579 15.2.1 Account > Add/Edit User Account Screen 580 Chapter 16 Troubleshooting...583 Part IV: Appendices and Index 587 Appendix A Product Specifications 589 Appendix B ZyWALL USG Series and ZyWALL 1050 Log Descriptions 599 Appendix C ZyNOS Log Descriptions 645 Appendix D Open Software Announcements 671 Appendix E Legal Information 709 Index...711 Vantage Report User's Guide 17
User Guide
Page 19
PART I Introduction Introducing Vantage Report (21) The Vantage Report Server (23) The Web Configurator (33) 19
PART I Introduction Introducing Vantage Report (21) The Vantage Report Server (23) The Web Configurator (33) 19
User Guide
Page 21
... chapter introduces Vantage Report. Figure 1 Typical Vantage Report Application C A B In this information. With Vantage Report, you use the web configurator (A) to the Vantage Report Server. The Vantage Report server collects this example, you can • monitor the whole network • look at historical reports about network performance and events • examine device logs Vantage Report User's Guide 21 See Appendix A on ZyXEL devices located...
... chapter introduces Vantage Report. Figure 1 Typical Vantage Report Application C A B In this information. With Vantage Report, you use the web configurator (A) to the Vantage Report Server. The Vantage Report server collects this example, you can • monitor the whole network • look at historical reports about network performance and events • examine device logs Vantage Report User's Guide 21 See Appendix A on ZyXEL devices located...
User Guide
Page 22
... GHz MEMORY SPEC LOG SPACE REQUIRED (GB/ DAY) 512 MB 0 - 1 1 GB 1 - 12 1 GB 12 - 24 22 Vantage Report User's Guide Purchase EVantage Report license keys to add more information. 1.3 Hardware Requirements Minimum hardware requirements: • Intel Pentium 4 processor 1 GHz • 512 Mb RAM...the features in the full version. See Section 14.5 on page 558 for example. Chapter 1 Introducing Vantage Report The Vantage Report server can manage. When you install Vantage Report, you by e-mail. 1.2 License Versions This is independent from the version number, 3.6 for more ...
... GHz MEMORY SPEC LOG SPACE REQUIRED (GB/ DAY) 512 MB 0 - 1 1 GB 1 - 12 1 GB 12 - 24 22 Vantage Report User's Guide Purchase EVantage Report license keys to add more information. 1.3 Hardware Requirements Minimum hardware requirements: • Intel Pentium 4 processor 1 GHz • 512 Mb RAM...the features in the full version. See Section 14.5 on page 558 for example. Chapter 1 Introducing Vantage Report The Vantage Report server can manage. When you install Vantage Report, you by e-mail. 1.2 License Versions This is independent from the version number, 3.6 for more ...
User Guide
Page 23
... runs as a service on the Vantage Report server. Vantage Report User's Guide 23 CHAPTER 2 The Vantage Report Server This chapter explains several characteristics of the Vantage Report server. 2.1 Starting and Stopping the Vantage Report Server Note: Make sure the port Vantage Report uses for web services is not used by other applications, especially web servers. To open this service ... By default, this screen: 1 In Windows 2000, click Start > Settings > Control Panel > Administrative Tools > Services. You can use the services management screen to the Vantage Report server.
... runs as a service on the Vantage Report server. Vantage Report User's Guide 23 CHAPTER 2 The Vantage Report Server This chapter explains several characteristics of the Vantage Report server. 2.1 Starting and Stopping the Vantage Report Server Note: Make sure the port Vantage Report uses for web services is not used by other applications, especially web servers. To open this service ... By default, this screen: 1 In Windows 2000, click Start > Settings > Control Panel > Administrative Tools > Services. You can use the services management screen to the Vantage Report server.
User Guide
Page 24
... anyone, you have to any valid e-mail address. in the Vantage Report Server Note: Before the Vantage Report server can be configured. See Appendix A on Vantage Report. When certain system parameters cross a threshold (minimum or maximum) value, the Vantage Report server sends e-mail to start or stop the Vantage Report service. See Section 14.1 on page 555). A menu appears. 5 Select...
... anyone, you have to any valid e-mail address. in the Vantage Report Server Note: Before the Vantage Report server can be configured. See Appendix A on Vantage Report. When certain system parameters cross a threshold (minimum or maximum) value, the Vantage Report server sends e-mail to start or stop the Vantage Report service. See Section 14.1 on page 555). A menu appears. 5 Select...
User Guide
Page 25
... Terms TERM ZLD-based ZyXEL Devices ZyNOS-based ZyXEL Devices DESCRIPTION ZLD (ZyXEL Linux Distribution) is ZyXEL's platform based on the way the information is the time the Vantage Report server receives information (log entries or traffic statistics) from the ZyXEL devices, not the time the device puts in the Vantage Report server. • The Vantage Report server processes log entries...
... Terms TERM ZLD-based ZyXEL Devices ZyNOS-based ZyXEL Devices DESCRIPTION ZLD (ZyXEL Linux Distribution) is ZyXEL's platform based on the way the information is the time the Vantage Report server receives information (log entries or traffic statistics) from the ZyXEL devices, not the time the device puts in the Vantage Report server. • The Vantage Report server processes log entries...