User guide
Security Security logging
iMG/RG Software Reference Manual (IPNetwork Functions)
4-68
The exact IP address (or range of addresses) for the management station device(s) must be defined in the fol-
lowing command:
security add mgmt-station <name> {range <start_addr> <end_addr> |
subnet <address> <mask>} <transport_type> <port> <idle_timeout>
Once you have configured a management station and want to enable a remote session to the device’s external
port, enter:
security set mgmt-station <name> enabled
4.2.6 Security logging
Note: Security logging is avalaible on FIber D,E Modular and ADSL A,B,C models only
Configuring the security logging module allows you to track:
• intrusion events; logs details of attempted DoS, port scanning and web spoofing attacks including the name of
the attack, the port number used and the source/destination IP addresses.
• blocking events; if an intrusion has been detected, this logs details of the blocked/blacklisted host including
their IP address and the length of time they will be blocked/blacklisted for.
• session events; logs details of session activity when a session is timed-out when it finishes naturally and is
removed from the session list.
Before you can log intrusion, blocking and session events, enable the logging module by entering:
security enable logging
4.2.7 Security command reference
This section describes the commands available on the AT-iMG Models to enable, configure and manage the
Security module.
4.2.7.1 Command Set
The table below lists the security commands provided by the CLI.
TABLE 4-2 Security Commands and Product Category
Commands
Fiber
A
Fiber
B
Fiber
C
Fiber
D
Fiber
E
Modular
ADSL
A
ADSL
B
ADSL
C
SECURITY ENABLE | DISABLE XXXXX X X X X
SECURITY ENABLE | DISABLE {LOGGING|blockinglog|
intrusionlog| sessionlog}
XX X XXX