Manualshelf

User guide

ManualsBrandsMSI ManualsHome building and DecorSupero CSE-M35S
231232233234235236237238239240
ManageEngine Firewall Analyzer :: User Guide
230
Zoho Corp.
Configuring Cyberoam
Firewall Analyzer supports Cyberoam Firewall Version: 9.5.4 build 66 onwards
Configuring Cyberoam
On the Cyberoam Firewall Web Admin Console do the following.
1. Select System > Logging > Manage Syslog
2. Specify unique name for Syslog server
3. Specify IP address and port of the syslog server. Cyberoam will send logs to the
configured IP address. The default port is 514
4. Select Facility. Facility indicates the source of a log message to the syslog
server. You can configure Facility to distinguish log messages from different
Cyberoam Firewalls
5. Select the Severity level of the messages logged. Severity level is the severity of
the message that has been generated
Cyberoam logs all messages at and above the logging severity level you select. For
example, select ?ERROR? to log all messages tagged as ?ERROR,? as well as any
messages tagged with ?CRITICAL,? ?ALERT? and ?EMERGENCY? and select ?DEBUG?
to log all messages.
Note: Firewall Analyzer requires the severity level as 'INFORMATIONAL'.
6. Click Create to save the configuration.
Also you need to enable logging on each rule to monitor allowed and denied traffic.
Please follow the below steps.
Click Log Traffic to enable/disable traffic logging for the rule. Ensure firewall
rule logging is in On/Enable state in the Logging Management. Refer to
Cyberoam Console Guide, Cyberoam Management for more details.
To log the traffic permitted and denied by the firewall rule, you need to keep
On/Enable state in the firewall rule logging from the Web Admin Console
> Firewall rule and from the Telnet Console > Cyberoam Management.
Specify full description of the rule, displays full description of the rule, modify
if required.