Manualshelf

User guide

ManualsBrandsMSI ManualsHome building and DecorSupero CSE-M35S
21222324252627282930
ManageEngine Firewall Analyzer :: User Guide
28
Zoho Corp.
complete details like Alert Profile name, the generated time, the device for which the
alert was raised, the alert priority, and the status of the alert.
The security statistics table provides you with the counts for Attacks, Virus, Failed
Logons, Security Events, Denied Events, Config Changes and Compliance
Reports.
Attacks: Firewall Analyzer will recognize only those firewall log messages which contains
the attribute denoting an attack.
Virus: Firewall Analyzer will recognize only those firewall log messages which contains
the attribute denoting a virus.
Currently Firewall Analyzer recognizes the attribute denoting a virus for almost all
firewall's except Cisco Pix, whose log messages do not contain the attribute denoting
a virus.
Failed Log Ons: Firewall Analyzer will recognize only those firewall log messages which
contains the attribute denoting a failed log on.
Currently Firewall Analyzer recognizes the attribute denoting a failed log on for
Fortigate, NetScreen, Cisco Pix, & Identiforce firewall's Failed Log Ons are not
available for CheckPoint firewall's
Denied Events: Firewall Analyzer will recognize only those firewall log messages which
contains the attribute denoting a denied request.
Security Events: The Security Events in Firewall Analyzer are based on the severity
attributes Emergency, Alert, Critical, and Error only.
Since Security Events are based on severity attributes, they may also include the
other events like port scans, attacks, virus, failed log ons, security events, and
denied events.
Clicking on the counts against each of the above events in the security statistics table
will lead you to the corresponding the quick reports for those events.
Compliance Reports: The Compliance Reports related to Firewall Rules/Policies
Configuration/Changes. Clicking the report opens up with the rules related events.
Editing Device Details
Click the
(for firewall) or (for squid) icon next to a device name to change the
device's details. You can change the device's display name, up link speed and down link
speed. The device name and the vendor type cannot be changed.
Up Link Speed and Down Link Speed determines the % IN Traffic and % OUT traffic.
Click the
icon to delete the device from the database. You are asked to confirm your
choice, after which the device is permanently deleted.
When a device is deleted, all existing data pertaining to that device is permanently