User's Manual
Table Of Contents
- ProSecure Web/Email Security Threat Management (STM) Appliance Reference Manual
- Contents
- About This Manual
- Chapter 1 Introduction
- Chapter 2 Using the Setup Wizard to Provision the STM in Your Network
- Choosing a Deployment Scenario
- Understanding the Steps for Initial Connection
- Logging In to the STM
- Using the Setup Wizard to Perform the Initial Configuration
- Setup Wizard Step 1 of 10: Introduction
- Setup Wizard Step 2 of 11: Networking Settings
- Setup Wizard Step 3 of 11: Time Zone
- Setup Wizard Step 4 of 11: Email Security
- Setup Wizard Step 5 of 11: Web Security
- Setup Wizard Step 6 of 11: Email Notification Server Settings
- Setup Wizard Step 7 of 11: Update Settings
- Setup Wizard Step 8 of 11: HTTP Proxy Settings
- Setup Wizard Step 9 of 11: Web Categories
- Setup Wizard Step 10 of 11: Configuration Summary
- Setup Wizard Step 11 of 11: Restarting the System
- Verifying Proper Installation
- Registering the STM with NETGEAR
- What to Do Next
- Chapter 3 Performing Network and System Management
- Configuring Network Settings
- Configuring Session Limits and Timeouts
- Configuring the HTTP Proxy Settings
- About Users with Administrative and Guest Privileges
- Configuring Remote Management Access
- Using an SNMP Manager
- Managing the Configuration File
- Updating the Software
- Configuring Date and Time Service
- Managing Digital Certificates
- Managing the Quarantine Settings
- Performance Management
- Chapter 4 Content Filtering and Optimizing Scans
- About Content Filtering and Scans
- Configuring E-mail Protection
- Configuring Web and Services Protection
- Configuring Application Control
- Setting Scanning Exclusions and Web Access Exceptions
- Chapter 5 Managing Users, Groups, and Authentication
- About Users, Groups, and Domains
- Configuring Groups
- Configuring User Accounts
- Configuring Authentication
- Global User Settings
- Viewing and Logging Out Active Users
- Chapter 6 Monitoring System Access and Performance
- Chapter 7 Troubleshooting and Using Online Support
- Appendix A Default Settings and Technical Specifications
- Appendix B Related Documents
- Index
6-1
v1.0, September 2009
Chapter 6
Monitoring System Access and Performance
This chapter describes the system monitoring features of the STM. You can be alerted to important
events such as attacks and login failures. You can also view the system status and real-time traffic
and security information. In addition, the diagnostics utilities are described.
This chapter contains the following sections:
• “Configuring Logging, Alerts, and Event Notifications on this page.
• “Monitoring Real-Time Traffic, Security, Statistics, and Web Usage” on page 6-11.
• “Viewing System Status” on page 6-19.
• “Querying Logs and Generating Reports” on page 6-22.
• “Viewing and Managing the Quarantine Files” on page 6-33.
• “Using Diagnostics Utilities” on page 6-40.
Configuring Logging, Alerts, and Event Notifications
You can configure the STM to e-mail logs and alerts to a specified e-mail address. For example,
the STM can e-mail security-related events such as malware incidents, infected clients, and failed
authentications. By default, the STM logs content filtering events such as attempts to access
blocked sites and URLs, unwanted e-mail content, spam attempts, and many other types of events.
To receive the logs in an e-mail message, the STM’s notification server must be configured and
e-mail notification must be enabled. If the notification server is not configured or e-mail
notification is disabled, you can still query the logs and generate log reports to view on the Web
Management Interface screen or to save in CSV format.
For more information about logs, see “Querying Logs and Generating Reports” on page 6-22.
Note: All log and report functions that are part of the Logs & Reports configuration
menu and some of the functions that are part of the Diagnostics configuration
menu require that you configure the e-mail notification server—see “Configuring
the E-mail Notification Server” on page 6-2.