D-Link DFL-2500 User Guide - Page 45
Events
![]() |
View all D-Link DFL-2500 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 45 highlights
26 Chapter 5. Logging discontinuity of services. By reviewing the output of logging, there is a good chance that the administrator will be able to figure out the problematic events, and take necessary actions to correct the problems. Once the problem is resolved, the correct content can be found in the new logging information to verify that proper changes have been done. Logging can also be used in Intrusion Detection System (IDS). The suspect traffic and attempted, failed, or successful attacks against the firewall and the network can be record, with notifications sent to alert administrators. These logging information is very useful for administrators to determine how an intrusion might have occurred and what counter-attack method can be added to improve the firewall's implementation. As soon as log-required events are taking place, the firewall generates responses based on those events, and the responses are output into log files of one form or another to one or more log receivers. 5.1.2 Events There are a number of different situations that will cause D-Link firewalls to generate and deliver log data. Each such occasion is referred to as an event. Some events, for instance, the firewall's startup and shutdown, will always generate log entries. Others, for instance, to log if a specified rule is being matched, are configurable. The most obvious and straight-forward reason for event generating is, of course, when logging is configured in the firewall's rules, such as IP rules, User Authentication rules, Threshold rules, and so on. Events of interest for capturing generally fall into three broad categories: Firewall System Issues, Security Policy, and Network Connection Status. System Issues This category of events logs the firewall system's status and hardware changes, for instance: • BUFFERS- events regarding buffer usage. • TIMESYNC- firewall time synchronization events. • HWM- hardware monitor events. • SYSTEM- startup & shutdown D-Link Firewalls User's Guide
![](/manual_guide/products/dlink-dfl2500-user-guide-83bdca9/45.png)