ZyXEL ZyWALL ATP700 User Guide - Page 185
Monitor > Security Statistics > IDP > Summary
View all ZyXEL ZyWALL ATP700 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 185 highlights
Chapter 6 Monitor The following table describes the labels in this screen. Table 68 Monitor > Security Statistics > IDP > Summary LABEL DESCRIPTION Collect Statistics Select this check box to have the Zyxel Device collect IDP statistics. Apply Reset Refresh Flush Data Total Session Scanned Total Packet Dropped Total Packet Reset Top Entries By The collection starting time displays after you click Apply. All of the statistics in this screen are for the time period starting at the time displayed here. The format is year, month, day and hour, minute, second. All of the statistics are erased if you restart the Zyxel Device or click Flush Data. Collecting starts over and a new collection start time displays. Click Apply to save your changes back to the Zyxel Device. Click Reset to return the screen to its last-saved settings. Click this button to update the report display. Click this button to discard all of the screen's statistics and update the report display. This field displays the number of sessions that the Zyxel Device has checked for intrusion characteristics. The Zyxel Device can detect and drop malicious packets from network traffic. This field displays the number of packets that the Zyxel Device has dropped. The Zyxel Device can detect and drop malicious packets from network traffic. This field displays the number of packets that the Zyxel Device has reset. Use this field to have the following (read-only) table display the top IDP log entries by Signature Name, Source IP or Destination IP. This table displays the most common, recent IDP logs. See the log screen for less common IDP logs or use a syslog server to record all IDP logs. Select Signature Name to list the most common signatures that the Zyxel Device has detected. Select Source IP to list the source IP addresses from which the Zyxel Device has detected the most intrusion attempts. Add to white list Remove from white list # Signature Name Signature ID Type Severity Source IP Destination IP Occurrences White List Select Destination IP to list the most common destination IP addresses for intrusion attempts that the Zyxel Device has detected. Select a signature and click this to add the selected signature to the IDP white list. Select a signature and click this to remove the selected signature from the IDP white list. This field displays the entry's rank in the list of the top entries. This column displays when you display the entries by Signature Name. The signature name identifies the type of intrusion pattern. Click the hyperlink for more detailed information on the intrusion. This column displays when you display the entries by Signature Name. The signature ID is a unique value given to each intrusion detected. This column displays when you display the entries by Signature Name. It shows the categories of intrusions. This column displays when you display the entries by Signature Name. It shows the level of threat that the intrusions may pose. This column displays when you display the entries by Source. It shows the source IP address of the intrusion attempts. This column displays when you display the entries by Destination. It shows the destination IP address at which intrusion attempts were targeted. This field displays how many times the Zyxel Device has detected the event described in the entry. Click this to add this signature to the IDP white list. Click this to remove this signature from the IDP white list. ZyWALL ATP Series User's Guide 185