ACTIVITY REPORTS

This menu only appears when reports have been enabled on the firewall (Report configuration module).

The Reports module presents "Top 10" reports in the categories of Web, Security, Viruses, Vulnerabilities and Spam. As such, you will be able to view how the internet access is used, which attacks your firewall has blocked as well as the vulnerable hosts on your corporate network. Many interactive features allow you to directly fine-tune your firewall’s configuration.

Personal data

For the purpose of compliance with the European GDPR (General Data Protection Regulation), personal data (user name, source IP address, source name, source MAC address) is no longer displayed in logs and reports and have been replaced with the term "Anonymized".

To view such data, the administrator must then enable the "Full access to logs (sensitive data)" privilege by clicking on "Restricted access to logs" (upper banner of the web administration interface), then by entering an authorization code obtained from the administrator's supervisor (see the section Administrators > Ticket management). This code is valid for a limited period defined at the moment of its creation.

To release this privilege, the administrator must click on "Full access to logs (sensitive data)" in the upper banner of the web administration interface, then click on "Release" in the dialog box that appears.

After a privilege is obtained or released, data must be refreshed.

Please note that every time a "Full access to logs (sensitive data)" privilege is obtained or released, it will generate an entry in logs.

Collaborative security

For more collaborative security, based on vulnerability reports generated by Vulnerability Manager, it is now possible in just one click to increase the level of protection on a host that has been identified as vulnerable. Therefore, when critical vulnerabilities are detected, a new option will allow you to add affected hosts to a pre-set group and assign a strengthened protection profile or specific filter rules to them (quarantine zones, restricted access, etc.).

For further information, please refer to the Technical Note Collaborative security.

Storage device: SD Card

The External log storage on SD card feature is available on all models in the S and SN ranges, except for SN150, SN510, SN710, SN910, SN2000, SN2100, SN3000, SN3100, SN6000 and SN6100 models. This feature is offered with a subscription to the “External storage” option (see the Logs - Syslog module).

info NOTE

For SN150 models, the maximum number of reports is restricted to 5 and can be read for up to 7 days.

 

The type of SD card must be at least Class 10 and compliant with the SDHC standard. The maximum memory supported is:

  • 32 GB for U30S, U70S, U150S, U250S, U500S, U800S, SN200, SN300, SN500, SN700 and SN900 firewall models.
  • 2 TB for SN160(W), SN210(W) and SN310 firewall models.

Only the SD format is compatible: Micro SD or Nano SD cards fitted with an adapter are not supported.

info NOTE

Storing logs on an external medium can only be done on an SD card. This service is not compatible with other storage media such as a USB key or an external hard disk.

 

For more information, refer to the Guides PRESENTATION AND INSTALLATION OF NETASQ PRODUCTS U SERIES – S Models or PRESENTATION AND INSTALLATION OF STORMSHIELD NETWORK PRODUCTS SN Range, available in your private area, under the section Documentation.