IMPORTANT
SNS 3.x versions have reached End of Maintenance since July 1st, 2024.
We recommend that you update your SNS firewalls to a version with maintenance to guarantee the protection of your infrastructure.
ACTIVITY REPORTS
This menu only appears when reports have been enabled on the firewall (Report configuration module).
The Reports module presents "Top 10" reports in the categories of Web, Security, Viruses, Vulnerabilities and Spam. As such, you will be able to view how the internet access is used, which attacks your firewall has blocked as well as the vulnerable hosts on your corporate network. Many interactive features allow you to directly fine-tune your firewall’s configuration.
Personal data
For the purpose of compliance with the European GDPR (General Data Protection Regulation), personal data (user name, source IP address, source name, source MAC address) is no longer displayed in logs and reports and have been replaced with the term "Anonymized".
To view such data, the administrator must then enable the "Full access to logs (sensitive data)" privilege by clicking on "Restricted access to logs" (upper banner of the web administration interface), then by entering an authorization code obtained from the administrator's supervisor (see the section Administrators > Ticket management). This code is valid for a limited period defined at the moment of its creation.
To release this privilege, the administrator must click on "Full access to logs (sensitive data)" in the upper banner of the web administration interface, then click on "Release" in the dialog box that appears.
After a privilege is obtained or released, data must be refreshed.
Please note that every time a "Full access to logs (sensitive data)" privilege is obtained or released, it will generate an entry in logs.
Collaborative security
For more collaborative security, based on vulnerability reports generated by Vulnerability Manager, it is now possible in just one click to increase the level of protection on a host that has been identified as vulnerable. Therefore, when critical vulnerabilities are detected, a new option will allow you to add affected hosts to a pre-set group and assign a strengthened protection profile or specific filter rules to them (quarantine zones, restricted access, etc.).
For further information, please refer to the Technical Note Collaborative security.
Storage device: SD Card
The External log storage on SD card feature is available on SN160(W), SN210(W), SN310 and SNi20 firewall models.
The recommended type of SD card is at least Class 10 (C10) UHS Class 1 (U1) or App Performance 2 (A2). The memory card should be in a full-size physical SD format, in SDHC or SDXC standard. Only adapters provided with the card must be used. The maximum memory size supported is 2 TB.
Stormshield recommends the use of high-endurance/industrial cards or preferably, those that have a built-in MLC flash chip developed by major brands (e.g., SanDisk, Western Digital, Innodisk, Transcend, etc.) and with at least 32 GB.
NOTE
Storing logs on an external medium can only be done on an SD card. This service is not compatible with other storage media such as a USB key or an external hard disk.
For more information, refer to the Product Presentation and Installation SNS.