Configuring a protocol auditing policy, Verification, Firewall logs and seccenter analysis – H3C Technologies H3C SecCenter UTM Manager User Manual
Page 255
247
NOTE:
Only the U200-A supports flow logging.
Configuring a protocol auditing policy
1.
Select Protocol Audit > Segment Policy Management from the navigation tree to enter the segment
policy configuration page.
2.
Apply the default auditing policy to segment 3.
3.
Click Activate.
Figure 238 Segment policy configuration page
NOTE:
After configuring all the policies, click Activate to bring them into effect.
Verification
Firewall logs and SecCenter analysis
Displaying logs on the firewall webpage
When attack packets, such as Land attack packets and Winnuke attack packets, travel from the internal
PC to the external PC, or from the external PC to the internal PC, the firewall will detect them and log the
events.
Select Log Report > Report to display the system logs, connection limit logs, attack prevention logs,
blacklist logs, interzone policy logs and user logs.
•
Attack prevention logs
•
Blacklist logs
- H3C SecPath L1000-A Load Balancer (8 pages)
- H3C SecPath M9000 Series (42 pages)
- H3C Device Manager (191 pages)
- H3C SecPath U200-A U200-M U200-S (19 pages)
- H3C SecPath F100-C-SI (206 pages)
- H3C SecPath U200-A U200-M U200-S (57 pages)
- H3C SecPath U200-A U200-M U200-S (182 pages)
- H3C SecPath U200-CA U200-CM U200-CS (95 pages)
- H3C SecPath U200-A U200-M U200-S (198 pages)
- H3C SecPath U200-A U200-M U200-S (80 pages)
- H3C SecPath U200-A U200-M U200-S (326 pages)
- H3C SecPath F100-C-SI (126 pages)
- H3C SecPath U200-A U200-M U200-S (225 pages)
- H3C SecPath F100-C-SI (68 pages)
- H3C SecPath F100-C-SI (99 pages)
- H3C SecPath F100-C-SI (273 pages)
- H3C SecPath F100-C-SI (234 pages)
- H3C SecPath F100-C-SI (490 pages)
- H3C SecPath U200-A U200-M U200-S (397 pages)
- H3C SecPath F100-C-SI (967 pages)
- H3C SecBlade FW Cards (938 pages)
- H3C SecPath U200-CA U200-CM U200-CS (84 pages)
- H3C SecPath F5000-A5 Firewall (121 pages)
- H3C SecPath F5000-C Firewall (2 pages)
- H3C SecPath F5040 (86 pages)
- H3C SecPath F5000-C Firewall (4 pages)
- H3C SecBlade FW Cards (12 pages)
- H3C SecBlade FW Cards (16 pages)
- H3C SecBlade FW Cards (6 pages)
- H3C SecPath U200-CA U200-CM U200-CS (45 pages)
- H3C SecBlade FW Cards (21 pages)
- H3C SecBlade IPS Cards (31 pages)
- H3C SecPath U200-CA U200-CM U200-CS (18 pages)
- H3C SecBlade IPS Cards (85 pages)
- H3C SecBlade IPS Cards (219 pages)
- H3C SecBlade SSL VPN Cards (21 pages)
- H3C SecBlade NetStream Cards (349 pages)
- H3C SecPath L1000-A Load Balancer (66 pages)
- H3C SecPath L1000-A Load Balancer (196 pages)
- H3C SecPath L1000-A Load Balancer (114 pages)
- H3C SecPath L1000-A Load Balancer (165 pages)
- H3C SecPath L1000-A Load Balancer (278 pages)
- H3C SecPath U200-A U200-M U200-S (83 pages)
- H3C SecPath L1000-A Load Balancer (8 pages)
- H3C VMSG VFW1000 (36 pages)