3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

181

182

183

184

185

186

187

188

189

190

Introduction to Log 181

LOG MAINTENANCE

Introduction to Log Ty pes

Log functions to save system messages or packet filtering actions to the buffer, or

direct them to log host. By analyzing and managing log information, network

administrators can detect security leaks and attack types. Furthermore, real-time

log records help to detect ongoing intrusions.

The Firewall module uniformly takes various attacks and events into account, and

standardizes kinds of log formats and statistics, so as to ensure a uniform log style

and serious log functions.

The Firewall module includes the following log information:

■ NAT/ASPF log

■ Attack prevention log

■ Traffic monitoring log

■ Black list log

■ Address binding log

Output principle

On the Firewall module, log information can be output in binary-flow format or in

Syslog format.

Figure 32 shows the corresponding relationship between log type

and log output format.

Figure 32 Log output principles on the Firewall module

Log Server

Inf or mation

center

Attack

defence

Blacklist

Address

binding

Binary-flow log

Syslog log

Monitoring terminal

Console

Buf fer

ĂĂ

Redirection

NA T/A SPF

Log information

Log inf ormation

Traf f ic

statistics

Log inf ormation