H3C Technologies H3C SecCenter UTM Manager User Manual
Page 7
iii
Attack event details ·············································································································································146
Displaying virus event details·····························································································································149
Displaying DDoS event details···························································································································151
Configuring the alarming function·····················································································································152
Managing report export tasks····························································································································155
Policy management······················································································································································157
Configuring attack protection policies ··············································································································158
Configuring anti-virus policies····························································································································162
Configuring policy applications ························································································································165
Displaying attack signatures ······························································································································168
Displaying virus category list ·····························································································································170
Configuring custom events ·································································································································171
Importing and exporting policies·······················································································································179
Firewall management ············································································································································· 182
Firewall device management······································································································································182
Managing firewall devices·································································································································182
Viewing device statistics ·····································································································································184
Managing the device configuration database·································································································184
Managing deployment tasks······························································································································191
Attack events monitoring ·············································································································································192
Snapshot of events ··············································································································································192
Recent events list··················································································································································194
Device monitoring ···············································································································································195
Event analysis ·······························································································································································195
Event overview·····················································································································································195
Viewing event details··········································································································································197
Managing report export tasks····························································································································199
Event auditing·······························································································································································201
Auditing traffic anomaly logs·····························································································································201
Auditing operation logs ······································································································································202
Auditing blacklist logs·········································································································································203
Auditing NAT logs···············································································································································204
Auditing interzone access logs ··························································································································204
Auditing MPLS logs ·············································································································································205
Auditing other logs··············································································································································205
Security policy management·······································································································································206
Managing security zones ···································································································································206
Managing time ranges ·······································································································································208
Managing services··············································································································································210
Managing IP addresses ······································································································································215
Managing interzone rules ··································································································································222
Managing interzone policies ·····························································································································226
Managing interzone policy applications··········································································································229
Configuration example 1 ······································································································································· 233
Network requirements ·················································································································································233
Configuring the UTM devices ·····································································································································233
Adding the UTM devices to the UTM Manager········································································································233
Configuration example 2 ······································································································································· 235
Network requirements ·················································································································································235
Configuration procedures ···········································································································································235
Configuring the UTM device ······························································································································235
Configuring the SecCenter ·································································································································238