Ii. inbound access log, Admin port access requests, Startup history – Multi-Tech Systems RF660 User Manual

Appendix A – Disposition of Events

Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D)

143

Admin Port Access Requests

All requests to the Administrative port (HTTPS/HTTP to the box using the WEB GUI) are logged as Admin Port Traffic.
Access requests logged as Admin Port Access requests correspond to LO1.F of Baseline module - version 4.0, ICSA Labs.
Figure 11 shows a snapshot of Admin Port Access log.

Startup History

The system startup Timestamp is logged as Startup History. Startup History corresponds to LO1.G of Baseline module -
version 4.0, ICSA Labs.
Figure 12 shows a snapshot of Startup History.

User Defined Log

User defined logging is classified as User logs. Administrators can log packets using the Packet Filers > Add User Defined
Packet Filter Rules and selecting LOG as the action.

Note:

User logging is allowed only on routed packets.

Figure 13 shows a snapshot of user defined log.

Fragmented Packets Log

Fragments packets can be logged as Dropped Fragmented. Logging of Dropped Fragmented Packets can be configured
through Packet Filters > Advanced > Drop Fragmented Packets. Logging is allowed only if fragments are dropped.
Figure 14 shows a snapshot of Fragmented Packets log.

ICMP information

Information about ICMP requests is available in the remarks. Type and Code information is displayed after the event type.
ICMP information meets requirement LO2.G of Baseline module - version 4.0, ICSA Labs.
Figure 15 shows a snapshot with ICMP information.

II. Inbound Access Log

Figure 1

–

Inbound Access

Figure 2

–

Snapshot of Inbound Access Log

Description of Figure 2

The Access request originated from the source (204.26.122.9) to the destination (204.54.39.103) is accepted by the
candidate firewall. Classified as Inbound Accepted.