Kerio Tech Firewall6 User Manual
Page 280
Chapter 21
Kerio StaR — statistics and reporting
280
The header informs about number of detected email messages and total volume of data
transferred by email protocols. WinRoute can recognize only email communication by
SMTP and POP3. Such traffic must be unencrypted and it must use corresponding pro-
tocol inspectors. Otherwise (the IMAP protocol, secured communication, retired protocol
inspectors), only volumes of data transferred by individual protocols are monitored.
Note: For detailed information on protocol inspectors, refer to chapters
and
The Messaging section includes the following types of records:
•
Connection to server — connection of email client to SMTP, IMAP or POP3 server.
The record includes name (or IP address) of the server, used protocol and volume
of data transferred in each direction.
•
Sent/Received messages — number of messages (transferred within one connec-
tion), name (or IP address) of the incoming/outgoing email server, used protocol
and volumes of data transferred in each direction.
Note: Volume of transferred data is rounded to kilobytes. If data volume is
smaller than 0.5 KB, the value is set to 0.
•
Instant messaging — only connection to and disconnection from the server is
recorded. The record includes protocol (IM service) and name (or IP address) of
the login server.
In this case, duration of the activity stands for the length of connection to the
service, regardless of how many messages the user sent or received.
Large File Transfers
This category addresses user activities where large data volumes are transferred — down-
loads from web and FTP servers, uploads to FTP servers or sharing of files in P2P net-
works. “Large files” are files exceeding 1 MB (or 2 MB of data transferred by an unknown
connection — see below).
Figure 21.20
User’s Activity — large file transfers and usage of P2P networks