Configuring a protocol auditing policy, Verification, Firewall logs and seccenter analysis – H3C Technologies H3C SecCenter UTM Manager User Manual

Page 255

Advertising
background image

247

NOTE:

Only the U200-A supports flow logging.

Configuring a protocol auditing policy

1.

Select Protocol Audit > Segment Policy Management from the navigation tree to enter the segment

policy configuration page.

2.

Apply the default auditing policy to segment 3.

3.

Click Activate.

Figure 238 Segment policy configuration page

NOTE:

After configuring all the policies, click Activate to bring them into effect.

Verification

Firewall logs and SecCenter analysis

Displaying logs on the firewall webpage

When attack packets, such as Land attack packets and Winnuke attack packets, travel from the internal

PC to the external PC, or from the external PC to the internal PC, the firewall will detect them and log the

events.
Select Log Report > Report to display the system logs, connection limit logs, attack prevention logs,

blacklist logs, interzone policy logs and user logs.

Attack prevention logs

Blacklist logs

Advertising
See also other documents in the category H3C Technologies Safety: