SonicWALL TZ 190 Manuale Utente
Log > Categories
771
SonicOS Enhanced 4.0 Administrator Guide
Log Categories
SonicWALL security appliances provide automatic attack protection against well known
exploits. The majority of these legacy attacks were identified by telltale IP or TCP/UDP
characteristics, and recognition was limited to a set of fixed layer 3 and layer 4 values. As the
breadth and sophistication of attacks evolved, it’s become essential to dig deeper into the
traffic, and to develop the sort of adaptability that could keep pace with the new threats.
exploits. The majority of these legacy attacks were identified by telltale IP or TCP/UDP
characteristics, and recognition was limited to a set of fixed layer 3 and layer 4 values. As the
breadth and sophistication of attacks evolved, it’s become essential to dig deeper into the
traffic, and to develop the sort of adaptability that could keep pace with the new threats.
All SonicWALL security appliances, even those running SonicWALL IPS, continue to recognize
these legacy port and protocol types of attacks. The current behavior on all SonicWALL security
appliances devices is to automatically and holistically prevent these legacy attacks, meaning
that it is not possible to disable prevention of these attacks either individually or globally.
these legacy port and protocol types of attacks. The current behavior on all SonicWALL security
appliances devices is to automatically and holistically prevent these legacy attacks, meaning
that it is not possible to disable prevention of these attacks either individually or globally.
SonicWALL security appliances now include an expanded list of attack categories that can be
logged.
logged.
The View Style menu provides the following three log category views:
•
All Categories - Displays both Legacy Categories and Expanded Categories.
•
Legacy Categories - Displays log categories carried over from earlier SonicWALL log
event categories.
event categories.
•
Expanded Categories - Displays the expanded listing of categories that includes the older
Legacy Categories log events rearranged into the new structure.
Legacy Categories log events rearranged into the new structure.
The following table describes both the Legacy and Extended log categories.
Log Type
Category
Description
802.11b
Management
Management
Legacy
Logs WLAN IEEE 802.11b connections.
Advanced Routing
Expanded
Logs messages related to RIPv2 and OSPF routing events.
Attacks
Legacy
Logs messages showing Denial of Service attacks, such as SYN Flood, Ping
of Death, and IP spoofing
of Death, and IP spoofing
Authenticated
Access
Access
Expanded
Logs administrator, user, and guest account activity
Blocked Java, etc.
Legacy
Logs Java, ActiveX, and Cookies blocked by the SonicWALL security
appliance.
appliance.
Blocked Web Sites
Legacy
Logs Web sites or newsgroups blocked by the Content Filter List or by
customized filtering.
customized filtering.
BOOTP
Expanded
Logs BOOTP activity
Crypto Test
Expanded
Logs crypto algorithm and hardware testing
DDNS
Expanded
Logs Dynamic DNS activity
Denied LAN IP
Legacy
Logs all LAN IP addresses denied by the SonicWALL security appliance.
DHCP Client
Expanded
Logs DHCP client protocol activity
DHCP Relay
Expanded
Logs DHCP central and remote gateway activity
Dropped ICMP
Legacy
Logs blocked incoming ICMP packets.
Dropped TCP
Legacy
Logs blocked incoming TCP connections.
Dropped UDP
Legacy
Logs blocked incoming UDP packets.
Firewall Event
Extended
Logs internal firewall activity
Firewall Hardware
Extended
Logs firewall hardware error events