Netgear UTM9S – ProSECURE Unified Threat Management (UTM) Appliance with DSL and Wireless modules Manual De Referência
System Logs and Error Messages
595
ProSecure Unified Threat Management (UTM) Appliance
Traffic Logs
This section describes logs that are generated when the UTM processes web and email
traffic.
traffic.
Virus Logs
This section describes logs that are generated when the UTM detects viruses.
Email Filter Logs
This section describes logs that are generated when the UTM filters email content.
Table 169. Content-filtering and security logs: traffic
Message
2009-02-28 23:59:59 HTTP 99 radius_domain radius_user1 192.168.1.2
192.168.33.8 xlzimap@test.com xlzpop3@test.com
[MALWARE INFECTED] Fw: cleanvirus
192.168.33.8 xlzimap@test.com xlzpop3@test.com
[MALWARE INFECTED] Fw: cleanvirus
Explanation
Web and email traffic logs for HTTP, SMTP, POP3, IMAP, HTTPS, and FTP traffic.
In this sample message, a malware threat was cleaned from the traffic. The
message shows the date and time, protocol, size of the web file or email, domain,
user, client IP address, server IP address, sender, recipient, and web URL or email
subject line.
In this sample message, a malware threat was cleaned from the traffic. The
message shows the date and time, protocol, size of the web file or email, domain,
user, client IP address, server IP address, sender, recipient, and web URL or email
subject line.
Recommended Action
None.
Table 170. Content-filtering and security logs: virus
Message
2008-02-29 23:59:00 POP3 OF97/Jerk Delete cleanvirus.zip radius_domain
radius_user1 192.168.1.2 192.168.35.166 xlzimap@test.com xlzimap@test.com
[MALWARE INFECTED] Fw: cleanvirus
radius_user1 192.168.1.2 192.168.35.166 xlzimap@test.com xlzimap@test.com
[MALWARE INFECTED] Fw: cleanvirus
Explanation
Virus logs for all services. The message shows the date and time, protocol, virus
name, the action that is taken, file name, domain, user, client IP address, server IP
address, sender, recipient, and web URL or email subject line.
name, the action that is taken, file name, domain, user, client IP address, server IP
address, sender, recipient, and web URL or email subject line.
Recommended Action
None.
Table 171. Content-filtering and security logs: email filter
Message
2009-04-31 23:59:59 SMTP radius_domain radius_user1 192.168.1.2
192.168.35.165 xlzimap@test.com xlzpop3@test.com test Keyword test BlockMail
192.168.35.165 xlzimap@test.com xlzpop3@test.com test Keyword test BlockMail
Explanation
Logs that are generated when emails are blocked because of a keyword violation in
the subject line. The message shows the date and time, protocol, domain, user,
client IP address, server IP address, sender, recipient, email subject line, reason for
the action, details, and the action that is taken.
the subject line. The message shows the date and time, protocol, domain, user,
client IP address, server IP address, sender, recipient, email subject line, reason for
the action, details, and the action that is taken.
Recommended Action
None.