HP Firewall manual Managing operation logs, Operator configuration items

Page 33

Table 34 Operator configuration items

Item

Description

Login Name

Type a name for the operator, a string of up to 40 characters.

 

 

 

Specify a password for the operator to use at login.

Login Password

The password must comprise 6 to 20 alphanumeric characters, and its strength

 

must meet the password strength requirements of the device.

 

 

 

Type the password again, which must be the same as that for Login Password. If

Confirm Password

the two are not the same, an error message will appear, telling you that they must

 

be identical.

 

 

Role

Select an operation level for the operator.

 

 

Manage Device Group

Specify which device groups the operator can manage.

 

 

 

Select an authentication mode for the operator.

Authentication Mode

Available authentication modes include local authentication and LDAP

authentication. If you select LDAP authentication, you must also select an LDAP

 

 

server.

 

 

Return to Operator management functions.

Managing operation logs

Configuration guide

Operation logs reflect what operators have done after login. A super administrator can view operations logs, query logs by different conditions, and delete logs.

From the navigation tree of the system management component, select Operation Logs under Operator Management. The operation log management page appears, as shown in Figure 28. Table 35 describes the operation log query options. You can use any combination of the options to query for the logs of interest.

Figure 28 Operation log management page

Table 35 Operation log query options

Option

Description

Operator

Specify the operator whose logs you are interested in.

 

 

Gateway IP

Type the IP address of the gateway.

 

 

 

Select the operation result of the operations.

Operation Result

By default, the value of this option is --, which means both the succeeded and

 

failed operations.

 

 

 

29

Image 33
Contents HP A-IMC Firewall Manager Page Contents Page What HP A-IMC Firewall Manager can do Introduction to HP A-IMC Firewall ManagerRegistering the firewall manager Installing the firewall managerRegister your license Uninstalling the firewall managerDevice management Device management Operator management System configurationManaging devices Device managementDevice query option Function DescriptionOption Description Fields of the device listReturn to Device management functions Add a device Device configuration itemsTelnet Password, Snmp Version, Community String for Reading, Device information Fields of the device software list Device software managementDeploying software to devices Deploying software to devicesRequired Task Name Return to Device software management functions Software backup resultFields of the software backup result list Device config managementBacking up configuration files Restoring a configuration fileBacking up configuration files Fields of the device configuration management listDevice configuration information management interface Running Config Fields of the configuration label listTab Description LabelCompare two configuration files Draft list Fields of the draft list Fields of the running configuration listConfiguration guide Managing batch importManaging device groups Adding a device group Device group listDevice group management functions Fields of the device group listDevice event list Managing eventsDevice event query options OptionFields of the device event list Device interface event listDevice interface event query options OptionDescriptionTemplate list Managing device access templatesFields of the template list Return to Template management functionsAdding a template Add a template Template configuration itemsManaging the device software database Device software database query option Importing device softwareFields of the device software database list Importing device softwareManaging deployment tasks Deployment task query optionFields of the deployment task list Managing operators Operator managementUser levels and the rights User level RightsAdding an operator Operator listOperator management functions Function Description Fields of the operator listManaging operation logs Operator configuration itemsChanging your login password Fields of the operation log listItemDescription System configuration Configuring system parameterConfiguring management ports Configure the mail server Mail server configuration items Configuring the mail serverFilter list Managing filtersFields of the filter list Filter listAdding a filter FieldDescriptionReturn to Filter management functions Ldap server list Managing Ldap serversLdap server list Adding an Ldap serverAdding an Ldap server Fields of the Ldap server listReturn to Ldap server management functions Monitoring the disk space Managing log retention timeActual free disk space is lower than this value Free disk space monitoring Managing subsystemsSubsystem information Fields of the subsystem list Adding a subsystemPage Snapshot of events Attack events monitoringFields in the event snapshot lists Snapshot of events Event snapshot query optionsFields of the recent events list Recent events listEvent analysis Device monitoringEvent overview Are under your management will appear in the drop-down list Top 10 attack events contrast graph Event detailsAttack event details Event details query options Fields of the attack event details list Report exporting managementFields of the report export task list Report export file listReport export task management functions Report export file listEvent auditing Adding a report export taskReturn to Report export task management functions Abnormal traffic log auditing Inter-zone access log auditingOperation log auditing Blacklist log auditingOperation log auditing Other log auditingMpls log auditing NAT log auditingSecurity policy management Security zonesSecurity zone list Adding a security zone Security zone listFields of the security zone list Return to Security zone management functionsTime ranges Security zone configuration itemImporting security zones from a device Time range listAdding a time range Time range listFields of the time range list Return to Time range management functionsServices Predefined servicesFields of the predefined service list Return to Service management functions User-defined servicesType a name for the user-defined service Service group management Fields of the service group list Service groupsAdd a service group Service group configuration items IP addresses Host addressesFields of the host address list Add a host address Host address configuration items Address range management Fields of the address range list Address rangesSubnet addresses Address range configuration itemsAdd an subnet address Subnet address configuration items IP address groups Add an IP address group IP address group configuration items Interzone rule list Interzone rulesInterzone rule query options Interzone rule listFields of the interzone rule list Adding an interzone ruleFiled Description Return to Interzone rule management functionsAdd an interzone rule Interzone rule configuration items Add source IP addresses for the interzone rule Interzone policy list Interzone policiesInterzone policy list Adding an interzone policyRule management Adding an interzone policyFields of the interzone policy list Return to Interzone policy management functionsRule management Fields of the policy’s rule list Move rules Sorting interzone rulesInterzone policy application list Interzone policy applicationsInterzone policy application query options Fields of the interzone policy application listApplying interzone policies Applied rules listReturn to Interzone policy application management functions Zone and destination zone pair is numbered Managing firewall devices Firewall device managementFirewall management functions Firewall device listAdding firewall devices Firewall device listQuery options on the firewall device management Fields of the firewall device listViewing device statistics Managing the device configuration databaseFields of the configuration segments list Configuration segment listReturn to Configuration segment management functions Adding a configuration segmentConfiguration segment configuration items Importing configuration segments from deviceDeploying a configuration segment Configure deployment task attributes Deployment task list Deployment task listFields of the deployment task list Comprehensive analysis Online usersComprehensive analysis SSL VPN log auditing Daily user statistics Online users trendsDaily user statistics User Count field shows the count of login times on that daySSL VPN log auditing User access records auditingAuthentication failure auditing Resource access auditingAuthentication failure auditing Configuration procedure Network requirementsAdding devices to the firewall manager Add a device to the firewall management component Configuring the firewall device Configuration proceduresConfiguring the Firewall Manager Configure Snmp on the FW deviceEnter the following commands in the CLI Add the FW device to the Firewall Manager Enable logging and send logs to Firewall ManagerConfigure a log host Userlog Configuring intrusion detectionScanning detection Blacklist Urpf check Verification Firewall logs and Firewall Manager analysisDisplaying log report on the firewall webpage Intrusion Policy Log User log Recent list Inter-zone access logs Blacklist logs Operation Logs Contacting HP Subscription serviceRelated information DocumentsSymbols Command conventionsConventions GUI conventionsPort numbering in examples Network topology iconsTime ranges,58 IndexViewing device statistics,85 User access records auditing,96
Related manuals
Manual 60 pages 30 Kb Manual 3 pages 40.21 Kb

Firewall specifications

HP Firewall, often positioned as a key component in enterprise network security, is designed to protect sensitive data and maintain secure communications across various environments. The primary role of a firewall is to monitor incoming and outgoing network traffic and make decisions based on a set of security rules. HP Firewalls utilize a combination of hardware and software to create a robust security framework that helps organizations manage their network perimeter effectively.

One of the main features of HP Firewall is its advanced security protocols that provide deep packet inspection. This technology scrutinizes packet contents beyond the header information, analyzing data flows for signs of malicious activity. By employing Stateful Inspection, HP Firewalls maintain a state table that logs active connections, allowing the firewall to evaluate packets in the context of established sessions. This helps optimize resource usage while delivering high-performance security.

Another characteristic of HP Firewall is its integration with HP's broader security ecosystem. By working seamlessly with other HP security products, such as HP Secure Access and HP Advanced Malware Protection, organizations can deploy a multi-layered security strategy. This integration enables centralized management, streamlining security policies and improving response times against threats.

HP Firewalls also feature next-generation capabilities. This includes intrusion prevention systems (IPS) that actively monitor network traffic for suspected threats and automatically take action to block potential breaches. Additionally, these firewalls come with application awareness features, allowing organizations to enforce policies based on specific applications rather than simply based on port or protocol. This granularity enhances control over minimal use of bandwidth while simultaneously mitigating risks from unwanted applications.

Furthermore, HP Firewall models are equipped with user identity management, allowing organizations to apply security policies based on user roles and the specific needs of the business. This significantly improves the overall security posture as it adds another layer of control.

Scalability is a notable characteristic of HP Firewalls, making them suitable for both small businesses and large enterprises. Organizations can expand their security infrastructure as needed while maintaining efficiency.

In summary, HP Firewalls deliver advanced security features, scalability, and seamless integration within the HP security ecosystem. Their emphasis on deep packet inspection, real-time monitoring, and user identity management make them a powerful asset in the defense against cyber threats, ensuring that organizations can protect their critical data and maintain the integrity of their network environments.