Manuals / NETGEAR / Computer Equipment / Network Hardware

NETGEAR UTM5-100NAS, UTM50-100NAS manual V1.0, January

Models: UTM5-100NAS UTM50-100NAS

1 484

Download 484 pages 53.33 Kb

Page 121

ProSecure Unified Threat Management (UTM) Appliance Reference Manual

Whether or not DHCP is enabled, how the PCs accesses the server’s LAN address impacts the inbound rules. For example:

•If your external IP address is assigned dynamically by your ISP (DHCP enabled), the IP address might change periodically as the DHCP lease expires. Consider using Dyamic DNS so that external users can always find your network (see “Configuring Dynamic DNS” on page 3-19).

•If the IP address of the local server PC is assigned by DHCP, it might change when the PC is rebooted. To avoid this, use the Reserved (DHCP Client) feature in the LAN Groups menu to keep the PC’s IP address constant (see “Setting Up Address Reservation” on page 4-17).

•Local PCs must access the local server using the PCs’ local LAN address. Attempts by local PCs to access the server using the external WAN IP address will fail.

Note: See “Configuring Port Triggering” on page 5-46 for yet another way to allow certain types of inbound traffic that would otherwise be blocked by the firewall.

Note: The UTM always blocks denial of service (DoS) attacks. A DoS attack does not attempt to steal data or damage your PCs, but overloads your Internet connection so you cannot use it (that is, the service becomes unavailable). For example, multiple concurrent connections of the same application from one host or IP addresses (such as multiple DNS queries from one PC) triggers the UTM’s DoS protection. For more information about protecting the UTM from incoming threats, see “Using the Intrusion Prevention System” on page 5-49.

Table 5-3 on page 5-8describes the fields that define the rules for inbound traffic and that are common to most Inbound Service screens (see Figure 5-4 on page 5-15, Figure 5-7 on page 5-18and Figure 5-10 on page 5-21).

The steps to configure inbound rules are described in the following sections:

•“Setting LAN WAN Rules” on page 5-12

•“Setting DMZ WAN Rules” on page 5-15

•“Setting LAN DMZ Rules” on page 5-19

Firewall Protection

5-7

v1.0, January 2010

Image 121

NETGEAR UTM5-100NAS, UTM50-100NAS manual V1.0, January

Contents

NETGEAR, Inc Statement of Conditions TrademarksEU Regulatory Compliance Statement Bestätigung des Herstellers/ImporteursAdditional Copyrights Voluntary Control Council for Interference Vcci StatementAES TermsMD5 Model Number Product and Publication DetailsPublication Date January Product Family Product NameV1.0, January Contents Dual-WAN Port Models Only Chapter Manually Configuring Internet and WAN SettingsChapter LAN Configuration Chapter Content Filtering and Optimizing Scans Chapter Virtual Private Networking Using SSL Connections Features That Increase Traffic Features That Reduce TrafficUsing QoS and Bandwidth Assignment to Shift the Traffic Mix Changing Passwords and Administrator SettingsConfiguring Logging, Alerts, and Event Notifications Configuring Date and Time ServiceConfiguring the E-mail Notification Server Configuring and Activating System, E-mail, and Syslog LogsTroubleshooting a TCP/IP Network Using a Ping Utility Troubleshooting the ISP ConnectionTesting the LAN Path to Your UTM Testing the Path from Your PC to a Remote DeviceAppendix D Two Factor Authentication Xvi Conventions, Formats, and Scope About This ManualRevision History How to Print This ManualPart Number Version Date Description Chapter Introduction Key Features and Capabilities Advanced VPN Support for Both IPsec and SSL Stream Scanning for Content Filtering Powerful, True FirewallAutosensing Ethernet Connections with Auto Uplink Security FeaturesExtensive Protocol Support Easy Installation and ManagementModel Comparison Maintenance and SupportDifferences Between the UTM Models Deployment Service Registration Card with License KeysPackage Contents Front Panel Hardware FeaturesObject Activity Description LED DescriptionsLAN Ports DMZ LEDRear Panel Security lock Console port Reset button AC power ReceptacleBottom Panel With Product Label Receptacle4shows the product label for the UTM5 6shows the product label for the UTM25 Choosing a Location for the UTMUsing the Rack-Mounting Kit V1.0, January Understanding the Steps for Initial Connection Using the Setup Wizard to Provision the UTM in Your NetworkQualified Web Browsers Logging In to the UTMV1.0, January V1.0, January Understanding the Web Management Interface Menu Layout V1.0, January Using the Setup Wizard to Perform the Initial Configuration Setup Wizard of 10 LAN Settings Dhcp Setup Wizard LAN SettingsSetting Description or Subfield and Description Setting Description or Subfield and Description DNS Proxy Setup Wizard of 10 WAN SettingsSetting Description or Subfield and Description ISP Login Setup Wizard WAN SettingsISP Type ISP Internet IP AddressDomain Name Server DNS Servers Get Automatically from ISP radio buttonSetup Wizard of 10 System Date and Time Adjust for Daylight Savings Time checkbox Setup Wizard System Date and Time SettingsSetup Wizard of 10 Services Web Setup Wizard Services SettingsInstant Messaging Peer-to-Peer P2PSetup Wizard Email Security Settings Setup Wizard of 10 Email SecuritySetting Description or Subfield and Description Action Scan Exceptions Setup Wizard of 10 Web SecuritySee Performance Management on Setup Wizard Web Security SettingsSetup Wizard of 10 Web Categories to Be Blocked Blocked Categories Scheduled Days Setup Wizard Content Filtering SettingsBlocked Categories Time of Day Setup Wizard Administrator Email Notification Settings Setup Wizard of 10 Email NotificationAdministrator Email Notification Settings Setup Wizard of 10 Signatures & Engine Setup Wizard Signatures & Engine Settings Setup Wizard of 10 Saving the ConfigurationUpdate Settings Update FrequencyTesting Connectivity Verifying Proper InstallationTesting Http Scanning Registering the UTM with NetgearClick Register What to Do Next Understanding the Internet and WAN Configuration Tasks Manually Configuring Internet and WAN SettingsAutomatically Detecting and Connecting Configuring the Internet ConnectionsV1.0, January Connection Method Data Required Internet connection methodsPptp Manually Configuring the Internet Connection Setting the UTM’s MAC AddressV1.0, January Pptp and PPPoE Settings Internet IP Address Settings DNS Server Settings Network Address Translation All Models Classical Routing All Models Configuring Auto-Rollover Mode Dual-WAN Port Models OnlySetting Description or Subfield and Description Port Mode Auto-Rollover Mode Settings Dual-WAN Port Models OnlyWAN1 Configuring the Internet Connections onWAN2 V1.0, January Using the Services menu see Services-Based Rules on Protocol Binding Settings Dual-WAN Port Models OnlyDestination Configuring Secondary WAN Addresses V1.0, January Select Network Config Dynamic DNS from the menu Configuring Dynamic DNSV1.0, January WAN2 Dynamic DNS Status DNS Service SettingsConfiguring Advanced WAN Options Setting Description or Subfield and Description MTU Size Advanced WAN SettingsUse Default Address radio button Port SpeedUpload/Download Settings Additional WAN-Related Configuration TasksManaging Virtual LANs and Dhcp Options Chapter LAN ConfigurationManaging the UTM’s Port-Based VLANs V1.0, January Dhcp Server Vlan Dhcp OptionsDNS Proxy Dhcp RelayLdap Server Configuring a Vlan ProfileV1.0, January Vlan ID Vlan Profile SettingsPort Membership VlanEnable Dhcp Starting IP Inter Vlan Routing Configuring Multi-Home LAN IPs on the Default Vlan Managing Groups and Hosts LAN Groups Managing the Network Database V1.0, January Setting Up Address Reservation on Add Known PCs and Devices SettingsAdding PCs or Devices to the Network Database Editing PCs or Devices in the Network Database Changing Group Names in the Network DatabaseSetting Up Address Reservation Configuring and Enabling the DMZ Port V1.0, January DMZ Setup Settings Own LAN IP address as the primary DNS server IP address Managing Routing Configuring Static Routes Static Route Settings Configuring Routing Information Protocol RIPSelect Network Configuration Routing from the menu Authentication for RIP-2B/2M RIP Configuration SettingsOut Only . Static Route Example V1.0, January About Firewall Protection Chapter Firewall ProtectionAdministrator Tips Services-Based Rules Using Rules to Block or Allow Specific Kinds of TrafficNumber of Supported Firewall Rule Configurations Outbound Rules Service Blocking Outbound Rules Overview Customized Services onTo Block or Allow Specific Traffic on Hosts LAN Groups onNAT IP Inbound Rules Port ForwardingV1.0, January Inbound Rules Overview Hosts LAN Groups on Useful when debugging your rules Order of Precedence for Rules Setting LAN WAN Rules LAN WAN Outbound Services Rules LAN WAN Inbound Services Rules Setting DMZ WAN Rules V1.0, January DMZ WAN Outbound Services Rules DMZ WAN Inbound Services Rules Setting LAN DMZ Rules LAN DMZ Outbound Services Rules LAN DMZ Inbound Services Rules LAN WAN Inbound Rule Hosting a Local Public Web Server Inbound Rules ExamplesV1.0, January V1.0, January LAN WAN or DMZ WAN Inbound Rule Specifying an Exposed Host LAN WAN Outbound Rule Blocking Instant Messenger Outbound Rules ExampleAttack Checks Configuring Other Firewall FeaturesAttack Checks Settings L2TP VPN Pass throughSetting Session Limits Session Timeout Session Limit SettingsManaging the Application Level Gateway for SIP Sessions Adding Customized Services Creating Services, QoS Profiles, and Bandwidth ProfilesV1.0, January TCP Services SettingsCreating Quality of Service QoS Profiles V1.0, January Default High Medium High Low QoS Profile SettingsCreating Bandwidth Profiles V1.0, January Bandwidth Profile Settings Setting a Schedule to Block or Allow Specific Traffic Enabling Source MAC Filtering V1.0, January Setting up IP/MAC Bindings Event Notifications on IP/MAC Binding SettingsIP/MAC Bindings Configuring Port Triggering V1.0, January 10. Port Triggering Settings Using the Intrusion Prevention System V1.0, January V1.0, January Attack Name Description or Subfield and Description Web 11. IPS Less Familiar Attack NamesMisc About Content Filtering and Scans Content Filtering and Optimizing ScansDefault E-mail and Web Scan Settings Default E-mail and Web Scan SettingsScan Type Default Scan Setting Default Action if applicable Configuring E-mail ProtectionCustomizing E-mail Protocol Scan Settings Customizing E-mail Anti-Virus and Notification Settings Notification Settings E-mail Anti-Virus and Notification SettingsPerformance see Performance Management on Mail Email Alert SettingsTIME%, %PROTOCOL%, %FROM%, %TO%, %SUBJECT% Mail Content FilteringFILENAME%, %ACTION%, %VIRUSNAME% V1.0, January Filter by Password-Protected Attachments ZIP, RAR, etc E-mail Filter SettingsProtecting Against E-mail Spam Password-Protected Attachments ZIP, RAR, etc. section aboveFilter by File Name Protected Attachments ZIP, RAR, etc. section aboveSetting Up the Whitelist and Blacklist V1.0, January Whitelist/Blacklist Settings Configuring the Real-time BlacklistV1.0, January Configuring Distributed Spam Analysis Distributed Spam Analysis Settings Low Medium-Low Anti-Spam Engine SettingsBlock spam email Customizing Web Protocol Scan Settings and Services Configuring Web and Services ProtectionSetting Description or Subfield and Description Web Web Protocol, Instant Messaging, and Peer-to-Peer SettingsConfiguring Web Malware Scans Malware Scan Settings Html Scan Configuring Web Content FilteringV1.0, January Content Filtering, screen 1 10 Content Filtering, screen 2 11 Content Filtering, screen 3 Performance Management on Content Filtering SettingsFull-Text Search Block Web ObjectsBlocked Categories Scheduled Days URL Configuring Web URL FilteringNetgear V1.0, January Setting Description or Subfield and Description Whitelist URL Filtering SettingsBlacklist URL% Https Scan Settings V1.0, January V1.0, January Specifying Trusted Hosts 10. Https SettingsV1.0, January 11. Trusted Hosts Settings Configuring FTP Scans12. FTP Scan Settings Setting Web Access Exception Rules Setting Web Access Exceptions and Scanning ExclusionsBlock Files with the Following Extensions To set Web access exception rules Groups and Hosts LAN Groups on 13. Add and Edit Block Scanning Exception SettingsSetting Scanning Exclusions 14. Add Scanning Exclusion Settings V1.0, January Chapter Virtual Private Networking Using IPsec Connections IP Addressing for VPNs in Dual WAN Port Systems UTMIP Addressing for VPNs in Dual WAN Port Systems Creating Gateway-to-Gateway VPN Tunnels with the Wizard V1.0, January Connection Name and Remote IP Type IPsec VPN Wizard Settings for a Gateway-to-Gateway TunnelManually Adding or Editing a VPN Policy on Secure Connection Remote AccessibilityEnd Point Information a V1.0, January Creating a Client to Gateway VPN Tunnel V1.0, January Fqdn IPsec VPN Wizard Settings for a Client-to-Gateway TunnelV1.0, January V1.0, January Only Connect Manually checkbox Security Policy Editor Remote Party SettingsGateway Tunnel Status onSecurity Policy Editor My Identity Settings On page 7-10. In this example, the domain name is Testing the VPN Connection Testing the Connections and Viewing Status InformationSecurity Policy Editor Security Policy Settings Detection checkboxNetgear VPN Client Status and Log Information V1.0, January Status Indications for the VPN Client System Tray Icon Viewing the UTM IPsec VPN Connection StatusSystem Tray Icon Status IPsec VPN Connection Status Information Viewing the UTM IPsec VPN LogManaging IPsec VPN Policies IKE Policies Screen Managing IKE PoliciesList of IKE Policies Information Manually Adding or Editing an IKE Policy V1.0, January Description or Subfield and Description Mode Config Record 10. Add IKE Policy SettingsGeneral Remote LocalIKE SA Parameters Group 1 768 bit ConfiguringGroup 5 1536 bit Keepalives and DeadConfiguration on Screen see User Database Configuration onVPN Policies Screen Managing VPN PoliciesRemote 11. List of VPN Policies InformationManually Adding or Editing a VPN Policy V1.0, January Configuring Keepalives 12. Add VPN Policy SettingsDescription or Subfield and Description General Dead PeerManual Policy Parameters Traffic SelectionAuto Policy Parameters Group 768 bit Configuring Extended Authentication XauthGroup 1536 bit Configuring Xauth for VPN Clients Radius Client Configuration User Database ConfigurationInformation, see Radius Client Configuration on V1.0, January Backup Radius Server 14. Radius Client SettingsConnection Configuration Primary Radius ServerMode Config Operation Assigning IP Addresses to Remote Users Mode ConfigConfiguring Mode Config Operation on the UTM V1.0, January Description or Subfield and Description Client Pool 15. Add Mode Config Record SettingsTraffic Tunnel Security Level V1.0, January 16. Add IKE Policy Settings for a Mode Config Configuration Menu, select Group 2 1024 bit Description or Subfield and Description RemoteConfiguring the ProSafe VPN Client for Mode Config Operation 192.168.1.0 Mask Gateway Tunnel 18. Security Policy Editor My Identity, Mode Config Settings Menu Testing the Mode Config Connection Configuring Keepalives and Dead Peer DetectionConfiguring Keepalives 20. Keepalive Settings Configuring Dead Peer Connection21. Dead Peer Detection Settings Configuring NetBIOS Bridging with IPsec VPN V1.0, January Understanding the SSL VPN Portal Options Chapter Virtual Private Networking Using SSL ConnectionsUsing the SSL VPN Wizard for Client Configurations SSL VPN Wizard of 6 Portal Settings Portal Layout and Theme Name SSL VPN Wizard Portal SettingsScreen as shown in -8 on SSL VPN Portal Pages to Display SSL VPN Wizard of 6 Domain SettingsDomain Name SSL VPN Wizard Domain SettingsRadius Client SSL VPN Wizard of 6 User Settings SSL VPN Wizard User Settings SSL VPN Wizard of 6 Client IP Address Range and Routes Client IP Address Range SSL VPN Wizard Client IP Address Range and Routes SettingsAdd Routes for VPN Tunnel Clients SSL VPN Wizard of 6 Port Forwarding SSL VPN Wizard Port Forwarding SettingsAdd New Host Name for Port Forwarding SSHSSL VPN Wizard of 6 Verify and Save Your Settings Accessing the New SSL Portal Login Screen V1.0, January Viewing the UTM SSL VPN Log Viewing the UTM SSL VPN Connection StatusManually Configuring and Editing SSL Connections Creating the Portal Layout V1.0, January V1.0, January Revalidate Add Portal Layout SettingsConfiguring Applications for Port Forwarding Configuring Domains, Groups, and UsersAdding Servers and Port Numbers Port Forwarding Applications/TCP Port Numbers Adding a New Host NameTCP Application Port Number Fully Qualified Domain Name. The full server name Configuring the SSL VPN ClientConfiguring the Client IP Address Range Tunnel Clients on Adding Routes for VPN Tunnel ClientsUsing Network Resource Objects to Simplify Policies Adding New Network Resources Editing Network Resources to Specify Addresses Add Resource Addresses Settings Configuring User, Group, and Global PoliciesViewing Policies Adding a Policy Policy For 10. Add Policy SettingsNetwork Resource Objects to Simplify Policies on Description or Subfield and Description Add SSL VPN Policies10. Add Policy Settings V1.0, January V1.0, January Configuring VPN Authentication Domains, Groups, and Users Managing Users, Authentication, and CertificatesAuthentication Protocols and Methods Configuring DomainsLdap Add Domain Settings Creating the Portal Layout on Configuring Groups for VPN Policies Creating and Deleting Groups Editing Groups VPN Group SettingsConfiguring User Accounts V1.0, January See Configuring Extended Authentication Xauth on Add User SettingsPolicies on Configuring Login Policies Setting User Login PoliciesConfiguring Login Restrictions Based on IP Address Add Defined Addresses Settings Configuring Login Restrictions Based on Web BrowserInternet Explorer Opera Netscape Navigator Changing Passwords and Other User Settings Enabled see Configuring Extended Authentication Xauth on Edit User SettingsManaging Digital Certificates V1.0, January 11 Certificates, screen 1 Managing CA CertificatesManaging Self Certificates Generating a CSR and Obtaining a Self Certificate from a CA Setting Generate Self Certificate Request Settings512 1024 2048 V1.0, January Viewing and Managing Self Certificates Managing the Certificate Revocation List15Certificates, screen 3 Bandwidth Capacity Performance ManagementFeatures That Reduce Traffic Network and System Management 10-3 Content Filtering Source MAC Filtering Features That Increase Traffic10-6 Network and System Management Port Triggering Configuring the DMZ PortConfiguring Exposed Hosts Using QoS and Bandwidth Assignment to Shift the Traffic MixConfiguring VPN Tunnels Assigning QoS ProfilesSystem Management Changing Passwords and Administrator SettingsMonitoring Tools for Traffic Management Assigning Bandwidth Profiles10-10 Network and System Management Network and System Management 10-11 Configuring Remote Management Access Https//IPaddress or https//FullyQualifiedDomainName Using an Snmp Manager Snmp Settings Managing the Configuration FileSetting Description or Subfield and Description Settings Trusted Snmp HostsBackup Settings Restore Settings Updating the Firmware Reverting to Factory Default SettingsViewing the Available Firmware Versions Upgrading the Firmware and Rebooting the UTM Updating the Scan Signatures and Scan Engine Firmware Rebooting Without Changing the Firmware10-22 Network and System Management Signatures & Scan Engine Settings Configuring Automatic Update and Frequency SettingsSystem Date & Time Settings Configuring Date and Time ServiceNetwork and System Management 10-25 10-26 Network and System Management Enabling the WAN Traffic Meter Monitoring System Access and Performance11-2 Monitoring System Access and Performance Traffic Counter WAN Traffic Meter SettingsLogging, Alerts, and Event Notifications on System, E-mail, and Syslog Logs on Configuring the E-mail Notification Server Configuring Logging, Alerts, and Event NotificationsE-mail Notification Settings Configuring and Activating System, E-mail, and Syslog LogsServer requires authentication checkbox and enter Monitoring System Access and Performance 11-7 Email Logs to Administrator E-mail and Syslog SettingsSend Logs via Syslog Configuring and Activating Update Failure and Attack Alerts Alerts Settings ACTION%, %VIRUSNAME% PROTOCOL%, %FROM%, %TO%, %SUBJECT%, %FILENAME%Configuring and Activating Firewall Logs Monitoring Real-Time Traffic, Security, and Statistics Firewall Logs SettingsDashboard, screen 1 Spam to configure, see Protecting Against E-mail Spam on Settings onTotal Threats System onTotal Traffic Bytes Threats CountsDashboard Most Recent 5 and Top 5 Information Categories, see Using the IntrusionCategory Most Recent 5 Description Top 5 Description Prevention System onDashboard, screen 3 Dashboard Service Statistics InformationViewing System Status Viewing Status ScreensSystem Status Status and System Information Setting Status11 System Status, screen 2 LAN Port NATDhcp Viewing VPN Tunnel Connection Status Viewing Active VPN Users11. System Status Interface Statistics 12. IPsec VPN Connection Status Information Viewing Port Triggering Status To view the status of the Port Triggering feature13. Port Triggering Status Information Viewing the WAN Ports Status11-28 Monitoring System Access and Performance Edit Vlan Profile screen see Configuring a Vlan Profile on Models see Manually Configuring the Internet Connection onViewing Attached Devices and the Dhcp Log Viewing Attached Devices11-30 Monitoring System Access and Performance Viewing the Dhcp Log Querying the Logs Querying Logs and Generating ReportsMonitoring System Access and Performance 11-33 15. Logs Query Settings This field is available for the following logs See Configuring and Activating Firewall Logs onFollowing protocols can be selected Following reasons can be selected Following categories can be selectedThis field is available only for the Spam log This field is available only for the Malware logThis field is available only for the Service log EMERG, ALERT, CRITICAL, ERROR, WARNING, NoticeThis field is available only for the Content filters log Log Management Example Using Logs to Identify Infected ClientsScheduling and Generating Reports Generating Reports Email Reports 16. Generate Report SettingsWeb Reports System ReportsScheduling Reports 17. Schedule Report SettingsEmail Reports Web Reports System Reports Using Diagnostics UtilitiesReport List Sending a Ping Packet Using the Network Diagnostic ToolsDisplaying the Routing Table Tracing a RouteLooking up a DNS Address 27 Diagnostics, screen 2 Using the Realtime Traffic Diagnostics ToolGenerating Network Statistics Gathering Important Log InformationRebooting and Shutting Down the UTM Troubleshooting and Using Online Support Basic Functioning Power LED Not OnTest LED Never Turns Off LAN or WAN Port LEDs Not On Troubleshooting the Web Management InterfaceWhen You Enter a URL or IP Address a Time-out Error Occurs Troubleshooting the ISP Connection 12-6 Troubleshooting and Using Online Support Testing the LAN Path to Your UTM Troubleshooting a TCP/IP Network Using a Ping UtilityPing -n 10 IP address Testing the Path from Your PC to a Remote DeviceRestoring the Default Configuration and Password Using Online Support Problems with Date and TimeEnabling Remote Troubleshooting Sending Suspicious Files to Netgear for Analysis Malware Analysis Settings Accessing the Knowledge Base and DocumentationFeature Default behavior Router Login Table A-1. UTM Default Configuration SettingsInternet Connection Local Network LANTable A-2. UTM Physical and Technical Specifications Feature Specification Environmental Specifications Table A-3. UTM IPsec VPN SpecificationsInterface Specifications Setting SpecificationMD5, SHA-1, MAC-MD5/SHA-1, HMAC-MD5/SHA-1 Table A-4. UTM SSL VPN SpecificationsWhat to Consider Before You Begin Internet WAN port Physical facilityInternet Configuration Requirements Computer Network Configuration RequirementsCabling and Computer Hardware Requirements Internet Connection Information Where Do I Get The Internet Configuration Information?Overview of the Planning Process Figure B-2 Inbound Traffic to a Single WAN Port System Inbound TrafficInbound Traffic Dual WAN Ports for Improved Reliability Inbound Traffic to a Dual WAN Port SystemInbound Traffic Dual WAN Ports for Load Balancing VPN Road Warrior Client Virtual Private Networks VPNsTo-Gateway To-Gateway Through a NATFigure B-7 VPN Road Warrior Single Gateway WAN Port Reference Case VPN Road Warrior Client-to-GatewayFigure B-10 VPN Road Warrior Dual Gateway WAN Ports for Load Balancing VPN Gateway-to-GatewayFigure B-13 Figure B-15 VPN Telecommuter Single Gateway WAN Port Reference Case VPN Telecommuter Client-to-Gateway Through a NAT RouterFigure B-18 Figure B-20 VPN Telecommuter Dual Gateway WAN Ports for Load BalancingTerm Description or Subfield and Description Table C-1. Log Message TermsTable C-3. System Logs Reboot RebootSystem Log Messages System StartupTable C-4. System Logs Service Service LogsTable C-5. System Logs NTP Firewall Restart Login/LogoutIPsec Restart WAN Status Auto-Rollover ModeSystem Logs WAN Status, Auto Rollover ACTIVEWAN2Table C-9. System Logs WAN Status, Load Balancing Load-Balancing ModePPP Logs Table C-10. System Logs WAN Status, PPPoE Idle-TimeoutTable C-12. System Logs WAN Status, PPP Authentication Table C-11. System Logs WAN Status, Pptp Idle-TimeoutUnicast Logs Traffic Metering LogsIcmp Redirect Logs Multicast/Broadcast Logs Invalid Packet LoggingTable C-16. System Logs Multicast/Broadcast Table C-17. System Logs Invalid PacketsInvalidbadhwchecksumdrop SRC=192.168.20.10 Invalidbadchecksumdrop SRC=192.168.20.10Invalidmalformedpacketdrop SRC=192.168.20.10 Invalidshortpacketdrop SRC=192.168.20.10Web Filtering and Content Filtering Logs Content Filtering and Security LogsSpam Logs Table C-19. Content Filtering and Security Logs SpamTable C-21. Content Filtering and Security Logs Virus Table C-20. Content Filtering and Security Logs TrafficTraffic Logs Virus LogsTable C-24. Content Filtering and Security Logs Port Scan Table C-23. Content Filtering and Security Logs IPSIPS Logs Port Scan LogsLAN to WAN Logs Routing LogsLAN to DMZ Logs DMZ to WAN LogsDMZ to LAN Logs WAN to LAN LogsWAN to DMZ Logs V1.0, January What are the benefits of Two-Factor Authentication? Why do I need Two-Factor Authentication?What is Two-Factor Authentication Netgear Two-Factor Authentication SolutionsFigure D-1 Figure D-3 Document Link Appendix E Related DocumentsV1.0, January Numerics IndexIndex-2 Index-3 Index-4 Index-5 Index-6 Index-7 Index-8 Index-9 Index-10 Index-11 Index-12 Index-13 Index-14 Index-15 Index-16