ProSecure Unified Threat Management (UTM) Appliance Reference Manual

Traffic Logs

This section describes logs that are generated when the UTM processes Web and e-mail traffic.

Table C-20. Content Filtering and Security Logs: Traffic

Message

2009-02-28 23:59:59 HTTP 99 192.168.1.2 192.168.33.8

 

xlzimap@test.com xlzpop3@test.com

 

[MALWARE INFECTED] Fw: cleanvirus

 

 

Explanation

Web and e-mail traffic logs for HTTP, SMTP, POP3, IMAP, HTTPS, and FTP

 

traffic. In this example message, a malware threat was cleaned from the traffic.

 

The message shows the date and time, protocol, size of the Web file or e-mail,

 

client IP address, server IP address, sender, recipient, and Web URL or e-mail

 

subject line.

 

 

Recommended Action

None

 

 

Virus Logs

This section describes logs that are generated when the UTM detects viruses.

Table C-21. Content Filtering and Security Logs: Virus

Message

2008-02-29 23:59:00 POP3

OF97/Jerk Delete

cleanvirus.zip

 

192.168.1.2 192.168.35.166

xlzimap@test.com

xlzimap@test.com

 

[MALWARE INFECTED]Fw: cleanvirus

 

 

 

Explanation

Virus logs for all services. The message shows the date and time, protocol,

 

virus name, action that is taken, file name, client IP address, server IP address,

 

sender, recipient, and Web URL or e-mail subject line.

 

 

 

 

Recommended Action

None

 

 

 

 

 

 

E-mail Filter Logs

This section describes logs that are generated when the UTM filters e-mail content.

Table C-22. Content Filtering and Security Logs: E-mail Filter

Message

2009-04-31 23:59:59 SMTP 192.168.1.2 192.168.35.165

 

xlzimap@test.com xlzpop3@test.com test Keyword test BlockMail

 

 

Explanation

Logs that are generated when e-mails are blocked because of a keyword

 

violation in the subject line. The message shows the date and time, protocol,

 

client IP address, server IP address, sender, recipient, e-mail subject line,

 

reason for the action, details, and action that is taken.

 

 

Recommended Action

None

 

 

C-14

System Logs and Error Messages

v1.0, January 2010

Page 458
Image 458
NETGEAR UTM50-100NAS Traffic Logs, Virus Logs, Mail Filter Logs, Table C-20. Content Filtering and Security Logs Traffic