HostWatch
The HostWatch display uses the logging settings configured for your Firebox using the Policy Manager. For instance, to see all denied attempts at incoming Telnet in HostWatch, configure the Firebox to log incoming denied Telnet attempts.
The line connecting the source host and destination host is
•Red – The connection is being denied.
•Blue – The connection is being proxied.
•Green – The connection is using network address translation (NAT).
•Black – The connection falls into none of the first three categories.
Representative icons appear next to the server entries for HTTP, Telnet, SMTP, and FTP.
Name resolution might not occur immediately when you first start HostWatch. As names are resolved, HostWatch replaces IP addresses with host or usernames, depending on the display settings. Some machines might never resolve, and the IP addresses remain in the HostWatch window.
To start HostWatch, click the HostWatch icon (shown at left) on the
Control Center QuickGuide.
HostWatch display
The upper pane is split into two sides, Inside and Outside.
The lower pane displays detailed information for connections directly related to the Firebox.
Connecting to a Firebox
From HostWatch:
1Select File => Connect.
You can also click the Firebox icon.
2Use the Firebox drop list to select a Firebox.
You can also type the Firebox name or IP address.
3Enter the Firebox
HostWatch connects to the Firebox and begins the
Replaying a log file
You can replay a log file in HostWatch in order to troubleshoot and retrace a suspected
1Select File => Open.
You can also click the Folder icon. The Open dialog box appears.
User Guide | 99 |
