Chapter 9 Monitor

 

Table 43 Monitor > Anti-X Statistics > IDP (continued)

 

LABEL

DESCRIPTION

 

Total Session

This field displays the number of sessions that the ZyWALL has checked

 

Scanned

for intrusion characteristics.

 

 

 

 

Total Packet

The ZyWALL can detect and drop malicious packets from network traffic.

 

Dropped

This field displays the number of packets that the ZyWALL has dropped.

 

 

 

 

Total Packet

The ZyWALL can detect and drop malicious packets from network traffic.

 

Reset

This field displays the number of packets that the ZyWALL has reset.

 

 

 

 

Top Entry By

Use this field to have the following (read-only) table display the top IDP

 

 

entries by Signature Name, Source or Destination.

 

 

Select Signature Name to list the most common signatures that the

 

 

ZyWALL has detected.

 

 

Select Source to list the source IP addresses from which the ZyWALL has

 

 

detected the most intrusion attempts.

 

 

Select Destination to list the most common destination IP addresses for

 

 

intrusion attempts that the ZyWALL has detected.

 

 

 

 

#

This field displays the entry’s rank in the list of the top entries.

 

 

 

 

Signature

This column displays when you display the entries by Signature Name.

 

Name

The signature name identifies the type of intrusion pattern. Click the

 

 

hyperlink for more detailed information on the intrusion.

 

 

 

 

Signature ID

This column displays when you display the entries by Signature Name.

 

 

The signature ID is a unique value given to each intrusion detected.

 

 

 

 

Type

This column displays when you display the entries by Signature Name.

 

 

It shows the categories of intrusions. See Table 146 on page 490 for more

 

 

information.

 

 

 

 

Severity

This column displays when you display the entries by Signature Name.

 

 

It shows the level of threat that the intrusions may pose. See Table 145

 

 

on page 488 for more information.

 

 

 

 

Source IP

This column displays when you display the entries by Source. It shows

 

 

the source IP address of the intrusion attempts.

 

 

 

 

Destination IP

This column displays when you display the entries by Destination. It

 

 

shows the destination IP address at which intrusion attempts were

 

 

targeted.

 

 

 

 

Occurrences

This field displays how many times the ZyWALL has detected the event

 

 

described in the entry.

 

 

 

The statistics display as follows when you display the top entries by source.

Figure 141 Monitor > Anti-X Statistics > IDP: Source

 

197

ZyWALL USG 50 User’s Guide