Intrusion Defense Firewall 1.2 User's Guide - Trend Micro? Online ...
Intrusion Defense Firewall 1.2 User's Guide - Trend Micro? Online ...
Intrusion Defense Firewall 1.2 User's Guide - Trend Micro? Online ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Configure Logging<br />
By default, IDF Server Plug-in collects logs from the Client Plug-ins via the heartbeat. The number of<br />
Computers this feature can support depends on the frequency of the heartbeat interval (every 60 minutes<br />
by default), how active your Computers are, and the log settings.<br />
Here are some tips to help maximize the effectiveness of log collection:<br />
Disable log collection for Computers that are not of interest. Do this by going to System ><br />
System Settings and then the <strong>Firewall</strong> and DPI tab in either the Computers' Details windows<br />
or the Security Profiles' Details windows.<br />
Consider reducing the logging of <strong>Firewall</strong> Rule activity by disabling some logging options in the<br />
Stateful Configuration Properties window. For example, disabling the UDP logging will eliminate<br />
the "Unsolicited UDP" log entries.<br />
For DPI Rules the best practice is to log only dropped packets. Logging packet modifications may<br />
result in a lot of log entries.<br />
For DPI Rules, only include packet data (an option on the DPI Rule's Properties window) when<br />
you are interested in examining the source of attacks. Otherwise leaving packet data inclusion on<br />
will result in much larger log sizes.<br />
© Copyright 2010 <strong>Trend</strong> <strong>Micro</strong> Inc. www.trendmicro.com<br />
All rights reserved. - 85 -