Symantec™ Security Gateways Reference Guide - Sawmill

Monitoring security gateway trafficReports setup105Reports setupConfiguration reportsFour of the event classes, IDS/IPS, Duplicate, Antivirus, and License are greyed out and marked asunmodifiable. These event classes are always sent to SESA and cannot be changed.The reports setup section defines how configuration reports should be saved and displayed to theadministrator. Reports saved in HTML are displayed in the window to the right of the report selection list.To view PDF reports, the management host must have Adobe Acrobat Reader installed. The securitygateway displays reports generated in PDF in a separate window. From this window, you can save thereport.To print reports, you must configure and attach a printer to the management host. You can configurereports to print in many of the standard sizes and formats, including letter, legal, executive, A4, and A3.The security gateway management interface provides a series of system configuration reports. Generatedin real-time when selected, these reports are stored locally and are viewed with any standard Web browserif generated in HTML format, or Acrobat reader if generated in PDF. All reports begin with a cover pagethat shows when the report was last generated. Table 8-2 shows a complete list of the supplied reports,including what each report covers.Table 8-2ReportAntivirusAvailable configuration reportsDescriptionSummarizes the current configuration of the antivirus scan server, and all scanningoptions. (appliance only)Authentication MethodAddress TransformAdvanced OptionContent FilteringDNS RecordFiltersReports the methods of authentication and extended authentication available. Coveredinformation includes the security gateway ID for this protocol, the description, and, ifapplicable, a primary server, alternate server, and shared key.Details all address transforms including the default address transformsVPNTunnelEntryTransform and VPNTunnelExitTransform. Covered information includesassociated NAT pools, interfaces the connection arrives and leaves through, thedescription, the type of connection entering and leaving, and the type of addresstransform.Summarizes configured advanced options including the name of each variable, itsdescription, and its value.Shows the current state of content filtering on the security gateway.Details configured DNS records. Information displayed is dependent on the type of record.Fields include record type, access level (public or private), network address, aliases, anddescription.Lists the filters currently configured, including the policy they are granting (allow or deny),the description, packet direction, packet protocols, and network endpoints.H.323 Alias Shows if the security gateway has been configured with an H.323 alias and the actual serverto which it is sending requests.IDS/IPSIP RouteLicense FeaturesLiveUpdateLocal AdministratorsDisplays the current state of IDS/IPS on the security gateway. (appliance only)Presents a table of all configured routes.Shows the current license state for all security gateway features.Lists the current LiveUpdate configuration for antivirus, content filtering, and IDS/IPS.Shows all of the administrator accounts for the security gateway.