Chapter 6 Monitor
ZyWALL ATP Series User’s Guide
165
Figure 135
Monitor > Security Statistics > IDP > Summary: Signature Name
The following table describes the labels in this screen.
Table 62 Monitor > Security Statistics > IDP > Summary
LABEL
DESCRIPTION
Collect Statistics
Select this check box to have the Zyxel Device collect IDP statistics.
The collection starting time displays after you click
Apply
. All of the statistics in this screen
are for the time period starting at the time displayed here. The format is year, month,
day and hour, minute, second. All of the statistics are erased if you restart the Zyxel
Device or click
Flush Data
. Collecting starts over and a new collection start time displays.
Apply
Click
Apply
to save your changes back to the Zyxel Device.
Reset
Click
Reset
to return the screen to its last-saved settings.
Refresh
Click this button to update the report display.
Flush Data
Click this button to discard all of the screen’s statistics and update the report display.
Total Session Scanned
This field displays the number of sessions that the Zyxel Device has checked for intrusion
characteristics.
Total Packet Dropped
The Zyxel Device can detect and drop malicious packets from network traffic. This field
displays the number of packets that the Zyxel Device has dropped.
Total Packet Reset
The Zyxel Device can detect and drop malicious packets from network traffic. This field
displays the number of packets that the Zyxel Device has reset.
Top Entries By
Use this field to have the following (read-only) table display the top IDP log entries by
Signature
Name
,
Source
IP
or
Destination IP
. This table displays the most common, recent
IDP logs. See the log screen for less common IDP logs or use a syslog server to record all
IDP logs.
Select
Signature
Name
to list the most common signatures that the Zyxel Device has
detected.
Select
Source
IP
to list the source IP addresses from which the Zyxel Device has detected
the most intrusion attempts.
Select
Destination
IP
to list the most common destination IP addresses for intrusion
attempts that the Zyxel Device has detected.
#
This field displays the entry’s rank in the list of the top entries.
Signature Name
This column displays when you display the entries by
Signature
Name
. The signature
name identifies the type of intrusion pattern. Click the hyperlink for more detailed
information on the intrusion.