HOME | SOLUTIONS | PARTNERS | ICE SUPPORT | INSIDE ICE | CONTACT US
search useice.com
Close Window

Monitor the SmoothWall Firewall and Modules

 
 
BUY NOW
 
Evaluate
 
Demo System

 

Incident Alerting and Reporting

 

Advanced Firewall and Corporate Firewall constantly monitor themselves and the systems they protect. A comprehensive range of activity and system performance reports can be produced, with the option to send immediate alert messages for events that may require the attention of the network administrator.


Incident Alerting

Under normal circumstances a SmoothWall firewall system will run for weeks or months without the need for human attention. However, should a hacker decide to attack either the firewall or one of the systems it is protecting then it is obviously a good idea that the network administration staff are made aware of the incident.

Alerts can be generated for many events and incidents, including:

  • Intrusion Detection System (IDS) warnings (eg network probe, recognized hacker attacks)
  • Firewall hit violations (unauthorized/unexpected network traffic)
  • System resource issues (eg low disk space, high memory use, high CPU load)
  • System services changes
  • UPS monitoring (notification of mains/line power failure and restoration)
  • Guardian log monitoring (in excess of a configured number of "Denied Messages" per user)
  • VPN tunnel monitor (VPN tunnel up / down )
  • VPN certificate validation (expired certificate etc.)
  • User authentication failures (via the web GUI interface, console or SSH)

Alert messages can be sent by both email and SMS text message to cell (mobile) phones.

Reports

Over 20 different types of report can be produced, either "on demand" or automatically on a scheduled daily, weekly or monthly basis. Additional reports are introduced when add-on modules are installed; such as email activity and viruses blocked reports from SmoothZap; most visited web sites and time users spend web browsing reports from SmoothGuardian. Scheduled reports are distributed by email to multiple recipient lists, allowing mangers to receive summary information whilst network administrators receive full details.
The information provided by the reports includes:

  • Intrusion Detection System (IDS) incidents logged
  • Firewall log analysis (number of ports hit, offending IP addresses, port scan activities etc.)
  • Server information (disk and memory usage)
  • Status of all VPN tunnels and historic activity
  • Network usage graphs and information
  • Web cache statistics and graphs
  • Traffic statistics