This paragraph describes the Firewall alerts in detail that are sent on security-relevant events. The following message types are available:
- Email notification
- SYSLOG report
- SNMP trap
Alerts are triggered either separately by the intrusion detection system, by the denial of service protection or by arbitrary trigger conditions specified in the Firewall. The specific parameters for the different alerting types such as the relevant email account can be set at the following places:
LANconfig: Log & TraceE/ SMTP Account E/ SNMP E/ SYSLOG
WEBconfig: LCOS menu tree E/ Setup / SMTP E/ SNMP Module / SYSLOG Module
An example:
Let us assume a filter named 'BLOCKHTTP', which blocks all access to a HTTP server 192.168.200.10. In case some station would try to access the server nevertheless, the filter would block any traffic from and to this station, and inform the administrator via SYSLOG also.