Statistics
SureLog offers a rich set of pre-defined reports that help analyze bandwidth usage to better understand network behavior. Reports can be viewed in both graph and table formats.
The following reports are generated based on Firewall logs:
- Traffic Reports
- Protocol Usage Reports
- Web Usage Reports
- Mail Usage Reports
- FTP Usage Reports
- Telnet Usage Reports
- Streaming and Chat Reports
- Event Summary Reports
- VPN Reports
- Inbound and Outbound Traffic
- Intranet Reports
- Internet Reports
- Virus Reports
- Attack Reports
- Spam Reports
- Url Reports
- Protocol Trend Reports
- Event Trend Reports
- VPN Trend Report
The Firewall Reports section in SureLog includes reports that are based on Firewall logs. This section can be accessed from the left navigation pane or the Reports tab.
All the reports include links to several sections of the report which can be viewed when the icon is expanded or the report bar is clicked.
Click on each section to navigate to the corresponding section of the report or click the View Report link to view the entire report with all of its sections.
Traffic Reports
The Traffic Reports section includes reports that show bandwidth usage based on the amount of traffic sent and received through the device.
Protocol Usage Reports
The Protocol Usage Reports section includes reports that show bandwidth usage based on all the protocol groups generating traffic through the device.
Web Usage Reports
The Web Usage Reports section includes reports on the top protocols under the Web Protocol Group that have been used to generate traffic through that device.
Mail Usage Reports
The Mail Usage Reports section includes reports on the top protocols under the Mail Protocol Group that have been used to generate traffic through that device.
FTP Usage Reports
The FTP Usage Reports section includes reports on the top protocols under the FTP Protocol Group that have been used to generate traffic through that device.
Telnet Usage Reports
The Telnet Usage Reports section includes reports on the top protocols under the Telnet Protocol Group that have been used to generate traffic through that device.
Event Summary Reports
The Event Summary Reports section includes reports that show the summary of events generated by that device.
VPN Reports
The VPN Reports shows usage statistics, protocols used, and other details across each VPN configured behind the firewall.
Inbound Outbound Reports
The Inbound Outbound Traffic Reports section includes reports that show traffic details when inbound traffic (traffic coming into LAN) and outbound traffic (traffic going out of LAN) for the firewall, are separated. In order to separate inbound and outbound traffic, intranets must be configured first by clicking on the Intranet Settings link from the Settings tab. When configured, the Inbound Outbound Traffic Reports shows users which hosts and protocol groups have been contributing the most traffic on either side of the firewall.
Intranet Reports
The Intranet Reports section includes reports that show details of traffic transferred through the firewall by the internal hosts (hosts inside the user’s LAN). In order to identify internal hosts, users need to first configure their intranets by clicking on the Intranet Settings link from the Settings tab.
Internet Reports
The Internet Reports section includes reports that show details of traffic transferred through the firewall by the external hosts (hosts outside the user’s LAN). In order to identify external hosts, users need to first configure their intranets by clicking the Intranet Settings link from the Settings tab. When configured, all hosts outside the configured intranets will be considered external hosts.
Streaming and Chat Sites Reports
The Streaming and Chat Sites Reports section includes reports on streaming and chat websites visited.
Virus Reports
The Virus Reports section includes reports that show details on viruses that have been identified by the firewall. These reports help in identifying the top viruses and worms that have affected the network, in addition to analyzing the extent of damage and the source of the attack.
Attack Reports
The Attack Reports section includes reports that show details of attacks that have been identified by the firewall. These reports help in identifying the top attackers, top targets for the attacks, and other details (e.g. protocol used, the priority of the attack, and the status of the attack).
Spam Reports
The Spam Reports section includes reports that show details on spams that have been detected by the firewall. These reports help in identifying the top spams that have affected the network, in addition to analyzing the extent of damage and the spam attack source.
URL Reports
The URL Reports section includes reports on the categories of URLs fetched from the Firewall logs. The logs contain the URL and the URL category information, in addition to the number of hits on each. The URL Report displays the respective firewall, while the graph and table show the categories and the number of hits in two lists: Top Allowed Categories and Top Denied Categories.
Protocol Trend Reports
The Protocol Trend Reports section includes reports that show trends in the amount of traffic generated using different protocol groups. Protocol trends help in identifying peak usage times for each protocol group, understanding user trends, and enforcing better policies to allow traffic from each protocol group.
Event Trend Reports
The Event Trend Reports section includes reports that show trends in the number of events generated across the firewall. Event trends help in identifying malfunctioning hosts and malevolent systems. Identifying these types of hosts and systems may eventually lead to enforcing better security policies and increasing the network’s security perimeter.
VPN Trend Reports
VPN Trend Reports help in identifying VPN connections spread over a time period for a particular device. Understanding these trends may eventually lead to better VPN policy planning andand increase in VPN-usage efficiently. The VPN Trend Reports section includes reports that show trends in the number of VPN users connecting across the Firewall or Concentrator.