Filter
Top Products
SONICWALL SONICOS 2.5 ENHANCED ADMINISTRATOR’S GUIDE
293
Log > Categories
of attacks evolved, it’s become essential to dig deeper into the traffic, and to develop the sort of
adaptability that could keep pace with the new threats.
All SonicWALL security appliances, even those running SonicWALL IPS, continue to recognize these
legacy port and protocol types of attacks. The current behavior on all SonicWALL security appliances
devices is to automatically and holistically prevent these legacy attacks, meaning that it is not
possible to disable prevention of these attacks either individually or globally.
SonicWALL security appliances now include an expanded list of attack categories that can be logged.
The View Style menu provides the following three log category views:
• All Categories - Displays both Legacy Categories and Expanded Categories.
• Legacy Categories - Displays log categories carried over from earlier SonicWALL log event
categories.
• Expanded Categories - Displays the expanded listing of categories that includes the older
Legacy Categories log events rearranged into the new structure.
All Categories
Displays both the Legacy Categories and Expanded Categories items from the View Style menu.
Legacy Categories
Legacy Categories represent the older log event categories that has been replaced with the
Expanded Categories listing. The Legacy Categories are preserved for use in Syslog messages.
• 802.11b Management - Logs WLAN IEEE 802.11b connections.
• Attacks - Logs messages showing Denial of Service attacks, such as SYN Flood, Ping of Death,
and IP spoofing.
• Blocked Java, etc. - Logs Java, ActiveX, and Cookies blocked by the SonicWALL security
appliance.
• Blocked Web Sites - Logs Web sites or newsgroups blocked by the Content Filter List or by
customized filtering.
• Denied LAN IP - Logs all LAN IP addresses denied by the SonicWALL security appliance.
•Dropped ICMP - Logs blocked incoming ICMP packets.
•Dropped TCP - Logs blocked incoming TCP connections.
•Dropped UDP - Logs blocked incoming UDP packets.
•Network Debug - Logs NetBIOS broadcasts, ARP resolution problems, and NAT resolution
problems. Also, detailed messages for VPN connections are displayed to assist the network
administrator with troubleshooting problems with active VPN tunnels. Network Debug information
is intended for experienced network administrators.
• System Environment - Logs physical unit events such as fan failure or power disruption.
•System Errors - Logs problems with DNS or e-mail.
•System Maintenance - Logs general system activity, such as system activations.
•User Activity - Logs successful and unsuccessful log in attempts.
• VPN Tunnel Status - Logs status information on VPN tunnels.
Expanded Categories
Expanded Categories includes new functional categories that replace the older Legacy Categories,
but the older Legacy Categories events are included in a rearranged format. The Expanded
Categories with descriptions are listed in the Log Categories table.