manualshive.com logo in svg

ZyXEL Communications Centralized Network Management Vantage CNM, Руководство пользователя

Поделиться
Скачать
ZyXEL Communications Centralized Network Management Vantage CNM Скачать руководство пользователя страница 111

 Chapter 6 Device Security Settings

Vantage CNM User’s Guide

111

6.1.2  Rule Summary

Use the 

Insert

 button to add a new rule before an existing rule. Use 

Move

 to put an existing 

rule in a different place.

Select a device, click 

Device Operation

 in the menu bar and then click 

Device Configuration 

Security

 

> Firewall > Rule Summary

 in the navigation panel.

From, To

Set the firewall’s default actions based on the direction of travel of 
packets. Here are some example descriptions of the directions of 
travel.

From

 

LAN To LAN 

means packets traveling from a computer on one 

LAN subnet to a computer on another LAN subnet on the LAN interface 
of the device or the device itself. The device does not apply the firewall 
to packets traveling from a LAN computer to another LAN computer on 
the same subnet.

From VPN

 means traffic that came into the device through a VPN 

tunnel and is going to the selected “to” interface. For example, 

From 

VPN To LAN 

specifies the VPN traffic that is going to the LAN. The 

device applies the firewall to the traffic after decrypting it. 

To VPN

 is traffic that comes in through the selected “from” interface 

and goes out through any VPN tunnel. For example, 

From LAN To 

VPN

 specifies the traffic that is coming from the LAN and going out 

through a VPN tunnel. The device applies the firewall to the traffic 
before encrypting it. 

From VPN To VPN

 means traffic that comes in through a VPN tunnel 

and goes out through (another) VPN tunnel or terminates at the device. 
This is the case when the device is the hub in a hub-and-spoke VPN. 
This is also the case if you allow someone to use a service (like Telnet 
or HTTP) through a VPN tunnel to manage the device. The device 
applies the firewall to the traffic after decrypting it. 

Note: The VPN connection directions apply to the traffic 

going to or from the device’s VPN tunnels. They do 
not apply to other VPN traffic for which the device is 
not one of the gateways (VPN pass-through traffic). 

Here are the default actions from which you can select.
Select 

Drop

 to silently discard the packets without sending a TCP reset 

packet or an ICMP destination-unreachable message to the sender.
Select 

Reject

 to deny the packets and send a TCP reset packet (for a 

TCP packet) or an ICMP destination-unreachable message (for a UDP 
packet) to the sender.
Select 

Permit

 to allow the passage of the packets. 

The firewall rules for the WAN port with a higher route priority also 
apply to the dial backup connection.

Log

Select the check box next to a direction of packet travel to create a log 
when the above action is taken for packets that are traveling in that 
direction and do not match any of your customized rules.

Apply

Click 

Apply

 to save your changes back to the device.

Reset

Click this to reset this screen to its last saved values.

Table 40   

Device Operation > Device Configuration > Security > Firewall > Default Rule 

LABEL

DESCRIPTION

Содержание Centralized Network Management Vantage CNM

Страница 1: ...www zyxel com Vantage CNM Centralized Network Management User s Guide Version 3 0 11 2007 Edition 1...

Страница 2: ......

Страница 3: ...gy and the devices you want to manage Related Documentation Quick Start Guide The Quick Start Guide is designed to help you get up and running right away It contains information on setting up and conn...

Страница 4: ...ut This User s Guide Vantage CNM User s Guide 4 The Technical Writing Team ZyXEL Communications Corp 6 Innovation Road II Science Based Industrial Park Hsinchu 300 Taiwan E mail techwriters zyxel com...

Страница 5: ...Guide Product labels screen names field labels and field choices are all in bold font A key stroke is denoted by square brackets and uppercase text for example ENTER means the enter or return key on y...

Страница 6: ...s Guide 6 Icons Used in Figures Figures in this User s Guide may use the following generic icons Device icons are not an exact representations of your devices Device example Computer Notebook computer...

Страница 7: ...anced Settings 185 Device Log 209 Device Configuration Management 213 Firmware Management 235 License Management 241 VPN Management 247 VPN Community 249 Installation Report 255 VPN Monitor 257 Monito...

Страница 8: ...Contents Overview Vantage CNM User s Guide 8 About Vantage CNM 321 Account Management 323 Group 325 Account 329 Troubleshooting 333 Troubleshooting 335 Appendices and Index 339...

Страница 9: ...Menu Bar 36 2 2 Title Bar 37 2 3 Device Window 37 2 3 1 Topology 37 2 3 2 Device Search 45 2 4 Navigation Panel and Configuration Window 45 2 5 Security Risk Pop up Messages in Internet Explorer 7 0...

Страница 10: ...Security Settings 109 6 1 Firewall 109 6 1 1 Default Rule 109 6 1 2 Rule Summary 111 6 1 3 Add Edit 113 6 1 4 Anti Probing 116 6 1 5 Threshold 117 6 1 6 Service 119 6 1 7 Add Edit Service 119 6 2 VPN...

Страница 11: ...ontent Filter Policy Schedule 177 6 14 Content Filter Objects 179 6 15 Content Filtering Cache 180 6 16 X Auth 181 6 17 Local User Database 181 6 18 RADIUS 182 Chapter 7 Device Advanced Settings 185 7...

Страница 12: ...le Management 224 9 5 1 Backup Restore 224 9 5 2 Signature Profile Backup Device 225 9 5 3 Signature Profile Restore Folder 226 9 5 4 Reset to Factory 227 9 6 Configuration Building Block 228 9 7 Add...

Страница 13: ...Monitor 257 14 1 VPN Monitor 257 14 2 By Community 257 14 2 1 By Community Show Detail 258 14 2 2 By Community Show Detail Diagnostic 259 14 3 By Device 261 14 3 1 VPN Tunnel Status 261 14 3 2 Search...

Страница 14: ...guration File Restore Report 286 18 5 Signature Profile Backup Report 288 18 6 Signature Profile Restore Report 289 Chapter 19 CNM Logs 291 19 1 Vantage CNM Logs 291 19 1 1 CNM Logs 291 Chapter 20 VRP...

Страница 15: ...2 Maintenance 313 22 1 System Maintenance 313 22 1 1 Backup 314 Chapter 23 Device Owner 315 23 0 1 Add Edit a Device Owner 315 Chapter 24 Vantage CNM Software Upgrade 317 Chapter 25 License Upgrade 31...

Страница 16: ...dex 339 Appendix A Product Specifications 341 Appendix B Setting up Your Computer s IP Address 345 Appendix C Pop up Windows Java Scripts and Java Permissions 361 Appendix D IP Addresses and Subnettin...

Страница 17: ...r Save BB 53 Figure 22 Device Operation Device Configuration Load or Save BB Load a BB 54 Figure 23 Device Operation Device Configuration Load or Save BB Save as a BB 54 Figure 24 Device Operation Dev...

Страница 18: ...e Configuration Security Firewall Threshold 117 Figure 55 Device Operation Device Configuration Security Firewall Service 119 Figure 56 Device Operation Device Configuration Security Firewall Service...

Страница 19: ...ort 191 Figure 91 Device Operation Device Configuration Advanced NAT Trigger Port Edit 192 Figure 92 Device Operation Device Configuration Advanced Static Route 194 Figure 93 Device Operation Device C...

Страница 20: ...232 Figure 122 Device Operation Configuration Management Building Block Component BB Add Edit Save as 233 Figure 123 Device Operation Firmware Management Firmware List 235 Figure 124 Device Operation...

Страница 21: ...File Backup Restore Report Backup Report Group 284 Figure 161 Log Report Operation Report Configuration File Backup Restore Report Backup Report Group Show Detail 286 Figure 162 Log Report Operation...

Страница 22: ...es 350 Figure 199 Windows XP Internet Protocol TCP IP Properties 351 Figure 200 Windows XP Advanced TCP IP Properties 352 Figure 201 Windows XP Internet Protocol TCP IP Properties 353 Figure 202 Macin...

Страница 23: ...1 385 Figure 234 Certificate Import Wizard 2 385 Figure 235 Certificate Import Wizard 3 386 Figure 236 Root Certificate Store 386 Figure 237 Certificate General Information after Import 387 Figure 238...

Страница 24: ...Vantage CNM User s Guide 24...

Страница 25: ...P PPPoE ZyNOS ZyWALL one WAN port 72 Table 20 Device Operation Device Configuration Network WAN ISP PPTP ZyNOS ZyWALL one WAN port 75 Table 21 Device Operation Device Configuration Network WAN WAN1 2...

Страница 26: ...on Device Configuration Security Anti Spam General 143 Table 56 Device Operation Device Configuration Security Anti Spam External DB 146 Table 57 Device Operation Device Configuration Security Anti Sp...

Страница 27: ...iguration Advanced Remote Management 205 Table 92 Device Operation Device Configuration Device Log Log Settings 211 Table 93 Device Operation Configuration Management Synchronization 214 Table 94 Devi...

Страница 28: ...e 123 VPN Management VPN Monitor By Community 257 Table 124 VPN Management VPN Monitor By Community Show Detail 258 Table 125 VPN Management VPN Monitor By Community Show Detail Diagnostic Logs 260 Ta...

Страница 29: ...tem Setting Device Owner 315 Table 158 CNM System setting Device Owner Add Edit 316 Table 159 CNM System Setting License 319 Table 160 Account Management Group 326 Table 161 Account Management Group A...

Страница 30: ...Vantage CNM User s Guide 30...

Страница 31: ...s example you use the Vantage CNM web configurator A to access the Vantage CNM server B The Vantage CNM server is connected to the devices C and you can Monitor all the devices in the network and rece...

Страница 32: ...ure and to manage Vantage CNM more effectively Change the root password Use a password that s not easy to guess and that consists of different types of characters such as numbers and letters Write dow...

Страница 33: ...33 PART I Introduction Introducing Vantage CNM 31 GUI Introduction 35...

Страница 34: ...34...

Страница 35: ...t you use to access related submenus in the navigation panel 4 or to manage the Vantage CNM 2 Title bar Displays login user name dashboard and message center buttons 3 Device window Displays the devic...

Страница 36: ...o manage VPN tunnels among ZyWALL devices and provide diagnostics for fail tunnels Click this icon to display the navigation links to screens that allow you to check device status ZLD ZyWALL Device HA...

Страница 37: ...ogy in the Topology screen in the device window You can also create delete or rename a device or a folder in the Topology screen In the Topology screen you can only view the folder s or device s for y...

Страница 38: ...ns one or some offline devices On_Alarm Closed This is a closed folder which contains some online devices with an alarm On_Alarm Open This is a opened folder which contains some online devices with an...

Страница 39: ...window click Topology 2 Right click on a folder and click Add Folder Figure 5 Device Window Topology Right Click to Add a Folder 3 The screen displays in the configuration window as shown Enter a desc...

Страница 40: ...er When you edit a folder you can rename the folder or modify its description 1 In the device window click Topology 2 Right click on the folder you want to edit and click Edit Folder 3 The screen disp...

Страница 41: ...ce or right click on a device and click Edit Device Figure 10 Device Window Topology Right Click to Add Edit a Device 3 The screen displays in the configuration window as shown Not Yet Acquired This i...

Страница 42: ...ter the LAN MAC address of the device without colons in this field Vantage CNM uses the MAC address to identify the device so make sure it is entered correctly Device Name Enter a unique name here for...

Страница 43: ...P Select the IP address of the device s Vantage Report server or if the IP address is not in the drop down box select User Define and enter the IP address Leave the IP address blank if the device does...

Страница 44: ...sociate a device from a folder log into the web configurator as root or a user who belongs to the super group 1 In the device window click Topology 2 Right click on a device and click Cut Device 3 Rig...

Страница 45: ...tage CNM displays the device s that match any of the search criteria 2 4 Navigation Panel and Configuration Window Use this panel to navigate to and display the screens These screens are organized int...

Страница 46: ...Server Auth method Certificate ISP Account SSL Application Management Log Setting Configuration Management Synchronization Configuration File Management Signature Profile Management Building Block Fir...

Страница 47: ...device You also can manage UTM services license and monitor signature status for the device VPN Management VPN Community This link takes you to a screen where you can centrally manage add edit delete...

Страница 48: ...his link takes you to a screen where you can backup restore Vantage CNM settings and device list Device Owner This link takes you to a screen where you can manage device owners Upgrade This link takes...

Страница 49: ...to log in http your IP address 8080 vantage The value localhost cannot be used in the Common Name field 5 Enter the rest of the required information and click Apply See Section 21 7 on page 308 for m...

Страница 50: ...ate file path and click Apply 9 Restart the Vantage CNM server 10 Use the IP address and log into the Vantage CNM server 11 In Internet Explorer 7 0 click View Certificates when the following screen a...

Страница 51: ...ding on the device model you select See Table 8 on page 46 for the device model and the corresponding firmware version CNM supports Load or Save Building Blocks BB 53 Device General Settings 55 Device...

Страница 52: ...52...

Страница 53: ...elected device This menu item appears if a device is selected See Chapter 34 on page 356 for more information about building blocks To open this menu item select the device click Device Operation in t...

Страница 54: ...a BB icon to save the current configuration of the selected device as a building block The following pop up screen appears Figure 23 Device Operation Device Configuration Load or Save BB Save as a BB...

Страница 55: ...formation about any of these screens or fields To open this screen click Device Operation in the menu bar and click Device Configuration General System in the navigation panel Figure 24 Device Operati...

Страница 56: ...vice Configuration General System continued FIELD DESCRIPTION Table 12 Device Operation Device Configuration General Time Setting LABEL DESCRIPTION Time Protocol Select the time service protocol that...

Страница 57: ...pe in the o clock field depends on your time zone In Germany for instance you would type 2 because Germany s time zone is one hour ahead of GMT or UTC GMT 1 End Date Configure the day and time when Da...

Страница 58: ...Chapter 4 Device General Settings Vantage CNM User s Guide 58...

Страница 59: ...scription For ZLD based settings please see device s User s Guide for the detailed information An example is shown next Figure 26 Example Device Operation Device Configuration Network Interface ZLD 5...

Страница 60: ...TCP IP configuration for the clients When set as a server fill in the IP Pool Starting Address and Pool Size fields Select Relay to have the device forward DHCP requests to another DHCP server When se...

Страница 61: ...s it recognizes both formats when receiving RIP 1 is universally supported but RIP 2 carries more information RIP 1 is probably adequate for most networks unless you have an unusual network topology B...

Страница 62: ...r this check box to block all NetBIOS packets going from the LAN to WAN port 2 and from WAN port 2 to the LAN Allow between LAN and DMZ Select this check box to forward NetBIOS packets from the LAN to...

Страница 63: ...o have the device act as a DNS proxy The device tells the DHCP clients on the LAN that the device itself is the DNS server When a computer on the LAN sends a DNS query to the device the device forward...

Страница 64: ...erence being that RIP 2B uses subnet broadcasting while RIP 2M uses multicasting Multicasting can reduce the load on non router machines since they generally do not listen to the RIP multicast address...

Страница 65: ...eens Use this screen to configure logical interfaces subnets via its single physical Ethernet interface with the device itself being the gateway for each network You can also configure firewall rules...

Страница 66: ...outing table periodically When set to Both or In Only it incorporates the RIP information that it receives when set to None it does not send any RIP packets and ignores any RIP packets received RIP Ve...

Страница 67: ...evice Operation in the menu bar and click Device Configuration Network WAN General in the navigation panel Be careful when configuring a device s WAN as an incorrect configuration could result in the...

Страница 68: ...times out The WAN connection is considered down after the device times out the number of times specified in the Fail Tolerance field Use a higher value in this field if your network is busy or conges...

Страница 69: ...ets going from the WAN2 port to the DMZ port and from DMZ port to WAN2 Allow between WAN2 and WLAN Select this check box to forward NetBIOS packets from the WAN2 port to the WLAN port and from the WLA...

Страница 70: ...Choose Both None In Only or Out Only When set to Both or Out Only the device will broadcast its routing table periodically When set to Both or In Only the device will incorporate RIP information that...

Страница 71: ...multiple network services a function known as dynamic service selection This enables the service provider to easily create and offer new IP services for individuals Operationally PPPoE saves signific...

Страница 72: ...s PPPoE Point to Point Protocol over Ethernet PPPoE is an IETF Draft standard RFC 2516 specifying how a personal computer PC interacts with a broadband modem for example xDSL cable wireless etc connec...

Страница 73: ...RIP broadcast If No the route to this remote node will be propagated to other hosts through RIP broadcasts Advanced Setup RIP Direction RIP Routing Information Protocol allows a router to exchange rou...

Страница 74: ...age When Select PPTP Multicast Choose None default IGMP V1 or IGMP V2 IGMP Internet Group Multicast Protocol is a network layer protocol used to establish membership in a Multicast group it is not use...

Страница 75: ...apsulation Point to Point Tunneling Protocol PPTP is a network protocol that enables secure transfer of data from a remote client to a private server creating a Virtual Private Network VPN using TCP I...

Страница 76: ...NM accepts CHAP only PAP Your Vantage CNM accepts PAP only WAN IP WAN IP Address Assignment Select Get automatically from ISP If your ISP did not assign you a fixed IP address This is the default sele...

Страница 77: ...he routing data in RIP 2 format the difference being that RIP 2B uses subnet broadcasting while RIP 2M uses multicasting Multicasting can reduce the load on non router machines since they generally do...

Страница 78: ...a regular Ethernet Service Type Choose from Standard RR Telstra RoadRunner Telstra authentication method RR Manager Roadrunner Manager authentication method RR Toshiba Roadrunner Toshiba authenticatio...

Страница 79: ...t send any RIP packets and will ignore any RIP packets received By default RIP Direction is set to Both RIP Version The RIP Version field controls the format and the broadcasting method of the RIP pac...

Страница 80: ...to let you access one of multiple network services a function known as dynamic service selection This enables the service provider to easily create and offer new IP services for individuals Operation...

Страница 81: ...he user name given to you by your ISP Password Type the password associated with the user name above Retype to confirm Password Type your password again to make sure that you have entered is correctly...

Страница 82: ...RIP 2B or RIP 2M RIP 1 is universally supported but RIP 2 carries more information RIP 1 is probably adequate for most networks unless you have an unusual network topology Both RIP 2B and RIP 2M send...

Страница 83: ...Encapsulation Point to Point Tunneling Protocol PPTP is a network protocol that enables secure transfer of data from a remote client to a private server creating a Virtual Private Network VPN using T...

Страница 84: ...omatically from ISP Select this option If your ISP did not assign you a fixed IP address This is the default selection Use fixed IP address Select this option If the ISP assigned a fixed IP address My...

Страница 85: ...non router machines since they generally do not listen to the RIP multicast address and so will not receive the RIP packets However if one router uses multicasting then all routers on your network mu...

Страница 86: ...your ISP Password Type the password assigned by your ISP Retype to confirm Password Type your password again to make sure that you have entered it correctly Authentication Type Use the drop down list...

Страница 87: ...l of your WAN device connected to your Dial Backup port for specific AT commands Advanced Modem Setup Click Advanced to display the WAN Advanced Modem Setup screen and edit the details of your dial ba...

Страница 88: ...d screen shown next Consult the manual of your WAN device connected to your dial backup port for specific AT commands Figure 41 Device Operation Device Configuration Network WAN Dial Backup Advanced Z...

Страница 89: ...t sec Type a number of seconds for the device to try to set up an outgoing call before timing out stopping 60 Retry Count Type a number of times for the device to retry a busy or no answer phone numbe...

Страница 90: ...translation of an Internet protocol address used within one network to a different IP address known within another network SUA Single User Account is a subset of NAT that supports two types of mapping...

Страница 91: ...nd ignores any RIP packets received Both is the default RIP Version The RIP Version field controls the format and the broadcasting method of the RIP packets that the device sends it recognizes both fo...

Страница 92: ...Select the method of encapsulation used by your ISP from the drop down list box Choices vary depending on the mode you select in the Mode field If you select Bridge in the Mode field select either PP...

Страница 93: ...LAN to use PPPoE client software on their computers to connect to the ISP via the device Each host can have a separate account and a public WAN IP address PPPoE pass through is an alternative to NAT...

Страница 94: ...will not timeout Zero Configuration Select this if you want the device to automatically try to configure the Internet connection See the device s User s Guide for more information Subnet Mask Appears...

Страница 95: ...k WAN IP Address type fields Check WAN IP Address1 3 Configure this field to test your device s WAN accessibility Type the IP address of a reliable nearby computer for example your ISP s DNS server ad...

Страница 96: ...smaller the number the lower the cost Backup Gateway IP Type the IP address of your backup gateway in dotted decimal notation The device automatically forwards traffic to this IP address if the devic...

Страница 97: ...ion Network WAN Backup Advanced Prestige The following table describes the fields in this screen Table 29 Device Operation Device Configuration Network WAN Backup Advanced Prestige LABEL DESCRIPTION B...

Страница 98: ...outing table periodically When set to Both or In Only the device will incorporate RIP information that it receives RIP Version The RIP Version field controls the format and the broadcasting method of...

Страница 99: ...and specify an idle time out in the Max Idle Timeout field Max Idle Timeout Specify an idle time out in the Max Idle Timeout field when you select Connect on Demand The default setting is 0 which mea...

Страница 100: ...select this to make the ESSID visible so a station can obtain the ESSID through AP scanning Choose Channel ID The radio frequency used by IEEE 802 11a b or g wireless devices is called a channel Selec...

Страница 101: ...atic WEP WPA PSK WPA 802 1x Dynamic WEP 802 1x Static WEP 802 1x No WEP No Access 802 1x Static WEP No Access 802 1x No WEP Select No Security to allow wireless stations to communicate with the access...

Страница 102: ...Chapter 5 Device Network Settings Vantage CNM User s Guide 102 Figure 47 Device Operation Device Configuration Network Wireless Card Wireless Card Advanced Wireless Security Settings...

Страница 103: ...es and symbols ReAuthentication Timer Seconds Specify how often wireless stations have to resend user names and passwords in order to stay connected Enter a time interval between 10 and 65535 seconds...

Страница 104: ...ver if using WPA key management sends a new group key out to all clients The re keying process is the WPA equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a per...

Страница 105: ...ds The Vantage CNM automatically disconnects a wireless station from the wireless network after a period of inactivity The wireless station needs to send the username and password again before it can...

Страница 106: ...sed by logging in again Authentication Databases Click Local User to go to the Local User Database screen where you can view and or edit the list of users and passwords Click RADIUS to go to the RADIU...

Страница 107: ...filter action for the list of MAC addresses in the MAC Address table Select Deny Association to block access to the router MAC addresses not listed will be allowed to access the device Select Allow A...

Страница 108: ...Chapter 5 Device Network Settings Vantage CNM User s Guide 108...

Страница 109: ...Guide for the detailed information An example is shown next Figure 49 Example Device Operation Device Configuration VPN IPSec VPN ZLD 6 1 Firewall This section shows you how to configure the Firewall...

Страница 110: ...Security Firewall Default Rule LABEL DESCRIPTION Default Rule Setup Enable Firewall Select this check box to activate the firewall The device performs access control and protects against Denial of Ser...

Страница 111: ...g it From VPN To VPN means traffic that comes in through a VPN tunnel and goes out through another VPN tunnel or terminates at the device This is the case when the device is the hub in a hub and spoke...

Страница 112: ...sen Log packets that don t match these rules Select the check box to create a log when the above action is taken for packets that are traveling in the selected direction and do not match any of the ru...

Страница 113: ...address configured for the firewall rule Service Type This field displays the services to which this firewall rule applies Click the list box to see all service type configured for the firewall rule S...

Страница 114: ...Chapter 6 Device Security Settings Vantage CNM User s Guide 114 Figure 52 Device Operation Device Configuration Security Firewall Rule Summary Edit...

Страница 115: ...nd click Delete to remove it Edit Service Available Selected Services Highlight a service from the Available Services box on the left then click the select icon to add it to the Selected Service s box...

Страница 116: ...lently discard the packets without sending a TCP reset packet or an ICMP destination unreachable message to the sender Select Reject to deny the packets and send a TCP reset packet for a TCP packet or...

Страница 117: ...to prevent hackers from finding the device by probing for unused ports If you select this option the device will not respond to port request s for unused ports thus leaving the unused ports and the de...

Страница 118: ...umber of existing half open sessions that causes the firewall to stop deleting half open sessions The device continues to delete half open requests as necessary until the number of existing half open...

Страница 119: ...een to open the screen as shown next Use this screen to configure a custom service entry not is not predefined in the device Table 45 Device Operation Device Configuration Security Firewall Service LA...

Страница 120: ...x If you select Custom specify the protocol s number For example ICMP is 1 TCP is 6 UDP is 17 and so on Port Range This field is available only when you select TCP UDP TCP or UDP in the IP Protocol fi...

Страница 121: ...ting up a IPSec high availability VPN tunnel the remote IPSec router Must have multiple WAN connections Only needs the configure one corresponding IPSec rule Should only have IPSec high availability s...

Страница 122: ...Device Configuration Security VPN VPN Rules LABEL Description This is the VPN policy index number Name This field displays the identification name for this VPN policy Local IP Address This field displ...

Страница 123: ...Chapter 6 Device Security Settings Vantage CNM User s Guide 123 Figure 59 Device Operation Device Configuration Security VPN VPN Rules IKE Gateway Policy Add Edit...

Страница 124: ...s is the IP address mapped to a specified DDNS domain name The VPN tunnel has to be rebuilt if the device s IP address changes after setup My ZyWALL IP Address This field is enabled if My ZyWALL Addre...

Страница 125: ...nection to the primary remote gateway while connected to the redundant remote gateway Each gateway policy uses one or more network policies If the fall back check interval is shorter than a network po...

Страница 126: ...entify this device in the local Content field Use up to 31 ASCII characters including spaces although trailing spaces are truncated The domain name or e mail address is for identification purposes onl...

Страница 127: ...t Name type the subject name of the certificate the remote IPSec router will use for this VPN connection Use up to255 ASCII characters including spaces For Any the peer Content field is not available...

Страница 128: ...ithms used to authenticate packet data The SHA1 algorithm is generally considered stronger than MD5 but is slower Select MD5 for minimal security and SHA 1 for maximum security SA Life Time Seconds De...

Страница 129: ...Chapter 6 Device Security Settings Vantage CNM User s Guide 129 Figure 60 Device Operation Device Configuration Security VPN VPN Rules IKE Network Policy Add Edit...

Страница 130: ...e network and vice versa Select this check box to send NetBIOS packets through the VPN connection Check IPSec Tunnel Connectivity Select the check box and configure an IP address in the Ping this Addr...

Страница 131: ...gured remote IP addresses When you select One to One or Many to One in the Type field enter an IP address as the translated IP address Many to one rules are only for traffic going to the remote networ...

Страница 132: ...tatic IP address on the network behind the remote IPSec router Ending IP Address Subnet Mask When the Address Type field is configured to Single Address this field is N A When the Address Type field i...

Страница 133: ...bit random number DH2 refers to Diffie Hellman Group 2 a 1024 bit 1Kb random number more secure yet slower Enable Replay Detection As a VPN setup is processing intensive the system is vulnerable to D...

Страница 134: ...ollowing fields display the general network settings of this VPN policy Name This field displays the policy name Local Network This field displays one or a range of IP address es of the computer s beh...

Страница 135: ...ote IP Address This is the IP address es of computer s on the remote network behind the remote IPSec router This field displays N A when the Remote Gateway Address field displays 0 0 0 0 In this case...

Страница 136: ...wing table describes the labels in this screen Table 52 Device Operation Device Configuration Security VPN VPN Rules Manual Add Edit LABEL DESCRIPTION Property Active Select this check box to activate...

Страница 137: ...configured to Single this field is N A When the Address Type field is configured to Range enter the end static IP address in a range of computers on the LAN behind the device When the Address Type fie...

Страница 138: ...w the Authentication Key which can be used to generate and verify a message authentication code Select SHA1 or MD5 from the drop down list box MD5 Message Digest 5 and SHA1 Secure Hash Algorithm are h...

Страница 139: ...between 30 and 3600 seconds to wait before the device checks all of the VPN connections to remote IPSec routers Enter 0 to disable this feature Gateway Domain Name Update Timer This field is applicabl...

Страница 140: ...nnection s MTU Maximum Transmit Unit In most cases you should leave this set to Auto The device automatically sets the Maximum Segment Size MSS of the TCP packets that are to be encrypted by VPN based...

Страница 141: ...TCP port 110 SMTP traffic using TCP port 25 Enable ZIP File Scan Select this check box to have the device scan a ZIP file with the zip gzip or gz file extension The device first decompresses the ZIP...

Страница 142: ...t From VPN means traffic that came into the device through a VPN tunnel and is going to the selected to interface For example From VPN To LAN specifies the VPN traffic that is going to the LAN or term...

Страница 143: ...ation Security Anti Spam General The following table describes the labels in this screen Table 55 Device Operation Device Configuration Security Anti Spam General LABEL DESCRIPTION General Setup Enabl...

Страница 144: ...affic going to or from the device s VPN tunnels They do not apply to other VPN traffic for which the device is not one of the gateways VPN pass through traffic Action for Spam Mails Use this section t...

Страница 145: ...that you define Action taken when mail sessions threshold is reached The anti spam feature limits the number of concurrent e mail sessions An e mail session is when an e mail client and e mail server...

Страница 146: ...evice also takes this action if it receives an invalid response Here are possible reasons that would cause the device to take this action 1 The device was not able to connect to the anti spam external...

Страница 147: ...ollowing table describes the labels in this screen Apply Click Apply to save your changes back to the device Reset Click Reset to begin configuring this screen afresh Table 56 Device Operation Device...

Страница 148: ...ne becomes entry 7 Click Insert to display the screen where you edit an entry Blacklist Use Blacklist Select this check box to have the device treat e mail that matches a blacklist entry as spam This...

Страница 149: ...your LAN or DMZ to speed up the device s processing of your outgoing e mail Select E Mail to have the device check e mail for a specific source e mail address or domain name You can create a whitelist...

Страница 150: ...II characters In an MIME header the header is the part that comes before the colon For example if you want the whitelist or blacklist entry to check for the MIME header X MSMail Priority Normal enter...

Страница 151: ...bar and then click Device Configuration Security IDP General in the navigation panel Figure 70 Device Operation Device Configuration Security IDP General The following table describes the labels in t...

Страница 152: ...ce through a VPN tunnel and is going to the selected to interface For example From VPN To LAN specifies the VPN traffic that is going to the LAN or terminating at the device s LAN interface The device...

Страница 153: ...dures and controls that limit or detect access Access control is used typically to control user access to network resources such as servers directories and files Scan Scan refers to all port IP or vul...

Страница 154: ...network based viruses and worms The Anti Virus AV screen refers to file based viruses and worms Refer to the anti virus chapter for additional information on file based anti virus scanning in the devi...

Страница 155: ...ACTION DESCRIPTION No Action The intrusion is detected but no action is taken Drop Packet The packet is silently discarded Drop Session When the firewall is enabled subsequent TCP IP packets belonging...

Страница 156: ...perating systems not in your network This would speed up the IDP signature checking process Alternatively you may select or clear individual entries The check box becomes gray when you select the chec...

Страница 157: ...Signature Query View The following table describes the fields in this screen Table 64 Device Operation Device Configuration Security IDP Signature Query View LABEL DESCRIPTION Back to group view Clic...

Страница 158: ...identifies a specific signature targeted at a specific intrusion Click the hyperlink for more detailed information on the intrusion ID Each intrusion has a unique identification number This number ma...

Страница 159: ...elect or clear individual entries The check box becomes gray when you select the check box If you edited any of the check boxes in this column on the current page use the check box in the heading row...

Страница 160: ...pdate in the configuration panel Figure 75 Device Operation Device Configuration Security Signature Update The following table describes the labels in this screen Table 65 Device Operation Device Conf...

Страница 161: ...e URL of the signature server from which you download signatures Update Now Click this button to begin downloading signatures from the Update Server immediately Auto Update Select the check box to con...

Страница 162: ...specific computers to be included in or excluded from the content filtering configuration Figure 76 Device Operation Device Configuration Security Content Filter General The following table describes...

Страница 163: ...users from accessing web pages that the external database content filtering has not categorized When the external database content filtering blocks access to a web page it displays the denied access...

Страница 164: ...ered the Vantage CNM and activated the category based content filtering service Trial Active and the trial subscription expiration date display if you have registered the Vantage CNM and activated the...

Страница 165: ...ion Device Configuration Security Content Filter Policy LABEL DESCRIPTION Name This is the name of the content filter policy Active This field displays whether a content filter policy is turned on Y o...

Страница 166: ...delete icon to remove the content filter policy You cannot delete the default policy A window display asking you to confirm that you want to delete the policy Note that subsequent policies move up by...

Страница 167: ...kies are files stored on a computer s hard drive Some web servers use them to track usage and provide service based on ID Web Proxy is a server that acts as an intermediary between a user and the Inte...

Страница 168: ...ce Configuration Security Content Filter Policy External Database LABEL DESCRIPTION Policy Name This is the name of the content filter policy that you are configuring Active Select this option to appl...

Страница 169: ...f other products offered Nudity Selecting this category excludes pages containing nude or seminude depictions of the human body These depictions are not necessarily sexual in intent or effect but may...

Страница 170: ...t does not include pages that promote collecting weapons or groups that either support or oppose weapons use Abortion Selecting this category excludes pages that provide information or arguments in fa...

Страница 171: ...that nurture cultural understanding and foster volunteerism such as 4H the Lions and Rotary Clubs Also encompasses non profit associations that cultivate philanthropic or relief efforts Sites that pr...

Страница 172: ...rmation collected or reported is personal if it contains uniquely identifying data such as e mail addresses name social security number IP address etc A site is not classified as spyware if the user i...

Страница 173: ...Social Networking sites Note These sites may contain offensive material in the community created content Sites in this category are also referred to as virtual communities or online communities This...

Страница 174: ...s category excludes pages that are dedicated to the electronic download of software packages whether for payment or at no charge Pay to Surf Selecting this category excludes pages that pay users in th...

Страница 175: ...good allowed web site addresses for this policy and bad blocked web site addresses You can also block web sites based on whether the web site s address contains a keyword Use this screen to add or re...

Страница 176: ...ity Content Filter Policy Customizationl The following table describes the labels in this screen Table 70 Device Operation Device Configuration Security Content Filter Policy Customization LABEL DESCR...

Страница 177: ...ct the ones to which you want to allow access in the Available list and use the arrow select button to move them to the Selected list Select an entry in the Selected list and use the arrow dselect but...

Страница 178: ...such as ActiveX Java Cookies and Web Proxy are not affected Always Select this option to have content filtering active all the time Everyday from to Select this option to have content filtering active...

Страница 179: ...this screen click a device click Device Operation in the menu bar and then click Device Configuration Security Content Filter Object in the navigation panel To use this screens settings in content fil...

Страница 180: ...dden Web Site List Sites that you want to block access to regardless of their content rating can be allowed by adding them to this list You can enter up to 32 entries Add Forbidden Web Site Enter host...

Страница 181: ...nfiguration Security Content Filter Cache The following table describes the labels in this screen 6 16 X Auth This section shows you how to configure the user authentication screens These screens may...

Страница 182: ...this screen click a device click Device Operation in the menu bar and then click Device Configuration Security X Auth RADIUS in the navigation panel Table 74 Device Operation Device Configuration Sec...

Страница 183: ...ructs you to do so with additional information Key Enter a password up to 31 alphanumeric characters as the key to be shared between the external authentication server and the access points The key is...

Страница 184: ...Chapter 6 Device Security Settings Vantage CNM User s Guide 184...

Страница 185: ...These screens may vary depending on which model you re configuring Please see the device s User s Guide for more information about any of these screens or fields 7 1 NAT Use this screen to specify wha...

Страница 186: ...he device will permit at one time Max Concurrent Sessions Per Host Use this field to set the highest number of NAT sessions that the device will permit a host to have at one time WAN1 WAN2 Use this se...

Страница 187: ...want to use similar rules for the other WAN port You can use the other NAT screens to edit the NAT rules after you copy them from one WAN port to the other Port Triggering Rules Click Copy to WAN 2 or...

Страница 188: ...d services NAT supports a default server A default server receives packets from ports that are not specified in this screen If you do not assign a default server IP address then all packets received f...

Страница 189: ...and 255 255 255 255 as the Local End IP address This field is N A for One to One and Server mapping types Global Start IP This refers to the Inside Global IP Address IGA 0 0 0 0 is for a dynamic IP a...

Страница 190: ...ress Mapping Edit LABEL DESCRIPTION Type When you select Type you can choose a server mapping set Choose the port mapping type from one of the following 1 One to One One to one mode maps one local IP...

Страница 191: ...ss IGA Enter 0 0 0 0 here if you have a dynamic IP address from your ISP Global End IP This is the ending Inside Global IP Address IGA This field is N A for One to One Many to One and Server mapping t...

Страница 192: ...ver on the WAN Start Port This field displays a port number or the starting port number in a range of port numbers End Port This field displays a port number or the ending port number in a range of po...

Страница 193: ...peration Device Configuration Advanced Static Route IncomingStart Port Type a port number or the starting port number in a range of port numbers Incoming End Port Type a port number or the ending port...

Страница 194: ...e the name and then click apply Active This field shows whether this static route is active or not Destination This parameter specifies the IP network address of the final destination Routing is alway...

Страница 195: ...r the IP subnet mask here Gateway IP Address Enter the IP address of the gateway The gateway is an immediate neighbor of the device that will forward the packet to the destination On the LAN the gatew...

Страница 196: ...a new address record Edit Click Edit to modify an address record for the device Remove Click Remove to delete an existing record A window display asking you to confirm that you want to delete the rec...

Страница 197: ...ation Device Configuration Advanced DNS Name Server Record LABEL DESCRIPTION This is the number of an individual entry Domain Zone A domain zone is a fully qualified domain name without the host For e...

Страница 198: ...ion The fields below display the read only DNS server IP address es that the ISP assigns N A displays for any DNS server IP address fields for which the ISP does not assign an IP address N A displays...

Страница 199: ...ect the check box to record the positive DNS resolutions in the cache Caching positive DNS resolutions helps speed up the device s processing of commonly queried domain names and reduces the amount of...

Страница 200: ...etup Active Select this check box to use dynamic DNS User Name Enter your user name You can use up to 31 alphanumeric characters and the underscore Spaces are not allowed Password Enter the password a...

Страница 201: ...DNS server may not be able to detect the proper IP address if there is an HTTP proxy server between the device and the DDNS server HA Select this check box to enable the high availability HA feature H...

Страница 202: ...0 User Defined changes to None after you click Apply If you set a second choice to User Defined and enter the same IP address the second User Defined changes to None after you click Apply Select DNS...

Страница 203: ...re information about any of these screens or fields 7 14 Remote MGMT Use this screen to configure the device s remote management settings To open this screen click a device click Device Operation and...

Страница 204: ...SSL client to authenticate itself to the device by sending the device a certificate To do that the SSL client must have a CA signed certificate from a CA that has been imported as a trusted CA on the...

Страница 205: ...device using this service Secure Client IP Address A secure client is a trusted computer that is allowed to communicate with the device using this service Select All to allow any computer to access th...

Страница 206: ...ch a computer may access the device using this service Secure Client IP Address A secure client is a trusted computer that is allowed to communicate with the device using this service Select All to al...

Страница 207: ...Chapter 7 Device Advanced Settings Vantage CNM User s Guide 207...

Страница 208: ...Chapter 7 Device Advanced Settings Vantage CNM User s Guide 208...

Страница 209: ...ontrol and attempted access to blocked web sites or web sites with restricted web features such as cookies active X and so on Some categories such as System Errors consist of both logs and alerts You...

Страница 210: ...Chapter 8 Device Log Vantage CNM User s Guide 210...

Страница 211: ...server IP address of the syslog server that will log the selected categories of logs Log Facility Select a location from the drop down list box The log facility allows you to log the messages to diffe...

Страница 212: ...log Reports Setup Send Raw Traffic Statistics to Syslog Server Select the check box if you want the device to send traffic logs to Vantage Report or the specified syslog server The device generates a...

Страница 213: ...device and Vantage CNM To use this screen select a device click Device Operation in the menu bar and click Configuration Management Synchronize in the navigation panel If you are not sure how to resol...

Страница 214: ...ly restore that configuration file to that device even if other devices are the same model and are running the same firmware Table 93 Device Operation Configuration Management Synchronization LABEL DE...

Страница 215: ...tem 9 2 1 Backup Restore Device Use this screen to back up and restore configuration files for a specific device The configuration files may be stored in the Vantage CNM server or on the computer from...

Страница 216: ...This displays the name of the device that was backed up Device Type This displays the type of the device that was backed up FW Version This displays the firmware version of the device when the configu...

Страница 217: ...followed by rom to this name Description Enter a descriptive note for the file Backup Time Backup Now Select this radio box to perform the backup after you click Backup Scheduled Time Select this rad...

Страница 218: ...configuration files To open this screen click Backup in the Device Operation Configuration Management Configuration File Management screen for the selected folder Table 96 Device Operation Configurat...

Страница 219: ...the fields in this screen Table 97 Device Operation Configuration Management Configuration File Management Backup Folder TYPE DESCRIPTION Group Backup Group File Name Enter the name of the set of con...

Страница 220: ...ule is applied one time or select Weekly or Monthly to specify how often you want the backup schedule is applied periodically Select the calendar to specify a date for the backup schedule Select a tim...

Страница 221: ...try Device Name This displays the name of the device that was backed up Device Type This displays the type of the device that was backed up FW Version This displays the firmware version of the device...

Страница 222: ...e was set Admin This field displays the administrator who set the backup schedule Remove Click Remove to remove a scheduled backup from the Vantage CNM server Total Records This entry displays the tot...

Страница 223: ...st and then click Add Figure 112 Device Operation Configuration Management Configuration File Management Schedule List Folder Add Click this to add a backup schedule for this folder Edit Click this to...

Страница 224: ...set if you look at the configuration files for a specific device in the folder Vantage CNM automatically appends a string of numbers followed by rom to this name Description Type a descriptive note of...

Страница 225: ...i Virus Select the service whose configuration and signatures you want to manage Page Size Select this from the list box to set up how many records you want to see in each page This is the number of a...

Страница 226: ...and look at the results of this operation in the Operation Report See Section 18 6 on page 289 To open this screen select an existing profile click Restore in the Device Operation Configuration Manag...

Страница 227: ...Management Signature Profile Management Reset to Factory in the navigation panel Table 104 Device Operation Configuration Management Signature Profile Management Backup Restore Restore Folder TYPE DE...

Страница 228: ...formation about building blocks To open this menu item select the device click the Device Operation in the menu bar and then click Configuration Management Building Block Configuration BB in the navig...

Страница 229: ...ow many records you want to see in each page This is the number of an individual entry Name This displays the name of the configuration BB Device Type This displays the type of the device that the bui...

Страница 230: ...bes the fields in this screen Table 107 Device Operation Configuration Management Building Block Configuration BB Add Edit Save as TYPE DESCRIPTION Name Enter a unique name for the building block The...

Страница 231: ...displays as Device Operation Device Configuration Security Signature Update after you click Create See Section 6 10 on page 159 If you select Content Filter a screen displays as Device Operation Devic...

Страница 232: ...menu item to add edit or copy a building block to the selected device To open this menu item click Add Edit or Save as in the Device Operation Configuration Management Building Block Component BB scre...

Страница 233: ...B Add Edit Save as TYPE DESCRIPTION Name Enter a unique name for the building block The name must be 1 32 alphanumeric characters or underscores _ It cannot include spaces The name is case sensitive C...

Страница 234: ...Chapter 9 Device Configuration Management Vantage CNM User s Guide 234...

Страница 235: ...e List to display the next screen Figure 123 Device Operation Firmware Management Firmware List The following table describes the fields in this screen Table 110 Device Operation Firmware Management F...

Страница 236: ...release date information Besides you have to make sure the FTP information has been configurated properly in the CNM System Setting Configuration Servers Configuration See Section 21 1 on page 299 Fig...

Страница 237: ...235 Table 111 Device Operation Firmware Management Scheduler List TYPE DESCRIPTION Page Size Select this from the list box to set up to how many records you want to see in each page This is the number...

Страница 238: ...ich you want to upgrade firmware To open this screen select a folder in the device window click Device Operation in the menu bar and click Firmware Management Firmware Upgrade Figure 126 Device Operat...

Страница 239: ...ve name for the firmware This is specified when the firmware is uploaded See Section 10 1 1 on page 236 Device Type This field displays the model You must upload firmware to the correct model Vantage...

Страница 240: ...Yet Required means the device has not connected to the Vantage CNM since it was added in the Vantage CNM Rom File Operating means the device is busy for a configuration backup or restore Scheduled me...

Страница 241: ...e trials for subscription services such as IDP and content filtering The Vantage CNM server must be connected to the Internet and have access to www myzyxel com To open this screen click Device Operat...

Страница 242: ...e name should be from six to 20 alphanumeric characters and the underscore Spaces are not allowed Check Click this button to check with the myZyXEL com database to verify the user name you entered has...

Страница 243: ...his field displays the service name available on the device Status This field displays whether a service is activated Active or not Inactive Registration Type This field displays whether you applied f...

Страница 244: ...This field displays the name of the selected service s Status This field displays the current status of the license for this service on this device Active The service is currently available on the dev...

Страница 245: ...ice Operation in the menu bar and then click License Management Signature Status Table 117 Device Operation License Management License Status Activate Upgrade LABEL DESCRIPTION Active to Trial This fi...

Страница 246: ...es them This number increments as new signatures are added so you should refer to this number regularly Go to https mysecurity zyxel com mysecurity jsp download download jsp to see what the latest ver...

Страница 247: ...sive examples of each screen not every variation for each device type and firmware version If you are unable to find a specific screen or field in this User s Guide please see the User s Guide for the...

Страница 248: ...248...

Страница 249: ...N community type you want to see in this screen Page Size Select this from the list box to set up to how many records you want to see in each page This is the number of an individual entry Community N...

Страница 250: ...r among ZyXEL devices We know almost all VPN parameter values should be the same in peer VPN gateways This screen helps you to easily configure VPN settings in one screen and applies it to devices in...

Страница 251: ...hout applying any setting Click the Save as a BB icon to save the current phase 1 or phase 2 setting as a building block The following pop up screen appears Figure 138 VPN Management VPN Community Add...

Страница 252: ...y type You have to select only one device in this section Satellite Gateways This is avaialble if you select the Remote Access community type You have to select at least one device in this section Thi...

Страница 253: ...n algorithms to use for the IKE SA even if they are less secure than the ones you configure for the VPN rule Clear this to have the ZyWALL use only the configured phase 1 key groups and encryption and...

Страница 254: ...ld or duplicate packets to protect against replay attacks Enable replay detection by selecting this check box Enable Multiple Proposals Select this to allow the ZyWALL to use any of its phase 2 encryp...

Страница 255: ...RIPTION Page Size Select this from the list box to set up to how many records you want to see in each page This is the number of an individual entry Community Name This displays a name of the VPN comm...

Страница 256: ...Refresh Now to update the information right away Community Name This field displays the name of the VPN community Page Size Select this from the list box to set up to how many records you want to see...

Страница 257: ...and then click VPN Management from the menu bar and click VPN Monitor By Community in the navigation panel Figure 142 VPN Management VPN Monitor By Community The following table describes the fields i...

Страница 258: ...his displays how many tunnels in total are configured in this VPN community Show Detail Click this to display a screen where you can view detailed VPN settings among the devices Total Records This ent...

Страница 259: ...and finally they establish the VPN tunnel successfully Status This field displays the VPN tunnel is on connected icon or off disconnected icon display means it is a dynamic tunnel rule N A means the...

Страница 260: ...device User s Guide for log message descriptions and the device CLI Reference Guide for details on using the command line interpreter to display logs Source This field lists the source IP address and...

Страница 261: ...s in the navigation panel Then click Search Special Tunnel Table 126 VPN Management VPN Monitor By Device VPN Tunnel Status LABEL DESCRIPTION Page Size Select this from the list box to set up to how m...

Страница 262: ...e name is equivalent to any Tunnel Name Type a partial or a full case sensitive tunnel name A blank of tunnel name is equivalent to any Search Click this to query device s or tunnel s according to the...

Страница 263: ...you want to see in each page This is the number of an individual entry Device Name This displays the name of the device Device Type This displays the model of the device Up Tunnels This displays how...

Страница 264: ...Chapter 14 VPN Monitor Vantage CNM User s Guide 264...

Страница 265: ...265 PART IV Monitor Device Status Monitor 267 Device HA Status Monitor 269 Device Alarm 271...

Страница 266: ...266...

Страница 267: ...ce status Figure 149 Monitor Device Status The following table describes the labels in this screen Table 129 Monitor Device Status LABEL DESCRIPTION Page Size Select this from the list box to set up t...

Страница 268: ...o the Vantage CNM server since last booted up Up Time This displays how long the device has been on since last booted up Extension Card Status Turbe Card display means a turbo card is installed in thi...

Страница 269: ...nu bar and then click Device HA Status in the navigation panel You can see HA status in this screen only if you allow the Vantage CNM able to monitor the device HA status for the device Refer to Figur...

Страница 270: ...device are inactive If the device is a backup deivce the possible status are Active All VRRP interfaces status on the device are active Stand By All VRRP interfaces status on the device are Stand By F...

Страница 271: ...ere are four alarm severity classifications Table 131 Types of Alarms TYPE DESCRIPTION All This displays all types of alarms Device This is an alarm such as hardware failure or the network connection...

Страница 272: ...panel Figure 151 Monitor Device Alarm Unresolved Alarm Table 133 Alarm States STATE DESCRIPTION Active This is the initial state of an alarm which means this alarm is new and no one has assumed respon...

Страница 273: ...the alarm Category This field displays the type of alarm Severity This field displays the alarm severity Time This field displays the time the alarm occurred Message This field displays the reason the...

Страница 274: ...for which you wish to view alarms Responder Select alarms based on the administrator who is supposed to respond to them Retrieve Click this to update the list of alarms based on the specified criteri...

Страница 275: ...5 on page 273 Total Records This entry displays the total number of records on the current page of the list Clear All Click this to remove all of the alarms in the list from the monitor See Section 1...

Страница 276: ...Chapter 17 Device Alarm Vantage CNM User s Guide 276...

Страница 277: ...277 PART V Log Report Device Operation Report 279 CNM Logs 291 VRPT 293...

Страница 278: ...278...

Страница 279: ...that Vantage CNM signals the device to request a firmware FTP upload from Vantage CNM This report shows a summary of firmware upgrades See Section 10 3 on page 237 To open this screen click Log Report...

Страница 280: ...each page This is the number of an individual entry Action Time This displays the time at which the upgrade was performed Device Name This is available if you select showing by device This displays th...

Страница 281: ...ce Upgrade To This displays the firmware version the device was upgraded to Page Size Select this from the list box to set up how many records you want to see in each page This field shows the index n...

Страница 282: ...You can click the label to sort by this column Action Time This is available if you select showing by group This field displays the date and time the operation was requested Device Type This displays...

Страница 283: ...olumn Feature This field displays the settings that are affected by the operation You can click the label to sort by this column Operation Type This field displays the operation type of the configurat...

Страница 284: ...r to Section 9 2 1 on page 215 To open this screen click Log Report in the menu bar and then Operation Report Configuration File Backup Restore Report Backup Report in the navigation panel Figure 159...

Страница 285: ...ect showing by device This displays the device name for the configuration file backup File Name This is available if you select showing by device This displays the backup file name Group File Name Thi...

Страница 286: ...File Name This displays the group configuration backup file name for this report Page Size Select this from the list box to set up how many records you want to see in each page This is the number of a...

Страница 287: ...any records you want to see in each page This is the number of an individual entry Action Time This is available if you select showing by group This field displays the date and time the operation was...

Страница 288: ...entered when this operation was created Admin This field displays the name of the administrator who performed the operation Show Detail Click this to open a screen where you can see detailed informat...

Страница 289: ...of the operation You can click the label to sort by this column Result This displays the result the operation was performed You can click the label to sort by this column Description This is addional...

Страница 290: ...rsion of the profile the restore was requested Type This displays the signature profile type of the operation You can click the label to sort by this column Result This displays the result the operati...

Страница 291: ...to view and configure Vantage CNM system log preferences 19 1 1 CNM Logs You can view system logs for previous day the last two days or up to one week here To open this screen click Log Report in the...

Страница 292: ...e message you want to view Vantage CNM logs Retrieve Click Retrieve for Vantage CNM to pull the logs from the selected device Page Size Select this from the list box to set up how many records you wan...

Страница 293: ...nage monitor and gather statistics on devices located worldwide With Vantage Report you can monitor network access enhance security and anticipate future bandwidth needs A typical application is illus...

Страница 294: ...in Figure 168 on page 294 but every instance of Vantage Report shares the same global configuration SMTP settings and list of customized services in Vantage CNM 20 3 Setting Up Vantage Report in Vanta...

Страница 295: ...by Vantage Report and click Log Report VRPT Then you can see the device s relative reports displayed via Vantage Report in the Vantage CNM as shown next Figure 169 Log Report VRPT Vantage Report Main...

Страница 296: ...Chapter 20 VRPT Vantage CNM User s Guide 296...

Страница 297: ...297 PART VI CNM System Setting CNM System Setting 299 Maintenance 313 Device Owner 315 Vantage CNM Software Upgrade 317 License Upgrade 319 About Vantage CNM 321...

Страница 298: ...298...

Страница 299: ...notifications and reports in this screen These IP addresses will be the same as the Vantage CNM server computer if they are all on the same computer The FTP server is used for file transfers such as...

Страница 300: ...this field A wrong IP address may cause inconsistent settings on the Vantage CNM and managed devices Web HTTPS Port This field displays the port number the Vantage CNM server uses for HTTPS communicat...

Страница 301: ...t managed devices or restart Vantage CNM see 4a and 4b to reset the communication between Vantage CNM and devices Wait about 5 minutes until the device is ready and registers with Vantage CNM You don...

Страница 302: ...ess of the FTP server You can change this value in CNM System Setting Configuration Servers Configuration See Section 21 1 on page 299 Click Check to test if the connection to the server is up Mail Se...

Страница 303: ...refers to the e mail address of the device owner configured in the Device Owner screen Table 148 CNM System Setting Configuration User Access LABEL DESCRIPTION Maximum Concurrent Users Type the maximu...

Страница 304: ...Setting Configuration Notification The following table describes the fields in this screen Table 149 CNM System Setting Configuration Notification LABEL DESCRIPTION Category This is the category for d...

Страница 305: ...cide a threshold to indicate an alarm when a device s alarm severity is higher than the selected level You can also select what type of system logs you wish to log as shown in the following screen To...

Страница 306: ...tance in Vantage CNM Click the name to test whether the connection is ok Syslog Server Address This field displays the IP address of the Vantage Report instance Version This field displays the softwar...

Страница 307: ...vices to VRPT Server Click the icon and the associated devices screen appears where you can select associated device s to this VRPT server Click Add to return to the previous screen and the selected d...

Страница 308: ...wn private key to encrypt a message and Tim uses Jenny s public key to decrypt the message The device uses certificates based on public key cryptology to authenticate users attempting to establish a c...

Страница 309: ...which the device uses to sign imported trusted remote host certificates CERT represents a certificate issued by a certification authority Subject This field displays identifying information about the...

Страница 310: ...ic characters underscores _ or dashes Common Name Type the IP address or domain name used to identify the certificate s owner You can use 1 32 printable ASCII characters Spaces are not allowed Organiz...

Страница 311: ...keystore file to use Choices are PKCS 12 PKCS12 and Java Key Store JKS PKCS 12 is a common standard for X 509 certificates Java Key Store may be used by standalone Java clients using SSL communication...

Страница 312: ...Chapter 21 CNM System Setting Vantage CNM User s Guide 312...

Страница 313: ...e System The following table describes the fields in this screen Table 155 CNM System Setting Maintenance System LABEL DESCRIPTION This is the number of an individual entry Name This field displays th...

Страница 314: ...schedule before a system backup Figure 181 CNM System Setting Maintenance System Backup The following table describes the fields in this screen Restore Click this to restore a system backup file Note...

Страница 315: ...ing Device Owner The following table describes the labels in this screen 23 0 1 Add Edit a Device Owner Use this screen to add or edit an entry in the address book To open this screen click Add to cre...

Страница 316: ...ress Line2 Type the additional address information if the Address Line1 field is not long enough for the whole mailling address City Type the city name where this person is located State Type the stat...

Страница 317: ...tware Upgrade Use this screen to view the current Vantage CNM software version or perform a software upgrade To open this screen click CNM System Setting in the menu bar and then click Upgrade in the...

Страница 318: ...Chapter 24 Vantage CNM Software Upgrade Vantage CNM User s Guide 318...

Страница 319: ...n the trial period Trial or in the licensed period Standard Account on myZyXEL com This is the account you used to register the Vantage CNM Authenitcation Code AC This is an automatically generated co...

Страница 320: ...ecific number of ZyXEL devices It can be found in the iCard Type a license key to the License Key field and click Apply to increase the maximum device number the Vantage CNM is allowed to manage Click...

Страница 321: ...out Vantage CNM Use this screen to see Vantage CNM s software version release date and the copyright To open this screen click CNM System Setting in the menu bar and then click About in the navigation...

Страница 322: ...Chapter 26 About Vantage CNM Vantage CNM User s Guide 322...

Страница 323: ...323 PART VII Account Management Group 325 Account 329...

Страница 324: ...324...

Страница 325: ...Vantage CNM The user is an administrator who uses one user account to login the Vantage CNM and perform tasks in Vantage CNM 27 1 User Groups A user group is a pre defined set of administrator permiss...

Страница 326: ...nt Group screen Figure 189 Account Management Group Add Table 160 Account Management Group LABEL DESCRIPTION This is the number of an individual entry Group Name This field displays the group name Cre...

Страница 327: ...to access the functions associated to the Device Operation and VPN Management menus in the menu bar Monitor Select this to allow the administrator to access the functions associated to the Monitor men...

Страница 328: ...Chapter 27 Group Vantage CNM User s Guide 328...

Страница 329: ...ot administrator can exist 2 Only root can change his her own personal information except for UID User Identification 3 Only root can see all other Administrators Other Administrators can only see Adm...

Страница 330: ...ION This is the number of an individual entry Username This is the administrator name for identification purposes Group Name This is the group name the user belongs to Status This field displays if th...

Страница 331: ...r this Administrator Administration Group Select the group for this Administrator belongs to Address Line1 Type up to 64 charactors of a mailing address for this person Address Line2 Type the addition...

Страница 332: ...Chapter 28 Account Vantage CNM User s Guide 332...

Страница 333: ...333 PART VIII Troubleshooting Troubleshooting 335...

Страница 334: ...334...

Страница 335: ...ur Internet browser does not block pop up windows and has Java Scripts and Java enabled See Appendix C on page 361 2 Make sure you are using the correct IP address 3 If the problem continues contact y...

Страница 336: ...es or Vantage CNM server to reset the connections See the procedure to change this IP address in the Section 21 1 1 on page 301 3 Device firmware backup restore or configuration file backup restore on...

Страница 337: ...the amount of available disk space on the Vantage Report server If it is less than the value in Appendix A on page 341 the Vantage Report server stops receiving log entries 4 Make sure your devices su...

Страница 338: ...Chapter 29 Troubleshooting Vantage CNM User s Guide 338...

Страница 339: ...omputer s IP Address 345 Pop up Windows Java Scripts and Java Permissions 361 IP Addresses and Subnetting 367 IP Address Assignment Conflicts 375 Common Services 379 Importing Certificates 383 Open So...

Страница 340: ...340...

Страница 341: ...pository Domain Administration One domain per administrator Multiple administrators per domain Different privileges for each administrator Device Configuration Vantage CNM s Configuration menu Device...

Страница 342: ...2 01 or later ZyWALL USG 300 1000 2 01 or later P 662H W D1 P 662H W 61 P 662HW 63 P 653HWI 17 3 40 Table 167 Trusted CAs Keystore type jks Keystore provider SUN CA DATE MD5 FINGERPRINT equifaxsecure...

Страница 343: ...E7 68 0D equifaxsecureca Jul 19 2003 67 CB 9D C0 13 24 8A 82 9B B2 17 1E D1 1B EC D4 verisignclass3g2ca Mar 26 2004 A2 33 9B 4C 74 78 73 D4 6C E7 C1 F3 8D CB 5C E9 thawtepremiumserverca Feb 13 1999 06...

Страница 344: ...e 168 Port Number Specifications FEATURE SPECIFICATION MySQL port number 3316 Table 169 System Notifications Specifications FEATURE SPECIFICATION Maximum number of records in any table in the database...

Страница 345: ...f a third party TCP IP application package TCP IP should already be installed on computers using Windows NT 2000 XP Macintosh OS 7 and later operating systems After the appropriate TCP IP components a...

Страница 346: ...en click Add 3 Select the manufacturer and model of your network adapter and then click OK If you need TCP IP 1 In the Network window click Add 2 Select Protocol and then click Add 3 Select Microsoft...

Страница 347: ...elect Obtain an IP address automatically If you have a static IP address select Specify an IP address and type your information into the IP Address and Subnet Mask fields Figure 193 Windows 95 98 Me T...

Страница 348: ...ose the TCP IP Properties window 6 Click OK to close the Network window Insert the Windows CD if prompted 7 Turn on your device and restart your computer when prompted Verifying Settings 1 Click Start...

Страница 349: ...NM User s Guide 349 Figure 195 Windows XP Start Menu 2 In the Control Panel double click Network Connections Network and Dial up Connections in Windows 2000 NT Figure 196 Windows XP Control Panel 3 Ri...

Страница 350: ...b in Win XP and then click Properties Figure 198 Windows XP Local Area Connection Properties 5 The Internet Protocol TCP IP Properties window opens the General tab in Windows XP If you have a dynamic...

Страница 351: ...dd In TCP IP Address type an IP address in IP address and a subnet mask in Subnet mask and then click Add Repeat the above two steps for each IP address you want to add Configure additional default ga...

Страница 352: ...he General tab in Windows XP Click Obtain DNS server address automatically if you do not know your DNS server IP address es If you know your DNS server IP address es click Use the following DNS server...

Страница 353: ...ork Connections window Network and Dial up Connections in Windows 2000 NT 11 Turn on your device and restart your computer if prompted Verifying Settings 1 Click Start All Programs Accessories and the...

Страница 354: ...acintosh OS 8 9 Apple Menu 2 Select Ethernet built in from the Connect via list Figure 203 Macintosh OS 8 9 TCP IP 3 For dynamically assigned settings select Using DHCP Server from the Configure list...

Страница 355: ...nfiguration 7 Turn on your device and restart your computer if prompted Verifying Settings Check your TCP IP properties in the TCP IP Control Panel window Macintosh OS X 1 Click the Apple menu and cli...

Страница 356: ...t mask in the Subnet mask box Type the IP address of your device in the Router address box 5 Click Apply Now and close the window 6 Turn on your device and restart your computer if prompted Verifying...

Страница 357: ...ow to configure your computer IP address using the KDE 1 Click the Red Hat button located on the bottom left corner select System Setting and click Network Figure 206 Red Hat 9 0 KDE Network Configura...

Страница 358: ...0 KDE Network Configuration DNS 5 Click the Devices tab 6 Click the Activate button to apply the changes The following screen displays Click Yes to save the changes in all screens Figure 209 Red Hat 9...

Страница 359: ...n the etc directory The following figure shows an example where two DNS server IP addresses are specified Figure 212 Red Hat 9 0 DNS Settings in resolv conf 3 After you edit and save the configuration...

Страница 360: ...s root localhost ifconfig eth0 Link encap Ethernet HWaddr 00 50 BA 72 5B 44 inet addr 10 1 19 129 Bcast 10 1 19 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 717 e...

Страница 361: ...ernet Explorer Pop up Blockers You may have to disable pop up blocking to log into your device Either disable pop up blocking enabled by default in Windows XP SP Service Pack 2 or allow pop up blockin...

Страница 362: ...web pop up blockers you may have enabled Figure 216 Internet Options Privacy 3 Click Apply to save this setting Enable pop up Blockers with Exceptions Alternatively if you only want to allow pop up w...

Страница 363: ...ide 363 Figure 217 Internet Options Privacy 3 Type the IP address of your device the web page that you do not want to have blocked with the prefix http For example http 192 168 167 1 4 Click Add to mo...

Страница 364: ...play properly in Internet Explorer check that Java Scripts are allowed 1 In Internet Explorer click Tools Internet Options and then the Security tab Figure 219 Internet Options Security 2 Click the Cu...

Страница 365: ...tings Java Scripting Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button 3 Scroll down to Microsoft VM 4 Under Java permiss...

Страница 366: ...Permissions Vantage CNM User s Guide 366 JAVA Sun 1 From Internet Explorer click Tools Internet Options and then the Advanced tab 2 Make sure that Use Java 2 for applet under Java Sun is selected 3 C...

Страница 367: ...hare a common street name the hosts on a network share a common network number Similarly as each house has its own house number each host on the network has its own unique identifying number the host...

Страница 368: ...s part of the host ID The following example shows a subnet mask identifying the network number in bold text and host ID of an IP address 192 168 1 2 in decimal By convention subnet masks always consis...

Страница 369: ...by a continuous number of zeros for the remainder of the 32 bit mask you can simply specify the number of ones instead of writing the value of each octet This is usually specified by writing a follow...

Страница 370: ...ows the company network before subnetting Figure 224 Subnetting Example Before Subnetting You can borrow one of the host ID bits to divide the network 192 168 1 0 into two separate sub networks The su...

Страница 371: ...8 1 254 Example Four Subnets The previous example illustrated using a 25 bit subnet mask to divide a 24 bit address into two subnets Similarly to divide a 24 bit address into four subnets you need to...

Страница 372: ...bnet 3 IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 128 IP Address Binary 11000000 10101000 00000001 10000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet A...

Страница 373: ...T BITS SUBNET MASK NO SUBNETS NO HOSTS PER SUBNET 1 255 255 255 128 25 2 126 2 255 255 255 192 26 4 62 3 255 255 255 224 27 8 30 4 255 255 255 240 28 16 14 5 255 255 255 248 29 32 6 6 255 255 255 252...

Страница 374: ...d You don t need to change the subnet mask computed by the device unless you are instructed to do otherwise Private IP Addresses Every machine on the Internet must have a unique address If your networ...

Страница 375: ...of a computer on the LAN Figure 226 IP Address Conflicts Case A You must set the device to use different LAN and WAN IP addresses on different subnets if you enable DHCP server on the device For exam...

Страница 376: ...if you enable DHCP server on the device For example you set the WAN IP address to 192 59 1 1 and the LAN IP address to 10 59 1 1 Otherwise It is recommended the device uses a public WAN IP address Cas...

Страница 377: ...Address Assignment Conflicts Vantage CNM User s Guide 377 Figure 229 IP Address Conflicts Case D This problem can be solved by adding a VLAN enabled switch or set the computers to obtain IP addresses...

Страница 378: ...Appendix E IP Address Assignment Conflicts Vantage CNM User s Guide 378...

Страница 379: ...is USER this is the IP protocol number Description This is a brief explanation of the applications that use this service or the situations in which this service is used Table 183 Commonly Used Service...

Страница 380: ...ram NEWS TCP 144 A protocol for news groups NFS UDP 2049 Network File System NFS is a client server distributed file service that provides transparent file sharing for network environments NNTP TCP 11...

Страница 381: ...idrange systems UNIX systems and network servers SSH TCP UDP 22 Secure Shell Remote Login Program STRM WORKS UDP 1558 Stream Works Protocol SYSLOG UDP 514 Syslog allows you to send system logs to a UN...

Страница 382: ...Appendix F Common Services Vantage CNM User s Guide 382...

Страница 383: ...ng the Vantage CNM s Certificate into Internet Explorer For Internet Explorer to trust a self signed certificate from Vantage CNM simply import the self signed certificate into your operating system a...

Страница 384: ...s Vantage CNM User s Guide 384 Figure 231 Login Screen 2 Click Install Certificate to open the Install Certificate wizard Figure 232 Certificate General Information before Import 3 Click Next to begin...

Страница 385: ...ntage CNM User s Guide 385 Figure 233 Certificate Import Wizard 1 4 Select where you would like to store the certificate and then click Next Figure 234 Certificate Import Wizard 2 5 Click Finish to co...

Страница 386: ...Appendix G Importing Certificates Vantage CNM User s Guide 386 Figure 235 Certificate Import Wizard 3 6 Click Yes to add the Vantage CNM certificate to the root store Figure 236 Root Certificate Store...

Страница 387: ...eds a certificate if Authenticate Client Certificates is selected on the device You must have imported at least one trusted CA to the device in order for the Authenticate Client Certificates to be act...

Страница 388: ...ed CA Screen The CA sends you a package containing the CA s trusted certificate s your personal certificate s and a password to install the personal certificate s Installing the CA s Certificate 1 Dou...

Страница 389: ...r in this appendix Installing Your Personal Certificate s You need a password in advance The CA may issue the password or you may have to specify it during the enrollment Double click the personal cer...

Страница 390: ...box Click Browse if you wish to import a different certificate Figure 241 Personal Certificate Import Wizard 2 3 Enter the password given to you by the CA Figure 242 Personal Certificate Import Wizar...

Страница 391: ...tificate Import Wizard 4 5 Click Finish to complete the wizard and begin the import process Figure 244 Personal Certificate Import Wizard 5 6 You should see the following screen when the certificate i...

Страница 392: ...browser s web address field Figure 246 Access the Device Via HTTPS 2 When Authenticate Client Certificates is selected on the device the following screen asks you to select a personal certificate to...

Страница 393: ...he distribution 3 The name ExoLab must not be used to endorse or promote products derived from this Software without prior written permission of ExoLab Group For written permission please contact info...

Страница 394: ...entation and conversions to other media types Work shall mean the work of authorship whether in Source or Object form made available under the License as indicated by a copyright notice that is includ...

Страница 395: ...c You must retain in the Source form of any Derivative Works that You distribute all copyright patent trademark and attribution notices from the Source form of the Work excluding those notices that d...

Страница 396: ...of such damages 9 Accepting Warranty or Additional Liability While redistributing the Work or Derivative Works thereof You may choose to offer and charge a fee for acceptance of support warranty inde...

Страница 397: ...opyright C 2002 Lee David Painter All right reserved GNU LESSER GENERAL PUBLIC LICENSE Version 2 1 February 1999 Copyright C 1991 1999 Free Software Foundation Inc 59 Temple Place Suite 330 Boston MA...

Страница 398: ...to certain designated libraries and is quite different from the ordinary General Public License We use this license for certain libraries in order to permit linking those libraries into non free prog...

Страница 399: ...ricted and output from such a program is covered only if its contents constitute a work based on the Library independent of the use of the Library in a tool for writing it Whether that is true depends...

Страница 400: ...er Section 2 in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine readable source code which must be distr...

Страница 401: ...on is interface compatible with the version that the work was made with c Accompany the work with a written offer valid for at least three years to give the same user the materials specified in Subsec...

Страница 402: ...ies directly or indirectly through you then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library If any portion of this section is held...

Страница 403: ...ANY COPYRIGHT HOLDER OR ANY OTHER PARTY WHO MAY MODIFY AND OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE BE LIABLE TO YOU FOR DAMAGES INCLUDING ANY GENERAL SPECIAL INCIDENTAL OR CONSEQUENTIAL DAMAGE...

Страница 404: ...ed at all The precise terms and conditions for copying distribution and modification follow TERMS AND CONDITIONS FOR COPYING DISTRIBUTION AND MODIFICATION 0 This License applies to any program or othe...

Страница 405: ...of a storage or distribution medium does not bring the other work under the scope of this License 3 You may copy and distribute the Program or a work based on it under Section 2 in object code or exe...

Страница 406: ...ndirectly through you then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program If any portion of this section is held invalid or unenf...

Страница 407: ...LDER OR ANY OTHER PARTY WHO MAY MODIFY AND OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE BE LIABLE TO YOU FOR DAMAGES INCLUDING ANY GENERAL SPECIAL INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF...

Страница 408: ...un desires that Doug Lea utilize certain Java Software technologies in the util concurrent technology Therefore the parties agree as follows effective May 31 2002 Java Software technologies means clas...

Страница 409: ...form of the Software complete and unmodified for the sole purpose of designing developing testing and running your Java applets and applications intended to run on Java enabled general purpose deskto...

Страница 410: ...nditions are not presented on installation the Software Updates will be considered part of the Software and subject to the terms and conditions of the Agreement 6 Notice of Automatic Downloads You ack...

Страница 411: ...ries please contact Sun Microsystems Inc 4150 Network Circle Santa Clara California 95054 U S A LFI 134402 Form ID 011801 This Product includes Spring 2 0 version under Spring license Revision 62 1 5...

Страница 412: ...ALLING THE SOFTWARE WILL INDICATE YOUR ASSENT TO THEM IF YOU DO NOT AGREE TO THESE TERMS THEN ZyXEL INC IS UNWILLING TO LICENSE THE SOFTWARE TO YOU IN WHICH EVENT YOU SHOULD RETURN THE UNINSTALLED SOF...

Страница 413: ...tain the confidentiality of your own most confidential information You agree to reasonably communicate the terms and conditions of this License Agreement to those persons employed by you who come into...

Страница 414: ...ERIODICALLY INSPECT AND AUDIT YOUR RECORDS TO ENSURE YOUR COMPLIANCE WITH THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT 10 Termination This License Agreement is effective until it is terminated Y...

Страница 415: ...ve if it is in writing and signed by both parties hereto If any part of this License Agreement is found invalid or unenforceable by a court of competent jurisdiction the remainder of this License Agre...

Страница 416: ...Appendix H Open Software Announcements Vantage CNM User s Guide 416...

Страница 417: ...ZyXEL Network Operating System is a registered trademark of ZyXEL Communications Inc Other trademarks mentioned in this publication are used for identification purposes only and may be properties of t...

Страница 418: ...rization number RMA Products must be returned Postage Prepaid It is recommended that the unit be insured when shipped Any returned products without proof of purchase or those with an out dated warrant...

Страница 419: ...mail support zyxel com tw Sales E mail sales zyxel com tw Telephone 886 3 578 3942 Fax 886 3 578 2439 Web www zyxel com www europe zyxel com FTP ftp zyxel com ftp europe zyxel com Regular Mail ZyXEL...

Страница 420: ...448 Web www zyxel fi Regular Mail ZyXEL Communications Oy Malminkaari 10 00700 Helsinki Finland France E mail info zyxel fr Telephone 33 4 72 52 97 97 Fax 33 4 72 52 19 20 Web www zyxel fr Regular Mai...

Страница 421: ...agawa ku Tokyo 141 0022 Japan Kazakhstan Support http zyxel kz support Sales E mail sales zyxel kz Telephone 7 3272 590 698 Fax 7 3272 590 689 Web www zyxel kz Regular Mail ZyXEL Kazakhstan 43 Dostyk...

Страница 422: ...Okrzei 1A 03 715 Warszawa Poland Russia Support http zyxel ru support Sales E mail sales zyxel ru Telephone 7 095 542 89 29 Fax 7 095 542 89 25 Web www zyxel ru Regular Mail ZyXEL Russia Ostrovityanov...

Страница 423: ...il ZyXEL Thailand Co Ltd 1 1 Moo 2 Ratchaphruk Road Bangrak Noi Muang Nonthaburi 11000 Thailand Ukraine Support E mail support ua zyxel com Sales E mail sales ua zyxel com Telephone 380 44 247 69 78 F...

Страница 424: ...Appendix J Customer Support Vantage CNM User s Guide 424...

Страница 425: ...ion 419 copyright 417 create a group folder 39 customer support 419 D delete a device group 40 device owners alarms 303 304 notifications 303 304 storing in address book 315 device search 45 device wi...

Страница 426: ...cations 303 304 SMTP server 299 O object pane devices 40 P product registration 418 R registration product 418 related documentation 3 Remote Access 251 252 remove a group folder 40 report window 35 r...

Страница 427: ...44 User Lockout 303 V Vantage Report 306 in Vantage CNM 294 opening in Vantage CNM 295 setting up 294 setting up devices for 307 setting up instances of 306 typical application 293 views icons 38 VPN...

Страница 428: ...Index Vantage CNM User s Guide 428...

Страница 429: ...Index Vantage CNM User s Guide 429...

Страница 430: ...Index Vantage CNM User s Guide 430...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды