1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. ZyWALL-USG50
    5. /
  5. 36
Page 176 / 944 Scroll up to view Page 171 - 175
Chapter 9 Monitor
ZyWALL USG 50 User’s Guide
176
You use the
Traffic Statistics
screen to tell the ZyWALL when to start and when
to stop collecting information for these reports. You cannot schedule data
collection; you have to start and stop it manually in the
Traffic Statistics
screen.
Figure 124
Monitor > System Status > Traffic Statistics
There is a limit on the number of records shown in the report. Please see
Table 30
on page 178
for more information. The following table describes the labels in this
screen.
Table 29
Monitor > System Status > Traffic Statistics
LABEL
DESCRIPTION
Data Collection
Collect
Statistics
Select this to have the ZyWALL collect data for the report. If the ZyWALL
has already been collecting data, the collection period displays to the
right. The progress is not tracked here real-time, but you can click the
Refresh
button to update it.
Apply
Click
Apply
to save your changes back to the ZyWALL.
Reset
Click
Reset
to return the screen to its last-saved settings.
Statistics
Interface
Select the interface from which to collect information. You can collect
information from Ethernet, VLAN, bridge and PPPoE/PPTP interfaces.
Page 177 / 944
Chapter 9 Monitor
ZyWALL USG 50 User’s Guide
177
Traffic Type
Select the type of report to display. Choices are:
Host IP Address/User
- displays the IP addresses or users with the
most traffic and how much traffic has been sent to and from each one.
Service/Port
- displays the most-used protocols or service ports and
the amount of traffic for each one.
Web Site Hits
- displays the most-visited Web sites and how many
times each one has been visited.
Each type of report has different information in the report (below).
Refresh
Click this button to update the report display.
Flush Data
Click this button to discard all of the screen’s statistics and update the
report display.
These fields are available when the
Traffic Type
is
Host IP Address/
User
.
#
This field is the rank of each record. The IP addresses and users are
sorted by the amount of traffic.
IP Address/
User
This field displays the IP address or user in this record. The maximum
number of IP addresses or users in this report is indicated in
Table 30 on
page 178
.
Direction
This field indicates whether the IP address or user is sending or receiving
traffic.
Ingress
- traffic is coming from the IP address or user to the ZyWALL.
Egress
- traffic is going from the ZyWALL to the IP address or user.
Amount
This field displays how much traffic was sent or received from the
indicated IP address or user. If the
Direction
is
Ingress
, a red bar is
displayed; if the
Direction
is
Egress
, a blue bar is displayed. The unit of
measure is bytes, Kbytes, Mbytes or Gbytes, depending on the amount
of traffic for the particular IP address or user. The count starts over at
zero if the number of bytes passes the byte count limit. See
Table 30 on
page 178
.
These fields are available when the
Traffic Type
is
Service/Port
.
#
This field is the rank of each record. The protocols and service ports are
sorted by the amount of traffic.
Service/Port
This field displays the service and port in this record. The maximum
number of services and service ports in this report is indicated in
Table
30 on page 178
.
Protocol
This field indicates what protocol the service was using.
Direction
This field indicates whether the indicated protocol or service port is
sending or receiving traffic.
Ingress
- traffic is coming into the router through the interface
Egress
- traffic is going out from the router through the interface
Table 29
Monitor > System Status > Traffic Statistics (continued)
LABEL
DESCRIPTION
Page 178 / 944
Chapter 9 Monitor
ZyWALL USG 50 User’s Guide
178
The following table displays the maximum number of records shown in the report,
the byte count limit, and the hit count limit.
9.5
The Session Monitor Screen
The
Session Monitor
screen displays information about active sessions for
debugging or statistical analysis. It is not possible to manage sessions in this
screen. The following information is displayed.
User who started the session
Protocol or service port used
Source address
Destination address
Number of bytes received (so far)
Amount
This field displays how much traffic was sent or received from the
indicated service / port. If the
Direction
is
Ingress
, a red bar is
displayed; if the
Direction
is
Egress
, a blue bar is displayed. The unit of
measure is bytes, Kbytes, Mbytes, Gbytes, or Tbytes, depending on the
amount of traffic for the particular protocol or service port. The count
starts over at zero if the number of bytes passes the byte count limit.
See
Table 30 on page 178
.
These fields are available when the
Traffic Type
is
Web Site Hits
.
#
This field is the rank of each record. The domain names are sorted by
the number of hits.
Web Site
This field displays the domain names most often visited. The ZyWALL
counts each page viewed on a Web site as another hit. The maximum
number of domain names in this report is indicated in
Table 30 on page
178
.
Hits
This field displays how many hits the Web site received. The ZyWALL
counts hits by counting HTTP GET packets. Many Web sites have HTTP
GET references to other Web sites, and the ZyWALL counts these as hits
too. The count starts over at zero if the number of hits passes the hit
count limit. See
Table 30 on page 178
.
Table 30
Maximum Values for Reports
LABEL
DESCRIPTION
Maximum
Number of
Records
20
Byte Count
Limit
2
64
bytes; this is just less than 17 million terabytes.
Hit Count Limit
2
64
hits; this is over 1.8 x 10
19
hits.
Table 29
Monitor > System Status > Traffic Statistics (continued)
LABEL
DESCRIPTION
Page 179 / 944
Chapter 9 Monitor
ZyWALL USG 50 User’s Guide
179
Number of bytes transmitted (so far)
Duration (so far)
You can look at all the active sessions by user, service, source IP address, or
destination IP address. You can also filter the information by user, protocol /
service or service group, source address, and/or destination address and view it
by user.
Click
Monitor > System Status > Session Monitor
to display the following
screen.
Figure 125
Monitor > System Status > Session Monitor
The following table describes the labels in this screen.
Table 31
Monitor > System Status > Session Monitor
LABEL
DESCRIPTION
View
Select how you want the information to be displayed. Choices are:
sessions by users
- display all active sessions grouped by user
sessions by services
- display all active sessions grouped by service or
protocol
sessions by source IP
- display all active sessions grouped by source
IP address
sessions by destination IP
- display all active sessions grouped by
destination IP address
all sessions
- filter the active sessions by the
User
,
Service
,
Source
Address
, and
Destination Address
, and display each session
individually (sorted by user).
Refresh
Click this button to update the information on the screen. The screen
also refreshes automatically when you open and close the screen.
The
User
,
Service
,
Source Address
, and
Destination Address
fields
display if you view all sessions. Select your desired filter criteria and click
the
Search
button to filter the list of sessions.
Page 180 / 944
Chapter 9 Monitor
ZyWALL USG 50 User’s Guide
180
User
This field displays when
View
is set to
all sessions
. Type the user
whose sessions you want to view. It is not possible to type part of the
user name or use wildcards in this field; you must enter the whole user
name.
Service
This field displays when
View
is set to
all sessions
. Select the service
or service group whose sessions you want to view. The ZyWALL identifies
the service by comparing the protocol and destination port of each
packet to the protocol and port of each services that is defined. (See
Chapter 37 on page 605
for more information about services.)
Source
This field displays when
View
is set to
all sessions
. Type the source IP
address whose sessions you want to view. You cannot include the source
port.
Destination
This field displays when
View
is set to
all sessions
. Type the
destination IP address whose sessions you want to view. You cannot
include the destination port.
Search
This button displays when
View
is set to
all sessions
. Click this button
to update the information on the screen using the filter criteria in the
User
,
Service
,
Source Address
, and
Destination Address
fields.
Active
Sessions
This is the total number of active sessions that matched the search
criteria.
Show
Select the number of active sessions displayed on each page. You can
use the arrow keys on the right to change pages.
User
This field displays the user in each active session.
If you are looking at the
sessions by users
(or
all sessions
) report,
click
+
or
-
to display or hide details about a user’s sessions.
Service
This field displays the protocol used in each active session.
If you are looking at the
sessions by services
report, click
+
or
-
to
display or hide details about a protocol’s sessions.
Source
This field displays the source IP address and port in each active session.
If you are looking at the
sessions by source IP
report, click
+
or
-
to
display or hide details about a source IP address’s sessions.
Destination
This field displays the destination IP address and port in each active
session.
If you are looking at the
sessions by destination IP
report, click
+
or
-
to display or hide details about a destination IP address’s sessions.
Rx
This field displays the amount of information received by the source in
the active session.
Tx
This field displays the amount of information transmitted by the source
in the active session.
Duration
This field displays the length of the active session in seconds.
Table 31
Monitor > System Status > Session Monitor (continued)
LABEL
DESCRIPTION

Rate

4.5 / 5 based on 2 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top