Alerts

This topic is ONLY relevant to security gateways. It is NOT relevant to managed switches.

Overview


Figure 1.  Example Internet Alerts Page

Using the Internet Alerts page (Fig. 1), you can customize several alerts sent by the system:  Worm and Firewall Alerts, Environmental Alerts, and Extended Alerts.

Warning Thresholds, Absolute Thresholds, and Extraordinary Usage Alerts are configured on the relevant WAN and Cell pages.

Emails are sent when an alert is triggered or a threshold reached.  You can specify who receives these emails for your selected Mako on the Configure >> Access >> Email Settings page. You can also configure who receives these alerts across your company on the Management >> Company >> Manage [Company] >> Custom Settings >> Email Settings page.

Worm and Firewall Alerts


Figure 2.  Example Worm and Firewall Alerts

Worm and Firewall Alerts (Fig. 2) send emails when the Mako detects that it is under attack.

Worm Detection Threshold

This threshold allows you to determine how the Mako detects potential worms on your network.  By default the Mako is “Aggressive” in its detection. However, you can change this to “Moderate” or “Lenient” if you encounter too many false alerts.  Each setting allows a different number of new connections to the internet for a particular PC over a 10 minute period:

  • Aggressive:  1000 new connections / 10 minutes
  • Moderate:  1200 new connections / 10 minutes
  • Lenient:  1500 new connections / 10 minutes

You can also choose “Disabled” to disable this alert.

Portscan Detection Threshold

This threshold allows you to determine how the Mako detects potential TCP and UDP port scans.  By default the Mako is “Aggressive” in its detection. However, you can change this to “Moderate” or “Lenient” if you encounter too many false alerts.  The portscan detection works on a weight-based system where a connection to a low port (<=1024) has a weight of 3 and a connection to a high port (>1024) has a weight of 1.  Each setting allows a different weighted number of new connections from the same external machine/host over a 3 second period:

  • Aggressive:  allowed weight of 7 / 3 seconds
  • Moderate:  allowed weight of 15 / 3 seconds
  • Lenient:  allowed weight of 30 / 3 seconds

You can also choose “Disabled” to disable this alert.

Environmental Alerts


Figure 3.  Example Environmental Alerts

Environmental Alerts (Fig. 3) send emails when the Mako’s environment or physical condition is not suitable for operation.

Temperature Alert

This alert triggers when the temperature inside the Mako exceeds the given threshold.  By default this is 58°C/136°F. The Mako is not designed to work in environments over 60°C/140°F. Prolonged exposure to high temperatures may damage the Mako and should be avoided.

Choose a threshold value using the Alert when temperature over ___ dropdown.  Thresholds range from 50°C/122°F to 85°C/185°F.  You can also choose “Disabled” to disable this alert.

Extended Alerts


Figure 4.  Example Extended Alerts

Extended Alerts (Fig. 4) send emails when the Mako has spent more than the specified time in a given situation, such as offline or failed over to its backup Internet connection.

Thresholds can be used as part of third party monitoring and support systems. There are no specific criteria for what defines Threshold 1 and Threshold 2 beyond the user-specified values.

Extended Alert Type

Extended Offline Alert

This alert notifies you when the Mako has been offline for an extended period of time.  The default thresholds are 3 hours and 1 day.

Extended Failover Alert

This alert notifies you when the Mako has been failed over to its backup Internet connection for an extended period of time. The default thresholds are 1 hour and 1 day.

Extended WAN Down Alert

This alert notifies you when the Mako’s Internet connection has been down for an extended period of time. The default thresholds are 3 hours and 1 day.

Threshold 1 Threshold

Threshold 1 sends an alert to notify you of the situation.  Threshold values range from 5 minutes to 7 days. You can also choose “Inherit” to use a default value or “Disabled” to disable this alert.

Threshold 2 Threshold

Threshold 2 sends an additional alert and can be set to repeat until the situation is resolved by checking the “Repeat” checkbox.  Threshold values range from 5 minutes to 7 days. You can also choose “Inherit” to use a default value or “Disabled” to disable this alert.

Save Button

After completing any changes on this page, click the “Save Alerts” button.

Previous : Internet Permissions
Network : Next
Was this post helpful?
Please let us know if this helped you find answers.
Yes
No