• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 724
  • Last Modified:

Sonicwall TZ100: howot monitor a specific (suspicious) object?

Hi,

I'd like to specifically monitor an object/ip in my network. Can I monitor it and get alerts when it behaves specifically (f.e. makes connections to russian ip's)?
I have a default TZ100 Sonicwall (updated to latest Dell firmware).

J.
0
janhoedt
Asked:
janhoedt
1 Solution
 
Blue Street TechLast KnightCommented:
Hi janhoedt,

For detailed user reporting you'll need the Analyser: http://www.sonicwall.com/us/en/products/Analyzer.html

You can also create Access Rules to block their HTTP traffic to specific IP range, network, etc.

But I think there is a bigger issue here dealing with HR unless you currently do business with Russian companies. Otherwise, you may want to consider a TZ 215 when you go to purchase your next firewall, which has Geo-IP Filtering that you can control.

Here's a little bit more on these concepts:

Geo-IP Filter
The Geo-IP Filter feature allows administrators to block connections to or from a geographic location based. The SonicWALL appliance uses IP address to determine to the location of the connection.

Botnet Filter
The Botnet Filtering feature allows administrators to block connections to or from Botnet command and control servers.
0
 
ZabagaRCommented:
From the System selection, pick Packet Monitor. Click the Configure button. Click the Monitor Filter tab. Enter as much specific information as you want. You could just enter destination IP or range. Use the logging tab to save the collected information as a file on an FTP server.

After you're all set up, click START CAPTURE button. Turn it off when you're done.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now