Unified O&M
Unified security policy management.
Unified device performance monitoring.
Unified security signature upgrading.
After you synchronize security devices to the SMP global resources, you can perform the following operations:
Add, edit, or delete security policies.
View, synchronize, upgrade, or roll back the IPS, AV, or ARP signature libraries of the devices.
Upload, push, delete, or search for signature files.
Manage the file push tasks, and view the task state and running result.
View statistics on the managed devices, including the CPU usage, memory usage, system traffic statistics, interface traffic statistics, system concurrent sessions, and system new sessions.
Log audit and alarming
IPS/FW security event logging; log searching by multiple conditions.
IPS/FW security event logs in standard format; log information displaying by start and end time, source and destination IPs, source port, source and destination security zones, log source device name, security actions, protocol, and event severity.
Customized log aggregation for security event alarming.
SMP collects logs from devices. Based on the logs, SMP visually displays a security event's source, destination, and other details, so that administrators can know about attacks and abnormal traffic on the network. SMP also records user operations for audit and trace purposes. SMP provides powerful search. It can quickly find matching data in massive historical data from multiple dimensions, such as device, time, event severity, protocol, security action, and source/destination IP.
Report management
Predefined report templates.
Customized report tasks. You can define the report task type and execution time.
SMP has predefined five report templates. They are IPS block event, IPS attack event, IPS attack destination port, IPS attack source IP, and IPS attack destination IP. SMP supports you to customize reports based on the time, report template, and objects.