Login
- Table of Contents
-
- 04-DPI Configuration Guide
- 00-Preface
- 01-DPI overview
- 02-DPI engine configuration
- 03-IPS configuration
- 04-URL filtering configuration
- 05-Data filtering configuration
- 06-File filtering configuration
- 07-Anti-virus configuration
- 08-Data analysis center configuration
- 09-Proxy policy configuration
- 10-WAF configuration
- 11-IP reputation configuration
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 08-Data analysis center configuration | 68.69 KB |
Configuring the data analysis center
About the data analysis center
Restrictions and guidelines: Data analysis center configuration
Data analysis center tasks at a glance
Configuring report subscription
Configuring report subscribers
Configuring data storage limits for a service
Display and maintenance commands for data analysis center
Configuring the data analysis center
About the data analysis center
The data analysis center collects and analyzes log data for services and provides the analysis results in various forms of reports through the Web interface. It supports log data storage, traffic monitoring, and report analysis. This feature allows you to learn about the service traffic statistics and the network security status, helping you make decisions when customizing service policies.
Log data storage and analysis
The data analysis center collects log data from various service modules for central analysis and reporting. The log data are preferably stored in a hard disk. If the hard disk is not present or the disk space is full, the data are stored in the memory.
Traffic monitoring
The data analysis center generates real-time traffic trend and statistics reports from various perspectives, such as user, application, and IP address. These reports help you monitor the network traffic, locate network vulnerabilities, and secure the network against potential attacks.
Reporting
In addition to the traffic monitoring reports, you can also configure the data analysis center to generate the following types of reports and send them to designated subscribers:
· Summary report—Displays summarized service traffic statistics collected over a time range.
· Comparison report—Provides comparison of service traffic statistics collected over two time ranges that contain the same number of days.
· Intelligent report—Provides intelligent analysis of users' work efficiency, data leakage, and turnover risks based on their network access behaviors.
· Integrated report—Illustrates the overall device operational and network security status based on analysis of critical service statistics.
Restrictions and guidelines: Data analysis center configuration
You can configure the data analysis center at the CLI. The reports generated by the data analysis center are available only in the Web interface.
Data analysis center tasks at a glance
To configure the data analysis center, perform the following tasks:
1. Configuring report subscription
¡ Configuring report subscribers
2. Configuring data storage limits for a service
Configuring report subscription
About report subscription
After you add a subscriber for a report, the report will be sent to the subscriber through email.
For the subscribers to receive the report, you must configure the email server.
By default, the daily report is sent during the least busy hours (1 a.m. to 5 a.m.). The monthly report of the previous month is sent on the first day of each month. The report sending time cannot be changed.
Configure the email server
1. Enter system view.
system-view
2. Specify the email server address.
dac email-server server-address address-string
By default, no email server is specified for the data analysis center.
3. Specify the email sender address.
dac email-server sender address-string
By default, the email sender address is not specified.
4. (Optional.) Specify the DNS server address.
dac email-server dns-server ip-address
By default, no DNS server address is specified.
5. (Optional.) Configure email client authentication.
a. Enable email client authentication.
dac email-server client-authentication enable
By default, email client authentication is disabled.
b. Specify the username for email client authentication.
dac email-server username username
By default, no username is specified for email client authentication.
c. Specify the password for email client authentication.
dac email-server password { cipher | simple } string
By default, no password is specified for email client authentication.
d. Enable secure transmission of client authentication credentials.
dac email-server secure-authentication enable
By default, secure transmission of client authentication credentials is disabled.
Configuring report subscribers
1. Enter system view.
system-view
2. Configure a subscriber for a report type.
dac report type { comparison | integrated | intelligent | summary } subscriber mail-address
By default, no report subscribers are configured.
Configuring data storage limits for a service
About this task
Perform this task to set the storage time limit, storage space usage limit, and the storage limit-violated action for a service.
The data analysis center periodically checks the data of each service to determine if the storage time or storage space usage limit is exceed.
· If a storage limit is exceeded and the action is delete, the system deletes the expired or the oldest service data. A log will be generated to report the event.
· If a storage limit is exceeded and the action is log-only, the system generates a log message. New data will not be saved.
Procedure
1. Enter system view.
system-view
2. Set the storage time limit, storage space usage limit, or the storage limit-triggered action for a service.
dac storage service { audit | file-filter | threat | traffic | url-filter } limit { hold-time time-value | usage usage-value | action { delete | log-only } }
By default:
¡ The service data can be saved for a maximum of 365 days.
¡ The data of each service can occupy up to 20% of the total storage space.
¡ If the storage time or storage space usage limit is exceeded, the system deletes the expired or the oldest data.
Display and maintenance commands for data analysis center
Execute the display commands in any view.
|
Task |
Command |
|
Display the email server configuration. |
display dac email-server |
|
Display the report subscription information. |
display dac report [ comparison | integrated | intelligent | summary ] |
|
Display the service storage limit settings. |
display dac storage [ audit | file-filter | threat | traffic | url-filter ] |
