Security Router
Overview
This chapter discusses the menus that you can use to monitor the Nebula-managed Security Routers in your network and configure settings even before a Security Router is deployed and added to the site.
A Nebula Security Router is a router firewall that can be managed by Nebula. It is referred to as a Nebula Device in this chapter.
Monitor
Use the Monitor menus to check the Nebula Device information, client information, event log messages and threat report for the Nebula Device in the selected site.
Event Log
Use this screen to view Nebula Device log messages. You can enter a key word, select one or multiple event types, or specify a date/time or a time range to display only the log messages that match these criteria.
Select Range to set a time range or select Before to choose a specific date/time and the number of hours/minutes to display only the log messages generated within a certain period of time (before the specified date/time). Then click Search to update the list of logs based on the search criteria. The maximum allowable time range is 30 days.
Click Site-wide > Monitor > Security router > Event log to access this screen.
Site-wide > Monitor > Security router > Event log
Threat Report
Use this screen to view statistics for threat management categories. Click Site-wide > Monitor > Security router > Threat report to access this screen.
Site-wide > Monitor > Security router > Threat report
The following table describes the labels in this screen.
Label | Description |
|---|---|
Threat report | Select to view the report for the past day, week or month. Alternatively, select Custom range... to specify a time the report will span. You can also select the number of results you want to view in a table. Then, click Update. |
Email report | Click this button to send threat reports by email, change the logo and set email schedules. |
Location | This shows the location on the map where the blocked threats occurred by category. |
Threat Management by category | |
Category | This shows the name of the category to which the threat belongs. Click the Category to display the individual category statistics table. The category statistics table includes the following fields: • Domain/Website/IP • Hits • %Hits |
Hits | This shows the amount of hits on a specific threat category. |
% Hits | This shows the percentage of the hit counts for the threat encountered by a specific category. |
Threat Management by client | |
Description | This shows the name of the client device who encountered a threat. Click the name to display the individual client statistics table. The client statistics table includes the following fields: • Domain/Website/IP • Category • Hits • %Hits |
IPv4 address | This shows the IPv4 address of the client device who encountered a threat. |
MAC address | This shows the MAC address of the client device who encountered a threat. |
Hits | This shows the number of threat hits of the client device. |
% Hits | This shows the percentage of the hit counts encountered by a specific client device. |
VPN Connections
Use this screen to view the status of site-to-site IPSec VPN connections.
If the peer gateway is not a Nebula Device, go to the Site-wide > Configure > Security router > Site-to-Site VPN screen to view and configure a VPN rule. See Site-to-Site VPN for more information.Click Site-wide > Monitor > Security router > VPN connections to access this screen.
Site-wide > Monitor > Security router > VPN connections
The following table describes the labels in this screen.
Label | Description |
|---|---|
 | Click this button to reload the data on this page. |
Connection Status | |
Configuration | This shows the number and address of the local networks behind the Nebula Device, on which the computers are allowed to use the VPN tunnel. |
Site Connectivity | |
Location | This shows the name of the site to which the Nebula peer gateway is assigned. Click the name to view the VPN usage and connectivity status screen. |
Subnet | This shows the address of the local networks behind the Nebula peer gateway. |
Status | This shows whether the VPN tunnel is connected or disconnected. |
Last heartbeat | This shows the last date and time a heartbeat packet is sent to determine if the VPN tunnel is up or down. |
Non-Nebula VPN peers connectivity | |
Location | This shows the name of the site to which the Non-Nebula peer gateway (Zyxel or non-Zyxel IPSec VPN gateway and Cloud VPN (Azure VPN or AWS VPN)) is assigned. Click the name to go to the Site-wide > Configure > Security router > Site-to-Site VPN screen, where you can modify the VPN settings. |
Subnet | This shows the address of the local networks behind the Non-Nebula peer gateway. |
Status | This shows whether the VPN tunnel is connected or disconnected. |
Inbound | This shows the amount of traffic that has gone through the VPN tunnel from the Non-Nebula peer gateway to the Nebula Device since the VPN tunnel was established. |
Outbound | This shows the amount of traffic that has gone through the VPN tunnel from the Nebula Device to the Non-Nebula peer gateway since the VPN tunnel was established. |
Tunnel up time | This shows how many seconds the VPN tunnel has been active. |
Last heartbeat | This shows the last date and time a heartbeat packet was sent to determine if the VPN tunnel is up or down. |