19.5. SMTP Log Receiver for IDS Events
187
Figure 19.3: Signature Database Update
19.5
SMTP Log Receiver for IDS Events
In order to receive notifications via e-mail of IDS events, a SMTP Log
receiver can be configured. This e-mail will contain a summery of IDS
events that has occurred in a user-configurable period of time.
When an IDS event has occurred, the D-Link firewall will wait for
seconds before sending the notification e-mail. However, the e-mail
will only be sent if the number of events occurred in this period of time is
equal to, or bigger, than
. When this e-mail has been sent,
the firewall will wait for
seconds before sending
a new e-mail.
Example:
Configuring a SMTP Log Receiver
In this example, an Intrusion Detection Rule is configured with a SMTP
Log Receiver and the following values:
Minimum Repeat Time: 600 seconds
Hold Time: 120 seconds
Log Threshold: 2 events
D-Link Firewalls User's Guide