Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 18 replies
  • Subscribers 30 subscribers
  • Views 31175 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

A discussion about reports.

rfcat_vk

I would like to start a discussion about reports, format, accuracy etc

 

1/. format paper size

The default and only size appears to be a US letter. There is no selection and your country location is ignored. No A4 as an example.

2/. Accuracy

The memory report does not appear to have been checked through QA.

Memory Usage
MEMORY MAX         MIN            AVERAGE
Free       2.88 GB    2.79 GB     2.83 GB
Used      2.45 GB    2.36 GB     2.42 GB
Total      5.24 GB    5.24 GB     5.24 GB

If you check the totals they do not add up and are basically meaningless.

 

What are your issues with the reports?



This thread was automatically locked due to age.
Parents
  • 0

    The interface report.

    A report added because someone thought it would nice. Almost meaningless, needs to be graph of the preceding reporting period so XG managers get a view of the internal and external network utilisation.

    The CPU graph.

    falls into the same category, you can't really tell if you have an issue during the day or when?

    The users report.

    Eventually it must report much less than a days connection because the connection time in the daily report is always more than 1 day.

  • 0 in reply to rfcat_vk

    I have created additional daily reports

    1/. blocked websites

    while this report has lots of data you cannot identify which user/ip address has had the bad site. I have not been able to find away of relating user/ip address to a bad download/site.

    One of my reports showed access to a proxy which I consider unsafe, but does not show who or what accessed the site. The list goes on and on....

  • 0 in reply to rfcat_vk

    This is a good topic. 

    My opinion is that the reports have a lot of potential, but are fairly useless right now.  I suspect that the reports were designed by people who don't really know what "real" admin's need/want to know.  Lots of room for improvement.

  • 0 in reply to Bill Roland

    So far didn't get many bites on the subject.

    Let us now look at the active reports.

    Current Activiities

    This report should be very useful, except it isn't. It shows every clientless user active (passing data) or not.

    Wireless -> wireless client report

    The IP addresses in this report are different to the active connections report. My ipad has 165, which shows in the wireless report, but in the active connections it shows as 164

     

    And the daily reports are hard to follow as a result, debugging the firewall rules is even more difficult.

  • 0 in reply to rfcat_vk

    The memory allocation issue has been fixed, but the report still fails basic maths.

    QA on XG releases is not very good.

  • 0 in reply to rfcat_vk

    Reporting is still shows false numbers.

    , and you should have a look at reporting section. What has discovered on a number of threads is true. XG is reporting false numbers inside the reports.

    Make sure you "re-design" them. Reports are one of the key used inside Organization for forensics analysis, policy and standards, auditing and ....the list is long.

    Customers will not be happy at all [:@] if they discover that reports are providing false information.

    I am not sure this is a bug but a more "by design" that should be addressed in short time.

    We are looking forward to hearing from you!

    Regards

  • 0 in reply to lferrara

    Hi Luk,

    thank you lferrara for your support, at times I think I am a lone voice and must be doing something wrong because there are not many complaints about the reports.

  • 0 in reply to rfcat_vk

    Rfcat_vk,

    this is not properly true. Many System Admins do not care about reporting. They are happy with what the appliance produces (Firewall, IPS,  SIEM, DB, etc..) but only few of them compare the reports with other data to see if they are correct.

    XG is reporting false email counting, live connection usage...I did not have the time to compare web traffic.

    So you are not alone! Maybe iView is more congruent in terms of number.

    Regards

  • 0 in reply to lferrara

    Yes, iview might be, but not all people who use XG have access to iview and if the UTM can get it correct, why can't the much pushed upgrade get it correct?

  • 0 in reply to Dean Jones

    Thanks Dean. I red that post yesterday.

    To all users:

    "Please post all the links or possible issue here, so we can raise up the Sophos Attention and have a unique threat where to find reports issue". Reports are important. They can decide more aspects inside a Company.

    Thanks to all in advance!

  • 0 in reply to lferrara

    Is Onedrive a possible source of this reporting error? I've been watching logs and reports this morning with Onedrive doing some large sync downloads in the background but I can't identify the Onedrive traffic in XG Firewall.

    As soon as I pause sync the bandwidth chart drops almost to zero but the traffic doesn't seem to be logged and counted in totals.

    Note that my total Onedrive storage is less than the really large amounts of traffic I reported in an earlier post.

Reply
  • 0 in reply to lferrara

    Is Onedrive a possible source of this reporting error? I've been watching logs and reports this morning with Onedrive doing some large sync downloads in the background but I can't identify the Onedrive traffic in XG Firewall.

    As soon as I pause sync the bandwidth chart drops almost to zero but the traffic doesn't seem to be logged and counted in totals.

    Note that my total Onedrive storage is less than the really large amounts of traffic I reported in an earlier post.

Children
No Data