Citrix SD-WAN

Viewing Firewall Statistics

Once you have configured firewall and NAT policies, you can view the statistics of the connections, firewall policies and NAT policies as reports. You can filter the reports using the various filtering parameters.

For information on configuring firewall and NAT policies, see Stateful Firewall and NAT Support.

Connections

You can check the statistics for Applications for the Firewall Policy. This enables you to see all connections that match to the selected Application, where they are coming from, where they are going to, and how much traffic they are generating. You can see how the firewall policies are acting on the traffic for each Application.

You can filter the connections statistics using the following parameters:

  • Application - The application used as filter criteria for the connection.
  • Family - The application family the used as filter criteria for the connection.
  • IP Protocol - The IP protocol used by the connection.
  • Source Zone - The zone from which the connection originated.
  • Destination Zone - The zone from which responding traffic originates.
  • Source Service Type - The service from which the connection originated.
  • Source Service Instance - The instance of the service from which the connection originated.
  • Source IP - The IP address from which the connection originated, input in dotted decimal notation with an optional subnet mask.
  • Source Port - The port or range of ports from which the connection originated. A single port or a range of ports using the “-“ character is accepted.
  • Destination Service Type - The service from which responding traffic originates.
  • Destination Service Instance - The instance of the service from which responding traffic originates.
  • Destination IP - The IP address of the responding device, input in dotted decimal notation with an optional subnet mask.
  • Destination Port - The port or range of ports used by the responding device. A single port or a range of ports using the “-“ character is accepted.

Filter Policies

Policies enable you to specify actions for traffic flows. Group of firewall filters are created using Firewall Policy Templates and can be applied to all sites in the network or only to specific sites.

You can view statistics report for all the filter policies and filter it using the following parameters.

  • Application object - The Application object used as a filter criteria in the firewall policy.
  • Application - The application used as a filter criteria in the firewall policy
  • Family - The application family used as filter criteria in the firewall policy.
  • IP Protocol - The IP protocol that the filter policy matches.
  • DSCP: The DSCP tag that the filter policy matches.
  • Filter Policy Action - The action taken by the policy when a packet matches the filter.
  • Source Service Type - The service from which the connection originated.
  • Source Service Name - The instance of the service from which the connection originated.
  • Source IP - The IP address from which the connection originated, input in dotted decimal notation with an optional subnet mask.
  • Source Port - The port or range of ports from which the connection originated. A single port or a range of ports using the “-“ character is accepted.
  • Destination Service Type - The service to which responding traffic is destined.
  • Destination Service Name - When applicable, the service to which responding traffic is destined.
  • Destination IP - The IP address of the responding device, input in dotted decimal notation with an optional subnet mask.
  • Destination Port - The port or range of ports used by the responding device. A single port or a range of ports using the “-“ character is accepted.
  • Source Zone - The origination zone matched by the filter policy.
  • Destination Zone - The responding zone matched by the filter policy.

NAT Policies

You can view the statistics of all the Network Address Translation (NAT) policies and filter the report using the following parameters.

  • IP Protocol - The IP protocol that the NAT policy matches.
  • NAT Type - The type of NAT in use by the NAT policy.
  • Dynamic NAT Type - The type of Dynamic NAT in use by the NAT policy.
  • Service Type - The service type used by the NAT policy.
  • Service Name - The instance of the service used by the NAT policy.
  • Inside IP - The inside IP address, input in dotted decimal notation with an optional subnet mask.
  • Inside Port- The inside port range used by the NAT policy. A single port or a range of ports using the “-“ character is accepted.
  • Outside IP - The outside IP address, input in dotted decimal notation with an optional subnet mask.
  • Outside Port - The outside port range used by the NAT policy. A single port or a range of ports using the “-“ character is accepted.

To view Firewall Statistics:

  1. Navigate to Monitoring > Firewall.
  2. In the Statistics field select, Connections, Filter Policies, or NAT Policies as required.
  3. Set the filtering criteria as require.

    localized image

  4. Click Refresh.
Viewing Firewall Statistics