ZyAgent manual
- Description
- Related Software
- System requirement
- Installation
- Removal
- Options
- Revision history
- License
- Bugs, Feedback, Requests
Description
ZyAgent is an free agent software for your PC to notify when UTM features is triggered on your Zywall It is totally passive , all actions done in regards to traffic is done by the Zywall. All ZyAgent does it receive messages and notify the user. When a IDP or Anti virus related message is received it will pop up with a balloon hint. The header will tell what service that has triggered the message and what action has been taken. "Intruder Detection - No Action", means IDP has triggered the message and packet was not touched. Next it shows the description supplied by the Zywall , by clicking this it will open a webpage with a description of the signature.Related Software
ZyAgentServer - TBDSystem requirement
- Windows - Only tested on XP so far (Reported to work on Ubuntu with Wine)
- 2 MB RAM
- 2 MB disk space
- Local UDP 514 Port need to available
- ZyWall with UTM Service enabled - Tested with Zywall 35 and 4.01 B4 firmware
- Webbrowser to show reports
- If you can use your PC this should be able to run
Installation
As of now there is no installer made for ZyAgent. Just place the downloaded file in your directory of choice.To setup the Zywall go to "LOGS/Log Settings", set "Syslog Server" to your local IP and check Active. ZyAgent will allow any "Log Facility".
Removal
There is no uninstaller made for ZyAgent.The ZyAgent does not add anything to the registry, with the exception of the startup shortcut, everything is contained in the install directory.If you have checked "start with windows" in options , uncheck this and it will delete the created shortcut. Then you can delete the installation folder.
Options
Category FilterThis option is used to limit what the ZyAgent reports to the user. The categories is the same as in the Zywall Log interface. To get more granular filtering use the Text Filter.
Reporting- Amount of log entries to save
The ZyAgent keep the log entries in the memory, this option tells how many to keep. When limit is reached it will start deleting the oldest ones.
- Reverse report direction (Zywall like)
When viewing the history , this tells how the entires is sorted , by time. Zywall default is newest on top. Zyagent default is newest on bottom.
- Bind to IP
By default ZyAgent will listen to port 514 on every IP on the PC. This option enables Zyagent to be limited to a single IP.
The drop box should contain all IP's on the system. - Limit sender to IP
To ensure the quality of the data , use this to make sure sender has right IP. By default ZyAgent will allow data from any IP.
The text filter can work in two ways , either as Exclude or Include filter. This setting is for all the filters. This works on top of the Category filter so it will only work on the traffic that comes through the category filter. Text filter is based on a single word or a phrase, each line will be seen as a filter "item". The filter will try to find the filter item in the message from the Zywall. To help the creation of new filters the "Last" button will input the last message from the Zywall as the match phrase. Note:Text filter need to be enabled
- Exclude
This will drop the item if it's matched ,so it will never be logged or shown.
- Include
This will only log and show the item if a filter item is matched.
- Check mark
This will enable or disable the filter.
- Start with Windows
This will create a shortcut to ZyAgent and place it in the Windows startup folder. This is added in the start up folder for the current user.
- Start active in try
When ZyAgent is started it will automatically start to listen and minimize to the system tray.
- Close to tray
When the "X" to close the ZyAgent is clicked it will minimize to tray rather then quit.
- Enable text filter
This turns on and off the text filter.
Revision history
1.1 - First public release1.0 - Beta only