Zyxel SecuReporter is a comprehensive cloud-based security and analytics service designed to provide detailed information about network activity and potential security threats. It is especially useful for network administrators and IT professionals. In this article, we will show you how to activate this service on APT, USG FLEX, and USG H Series devices (In our example, the configuration is performed using the USG FLEX500H series).
Note: At the end of this article you can read the GDPR requirements for SecuReporter.
How to activate and enable SecuReporter on the Firewall side
- If the SecuReporter Service Status does not display Activated, you have to log in to NCC and activate the SecuReporter license for this Zyxel Device. The Zyxel Device must be able to communicate with the NCC server.
- After the SecuReporter license is activated, go back to the Log & Report > SecuReporter screen, and select the categories of logs that you want this Zyxel Device to send to the SecuReporter portal.
- Slide the switch to the right under General Settings to enable SecuReporter. Do not go to the SecuReporter portal until after you have enabled SecuReporter on this Zyxel Device and applied the settings. You can also see license status, type, and expiration date.
- Click Apply and wait.
- Enable "Collect Statistics" in all of the "Security Services"
- Check that your time zone settings are correct!
System > Settings > Date/Time
Note: If you are unable to use SecuReporter because your device keeps getting an error like this:
[SecuReporter] Upload failed
[SecuReporter] Upload failed
Server response:400/40003/The request is expired
Solution: Please change the time setting to "Auto".
Time: Auto Sync
Timezone: Auto Sync
Note: Device Insight in the gateway configuration must be enabled, otherwise, SecuReporter will not show information related to MAC addresses. Enable this feature to collect the status and basic information of the clients connected to the Zyxel Device. USG FLEX H Series [Firewall] - Device Insight
Add Nebula organization to the SecuReporter portal
- Log in to the SecuReporter portal
Go to More > Organization & Devices
- Click "Add Organization" to create an organization
- Enter a name for this organization
- Click "Add"
After setting up the device name and data protection policy, the configuration is done. You can find your device in the MAP section and you can start to analyze your traffic.
GDPR
The General Data Protection Regulation is a European Union law that was implemented on May 25, 2018, and requires organizations to safeguard personal data and uphold the privacy rights of anyone in EU territory. The regulation includes seven principles of data protection that must be implemented and eight privacy rights that must be facilitated. It also empowers member state-level data protection authorities to enforce the GDPR with sanctions and fines. The GDPR replaced the 1995 Data Protection Directive, which created a country-by-country patchwork of data protection laws. The GDPR, passed in the European Parliament by an overwhelming majority, unifies the EU under a single data protection regime. Any organization that processes the personal data of people in the EU must comply with the GDPR. “Processing” is a broad term that covers just about anything you can do with data: collection, storage, transmission, analysis, etc. “Personal data” is any information that relates to a person, such as names, email addresses, IP addresses, eye color, political affiliation, and so on. Even if an organization is not connected to the EU itself, if it processes the personal data of people in the EU (via tracking on its website, for instance), it must comply. The GDPR is also not limited to for-profit companies. In the attached document we will explain how Secureporter is GDRP conform and how customers have to act on customers GDPR requests (delete or anonymize data).