Athena SWG (Secure Web Gateway)

Athena SWG (formerly Internet Access Gateway) ensures visibility and control across the network, detecting risks like unauthorized access, non-compliant activities, and data leaks to manage endpoints.
{{ $t('productDocDetail.guideClickSwitch') }}
{{ $t('productDocDetail.know') }}
{{ $t('productDocDetail.dontRemind') }}
13.0.120
Athena SWG (Secure Web Gateway) {{ breadTitle }} User Manual Functions System General Alert Options
{{sendMatomoQuery("Athena SWG (Secure Web Gateway)","Alert Options")}}

Alert Options

{{ $t('productDocDetail.updateTime') }}: 2025-12-29

On the Alert Options page, you can configure the device to alert the administrator by mail in any of the following cases:[A294]

Inside Dos attack is detected

ARP spoofing attack is detected

High Availability event

Mobile endpoint related alert

Botnet is detected

Virus is detected

Malicious URL is detected

Sensitive keyword is detected

External device control

ICAP inspection

Disk error

Throughput exceeds threshold

Report Center related error

CPU usage exceeds threshold

Memory usage exceeds threshold

Give alert when MAC address is excluded automatically

License expires or is about to expire

Key business disconnectivity

Network issue

Simultaneous upgrade error

Internet Access Alert

Select Enable Email Alert to enable the event alarm function for the device. In Event, select alarm events based on the actual situation.

Click Throughput exceeds threshold to set throughput exceeds threshold alarms. You can set the duration and alarm threshold of the outbound, inbound, and total traffic. When you set Period (minute) to 5 and Maximum (Kbps) to 100, an alarm will be reported if the traffic exceeds 100 kbps for 5 minutes. When both parameters are set to 0, no alarm will be reported. Click OK for the settings to take effect. See the following figure.

Click CPU usage exceeds threshold to set the CPU usage exceeds threshold alarm. You can set the duration and alarm threshold. When you set Period (minute) to 5 and Threshold (%) to 90, an alarm will be reported if the CPU usage exceeds 90% for 5 minutes. When both parameters are set to 0, or CPU usage exceeds threshold is not selected, no alarm will be reported. Click Commit for the settings to take effect. See the following figure.

Click Memory usage exceeds threshold to set the memory usage exceeds the threshold. You can set the duration and alarm threshold. When you set Period (minute) to 5 and Threshold (%) to 90, an alarm will be reported if the memory usage exceeds 90% for 5 minutes. When both parameters are set to 0 or Memory usage exceeds threshold is not selected, no alarm will be reported. Click Commit for the settings to take effect. See the following figure.

Click Key business disconnectivity [LCH295][A296]to set the key service inspection alarm. Use a regular ping packet to detect whether the service is normal. In addition, inspection frequency, number of inspection packets, and target hosts to be inspected can be set.

When the device is in the deployment mode of active-standby mode, upon update demand, click ACyber Commandpanied Update Alarm. When the aCyber Commandpanying update fails, alarms will be sent.

Probe Interval (mins): Each inspection interval for the destination IP address to be inspected.

Packets per Probe: the packet number in each round of inspection for a destination IP address. If the ping packets are lost by 100% in a round of inspection, it is considered that the host cannot be normally accessed.

Target Hosts: Enter the target hosts to be inspected with an IP address or domain name in a row (ipv4, ipv6, and domain name are supported). IP segment and subnet are not supported.

A maximum of 64 target hosts can be entered.

Email Alert

Email Delivery Option: By default, email delivery uses global settings.

If it is required to set different recipient addresses and delivery intervals, set the option. See the picture below:

Alarm Email Delivery: set the recipient address and delivery interval of the attack alarm email. Details of other alarms will not be stated here. See the picture below:

Select Use global settings to use the global settings in the SMTP server.

In specified way: You can customize the delivery's recipient, subject, and interval.

Subject: Customize the subject of the alarm email. Enter any text that is easy to recognize, but be sure not to enter special characters.

Interval: Set the interval of delivering the alarm email.

SMTP server:  Set the mail server for sending alarm emails and the recipient addresses, etc.

In Email Delivery, specify the recipient address, alarm mail subject, and interval for sending alarm notification emails.

Recipient: Specifies the mailbox for receiving the alarm notification email.

Subject: Specifies the title of an alarm notification mail. You can enter any text.

Interval: Specifies the interval for sending alarm notification emails. Click Send Testing Email to send a test mail.

For Notification Options, please refer to section 3.11.5.10.14 for the configuration.

Syslog Alarm

Click Syslog Server Settings to go to System > General > Advanced and configure the external Syslog server.

SNMP Trap

Click SNMP Trap Settings to go to System > General > Advanced > SNMP, and enable SNMP Trap functions to connect to the SNMP server.