Firewall Log Analysis and Management

Toll Free US: +1 888 720 9500 | Intl: +1 925 924 9500
+1 800 443 6694 (alternative number)
Australia: +1 800 631 268

Enterprise Management & Security Products
Active Directory Management Active Directory Auditing Application Monitoring Asset Management Bandwidth Monitoring & Traffic Analysis Customer Support Software Desktop Management EventLog Analyzer Facilities Management Firewall Analyzer Free SNMP MIBBrowser Tool Free Active Directory Tools Free Windows Tools Help Desk Software IP Address Management (IPAM) Software Load Testing	MSP Platform MSP Help Desk Software Network Configuration Management Network Monitoring Software Network and Application Performance Management Network Security Scanner with Patch Management OS Deployment Password Management Self-Service Password Management Storage Management Software VoIP Monitoring WiFi Manager Website Monitoring (SaaS)

Firewall Analyzer

Firewall Log Analysis Software

	Interface Bandwidth Monitoring
	Alerts on Mobile Phone
	Rebranding Web Client

more...

Massively Scalable, Geographically Distributed

Firewall Analyzer 6
Distributed Edition

Solutions for: IT Managers | Network Administrator

Firewall Log Compliance Audits

Historical Trend Analysis

Firewall Log Analysis and Management

The Need for Comprehensive Firewall Log Analyzer Application

Firewall logs reveal a lot of information about the security threat attempts at the periphery of the network and on the nature of traffic coming in and going out of the firewall. The analyzed firewall log information, provides real-time information to the Administrators on the security threat attempts and so that they can swiftly initiate remediation action. It allows you to plan your bandwidth requirement based on the bandwidth usage across the firewalls. Analyzing firewall security logs plays an important role in business risk assessment. Analyzing firewall traffic logs is vital to understand network and bandwidth usage. Firewall Analyzer, a firewall log analyzer application, offers many features that help in collecting, analyzing and reporting on firewall logs.

Firewall Analyzer supports:

Automatic Firewall Detection

Simply configure your firewall to export logs to Firewall Analyzer. Firewalls are then automatically detected and reports are generated instantly. For all firewalls that support exporting logs in WELF format, this is the best configuration option.

Firewall Log Import

In the case of Squid proxy servers, and firewalls that do not export logs in an acceptable format, you can import firewall log or proxy log files directly in to Firewall Analyzer and generate reports for the same.

Firewall Log Archiving

Logs received from firewalls, squid proxy servers, and Radius servers, are archived at specific intervals. You can load these log archives into the database at any time, and generate reports for specific activity. However, log archiving takes up disk space, so you can disable this option at any time.

Specific Check Point Settings

Firewall Analyzer lets you add LEA servers to establish connections and retrieve logs from Check Point firewalls. You can add as many LEA servers as needed, and set up authenticated or unauthenticated connections to retrieve firewall logs.

Embedded Syslog Server

Firewall Analyzer comes pre-bundled with a syslog server that listens for exported firewall logs at the defined listener ports. You can add more listener ports to this syslog server, in order to collect logs from different firewalls. The syslog server is a part of Firewall Analyzer and does not require a separate installation.

Exporting and Importing Report and Alert Profiles

Firewall Analyzer provides an easy way of saving the report and alert profiles. You can export the profiles and save it. You can import the profiles to get the profiles back. This will come handy in case of exigencies like when you are moving the server to a different machine etc. You can also save the exported profiles file.

Firewall Log Compliance Audits

Historical Trend Analysis

Next Steps

Product Info

Features

Forums

View All Forums

Partners

Product List
Active Directory Management Active Directory Auditing Application Monitoring Asset Management Bandwidth Monitoring & Traffic Analysis Customer Support Software Desktop Management EventLog Analyzer	Facilities Management Firewall Analyzer Free SNMP MIBBrowser Tool Free Active Directory Tools Free Windows Tools Help Desk Software IP Address Management (IPAM) Software Load Testing	MSP Platform MSP Help Desk Software Network Configuration Management Network Monitoring Software Network and Application Performance Management Network Security Scanner with Patch Management	OS Deployment Password Management Self-Service Password Management Storage Management Software VoIP Monitoring WiFi Manager Website Monitoring (SaaS)

Network Information for the IT Manager

Traffic and Security of Enterprise Network - Snapshot View

As a CIO/CSO/IT Manager of an enterprise, you would like to apprise yourself of the traffic usage and security threatening activities of the enterprises network.

Firewall Analyzer addresses your requirements. It provides a snapshot view of the network traffic and security events of your network in the form of a dashboard. The dashboard displays the graphical overview and statistical snapshot of the total network traffic distributed among the protocols and security events distributed among various categories.

Network Traffic

For the network traffic, it addresses a critical question like who, when, and where, i.e., who (which host) is using your traffic, when (what time) the traffic was used, and where (which destination) the traffic was directed to. It provides trend of Internet traffic across the perimeter security devices.

Network Security

For the network security, you can view the latest security events received (formatted or raw SysLogs) from a particular device. You can get alerted for any of these security events and pinpoint the exact event by drilling down the reports or searching.

It provides valuable information about usage of Firewall rules. It segregates the unused rules of the Firewall and lets you to manage the rules to optimize the Firewall performance.

There are slew of pre-built reports available in Firewall Analyzer. Firewall Analyzer allows you to create the management reports, for you to peruse.

Network Information for the Security / Network Administrator

Traffic and Security Analysis of Enterprise Network

As a Security/Network Administrator of your enterprise, you would like to constantly monitor the traffic usage and security threatening activities of the enterprises network.

You get a graphical overview and statistical snapshot of the total network traffic distributed among the protocols and security events distributed among various categories, in the dashboard.

There are slew of pre-built reports available in Firewall Analyzer. You have the quick traffic reports. From the quick reports you can find out the traffic usage by

top hosts who initiated the traffic
top destinations who received the traffic
top protocols used for communication
top requests received by the URL
top conversations between host and destination
top Firewall rules used, top VPN users
top hosts from where the attacks originated

From the quick reports you can find out the security incidents by

top attacks
top viruses
top denied events
top security events
top failed log-ons

This gives a comprehensive yet concise view of traffic usage and security events.

You can always drill down to any level of details (unto raw log level) you want. It allows you to create the network reports to be submitted to the management on daily basis.

You can search from heap of raw logs for forensic analysis and network audit. You can load and search the archived logs. The search results can be used to generate reports.

You can gather valuable information about usage of Firewall rules. You can modify or remove the unused rules.

You can get alerts triggered for anomaly and threshold conditions. You can administer the alerts (a bare bone trouble ticketing utitlity).

	Edit Reseller