Firewall Analyzer Enterprise edition
  • Highly scalable: Scale smoothly upto 1200 security devices
  • Distributed monitoring: Monitor multiple devices spread across the world

Enterprise Firewall Management

In the era of globalization, more and more enterprises are making their presence across countries. Obviously, the offices, branches, factories, work places are spread across the globe. In this scenario, IT management related activities get fairly complex. IT/Network security for the distributed environment is not going to be an easy task.

Thus large enterprises need a solution capable of supporting a Enterprise Firewall Architecture. Managed Security Service Providers (MSSP) are also in need of a scalable, distributed solution along with secured and exclusive segmented views for their clients. MSSPs require a solution which can be deployed to take care of a block of geographical area.
 

Multi-national enterprises and MSSPs look out for a solution with following features:

  • Centralized monitoring
  • Truly scalable to meet the number of devices required to be monitored
  • Deployed in different geographical locations

Firewall Analyzer addresses this network security need for both large enterprises and MSSPs with its distributed monitoring firewall capabilities. Firewall Analyzer’s Enterprise edition acts as a comprehensive enterprise firewall management software. This enterprise firewall monitoring tool can scale up to monitor hundreds of devices, deployed at locations across the globe. To cater for the MSSPs, it offers customizable dashboards and user specific views.

Firewall Analyzer Enterprise edition is scalable and deployable in distributed model. It offers centralized monitoring of all distributed locations in a single console. It provides exclusive segmented secured for different users.

Benefits of using Firewall Analyzer distributed monitoring:

Scalable Solution for Global Enterprises

Addresses the demanding scalability needs of Worldwide Enterprise and MSSPs. Scales smoothly up to 1200 security devices.

Distributed Around the Globe

Distributed architecture of the enterprise edition empowers to monitor devices in locations spread across the world.

Unified Console

With the unified console, you can monitor all the Firewall Analyzer Probe Servers deployed across the globe and the security devices monitored by the Probe Servers. Qualifies as a good candidate for Security Operations Center (SOC).

Customizable Dashboard

The Dashboard is customizable to enable role based views for different users. This customizability is much sought after feature of the Managed Security Service Providers (MSSP).

Scarcely Used Bandwidth for Inter-Server Communication

No frills and sleek communication between Probes and Central Server ensures that the bandwidth usage is kept minimal.

Secured Inter-Server Communication using HTTPS

32 Bit and 64 Bit Installables available for both Windows and Linux

No restriction, Full feature set, Free evaluation for 30 days

Firewall Analyzer - Salient Features

 

How to Deploy - Firewall Analyzer - Enterprise edition

Firewall Analyzer Enterprise edition can be deployed using the steps given below:

  • Install and start the Central Server first.
  • Install and start the Probe Server next.

After successfully installing and starting the Central Server and Probe  Server(s), you can view all required reports for each Probe Server from Central Server Console. 

Install Central Server

  • Download Firewall Analyzer Enterprise edition (ManageEngine_FirewallAnalyzer_DE_64bit.exe or ManageEngine_FirewallAnalyzer_DE.exe)
  • After accepting the licensing terms, select the mode as Central Server.
  • Configure the proxy server details, in case Central Server is behind a proxy server the details are required to contact the Probe Server(s).

Once installed, start the Central Server.

Install Probe Server
Note:
Before proceeding with installation of Probe Server(s), ensure that Central Server is installed, running and can be reached from the machine, in which Probe Server is to be installed.

  • Download Firewall Analyzer Enterprise edition (ManageEngine_FirewallAnalyzer_DE_64bit.exe or ManageEngine_FirewallAnalyzer_DE.exe)
  • After accepting the licensing terms, select the mode as Probe Server.
  • Configure the Central Server Details such as, host name, port, and protocol.
  • In case Probe Server is behind a proxy server, enable the 'Use Proxy Server to contact Central Server' check box and configure the proxy server details which is required to connect to the Central Server.
  • Configure the Probe Server Details. Enter the HostName/IP/Nat IP address of the Probe Server, for Central Server to connect. 

Once installed, start the Probe server and configure the firewalls to send logs to the Probe Server.

 

Frequently Asked Question

Firewall Analyzer - Enterprise edition

General

  1. Who should go for Firewall Analyzer - distributed setup (Enterprise edition)?

We recommend distributed setup (Enterprise edition):

  • If your's is a large enterprise, which have hundreds of security devices (like Firewalls, IPS, IDS), VPN devices and proxy devices to manage across different geographical locations.
  • If you are a Managed Security Service Provide (MSSP), having a large customer base spread across geographical locations.
  1. How many Probe Servers can a single Central Server manage?

One Central Server is designed to manage 50 Probe Servers. However, we have carried out simulated testing in our laboratory, which effortlessly managed 20 Probe Servers.

  1. During installation of Central Server, I am prompted for Proxy Server details? When should I configure it?

You need to configure the proxy server details during Central Server installation, if the Central Server needs to pass through Proxy Server to contact Probe Servers.

  1. Can I convert the existing "Standalone" Firewall Analyzer installation to a "Enterprise Setup"?

Yes, you can. Ensure that the existing installation of Firewall Analyzer build is 12300 or later. To convert, you  need download the Firewall Analyzer exe/bin of same version as the existing installation and install as Central Server. Then you need to convert the existing installation of Firewall Analyzer Standalone Server to Probe Server. We recommend to upgarde to the latest version before the conversion. Refer the procedure in the below help link:
Procedure to convert existing Professional Edition Firewall Analyzer installation to Enterprise Edition Probe Server

  1. I have deleted the Probe Server from Central Server. How do I re-add?

Once you have deleted the Probe Server, to re-add follow the procedure given below:

  • Reinitialize the Probe Server.
  • Re-register the Probe Server with Central Server by executing the <Firewall Analyzer Home>\troubleshooting\registerWithAdminServer.bat/sh file.
  • Restart the Probe Server.
  1. Where the collected logs are stored, whether in Probe Server database or in both Probe Server and Central Server databases?

All the logs collected by the Probe Server are stored in the Probe Server database only. For archiving, there is a provision to forward the logs to the Central Server, but not for storing in the Central Server database.

 
Secured Communication Mode (HTTPS)

  1. What is the mode of communication between Central Server and Probe Server?

By default, the mode of communication is through HTTP. There is also an option to convert it to secured mode of communication HTTPS. Refer the procedure in the below help link, to setup secure communication mode between Central and Probe Server.

  1. I have changed the Probe Server communication mode to HTTPS, after installation. How to update this info in Central server?

Click on Settings tab > Probe Settings link in Central Server UI and click on the Edit icon of specific Probe and select the appropriate protocol and configure the web server port details.


Licensing

  1. What are the "Licensing Terms" for Firewall Analyzer Enterprise edition?

Firewall Analyzer Enterprise edition license will be applied in Central Server. The number of devices for which the license is purchased, is utilized among the registered Probe Servers. You can keep adding the devices in various Probe Servers till the total number of licenses purchased get exhausted. View the number of devices managed by each Probe Server in the Probe Settings page.

If the number of devices being collectively managed by all the registered Probe Servers, exceed the number of License purchased, a warning message appears in the Central Server. In that scenario, you have various options.

  • Purchase license to manage the additional devices.
  • Otherwise, check the number of devices being managed by each Probe Server in the Probe Settings page in the Central Server.
    • Go to the Central Server License Management page and manually manage the licenses. Unmanage the lesser required devices and make the managed devices count equal to the number of licenses.
    • You can also remove a registered Probe Server in the Central Server to make the managed devices count equal to the number of licenses.
  1. In Probe Server there no is option to apply the license? How the license get applied in the Probe Server?

Yes, there is no option to apply the license in Probe Server. The license applied in Central Server will be automatically propagated to all Probe Servers.

  1. "License Restricted" alert is showing in Central Server, even though I have unmanaged additional devices in Probe Server. Why?

The managed/unmanaged status of devices in Probe Server are synchronized with Central Server during the data collection cycle, which happens at an interval of 5 minutes.
 

 

A single platter for comprehensive Network Security Device Management