Configuring Firewalls
Firewall Analyzer listens at the default ports for exported log files. The following is a list of firewalls and versions for which configuration instructions are included. Click the firewall name to see the corresponding configuration instructions. | Firewall Name | Version Numbers |
|---|
| Check Point | Log import from most versions and LEA support for R54 and above | | NetScreen | Most version | | Cisco Systems | Cisco Pix Secure Firewall v 6.x, 7.x, Cisco ASA, Cisco IOS 3005, 1900, 2911, 3925, Cisco FWSM, Cisco VPN Concentrator, Cisco CSC-SSM Module 6.3.x,
Cisco SSL WebVPN or SVC VPN, Cisco IronPort Proxy, Cisco Botnet module | | Microsoft ISA | (Firewall, Web Proxy, Packet Filter, Server 2006 VPN)
Server 2000 and 2004, W3C log format Threat Management Gateway (TMG) | | CyberGuard | CyberGuard Firewall v4.1, 4.2, 4.3, 5.1 | | Cyberoam | Cyberoam Firewall Version: 9.5.4 | | FortiNet | FortiGate family, Webfilter, DLP, IPS modules, and IPSec, SSL VPN - v300A, v310B, FortiOS 5.x VPN | | WatchGuard | All Firebox Models v 5.x, 6,x, 7.x, 8.x, 10.x, 11, Firebox X series, x550e, x10e, x1000, x750e | | Snort | Most versions | | Secure Computing Sidewinder | Sidewinder G2, FIrewall Enterprise - Sidewinder (S4016) | | SonicWALL | SOHO3, SOHO TZW, TELE3 SP/TELE3 Spi, PRO 230, 2040, 3060, 4060, 5060, TZ 100/ TZ 100w, TZ 170, TZ 170 Wireless, TZ 170 SP Wireless, TZ 200/ TZ 200w, TZ 210/ TZ 210w, NSA 240, NSA 2400, NSA 2400MX, NSA 3500, NSA 4500, NSA 5000, NSA E5500, NSA E6500, NSA E7500, NSA E8500, NSA E8510, Management, Application control & SSL-VPN logs | | Juniper Networks | SRX100, SRX210, SRX220, SRX240, SRX650, SRX1400, SRX3400, SRX3600, SRX5600, SRX5800
NetScreen most versions of Web Filter & Spam Modules
4500 & 6500, New Format Logs
2000
| | 3Com | 3Com X-family Version 3.0.0.2090 or later | | IPCop | IPCop Firewall Version 1.4.17 / 1.4.18 | | Stonesoft | Firewall version 5.5 | | Palo Alto | Palo Alto Firewalls PA 5000 series, PANOS 4.1.0 |
| If the Firewall device logs contains the time zone information, Firewall Analyzer processes it and normalizes it to time zone of Firewall Analyzer Server |
|
