Gaining Internet activity insights and keeping abreast about security events is a challenging task as the security appliance generates a huge quantity of security and traffic logs. With a package of features, Firewall Analyzer's reporting capability for WatchGuard firewall appliance fit like a glove enabling you to strengthen the network security. Watchguard Firewall Analyzer lets you to collect, archive, analyze WatchGuard firewall logs and generate security and forensic reports.
With Watchguard Firewall Analyzer, you can access pre-defined reports that help in analyzing Watchguard bandwidth usage reports and understanding security and network activities. These reports helps you to study the security vulnerability with top denied hosts, blocked URL hits, attacks, targets, virus, affected hosts, spam, receiving hosts.
Trend reports in Firewall Analyzer trace patterns in network behavior and bandwidth usage over time. Analysis of trend reports gives better insight into the nature of web site traffic or network traffic, and helps you make decisions on WatchGuard bandwidth management, capacity planning, business risk assessment, traffic shaping, and network security posture.
VPN trend reports show trends in the number of VPN connections accessed through the WatchGuard firewall on a historical and current basis. VPN trends are especially useful in troubleshooting VPN connections, and identifying security risks.
Firewall Change Management report keeps track of all changes in Watchguard Firewall configuration from time to time. It fetches Firewall device configuration using SSH / TFTP protocols.
Firewall Analyzer's data repository keeps a record of every change to the firewall, including who made it, what was modified, and when it was done. Track who changed what with an easy-to-use interface that shows you what you need to see in a line-by-line format.
Search and report instantly on implementation details for any change happened. This report includes information on who implemented the change, when it was implemented, and on which firewall.
Firewall Analyzer for WatchGuard monitors the device and captures all changes, planned or unplanned, and alerts the right people. Notifications can be sent to team members in easy-to-read emails, or to other monitoring systems via syslog.
With Firewall Analyzer for WatchGuard, you can ensure that all the configurations and subsequent changes made in the WatchGuard Firewall device are captured periodically and stored in the database. The configuration data is used to generate various reports. With Firewall Analyzer's Configuration Change Management for WatchGuard firewall Appliance you can find out 'who' made 'what' changes, 'when' and 'why'. Not only that, it alerts you in real-time on your mobile phone when changes happen.
Firewall Analyzer provides you a unique way to monitor the Internet traffic of the network in near real-time. Firewall traffic data is collected and analyzed to get granular details about the traffic across each firewall. There is no requirement for any probes or collection agents to get these details on the traffic.
Firewall Analyzer measures network traffic based on the analysis of logs received from different network firewalls. Firewall logs are collected, archived, and analyzed to get granular details about traffic across WatchGuard firewall devices.
Firewall Analyzer acts as a Watchguard Bandwidth Monitor and hence you can maximize the business usage of Internet bandwidth using employee Internet monitoring. You can fine-tune the Firewall policies to block or restrict bandwidth guzzling web sites and in turn effectively control the employee Internet usage. This will ensure that the bandwidth is available for smooth functioning of the business."
Apart from exhaustive firewall reports with respect to network security, Firewall Analyzer offers comprehensive alarms and their notifications.
Alarms can be generated for an anomalous security criteria, bandwidth values, and any normal criteria of security interest.
Alarms can be notified via email and SMS. It can trigger a script to achieve various threat mitigation activities. Alarms are also displayed in the UI screen.
|Company||Firewall/Version||WELF Certified||Other Log Format|
All Firebox Models v5.x, 6.x, 7.x, 8.x, 10.x, 11 or higher
Firebox X series, x550e, x10e, x1000, x750e or later
XTM version 11.9
For detailed steps about how to configure Firewall Anlayzer with WatchGuard's firewall appliance you can refer this link here