Cisco ASA log management
EventLog Analyzer provides out-of-the-box reports and alerts for the Cisco Adaptive Security Appliance (ASA). The Cisco ASA provides the capabilities of several security devices, including a firewall, anti-malware, an intrusion prevention system (IPS), and a virtual private network (VPN) device. Collecting and analyzing information from all your Cisco ASAs in one central location can boost your network security game.
Track VPN access to your network
In today's increasingly dynamic workplace, users often connect to their company's network remotely using a VPN. If you're using a Cisco ASA to host a VPN, you can use EventLog Analyzer to track all accesses to your VPN. EventLog Analyzer's predefined reports display all successful and failed VPN logon attempts, as well as those users who are locked out due to multiple failed VPN logon attempts. EventLog Analyzer also categorizes the information by the user and remote device used, and provides a trend report.
VPN Logons | Failed VPN Logons | VPN Lockouts | VPN Unlocks | Top Logon based on users | Top logons based on Remote devices | Top Failed VPN Logonss based on User | Top Failed VPN Logons based on Remote Device | Top VPN Lockouts based on User | VPN logon trend reports | Failed VPN Logons Trend
Monitor privileged user activity
It is important to monitor administrator activity on security devices like the Cisco ASA, as these devices enforce policies and keep your network secure. A breached account or malicious administrator could spell disaster for your organization. EventLog Analyzer provides reports to track all Cisco ASA logons. These are classified by user, remote device, and port. Reports are also provided to track activity on your Cisco ASA, such as changes to user accounts and group policies.
Logons | Failed Logons | Top Successful logons based on user | Top logons based on remote devices | Top logons based on ports | Top failed logons based on users | Top failed logons based on remote devices | Top failed logons based on ports | Logon Trend | Failed logon trend | Added users | Deleted users | Added Group policies | Deleted group policies | Changed user privilege levels | Executed commands
Analyze network traffic
Analyzing patterns in network traffic is highly useful in understanding your network. You can use network data to gauge the performance of your existing policies and make changes if necessary. EventLog Analyzer's reports list out all the allowed and denied connections that pass through your Cisco ASAs. The reports can also be categorized by source, destination, port, and protocol.
Allowed Firewall Traffic | Top Firewall Traffic based on Source | Top Firewall Traffic based on Destination | Top Firewall Traffic based on Protocol | Top Firewall Traffic based on Port | Firewall Denied Connections | Top Firewall Denied Connections based on Source | Top Firewall Denied Connections on Device | Top Firewall Denied Connections based on Protocol | Top Firewall Denied Connections based on Port | Denied Connections Trend
Secure your network from attacks
The Cisco ASA is capable of identifying and blocking several common network attacks, leaving administrators with a wealth of threat data. With that being said, you should review your Cisco ASA's security data on a regular basis to identify threats to your network. EventLog Analyzer makes this task easy with its Cisco ASA security reports, detailing several attack types, providing overviews and trends, and identifying the top sources and targets of the various attack attempts.
Syn Flood Attack | Routing Table Attack | Attack Reports | Top Attacks | Top Attackers | Top Attacked Device | Top Interface | Attacks Trend