SonicWall firewall user auditing and management
Continuous logon failures within a very short period of time indicate a possible brute force attack on the network. Identifying multiple logon failures by keeping tabs on user logon activities can help shield your network from such malicious attacks. Likewise, monitoring user account activities, such as adding, deleting, or changing user privilege levels, helps track peculiar firewall account changes.
EventLog Analyzer presents all user logon and account activities in simple, predefined reports with in-depth information. Administrators can create alert profiles to instantly receive notifications about changes of any type.
Firewall logon reports:
These out-of-the-box reports monitor all successful and failed user logon attempts. Logon reports are categorized by users and source. Reports on successful and failed logons trends are also available.
Successful Logons | Failed Logons | Top Successful Logons from Source | Top Successful Logons by Users | Top Failed Logons from Source | Top Failed Logons by Users | Successful Logons Trends | Failed Logons Trends
Firewall account management reports:
These reports represent all user-based information, such as new and deleted users and changes in user privilege levels. Account management reports help administrators conduct audit trials of firewall users and their activities.
Users Added | Users Deleted | Users Modified | Users Disabled | Users Enabled | User Privilege Changed