Firewall Configuration & Log Management
  • Firewall Analyzer 12.0 - ManageEngine Firewall Analyzer
  • Network Security Devices - ManageEngine Firewall Analyzer
  • Firewall Change Management - ManageEngine Firewall Analyzer
  • Analyze Internet User Activity in your Enterprise - ManageEngine Firewall Analyzer
  • Firewall Security Management - ManageEngine Firewall Analyzer

Log analytics and configuration management software for network security devices

Product Overview Video

ManageEngine Firewall Analyzer is an agent less log analytics and configuration management software that helps network administrators to centrally collect, archive, analyze their security device logs and generate forensic reports out of it.

Real-time event response system and Integrated Compliance Management module of Firewall Analyzer automates your end point security monitoring, network bandwidth monitoring and security & compliance auditing. Firewall Analyzer eases your Device Configuration Management by providing out-of-the-box reports and alerts for configuration changes. Firewall Analyzer is vendor-agnostic and supports almost all open source and commercial network firewalls like Check Point, Cisco, Juniper, Fortinet, Snort, Squid Project, SonicWALL, Palo Alto and more, IDS/IPS, VPNs, Proxies and other related security devices

Unlock the Real Value of Your Network Security Devices

  • Automate compliance audits with out-of-the-box reports for Regulatory Mandates such as PCI-DSS, ISO 27001, SANS, NERC-CIP, NIST and SANS
  • Get your firewall security validated with security audit and device configuration analysis reports
  • Monitoring internet usage (overuse or misuse) of employees in your organization
  • Get real-time notifications when a user tries to access restricted sites
  • Monitor network traffic and get instant notifications upon sudden spikes in bandwidth
  • Analyze which user,protocol group or network activity is consuming more bandwidth with interface-wise live bandwidth usage reports
  • Get detailed information on all possible network attacks and security breaches in your network
  • Know which viruses are active on the network, the hosts that are affected and more
  • Find out the anomalies in the firewall policies and rectify them to improve the firewall performance
  • Identify the highly used rules, which can be optimized to enhance the network security
  • Identify the unused rules and modify/remove them to improve your firewall performance
  • Obtain active VPN users, user-specific & user group specific VPN usage, sessions, and bandwidth consumed
  • Monitor the outgoing traffic through the proxy, obtain details on users generating traffic, websites accessed and bandwidth consumed
  • Search the logs and pinpoint the exact log entry which indicates the cause of the security event in minutes
  • Find the data quickly and repetitively using advanced log search & generate reports based on search results
  • Centrally collect,analyze and archive logs from all your security devices such as Microsoft ISA, NetScreen, SonicWALL, WatchGuard, Squid Proxy and more
  • Extract the security and bandwidth information from flow data like IPFIX with extensions and Cisco

All Features

Why Choose Firewall Analyzer

Unlock the real value of your security devices

  • Supports an extensive array of perimeter security device logs which include firewalls, VPNs, IDS/IPS and proxy servers
  • Provides a wide range of reports for external threat monitoring, change management and regulatory compliance

Attractive TCO and rapid ROI

  • No additional hardware required, minimal entry cost and maintenance inclusive subscription model ensures a low TCO
  • Competitively priced. Quick deployment, instant results, reduced IT overhead ensures rapid ROI

Meet dynamic business needs quickly

  • Rapidly transforms perimeter security device logs into actionable information
  • Generates reports in user friendly formats like PDF and CSV formats

Productivity improvement for IT / MSSP

  • From product deployment to report generation in minutes!
  • Real-time alerts to security events enable IT to respond instantaneously to security threats

Feature Comparison between Editions

5 Ways you can Strengthen and secure your network infrastructure with Firewall Analyzer

Learn how

Firewall Analyzer is available in 2 Editions

  • Supports up to 60 Devices
  • Multi-vendor security devices support
  • Off-the-shelf monitoring for virtual firewalls
  • Proxy servers, & VPN devices
  • Security & bandwidth alerts & reports
  • Employee internet activity reports
  • Web-application usage reports
  • Firewall security audit reports
  • Configuration change management
  • Firewall rules management
  • Firewall connection diagnosis
  • Advanced alert management
  • AD & RADIUS user authentication
  • Supports up to 1200 Devices
  • All features of Premium Edition +
  • Scalable architecture
  • Monitors multi-geographical locations
  • Distributed central-collector architecture
  • Site specific reports
  • Web-client Rebranding
  • Client & user specific views

Firewall Analyzer Supported Devices

Company Firewall/Version WELF Certified Other Log Format
Fortinet FortiGate family , SSL VPN (v300A, v310B or later)
Webfilter, DLP, IPS modules, IPSec and VDOMs supported.
Available Available
Cisco Systems Cisco Pix Secure Firewall v 6.x, 7.x,
Cisco ASA
- Virtual Contexts supported
Cisco IOS 3005, 1900, 2911, 3925
Cisco FWSM - Virtual Contexts supported
Cisco VPN Concentrator
Cisco CSC-SSM Module v6.3.x or higher
Cisco IronPort Proxy
Cisco Botnet module
Cisco Meraki
Cisco Systems Cisco SourceFire Available  
pfSense PfSense 2.2   Available
Cyberoam Cyberoam Firewall version: 9.5.4 or higher   Available

All Firebox Models v5.x, 6.x, 7.x, 8.x, 10.x, 11 or higher
Firebox X series, x550e, x10e, x1000, x750e or later

XTM version 11.9

Available Available
Securepoint Securepoint UTM Firewalls   Available
Check Point Log import from all versions and
LEA support for R54 and above

VSX Firewalls - Virtual Edition supported
Juniper Networks Juniper SRX series

SRX100, SRX210, SRX220, SRX240, SRX650, SRX1400, SRX3400, SRX3600, SRX5600, SRX5800

SRX - Security and Application logs, VDOM support

NetScreen series

NetScreen most versions of Web Filter & Spam Modules

IDP, SSL VPN series

4500 & 6500, New Format Logs

ISG series


6360, 8350 series

Available Available
3Com 3Com X-family Version or later
Earlier versions will work to a lesser extent
Anchiva Secure Gateway Series 200, 500, 800, 1000, 2000 or higher   Available
Applied Identity Identiforce   Available
ARKOON Network Security ARKOON 2.20 or higher Available Available
Astaro Astaro Security Linux v7.0, v8.0 or higher Available Available
Aventail Extranet Center v3.0 or higher Available Available
AWStats Most versions   Available
Barracuda VF250 Version 5.4.1 or higher Available Available
BlueCoat SG Series, Proxy Server, Proxy SGOS   Available
Cimcor CimTrak Web Security Edition or later Available  
Clavister Most versions   Available
CyberGuard CyberGuard Firewall v4.1, 4.2, 4.3, 5.1 or higher Available  
D-Link Most DFL versions   Available
Digital Arts i-Filter version 9(proxy)   Available
DP Firewalls DP Firewall 1000-GE or higher   Available
Electronic Consultants IPTables Firewall   Available
FreeBSD Most versions   Available
Funkwerk Enterprise Communications Funkwerk UTM   Available
Global Technologies Gnatbox (GB-1000) 3.3.0+ or higher Available  
Huawei     Available
Ingate Ingate firewall: 1200, 1400, 1800/1880 or later Available  
Inktomi Traffic Server, C?Class and E?Class Available  
IPCop IPCop Firewall Version 1.4.17 / 1.4.18 or higher Available  
Kerio Winroute   Available
Lenovo Security Technologies LeadSec   Available
Lucent Security Management Server V. 6.0.471 or higher Available  
(formerly Secure Computing)

SnapGear, SG580, Sidewinder (uses SEF Sidewinder Export Format),

Firewall Enterprise - Sidewinder (S4016)

Available Available
Microsoft Microsoft ISA (Firewall, Web Proxy, Packet Filter, Server 2006 VPN) or later
Server 2000 and 2004
or later,
W3C Log Format,
Threat Management Gateway (TMG)
NetApp NetCache   Available
NetASQ F10, F100 v3.x or higher Available  
NetFilter Linux Iptables   Available
Netopia S9500 Security Appliance v1.6 or higher Available  
Network-1 CyberwallPLUS-WS, CyberwallPLUS-SV or later Available  
Opzoon Firewall ISOS v5 or later   Available
Palo Alto Palo Alto Firewalls PA 5000 series, PANOS 4.1.0 or later   Available
Recourse Technologies ManHunt v1.2, 1.21 or higher Available  
Ruijie Firewall   Available
Snort Most versions   Available
SonicWALL SOHO3, SOHO TZW, TELE3 SP/TELE3 Spi, PRO 230, 2040, 3060, 4060, 5060, TZ 100/ TZ 100w, TZ 170, TZ 170 Wireless, TZ 170 SP Wireless, TZ 200/ TZ 200w, TZ 210/ TZ 210w, NSA 240, NSA 2400, NSA 2400MX, NSA 3500, NSA 4500, NSA 5000, NSA E5500, NSA E6500, NSA E7500, NSA E8500, NSA E8510 or later , Sonic OS 5.8.x and above (supports ' IPFIX with extensions ') Available  
Squid Project Squid Internet Object Cache v1.1, 2.x or higher Available  
St. Bernard Software iPrism 4.1, Proxy server 7110 Available  
Stonesoft Firewall version 5.5 or higher Available  
Sun Microsystems SunScreen Firewall v3.1 or higher Available  
Vyatta Vyatta Firewall -IPv4 Firewall, IPv6 Firewall, Zone-Based Firewall   Available
WebMarshal Most versions   Available
Zywall Most versions Available  
A single platter for comprehensive Network Security Device Management