A versatile combination of feature packed Cisco firewall and a firewall analyzer unearthing the full potential of the firewall is a best defense against network threats.
Firewall Analyzer displays a snapshot of security events happening in a Cisco firewall. This is offered in the Event Summary Reports. The events are classified as Critical, Warning and Information.
These reports helps you to study the security vulnerability pattern with top denied hosts, blocked URLs, attackers, targets, virus sending, affected hosts, spam sending, receiving hosts.
These reports provides deep insights into the internet bandwidth usage. You will get real-time bandwidth use, allowed, blocked traffic, traffic incoming to, outgoing from network, internal and external traffic, URL allowed and blocked.
With these reports you can monitor the rule usage and users accessing the firewall device. You can find out who is trying to access network firewall device.
You can find the active users, users failed to access VPN, usage, traffic usage, groups, groups usage of VPN.
These reports let you know the categories of internet traffic through the network firewall. The reports include Mail, FTP, Telnet and other protocol usage in accessing the internet, website details with URLs and firewall rules used, streaming and chat sites visited.
These reports convey the log term internet usage trends so that you can find out how the usage was and use it for future capacity planning.
Apart from exhaustive firewall reports with respect to network security, Firewall Analyzer offers comprehensive alarms and their notifications.
Alarms can be generated for an anomalous security criteria, bandwidth values, and any normal criteria of security interest.
Alarms can be notified via email and SMS. It can trigger a script to achieve various threat mitigation activities. Alarms are also displayed in the UI screen.
Firewall Analyzer supports virtual firewalls of Cisco firewall appliances. They are dealt like normal firewalls and all the reports, alarms and other features are offered.
Extensive indexing of Cisco firewall logs makes search for security events easy.
|Company||Devices||WELF Certified||Other log format|
|Cisco||Cisco Pix Secure Firewall v 6.x, 7.x|
|Cisco ASA - Virtual Contexts supported|
|Cisco IOS 3005, 1900, 2911, 3925|
|Cisco FWSM - Virtual Contexts supported|
|Cisco VPN Concentrator|
|Cisco CSC-SSM Module v6.3.x or higher|
|Cisco SSL WebVPN or SVC VPN|
|Cisco IronPort Proxy|
|Cisco Botnet module|
You can configure Cisco firewalls to route the logs to Firewall Analyzer. The procedure is given in the help link: Configuring Cisco Devices - PIX/ASA/FWSM/VPN Concentrator.