Firewall Analyzer is compatible with the following firewall devices.

Click on the device name (if applicable) to see instructions on configuring firewalls for reporting and sending logs to the Firewall Analyzer.


Firewall Analyzer Compatible Firewalls

Company Firewall/Version WELF Certified Other Log Format
Check Point Log import from all versions and
LEA support for R54 and above
VSX Firewalls - Virtual Edition supported
Palo Alto Palo Alto Firewalls PA 5000 series, PANOS 4.1.0 or later  
Cisco Systems

Cisco Pix Secure Firewall v 6.x, 7.x,
Cisco ASA
- Virtual Contexts supported
Cisco IOS 3005, 1900, 2911, 3925
Cisco FWSM - Virtual Contexts supported
Cisco VPN Concentrator
Cisco CSC-SSM Module v6.3.x or higher
Cisco IronPort Proxy server
Cisco Botnet module
Cisco Meraki Proxy server
Cisco FireSight module

Cisco FirePower
Fortinet FortiGate family, SSL VPN (v300A, v310B or later)
Webfilter, DLP, IPS modules, IPSec and VDOMs supported.
Juniper Networks Juniper SRX series
SRX100, SRX210, SRX220, SRX240, SRX650, SRX1400, SRX3400, SRX3600, SRX5600, SRX5800
SRX - Security and Application logs, VDOM support
NetScreen series
NetScreen most versions of Web Filter & Spam Modules
IDP, SSL VPN series
4500 & 6500, New Format Logs
ISG series
6360, 8350 series

SOHO3, SOHO TZW, TELE3 SP/TELE3 Spi, PRO 230, 2040, 3060, 4060, 5060, TZ 100/ TZ 100w, TZ 170, TZ 170 Wireless, TZ 170 SP Wireless, TZ 200/ TZ 200w, TZ 210/ TZ 210w, NSA 240, NSA 2400, NSA 2400MX, NSA 3500, NSA 4500, NSA 5000, NSA E5500, NSA E6500, NSA E7500, NSA E8500, NSA E8510, Management, Application control & SSL-VPN logs, SSL-VPN appliance
Sonic OS 5.8.x and above (supports ' IPFIX with extensions ')

WatchGuard All Firebox Models v5.x, 6.x, 7.x, 8.x, 10.x, 11 or higher
Firebox X series, x550e, x10e, x1000, x750e or later
XTM version 11.9
Huawei Huawei  
pfSense PfSense 2.2, 2.4 or higher  

Security Linux v7.0, v8.0
UTM 9.0 or later (formerly Astaro)
XG v15,v16,v16.5,v17.0.x

Cyberoam - Cyberoam Firewall version: 9.5.4 or higher  
Securepoint Securepoint UTM Firewalls  
3Com 3Com X-family Version or later
Earlier versions will work to a lesser extent
Anchiva Secure Gateway Series 200, 500, 800, 1000, 2000 or higher  
Applied Identity Identiforce  
ARKOON Network Security ARKOON 2.20 or higher
Aventail Extranet Center v3.0 or higher
AWStats Most versions  
Barracuda VF250 Version 5.4.1 or higher
BlueCoat SG Series, Proxy Server, Proxy SGOS  
Cimcor CimTrak Web Security Edition or later
Clavister Most versions  
CyberGuard CyberGuard Firewall v4.1, 4.2, 4.3, 5.1 or higher
D-Link Most DFL versions  
Digital Arts i-Filter version 10 (Proxy server)  
DP Firewalls DP Firewall 1000-GE or higher  
Electronic Consultants IPTables Firewall  
F5 BIG-IP firewalls 9.x to 13.x or later    
ForcePoint Firewall version 5.5 or higher
FreeBSD Most versions  
Funkwerk Enterprise Communications Funkwerk UTM  
Global Technologies Gnatbox (GB-1000) 3.3.0+ or higher
Ingate Ingate firewall: 1200, 1400, 1800/1880 or later
Inktomi Traffic Server, C-Class and E-Class
IPCop IPCop Firewall Version 1.4.17, 1.4.18 or higher
Kerio Winroute  
Lenovo Security Technologies LeadSec  
Lucent Security Management Server V. 6.0.471 or higher
(formerly Secure Computing)
SnapGear, SG580, Sidewinder (uses SEF Sidewinder Export Format),
Firewall Enterprise - Sidewinder (S4016) Ver 8.3.2
Microsoft Microsoft ISA (Firewall, Web Proxy, Packet Filter, Server 2006 VPN) or later
Server 2000 and 2004
or later,
W3C Log Format,
Threat Management Gateway (TMG)
MikroTik Firewall all versions    
NetApp NetCache  
NetASQ F10, F100 v3.x, v8 or higher
NetFilter Linux Iptables  
Netopia S9500 Security Appliance v1.6 or higher
Network-1 CyberwallPLUS-WS, CyberwallPLUS-SV or later
Opzoon Firewall ISOS v5 or later  
Recourse Technologies ManHunt v1.2, 1.21 or higher
Ruijie Firewall  
Snort Most versions  
Squid Project Squid Internet Object Cache v1.1, 2.x or higher
St. Bernard Software iPrism 4.1, Proxy server 7110
Stormshield Most versions  
Sun Microsystems SunScreen Firewall v3.1 or higher
VarioSecure Most versions  
Vyatta Vyatta Firewall - IPv4 Firewall, IPv6 Firewall, Zone-Based Firewall  
WebMarshal Proxy server - Most versions  
Zyxel ZLD 4.25 or higher  


If the Firewall device logs contains the time zone information, Firewall Analyzer processes it and normalizes it to time zone of Firewall Analyzer Server


Firewall Rule Management Support

Firewall Analyzer provides the rule management reports for the given list of firewalls.

Devices Mode Unused Rule Change Management Rule Management Standards Security Audit
Cisco Device/File          
FortiGate Device/File          
WatchGuard Device/File          
SonicWall Device/File          
PaloAlto Device/File          
Juniper - SRX Device/File          
Huawei Device/File          
pfSense Device/File          
Check Point API          
Vyatta Device/File          
Juniper - NetScreen Device/File          
NetFilter File          
3Com File          


NetFlow Log Support

Cisco Cisco ASA NetFlow Log



A single platter for comprehensive Network Security Device Management