Enterprise Firewall Management
- For large enterprise and MSSP
Features
Monitor Major Firewalls
Log Analysis Major Firewalls
Tech Topics
Mobile Application
- Monitor Firewall on the go
Know the Product
Product docs
FAQs
- Professional Edition
- Enterprise Edition
Knowledge Base
Success Stories
Other Resources
Awards and Recognition

Firewall Analyzer - Device Rule - FAQ

1. What is the expected configuration format of Juniper SRX firewall? How to export the configuration to file?

Configuration format of Juniper SRX is set format.

Procedure to export configuration to file:

Login in to the SRX device using putty or other ssh tool.
Execute the following command:

show configuration | display set | no-more

Copy and save the output in .txt file.
Choose File Import when adding device rule and import the file.

2. What are the supported configuration file extensions?

The configuration file extension .txt is supported for all the firewalls except below mentioned firewalls.

Firewall Vendor Name	Supported File Extensions
PaloAlto	.xml
WatchGuard	.xml
pfSense	.xm
SonicWALL	.exp

3. Device rule fetching succeeded but no data shown in any of the Compliance tab reports. Why?

The protocol used to fetch device rule is not supported by Firewall Analyzer or the user credentials entered doesn't have enough permission to run the config command. Verify the abovr details and still not able to view the data in the report, send <Firewall Analyzer Home>/logs folder to fwanalyzer-support@manageengine.com

4. What is Fetch Rules? What is the use of choosing Fetch Rules option when you create Device Rule?

Firewall Analyzer will fetch entire rule details from your firewall by executing show rule command.
Firewall Analyzer will find the unused rules from fetched rule details and triggered rules retrieved from syslogs.
Unused rules report shown under Compliance > Rule Management > Rule Cleanup tab. You can prune the firewall rules that were not triggered.

5. What is Device Group?

Device Group is a feature that allows network administrators to group and organize firewalls. Once firewalls are organized into Device Groups, administrators can perform various actions, such as viewing filtered rule views and creating/updating rules and objects for the entire group simultaneously. These groups are applicable for the Rule Management features.

6. Why are some managed firewalls not listed on the Device Group creation page?

The Device Group feature is specifically designed for Rule Management reports. Therefore, only the devices that have the 'device rule' option configured will be listed on the Device Group creation page. This means that not all managed firewalls will appear in the device group selection.

A single platter for comprehensive Network Security Device Management

Quick LinksNetwork Bandwidth ReportsNetwork Security & Device MgmtLog ManagementCompliance & MSSP Features

» Pricing & Purchase
» Let Us Assist You

» What's new?
» Awards & Recognition

Firewall Device Management
1. » Policy Overview Report
2. » Used Rules Report
3. » Unused Rules Report
4. » Security Management
5. » Configuration Change Management Report/Alert

Firewall Log Analysis
1. » Check Point
2. » Cisco PIX Device
3. » Cisco ASA Device
4. » CyberGuard
5. » Fortigate
6. » IPFIX with Extensions Support
7. » Virtual/Context-based Firewall Support

Security Device Log Analysis
1. » Microsoft ISA
2. » NetScreen
3. » SonicWALL
4. » WatchGuard
5. » Squid Proxy

Compliance

MSSP Specific Features
1. » Managed Firewall Service
2. » Dashboard and User Views
3. » Rebranding
Troubleshooting Tool:
1. » Diagnose Live Firewall Connections

Other Features
1. » External User Authentication
2. » Alert Administration
3. » Integration with ManageEngine OpManager
4. » Firewall Credential Profiles
5. » Custom Reports
6. » Scheduled Reports
7. » Firewall Bandwidth Alerts