In the era of globalization, more and more enterprises are making their presence across countries. Obviously, the offices, branches, factories, work places are spread across the globe. In this scenario, IT management related activities get fairly complex. IT/Network security for the distributed environment is not going to be an easy task.
Apart from large enterprises with requirement for scalable, distributed deployment, Managed Security Service Providers (MSSP) are also in need of scalable, distributed solution along with secured and exclusive segmented views for their clients and other requirements. MSSPs require a solution which can be deployed to take care of a block of geographical area.
Multi-national enterprises and MSSPs look out for a solution with following features:
Firewall Analyzer appreciates the Network security needs of large enterprises with global presence and MSSPs. It has come up with a distributed solution, which will scale up to monitor hundreds of devices and deployed at locations across the globe. To cater for the MSSPs, it offers customizable dashboards and user specific views.
Firewall Analyzer Distributed Edition is scalable and deployable in distributed model. It offers centralized monitoring of all distributed locations in a single console. It provides exclusive segmented secured for different users.
Addresses the demanding scalability needs of Worldwide Enterprise and MSSPs. Scales smoothly up to 1200 security devices.
Distributed architecture empowers to monitor devices in locations spread across the world.
With the unified console, you can monitor all the Firewall Analyzer Collector Servers deployed across the globe and the security devices monitored by the Collector Servers. Qualifies as a good candidate for Security Operations Center (SOC).
The Dashboard is customizable to enable role based views for different users. This customizability is much sought after feature of the Managed Security Service Providers (MSSP).
No frills and sleek communication between Collectors and Admin Server ensures that the bandwidth usage is kept minimal.
Firewall Analyzer Distributed Edition can be deployed using the steps given below:
After successfully installing and starting the Admin Server and Collector Server(s), you can view all required reports for each Collector Server from Admin Server Console.
Install Admin Server
Once installed, start the Admin Server.
Install Collector Server
Note: Before proceeding with installation of Collector Server(s), ensure that Admin Server is installed, running and can be reached from the machine, in which Collector Server is to be installed.
Once installed, start the Collector server and configure the firewalls to send logs to the Collector Server.
We recommend distributed setup (Distributed Edition):
One Admin Server is designed to manage 50 Collector Servers. However, we have carried out simulated testing in our laboratory, which effortlessly managed 20 Collector Servers.
You need to configure the proxy server details during Admin Server installation, if the Admin Server needs to pass through Proxy Server to contact Collector Servers.
Yes, you can. Ensure that the existing installation of Firewall Analyzer build is 12300 or later. To convert, you need download the Firewall Analyzer exe/bin of same version as the existing installation and install as Admin Server. Then you need to convert the existing installation of Firewall Analyzer Standalone Server to Collector Server. We recommend to upgarde to the latest version before the conversion. Refer the procedure in the below help link:
Procedure to convert existing Standalone Edition Firewall Analyzer installation to Distributed Edition Collector Server
Once you have deleted the Collector Server, to re-add follow the procedure given below:
All the logs collected by the Collector Server are stored in the Collector Server database only. For archiving, there is a provision to forward the logs to the Admin Server, but not for storing in the Admin Server database.
Secured Communication Mode (HTTPS)
By default, the mode of communication is through HTTP. There is also an option to convert it to secured mode of communication HTTPS. Refer the procedure in the below help link, to setup secure communication mode between Admin and Collector Server.
Click on Settings tab > Collector Settings link in Admin Server UI and click on the Edit icon of specific Collector and select the appropriate protocol and configure the web server port details.
Firewall Analyzer Distributed Edition license will be applied in Admin Server. The number of devices for which the license is purchased, is utilized among the registered Collector Servers. You can keep adding the devices in various Collector Servers till the total number of licenses purchased get exhausted. View the number of devices managed by each Collector Server in the Collector Settings page.
If the number of devices being collectively managed by all the registered Collector Servers, exceed the number of License purchased, a warning message appears in the Admin Server. In that scenario, you have various options.
Yes, there is no option to apply the license in Collector Server. The license applied in Admin Server will be automatically propagated to all Collector Servers.
The managed/unmanaged status of devices in Collector Server are synchronized with Admin Server during the data collection cycle, which happens at an interval of 5 minutes.