Indirect Taxation Authority of Bosnia & Herzegovina Boosts Network Security and Streamlines Traffic & Bandwidth Monitoring with Firewall Analyzer

Firewall Analyzer - Case Study

Institution : Indirect Taxation Authority (ITA) of Bosnia and Herzegovina

Industry : Government

Location : Banja Luka, Bosnia and Herzegovina

The Customer

Indirect Taxation Authority (ITA) of Bosnia and Herzegovina was established at the end of the 2003 and is tasked with developing and maintaining a unique value added tax system in Bosnia and Herzegovina. It is practically the biggest state level institution responsible for taxation and customs in Bosnia and Herzegovina. The Headquarters of Indirect Taxation Authority is in Banja Luka. The field activities are run by four regional centers in: Sarajevo, Banja Luka, Mostar and Tuzla, 30 customs sub-offices and 59 customs posts, out of which 40 are passenger border crossings, 4 airports, 8 railway border crossings, 3 overseas mail offices and 4 free zones. The organizational structure of the Indirect Taxation Authority is the following: five sectors and four departments comprising the Office of the Director.


The IT department of Indirect Taxation Authority (ITA), located at the headquarter, is the central point linking to all other Indirect Taxation Authority’s regional offices and organizational units spread throughout Bosnia and Herzegovina. Their security infrastructure consists of high-end firewalls from Juniper, Cisco and other vendors, Squid Proxy servers, Intrusion Prevention Systems and Anti Virus programs that protect a highly distributed environment consisting of over 90 different servers, 2300 workstation computers running on Linux/UNIX and Windows platforms accessed by 3500+ users at 80 locations throughout Bosnia and Herzegovina.

Key Requirements

  • Centrally monitor the network traffic passing through perimeter security devices
  • Receive real-time alerts on suspicious traffic
  • Monitor VPN connections of external/remote customers accessing ITA systems


ManageEngine Firewall Analyzer


  • Centralized,agent-less monitoring of Firewalls, VPNs, Proxy Servers and IPS
  • Provides real-time alerts for corporate Internet user activities, bandwidth threshold violations, virus attacks, etc.
  • VPN usage reports covering top hosts, top users, bandwidth usage, protocols used, etc.

With a tremendous rise in data breaches across the globe, the IT department wanted to build a proactive network security system which continuously monitors all network traffic through their distributed IT network consisting of a central HQ, 4 regional centers and more than 50 remote Customs locations connected over a WAN.

We were looking for a solution that can centrally monitor all the external links leading to the Internet, thereby providing us with a complete view of the network traffic flowing IN and OUT of our distributed network,” said the Network Security Administrator, Indirect Taxation Authority, Bosnia and Herzegovina.The solution should be able to monitor our firewalls, proxy servers, VPN traffic and alert us in real-time on Internet user activities, bandwidth threshold violations, and any malicious traffic behavior

The Solution

ManageEngine Firewall Analyzer

The Network Security & Administration team at ITA initially explored Open Source products to monitor and report on their perimeter security devices, but soon found out that these products had poor data mining and their reporting was very poor.

ITA’s IT team’s search for a cost-effective perimeter security monitoring solution led them to ManageEngine Firewall Analyzer’s website ( They downloaded the 30-day fully functional trial version of this ‘firewall configuration change management and log analysis software’ and evaluated it in their environment. Initially they evaluated the Standalone edition of Firewall Analyzer and then switched to the Distributed edition of the product to satisfy the needs of their distributed network having multi-vendor firewalls, proxy servers, IPS, VPNs and other devices.

During our evaluation, we found Firewall Analyzer to be the best when it came to data mining, extracting the relevant data and presenting them as useful graphs and reports,” said ITA Network Security Administrator. “The support we received even during the product evaluation was outstanding and quickly helped us arrive at a decision to purchase Firewall Analyzer

Using Firewall Analyzer, the IT team was immediately able to detect malicious activities in their network. They were able to exactly pinpoint users, applications, and systems, which were generating unprecedented amounts of Internet traffic, which was hogging their network bandwidth. Firewall Analyzer provided them real-time alerts and detailed reports on: the source and destination of the traffic, the exact time frame, how much of bandwidth was consumed (threshold violations), virus activities or attacks on their network based on denied URLs, failed logins…VPN usage by external customers accessing their internal systems, etc. which was very helpful for them to quickly detect and remediate any network security problems.

Firewall Analyzer met all the challenges faced by Indirect Taxation Authority by monitoring the perimeter security devices in real-time and providing them with complete visibility on what’s happening in their network.

Firewall Analyzer has strengthened our network security infrastructure by providing us with real-time traffic monitoring capabilities which has helped us detect suspicious activities in our external links and prevented virus outbreaks in our internal systems. ” signs-off Network Security Administrator, Indirect Taxation Authority, Bosnia and Herzegovina.

A single platter for comprehensive Network Security Device Management