Firewalls, along with IDS / IPS, are your first line of defense against malicious attacks on your network. Regardless of which type of perimeter security devices are being used, monitoring these devices are critical to ensure that they functioning smoothly and you are alerted in advance of any suspicious user activities, network anomalies, or device mis-configuration.
ManageEngine Firewall Analyzer provides Firewall Security Management capabilities to:
Firewall Analyzer provides elaborate reports on the firewall security and compliance. They are:
Firewall Analyzer audits the firewall security periodically and generates thefirewall security audit report.The screen shot of the sample report is given below:
The complete configuration of the firewall device is listed in this report. This includes the firewall policies or ACLs or firewall rules.
Firewall Analyzer monitors the firewall configuration changes in real-time. It can trigger alerts for any change done. It generates elaborate change management report. The report addresses the question like who made the change, what was the change, and when was it made.
Unused rules indicate that the rules are redundant and are not being used to the control or monitor the traffic through the firewall. Either the rules should tweaked to make the rule effective or removed entirely. This will help you manage your firewall policies/rules and strengthen the overall security of your network. In the case of used rules, if a particular rule is overused, that may be an indication that the rule is not so effective and may allow exploits in to the network. Those rules should be carefully analyzed and tweaked to tighten the security. Firewall Analyzer presents exhaustive reports about unused and used rules.
Admin Reports provide detailed information on successful logons, successful logoffs, failed logons and the commands executed by the firewall users like security administrators, network administrators, etc.
Firewall Analyzer helps to identify current live connections / sessions (specific to IP address, range of IP addresses, Port / Protocol) established with the firewall device through it's Diagnose Connections feature. This will help firewall administrators to track the connections and ensure that the device is accessed properly in their network.