Configuring Firewall Analyzer Parameters


    You can configure Firewall Analyzer to handle .


    Firewall Analyzer User Input Configuration


    To carry out the advanced configuration in the Firewall Analyzer, access the following URL in the browser:

    http://<hostname of Firewall Analyzer>:8500/fw/

    The Firewall Analyzer User Input Configuration page will be displayed.

    Enter the values and select the options as per your requirement.


    Configuration Parameters
    Data Crunching Limit Value   Save | Reset
    PDF Report Row Count 10 Save | Reset
    Minimum Disk Space Setting 5 Save | Reset
    Destination By Port true/false Save
    Nipper Location <The location where Nipper is installed, only for Linux> Save
    Context Based Config Change true/false Save
    Admin User Groups <User groups that have admin access to Juniper SSLVPN box> Save | Reset
    Virtual Firewalls Select your Firewall Name, <names of Firewalls> Save
    Scheduled Reports Save Location : Enter the folder name (location) in which the scheduled reports generated will be saved Save | Reset
    DMZ Interface Details Specify the interfaces associated with DMZs which will determine the direction of the firewall rule Save
    Index Traffic Logs true/false | Flow rate is  <0>  logs/sec. All traffic logs are indexed, if this option is set to 'true' Save


    The parameters which can be configured are explained below:


    • Data Crunching Limit Value:

    It allows you to set the number of rows to be moved from one level to another level say for example hourly to daily, daily to monthy etc.

    • PDF Report Row Count:

    It allows you to choose the number of rows that you want to see in the PDF report. Allowable range is 10 to 100.

    • Minimum Disk Space Setting:

    It allows you to set the minimum disc space (in GB) at which you would like to get warned.

    • Destination By Port:

    Applicable for Cisco PIX device. Setting this parameter allows Firewall Analyzer to decide the destination based on the minimum value between source and destination ports. Unselect the device to disable virtual firewall detection.Select the checkbox to enable it. 

    • Nipper Location:

    For linux installation, provide the location where Nipper is installed. (ex: /use/bin/nipper ) 

    • Admin User Groups:

    ​For Juniper SSLVPN box, provide the user groups that have admin access (Each group should be comma separated. For Eg:Admin Users,Employee_Administrator). 

    • Context Based Config Change:

    By setting this parameter,Firewall Analyzer will provide context based email notification for firewall configuration changes.


    Virtual Firewalls:

    • Scheduled Reports Save Location:

    Specify the location to save the scheduled reports generated.

    • Index Traffic logs :

    Ensure that the flowrate is less than 500 logs/sec and enable this, else contact support.