To carry out the advanced configuration in the Firewall Analyzer, access the following URL in the browser:
The Firewall Analyzer User Input Configuration page will be displayed.
Enter the values and select the options as per your requirement.
|Data Crunching Limit Value||Save | Reset|
|PDF Report Row Count||10||Save | Reset|
|Minimum Disk Space Setting||5||Save | Reset|
|Nipper Location||<The location where Nipper is installed, only for Linux>||Save | Reset|
|Admin User Groups||<User groups that have admin access to Juniper SSLVPN box>||Save | Reset|
|Scheduled Reports Save Location :||Enter the folder name (location) in which the scheduled reports generated will be saved||Save | Reset|
|TFTP Root Directory||Enter the folder name of the root directory of TFTP||Save | Reset|
|Stop TFTP Service||true/false||Save|
|Stop SSHD Service||true/false||Save|
|Virtual Firewalls||Select your Firewall Name, <names of Firewalls>||Save|
|DMZ Interface Details||Specify the interfaces associated with DMZs which will determine the direction of the firewall rule||Save|
|Management IP Details||Provide appropriate Management IP by choosing the firewall.||Save|
|Index Traffic Logs||true/false | Flow rate is <5> logs/sec. All traffic logs are indexed, if this option is set to 'true'||Save|
|Display Compliance Percentage||true/false||Save|
|Destination By Port||true/false||Save|
|Context Based Config Change||true/false||Save|
|Export to PDF||Client/Server||Save|
The parameters which can be configured are explained below:
It allows you to set the number of rows to be moved from one level to another level say for example hourly to daily, daily to monthy etc.
It allows you to choose the number of rows that you want to see in the PDF report. Allowable range is 10 to 100.
It allows you to set the minimum disc space (in GB) at which you would like to get warned.
For linux installation, provide the location where Nipper is installed. (ex: /use/bin/nipper )
For Juniper SSLVPN box, provide the user groups that have admin access (Each group should be comma separated. For Eg:Admin Users,Employee_Administrator).
Specify the location to save the scheduled reports generated.
Specify the root directory for TFTP service.
Configure the stop status of the TFTP service.
Configure the stop status of the SSHD service.
If the firewall devices added to the Firewall Analyzer contains Virtual firewalls, configure here. Select the firewalls in the Available Devices column and move to the Selected Devices column using the right arrow and for vice versa operation, use left arrow.
Select the firewall and configure the DMZ interface for each firewall.
Select the firewall and configure the management IP details for each firewall.
Ensure that the flowrate is less than 500 logs/sec and enable this, else contact support.
Configure whether compliance percentage should be displayed in the Standards report.
Applicable for Cisco PIX device. Setting this parameter allows Firewall Analyzer to decide the destination based on the minimum value between source and destination ports. Unselect the device to disable virtual firewall detection.Select the checkbox to enable it.
By setting this parameter,Firewall Analyzer will provide context based email notification for firewall configuration changes.
Configure whether the export operation should be carried out from Client or Server.