Configuring Firewall Analyzer Parameters

    Firewall Analyzer User Input Configuration 

    To carry out the advanced configuration in the Firewall Analyzer, access the following URL in the browser:


    The Firewall Analyzer User Input Configuration page will be displayed.

    Enter the values and select the options as per your requirement.

    Configuration Parameters
    Parameter Default Value Operation
    Data Crunching Limit Value   Save | Reset
    PDF Report Row Count 10 Save | Reset
    Minimum Disk Space Setting 5 Save | Reset
    Nipper Location <The location where Nipper is installed, only for Linux> Save | Reset
    Admin User Groups <User groups that have admin access to Juniper SSLVPN box> Save | Reset
    Scheduled Reports Save Location : Enter the folder name (location) in which the scheduled reports generated will be saved Save | Reset
    TFTP Root Directory Enter the folder name of the root directory of TFTP Save | Reset
    Stop TFTP Service true/false Save
    Stop SSHD Service true/false Save
    Virtual Firewalls Select your Firewall Name, <names of Firewalls> Save
    DMZ Interface Details Specify the interfaces associated with DMZs which will determine the direction of the firewall rule Save
    Management IP Details Provide appropriate Management IP by choosing the firewall. Save
    Index Traffic Logs true/false | Flow rate is <5> logs/sec. All traffic logs are indexed, if this option is set to 'true' Save
    Display Compliance Percentage true/false Save
    Destination By Port true/false Save
    Context Based Config Change true/false Save
    Export to PDF Client/Server Save


    The parameters which can be configured are explained below:

    • Data Crunching Limit Value

    It allows you to set the number of rows to be moved from one level to another level say for example hourly to daily, daily to monthy etc.

    • PDF Report Row Count

    It allows you to choose the number of rows that you want to see in the PDF report. Allowable range is 10 to 100.

    • Minimum Disk Space Setting

    It allows you to set the minimum disc space (in GB) at which you would like to get warned.

    • Nipper Location

    For linux installation, provide the location where Nipper is installed. (ex: /use/bin/nipper ) 

    • Admin User Groups

    ​For Juniper SSLVPN box, provide the user groups that have admin access (Each group should be comma separated. For Eg:Admin Users,Employee_Administrator). 

    • Scheduled Reports Save Location

    Specify the location to save the scheduled reports generated.

    • TFTP Root Directory

     Specify the root directory for TFTP service.

    • Stop TFTP Service

    Configure the stop status of the TFTP service.

    • Stop SSHD Service

    Configure the stop status of the SSHD service.

    • Virtual Firewalls

    If the firewall devices added to the Firewall Analyzer contains Virtual firewalls, configure here. Select the firewalls in the Available Devices column and move to the Selected Devices column using the right arrow and for vice versa operation, use left arrow.

    • DMZ Interface Details

    Select the firewall and configure the DMZ interface for each firewall.

    • Management IP Details

    Select the firewall and configure the management IP details for each firewall.

    • Index Traffic logs

    Ensure that the flowrate is less than 500 logs/sec and enable this, else contact support.

    • Display Compliance Percentage

    Configure whether compliance percentage should be displayed in the Standards report.

    • Destination By Port

    Applicable for Cisco PIX device. Setting this parameter allows Firewall Analyzer to decide the destination based on the minimum value between source and destination ports. Unselect the device to disable virtual firewall detection.Select the checkbox to enable it.

    • Context Based Config Change

    By setting this parameter,Firewall Analyzer will provide context based email notification for firewall configuration changes.

    • Export to PDF

    Configure whether the export operation should be carried out from Client or Server.