Firewall Analyzer (ISA Log Analyzer) can analyze, report, and archive logs from your Microsoft ISA Server. Firewall Analyzer supports logs from Packet filters, ISA Server Firewall Service, and ISA Server Web Proxy Service.
Apart from Microsoft ISA Server logs, it analyzes logs from a variety of network periphery security devices like, firewalls, proxy servers, IDS, IPS, VPN.
Firewall Analyzer supports W3C extended log file format and ISA Server File log format. This W3C extended log file format is supported by ISA Server Firewall Service and ISA Server Web Proxy Service of Microsft ISA Server and the ISA Server File log format is supported only by ISA Server Web Proxy Service and not by ISA Server Firewall Service. Depending upon your requirement, you have to configure Microsoft ISA Servers to support one of the above log formats.
After configuration, you can manually import this log file in to Firewall Analyzer or use periodical import provision in Firewall Analyzer. If you want Firewall Analyzer to periodically import the ISA Server logs, use FTP import provision in 'Remote Host', with the time interval more than the time interval set in the ISA Server.
Firewall logs reveal a lot of information on the nature of traffic coming in and going out of the firewall, allows you to plan your bandwidth requirement based on the bandwidth usage across the firewalls Analyzing these firewall traffic logs is vital to understanding network and bandwidth usage and plays an important role in business risk assessment. Firewall Analyzer offers many features that help in collecting, analyzing and reporting on Microsoft ISA server logs.
Firewall Analyzer supports the following reports for Microsoft ISA Server:
"The implementation was so easy and the Firewall Analyzer immediately started showing me how much inbound and outbound traffic was passing through our firewalls.I now use Firewall Analyzer daily!"