Firewall Analyzer generates detailed reports on possible security threats to the network. Reports include information on top denied hosts, denied protocols, and top security events generated. These help you determine if security policies across the network need to be revised.
Firewall Analyzer gives in-depth information on virus attacks, hosts infected, severity of the attack, subtype, and more. With drillable details to the raw log level on top viruses and top protocols used by viruses, the complete details of the virus related raw log is available. The raw log message make troubleshooting and problem resolution faster and more efficient.
Firewall Analyzer generates detailed reports on possible network attacks. Reports include information on top attackers, top targets and protocols used for the attack. These reports give you the insight to identify and counter network attacks.
Firewall Analyzer gives detailed statistics on VPN usage. VPN usage reports include drill down details on top VPN hosts, top protocols used by the VPN, and bandwidth used by the VPN during peak and off-peak hours. These reports help in identifying users connected to your VPN, the traffic consumed by them and also failed VPN logins. Information on the failed VPN logins will be useful when somebody is trying to compromise your VPN network. Repeated or abnormal failed connections would require a closer look as it might result in attacks.
Firewall Analyzer collects and archives the proxy server logs, analyzes them, and generates useful corporate internet access information reports. As a proxy log analysis tool, Firewall Analyzer supports BlueCoat, Microsoft ISA, Squid proxy logs and servers.
Firewall Analyzer provides reports based on URL categories for each Firewall. You can get the reports under the major categories allowed and denied URLs. Further, under the major categories, you can get the categories of URLs like social networking and live streaming. This will be useful in monitoring and tracking internal threats in the network.
Firewall Analyzer generates Application Reports for applications (like Skype, Yahoo Messenger, etc.) accessed through firewall devices. The Application Control service should be available and enabled in the mentioned firewall devices. Firewall Analyzer uses the service provided by the device to get the details about the applications and generates the report. The report is of immense help to find out the details of the applications accessed through the Firewall.
Protocol trend reports show hourly trends in Web, Mail, FTP, and Telnet traffic. Comparing the current trend with the historical trend, you can determine peak usage times for each protocol group. Working and non-working hour protocol trends help IT identify top protocols used over time.
Traffic trend reports show trends in traffic across the firewall on an hourly, and weekly basis. Trends in traffic generated during working hours and non-working hours, is also shown. Using these reports, you can identify peak hours, and recurring network bottlenecks quickly.
Event trend reports show trends in the number of events triggered by the firewall on a historical and current basis. Event trends are especially useful in troubleshooting links, and identifying security risks.
VPN trend reports show trends in the number of VPN connections accessed through the firewall on a historical and current basis. VPN trends are especially useful in troubleshooting VPN connections, and identifying security risks.
Active connection trend reports show trends in the number of live VPN connections accessed through the firewall at various time periods
Detailed network traffic reports based on syslog data, which help you identify bandwidth anomalies. Firewall Analyzer carries out traffic analysis which best suits non-NATed (Network Address Translation) networks. The traffic information captured from the Routers will not be suitable for non-NATed networks and it works good for NATed networks.
The details of the Hosts and Protocol Groups based inbound and outbound traffic of the network for the specific firewall are provided in the form of graph and table in the Inbound and Outbound Traffic Reports. The granular details of the inbound and outbound traffic for your network through each of your configured firewall can be drilled down.
The details of the total external traffic (sent plus received) of the network (Internet) by Top Conversations (External), External Hosts, External Protocol Groups, and External Servers for the specific firewall are provided in the form of graph and table in the Internet Traffic Reports. The granular details of the internet traffic for your network through each of your configured firewall can be drilled down.
The details of the total internal traffic (sent plus received) of the network (Intranet) by Top Conversations (Internal), Internal Hosts, Internal Protocol Groups, and Internal Servers for the specific firewall are provided in the form of graph and table in the Intranet Traffic Reports. The granular details of the intranet traffic for your network through each of your configured firewall can be drilled down.
You can get protocol-wise bandwidth distribution across each of your network firewalls, thus giving you an idea of the type of traffic protocols being used or misused in your network environment.
Firewall Analyzer generates country level reports which can help identify country of origin and destination of traffic. Analyzing the traffic from / to each country and correlating the security events from these countries will help you to take a clear call.