With organizations embracing dynamic work culture stakeholders now access the company intranet from the comforts of their home or from public networks or subsidiary sites through VPNs. Network administrators now need to monitor and analyze the activities being performed over the VPN. From the compliance and auditing perspective, you would like to see who connects, when, and what are the activities being performed.
Firewall Analyzer will be very handy for the above such requirements since you will be able to obtain Security Reports like "Denied Attempts", "Compromising Attempts", "Attacks", and "Port Scans", as well as auditing reports like "Top VPN Users", "Top failed vpn logins" etc.
VPN Reports give detailed statistics on VPN usage. Reports include drill down details on top VPN hosts, top protocols used by the VPN, and bandwidth used by the VPN during peak and off-peak hours. Trend reports show you VPN usage trends over time.
Top VPN users reports will be very handy if you have Remote Host VPNs configured in your environment. It basically gives you the users connected to your VPN and the amount of traffic consumed by them.
Top Failed VPN users will be very useful when somebody is trying to compromise your VPN network. Repeated or abnormal failed connections would require a closer look as it might results in attacks.
Top Protocol Groups, gives you an overview of what kind of protocol is used in your VPN network. This will be very useful in the case of Site To Site VPN. Some firewalls produce application layer protocol information in the VPN logs and some might not. For the firewalls that are producing protocol information in the logs, this report can give excellent insights.
When you have multiple VPNs in your network, you will be interested in seeing the amount of traffic that is going to search VPN. VPN usage reports exactly addresses this requirement.
Provides VPN usage details for a group of users with details on number of hits, duration of usage, and total bytes of VPN traffic.
Core part of Security Event Management is to consider Events with high priority. Leaving Notification, Informational and Debug event, all the remaining Emergency, Critical,Alert and Warning Events are capable to producing Security Events reports. Firewall Analyzer deals with Security devices and those devices excellently categorized Events produced by them by assigning appropriate levels. Firewall Analyzer helps you in aggregating them by providing you the split up over the Source, Destination and Severity. When you click any Security Events reports, you will be able to see the raw firewall logs that produced the reports. This is a powerful functionality which can be used for troubleshooting purpose. Through our Raw Log Search functionality you can search thorough any words that exists in the raw firewall log.