|
ManageEngine Firewall Analyzer  Prices Start at $395
Firewall Log Analysis & Reporting
Software
ManageEngine® Firewall Analyzer is a web based, agent-less, firewall log
analysis and reporting software that monitors, collects, analyses, archives, and
generates reports
on enterprise-wide Firewall's, VPN's, IDS, and Proxy servers (see supported
devices). Firewall Analyzer will help network security administrators &
MSSP
(Managed Security Service Providers) to monitor
bandwidth usage, detect intrusions & anomaly behaviors, audit traffic,
and monitor employee web usage activities efficiently.
Overview
A Firewall is an important perimeter defense tool that protects your network
from attacks. Security tools like Firewalls, VPN, and Proxy Servers generate a
huge quantity of traffic logs, which can be mined to generate a wealth of
security information reports.
ManageEngine Firewall Analyzer is a
web-based, cross-platform, log analysis tool that helps network administrators
and managed security service providers (MSSP) to understand how bandwidth is
being used in their network. Firewall Analyzer analyzes logs received from
different firewalls and generates useful reports and graphs. Trend analysis,
capacity planning, policy enforcement, and security compromises are some of the
critical decisions that are made simpler using Firewall
Analyzer.
Benefits of using Firewall Analyzer:
Employee Internet Monitoring:
- Website accessed by the employees in your organization.
- Protocols used by them for communication.
- Working Hour and Non-Working Hour internet usage details and trends
- Firewall Rules used by your employees and their usage pattern.
- Get notification as when an employee tries to access restricted sites.
- To identify internet abuse, and excessive internet usage.
- Get notified on anomalies like sudden spike in internet usage.
- Keep tabs of employee internet transactions that are leading to attacks /
virus in your environment.
- Compare current internet usage with your historical data to enable you to
make firewall policy changes.
- Get live internet bandwidth graphs with finer details of inbound and
outbound traffic flows.
Data Center Security and Enterprise
Security:
Firewall Analyzer is used in Data Centers, Security
Operation Centers to monitor firewall's and intrusion detection systems to
obtain insights like the following:
- Get to know who is contacting your servers from where, when, and how.
- Identify your busy servers and do capacity planning.
- Obtain an executive summary of your network security posture like number
& type of attacks, viruses, failed logons, security events and denied
events.
- Get to know who was denied access in your network, with respect to each
server and their protocols. Thus feeling reassured that your firewall rules are
working.
- Get to know your firewalls rules in action and their usage trend.
- Get to know the protocol usage trend in your servers.
- See your network in action through nice readable, intuitive graphs.
- Get notified on anomaly events like sudden spike in the number of
connections in your servers and traffic usage in your servers.
- Get Live Internet Bandwidth Graphs with Inbound and Outbound split-up.
- Obtain events split-up of your servers based on severity and get notified on
emergency / critical events on your servers.
- Get to know the amount of traffic through your site-to-site VPN.
- Identify the busy tunnel and do capacity planning.
- Remove / reduce the unnecessary traffic going through your VPN tunnel by
cleaning up your rules.
- Detect your network configuration errors like wrong DNS etc.
Log Management for Compliance:
Firewall
Analyzer can collect, archive, analyze, and report on all the firewall logs
which can prove useful during your network audits for meeting regulatory
compliance.
- Store / Archive logs for years together, to meet your compliance needs.
- Get compliance reports like successful logins, logoff and failed logins.
- Store your individual firewall log records and do historical trend analysis
using the archived firewall logs whenever required.
- Automatic log reception from firewalls without the use of probes or agent
installations.
Managed Firewall Services Support for
MSSP:
Firewall Analyzer offers profitable Managed Firewall
Services for Managed Security Service Providers (MSSP), which will help you to
track intrusions, manage user website access, audit traffic and also help you to
manage your customer's network bandwidth usage efficiently.
- Centralized log management for heterogeneous devices.
- Manage multiple firewalls from the single installation.
- User-specific firewall views, whereby you as an administrator can assign
customers to their respective firewalls and each customer will have access to
only his respective firewall details.
- Create custom dashboard views which could be based on the different
geographical locations or nature of business or any other specific requirements
of your customer.
Firewall Analyzer uses a built-in syslog server to store the firewall logs, and
provides comprehensive reports on firewall traffic, security breaches, and more.
This helps network administrators to arrive at decisions on bandwidth
management, network security, monitor web site visits, audit traffic, and ensure
appropriate usage of networks by employees. The collected logs are parsed and
stored in the inbuilt MySQL database for analysis and report generation.
Firewall Analyzer Highlights
Multiple Device Support – support for most leading enterprise
firewalls, vpn, ids & proxy servers.
MSSP support –
user-based firewall views, anomaly detection filters for network behavioral
analysis aid Managed Security Service Providers to manage multiple client
networks.
Real-time Alerting – set threshold-based
alerts and instant e-mail notifications when alerts are
triggered.
Flexible Log Archiving – archive all log
data, or modify archiving intervals depending on disk space.
Trending – view traffic trends and determine usage
patterns and peak hours.
Instant Reports – generate
over 100 pre-defined reports on bandwidth usage, protocol usage, and more.
Powerful Multi-level Drill-down – drill down from
traffic reports to see top hosts, top protocols, top website's, and more.
Security Analysis – analyze denied requests, top denied
URL's, and more.
VPN / Squid Proxy Reports – view VPN
statistics, VPN usage details, squid usage, top talkers, website details, and
more.
Custom Reports – define reporting criteria, set
graph parameters, and save reports.
Scheduled Reporting
– set up schedules for reports to be generated and emailed automatically.
Anytime, Anywhere Access & Management – web-based
user interface lets you view event details in real-time from any system on the
network.
Built-in Database – comes with an integrated
MySQL database that is already configured to store all log data. No external
database configurations are needed.
Host OS Support –
Can be installed and run on Windows and Linux-based systems making it suitable
for deployment in a wide range of enterprises.
Screen
Shots
 |
 |
 |
| Executive Dashboard |
Firewall Traffic Reports |
Web Usage Reports |
 |
 |
 |
| Protocol Traffic Drill Down |
VPN Analysis Report |
VPN Report Drill Down |
 |
 |
 |
| Squid Top Talkers Report |
Squid Website Details Report |
Squid Usage Summary |
 |
 |
 |
| Protocol Trend Report |
Traffic Trend Report |
Archived Log Files |
 |
 |
 |
| Anomoly Detection Filter |
Streaming & Chat Report |
Cisco Pix & IDF Compliance Reports |
Firewall
Analyzer is compatible with the following firewall devices.
| Company |
Firewall/Version |
WELF Certified |
Other Log Format |
| 3Com |
3Com
X-family Version 3.0.0.2090 or later |
|
 |
| Applied Identity |
Identiforce |
|
|
| ARKOON Network Security |
ARKOON 2.20 |
|
|
| Astaro |
Astaro Security Linux v4 |
|
|
| Aventail |
Extranet Center v3.0 |
|
|
| AWStats |
Most versions |
|
|
| BlueCoat |
SG Series |
|
|
| Check
Point |
log
import from all versions and
LEA support for R54 and above |
|
|
| Cimcor |
CimTrak Web Security Edition |
|
|
| Cisco
Systems |
Cisco
Pix Secure Firewall v 6.x, 7.x,
Cisco ASA, Cisco IOS, Cisco FWSM, &
Cisco VPN Concentrator |
|
|
| CyberGuard |
CyberGuard Firewall v4.1, 4.2, 4.3, 5.1 |
|
|
| D-Link |
Most DFL versions |
|
|
| Fortinet |
FortiGate
family |
|
|
| FreeBSD |
Most versions |
|
|
| Global Technologies |
Gnatbox (GB-1000) 3.3.0+ |
|
|
| Ingate |
Ingate firewall: 1200, 1400, 1800/1880 |
|
|
| Inktomi |
Traffic Server, C—Class and E—Class |
|
|
| Lenovo Security Technologies |
LeadSec |
|
|
| Lucent |
Security Management Server V. 6.0.471 |
|
|
| Microsoft
ISA |
Microsoft
ISA (firewall, web-proxy, packet filter) Server 2000, 2004, & 2006 |
|
|
| NetApp |
NetCache |
|
|
| NetASQ |
F10, F100 v3.x |
|
|
| NetFilter |
Linux Iptables |
|
|
| Netopia |
S9500 Security Appliance v1.6 |
|
|
| Juniper
Networks |
NetScreen
Most versions |
|
|
| Network-1 |
CyberwallPLUS-WS, CyberwallPLUS-SV |
|
|
| Recourse Technologies |
ManHunt v1.2, 1.21 |
|
|
| Secure Computing |
Sidewinder |
|
|
| Snort |
Most
versions |
|
|
| SonicWALL |
SOHO3,
SOHO TZW, TELE3 SP/TELE3 Spi, TZ 170, TZ 170 Wireless, TZ 170 SP Wireless, PRO
230, 2040, 3060, 4060, 5060 |
|
|
| Squid Project |
Squid Internet Object Cache v1.1, 2.x |
|
|
| St. Bernard Software |
iPrism 3.2 |
|
|
| Sun Microsystems |
SunScreen Firewall v3.1 |
|
|
| WatchGuard |
All
Firebox Models v5.x, 6.x, 7.x, 8.x |
|
|
| Zywall |
Most versions |
|
|
If you have any questions
or want to download trail version, please send an e-mail to rlee@develcon.com or contact a Develcon sales representative near you.
|
