Firewall Analyzer is compatible with the following firewall devices. Click on the device name (if applicable) to see instructions on configuring firewalls for reporting and sending logs to the Firewall Analyzer.
| Company |
Firewall/Version |
WELF Certified |
Other Log Format |
| 3Com |
3Com X-family Version 3.0.0.2090 or later |
|
 |
| Applied Identity |
Identiforce |
|
|
| ARKOON Network Security |
ARKOON 2.20 |
|
|
| Astaro |
Astaro Security Linux v4 |
|
|
| Aventail |
Extranet Center v3.0 |
|
|
| AWStats |
Most versions |
|
|
| BlueCoat |
SG Series |
|
|
| Check
Point |
log
import from all versions and
LEA support for R54 and above |
|
|
| Cimcor |
CimTrak Web Security Edition |
|
|
| Cisco
Systems |
Cisco Pix Secure Firewall v 6.x, 7.x,
Cisco ASA, Cisco IOS, Cisco FWSM, & Cisco VPN Concentrator |
|
|
| CyberGuard |
CyberGuard Firewall v4.1, 4.2,
4.3, 5.1 |
|
|
| D-Link |
Most DFL versions |
|
|
| Fortinet |
FortiGate
family |
|
|
| FreeBSD |
Most versions |
|
|
| Global Technologies |
Gnatbox (GB-1000) 3.3.0+ |
|
|
| Ingate |
Ingate firewall: 1200, 1400, 1800/1880 |
|
|
| Inktomi |
Traffic Server, C—Class and
E—Class |
|
|
| Lenovo Security Technologies |
LeadSec |
|
|
| Lucent |
Security Management Server V.
6.0.471 |
|
|
| Microsoft ISA |
Microsoft ISA (firewall, web-proxy, packet filter) Server 2000, 2004, & 2006 |
|
|
| NetApp |
NetCache |
|
|
| NetASQ |
F10, F100 v3.x |
|
|
| NetFilter |
Linux Iptables |
|
|
| Netopia |
S9500 Security Appliance v1.6 |
|
|
| Juniper Networks |
NetScreen Most versions |
|
|
| Network-1 |
CyberwallPLUS-WS,
CyberwallPLUS-SV |
|
|
| Recourse Technologies |
ManHunt v1.2, 1.21 |
|
|
| Secure Computing |
Sidewinder |
|
|
| Snort |
Most versions |
|
|
| SonicWALL |
SOHO3,
SOHO TZW, TELE3 SP/TELE3 Spi, TZ 170, TZ 170 Wireless,
TZ 170 SP Wireless, PRO 230, 2040, 3060, 4060, 5060 |
|
|
| Squid Project |
Squid Internet Object Cache v1.1,
2.x |
|
|
| St. Bernard Software |
iPrism 3.2 |
|
|
| Sun Microsystems |
SunScreen Firewall v3.1 |
|
|
| WatchGuard |
All Firebox Models v5.x, 6.x,
7.x, 8.x, 10.x |
|
|
| Zywall |
Most versions |
|
|
|
Firewall Analyzer analyzes your firewall logs and answers questions like the following:
- Who are the top Web surfers in the company?
- How many users are trying to access inappropriate content?
- Where are hack attempts originating?
- Which servers receive the most hits?
Firewall Analyzer uses a built-in syslog server to store these logs, and provides comprehensive reports on firewall traffic, security breaches, and more. This helps network administrators to arrive at decisions on bandwidth management, monitor web site visits, audit traffic, and ensure appropriate usage of networks by employees.
Firewall Analyzer Highlights
Compatibility
Firewall Analyzer supports most enterprise firewalls including Check Point, Cisco PIX, SonicWALL, and more. Although WELF format is universally supported, native log format for some of these firewalls is also supported.
Automatic Detection & Configuration
Simply configure firewalls and other devices to send logs to Firewall Analyzer. They are automatically detected and reports are generated.
Flexible Archiving
Firewall Analyzer periodically archives the logs collected from each device. You can later load this archive into the database and view reports for specific firewall activity. Logs are archived periodically, with options to define log intervals and disable archiving to save disk space.
Rule-based Alerting
Firewall Analyzer lets you set up threshold-based alerts and also notify operators by email whenever an alert is triggered. This means that operators are immediately alerted when the network is down, or traffic levels goes high.
Pre-defined Reports
Firewall Analyzer includes pre-defined reports on bandwidth usage, top talkers, Web usage, VPN statistics, virus activity, and more.
Report Scheduling
The report scheduling feature lets you schedule reports to run automatically over user-defined time intervals. You can also choose to receive these reports automatically by email.
Customizable Reports
Apart from the instant reports, Firewall Analyzer lets you create custom reports and report profiles, based on specific criteria. Custom reports can be generated in PDF, scheduled to run automatically, and be sent by email.
Historical Trend Reports
Trend reports in Firewall Analyzer show you trends in bandwidth usage and user activity based on protocols, events, and more. Trend reports are useful in identifying user patterns and also help in long-term capacity planning.
Portability
Firewall Analyzer uses an embedded syslog server to collect logs from firewalls, proxy servers, and Radius servers. A built-in MySQL database is used to store them. This lets you deploy Firewall Analyzer anywhere on your network and generate reports with no additional setup.
