Firewall Log Analyzer Recommendation Requested

Can anyone recommend a good firewall log analyzer?  Currently we use ManageEngine Firewall Analyzer, which is great when it works, but it often does not work.  The firewall is a Cisco Pix.  We are looking to find a more reliable product that provides similar data.  For example, if we notice a spike in bandwidth usage, we want to be able to run a report that will immediately show the device that is using the bandwidth, and the IP address (or domain/URL) of the source the device is pulling data from.

Thanks
bezoidAsked:
Who is Participating?
 
lrmooreConnect With a Mentor Commented:
You might also consider adding something like NTOP to your toolbox:
http://www.ntop.org/news.php

0
 
Jakob DigranesConnect With a Mentor Senior ConsultantCommented:
this one really kicks a_s when it comes to monitoring, reporting and blocking:
http://www.paloaltonetworks.com/

we've deployed quite a few, and they're integrated towards microsoft AD if you need user names, it inspects SSL traffic (as well as http) - and let you block URLs and all you need really.
They almost always is able to discover threats that no other systems do
0
 
bezoidAuthor Commented:
Thanks - While the PaloAlto solution looks robust, we are looking for something that will work with our current firewall, a Cisco PIX.
0
 
lrmooreConnect With a Mentor Commented:
NTOP is firewall independent. Connect it to a SPAN port on the switch with the firewall port mirrored.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.