Solved

Firewall Log Analyzer Recommendation Requested

Posted on 2010-09-21
4
505 Views
Last Modified: 2012-05-10
Can anyone recommend a good firewall log analyzer?  Currently we use ManageEngine Firewall Analyzer, which is great when it works, but it often does not work.  The firewall is a Cisco Pix.  We are looking to find a more reliable product that provides similar data.  For example, if we notice a spike in bandwidth usage, we want to be able to run a report that will immediately show the device that is using the bandwidth, and the IP address (or domain/URL) of the source the device is pulling data from.

Thanks
0
Comment
Question by:bezoid
  • 2
4 Comments
 
LVL 21

Assisted Solution

by:Jakob Digranes
Jakob Digranes earned 166 total points
ID: 33724870
this one really kicks a_s when it comes to monitoring, reporting and blocking:
http://www.paloaltonetworks.com/

we've deployed quite a few, and they're integrated towards microsoft AD if you need user names, it inspects SSL traffic (as well as http) - and let you block URLs and all you need really.
They almost always is able to discover threats that no other systems do
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 334 total points
ID: 33725008
You might also consider adding something like NTOP to your toolbox:
http://www.ntop.org/news.php

0
 

Author Comment

by:bezoid
ID: 33725256
Thanks - While the PaloAlto solution looks robust, we are looking for something that will work with our current firewall, a Cisco PIX.
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 334 total points
ID: 33725869
NTOP is firewall independent. Connect it to a SPAN port on the switch with the firewall port mirrored.
0

Featured Post

Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco Sup720 Migrate to Sup2T 5 55
Access List 2 18
Cisco Device User Account Which Only Allows "show" commands? 2 40
Cisco ASDM device NT domain question 4 31
From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now