Solved

Firewall Log Analyzer Recommendation Requested

Posted on 2010-09-21
4
506 Views
Last Modified: 2012-05-10
Can anyone recommend a good firewall log analyzer?  Currently we use ManageEngine Firewall Analyzer, which is great when it works, but it often does not work.  The firewall is a Cisco Pix.  We are looking to find a more reliable product that provides similar data.  For example, if we notice a spike in bandwidth usage, we want to be able to run a report that will immediately show the device that is using the bandwidth, and the IP address (or domain/URL) of the source the device is pulling data from.

Thanks
0
Comment
Question by:bezoid
  • 2
4 Comments
 
LVL 21

Assisted Solution

by:Jakob Digranes
Jakob Digranes earned 166 total points
ID: 33724870
this one really kicks a_s when it comes to monitoring, reporting and blocking:
http://www.paloaltonetworks.com/

we've deployed quite a few, and they're integrated towards microsoft AD if you need user names, it inspects SSL traffic (as well as http) - and let you block URLs and all you need really.
They almost always is able to discover threats that no other systems do
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 334 total points
ID: 33725008
You might also consider adding something like NTOP to your toolbox:
http://www.ntop.org/news.php

0
 

Author Comment

by:bezoid
ID: 33725256
Thanks - While the PaloAlto solution looks robust, we are looking for something that will work with our current firewall, a Cisco PIX.
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 334 total points
ID: 33725869
NTOP is firewall independent. Connect it to a SPAN port on the switch with the firewall port mirrored.
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question