Solved

Firewall Log Analyzer Recommendation Requested

Posted on 2010-09-21
4
511 Views
Last Modified: 2012-05-10
Can anyone recommend a good firewall log analyzer?  Currently we use ManageEngine Firewall Analyzer, which is great when it works, but it often does not work.  The firewall is a Cisco Pix.  We are looking to find a more reliable product that provides similar data.  For example, if we notice a spike in bandwidth usage, we want to be able to run a report that will immediately show the device that is using the bandwidth, and the IP address (or domain/URL) of the source the device is pulling data from.

Thanks
0
Comment
Question by:bezoid
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 22

Assisted Solution

by:Jakob Digranes
Jakob Digranes earned 166 total points
ID: 33724870
this one really kicks a_s when it comes to monitoring, reporting and blocking:
http://www.paloaltonetworks.com/

we've deployed quite a few, and they're integrated towards microsoft AD if you need user names, it inspects SSL traffic (as well as http) - and let you block URLs and all you need really.
They almost always is able to discover threats that no other systems do
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 334 total points
ID: 33725008
You might also consider adding something like NTOP to your toolbox:
http://www.ntop.org/news.php

0
 

Author Comment

by:bezoid
ID: 33725256
Thanks - While the PaloAlto solution looks robust, we are looking for something that will work with our current firewall, a Cisco PIX.
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 334 total points
ID: 33725869
NTOP is firewall independent. Connect it to a SPAN port on the switch with the firewall port mirrored.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses
Course of the Month10 days, 22 hours left to enroll

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question