willp2
asked on
Sonicwall - Better visibility
I've been a long time Sonicwall user and have had great results over the years with them. One area that still frustrates me however is visibility into what is happening on the network and into what it is doing.
Many years ago (late 1990's) I used to work with Checkpoint firewalls and one of the things I loved about those was the ability to enable full logging and search and sort things in near real time in the logs. If for instance we became aware that there was a security problem but weren't clear of the details, we could quickly look at everything moving trough the network and drill down on types of traffic, ports, IP's etc and perform actions right from the logs. There was just far more depth there and it was easy to use.
In short we could find the source of problems very quickly, often before they turned into problems.
The Sonicwall's can do virtually all the same functions and often in an easier to manage way and at a very affordable price. But I've always felt sort of blind when managing them. You just can't get the same kind of detail out of the logs even with Analyzer or GMS.
I know this is a long shot, but does anyone know of any third party tools that might help get better visibility into these things?
Many years ago (late 1990's) I used to work with Checkpoint firewalls and one of the things I loved about those was the ability to enable full logging and search and sort things in near real time in the logs. If for instance we became aware that there was a security problem but weren't clear of the details, we could quickly look at everything moving trough the network and drill down on types of traffic, ports, IP's etc and perform actions right from the logs. There was just far more depth there and it was easy to use.
In short we could find the source of problems very quickly, often before they turned into problems.
The Sonicwall's can do virtually all the same functions and often in an easier to manage way and at a very affordable price. But I've always felt sort of blind when managing them. You just can't get the same kind of detail out of the logs even with Analyzer or GMS.
I know this is a long shot, but does anyone know of any third party tools that might help get better visibility into these things?
is your sonicwall hardware support viewpoint?
ASKER
Yes. We are using Analyzer right now which is the replacement for Viewpoint. It certainly helps, but I still find it inadequate for getting very detailed.
What is your model?
ASKER
On different networks NSA2400's and a few TZ210's
What is your model?
Nsa2400 suports full viewpoint. Do you have spare pc or server to setup sonicwall viewpoint sql database. You will have to point your sonicwall to viewpoint server ip. It will give all info you need, and more
Nsa2400 suports full viewpoint. Do you have spare pc or server to setup sonicwall viewpoint sql database. You will have to point your sonicwall to viewpoint server ip. It will give all info you need, and more
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Thanks for the input. Analyzer is a more fully featured replacement for Viewpoint. We are running it in the VM appliance. Viewpoint, Analyzer and GMS are great products with loads of info. I just find a lot of the info less detailed than I was was using 10-15 years ago with Checkpoint.
Viewpoint / Analyzer have better meta data by far, but I've never been as comfortable with my ability to quickly see details about what is happening in real time.
I suspect that these tools are the best I will do.
Viewpoint / Analyzer have better meta data by far, but I've never been as comfortable with my ability to quickly see details about what is happening in real time.
I suspect that these tools are the best I will do.
For realtime you will want wireshark or microsoft network analyzer
ASKER
Not really what I was hoping for, but I think that's just a limitation of Sonicwall.
Thanks
Thanks