Firewall Analyzer enhancements that fire up your firewall devices

The Firewall Analyzer team is constantly working on enhancements to improve its product offering. Here's an overview of all the new vendors, log formats, and reports supported by Firewall Analyzer.

1. New supported vendor: F5 BIG-IP Local Traffic Manager

F5 Networks is located in more than 30 countries and has more than 20 years experience in network security for both on-premises and multi-cloud environments. BIG-IP Local Traffic Manager enables you to control network traffic, selecting the right destination based on server performance, security, and availability.

Firewall Analyzer lets you collect, archive, and analyze F5 BIG-IP Local Traffic Manager device syslogs, as well as generate security and forensic reports. Firewall Analyzer customers can now fetch syslogs for F5 BIG-IP Local Traffic Manager as well as generate the following:

  • High-level overview on live traffic to identify bandwidth utilization
  • Detailed security analytics on attacks, viruses, spam, security events, denied events, denied URLs, and failed logons
  • In-depth traffic usage reports on different users, protocols, applications, cloud services, and VPNs
  • Custom reports for unique requirements
  • Forensic log analysis using search reports that provide intricate details on the individual raw log responsible for a specific event
  • Alerts based on syslogs

2. New reports supported for Vyatta, Huawei, and Check Point

2.A. Rule management report: Along with syslog reporting, Firewall Analyzer can now fetch firewall rule-sets and their configurations using CLI with different protocols like SSH, SCP, TFTP, and TELNET. It generates the rule management reports shown below for Vyatta, Huawai, and Check Point* firewall devices.

*Rules and configurations for Check Point firewalls are fetched using Check Point API versions R-80.10 and above.

2.A.A. Policy Overview Report: Lists all the rules and policies written in the firewall. Further rules can be filtered according to:

  • Allowed/denied rules

  • Inbound/outbound rules

  • Inactive rules

  • Logging disabled rules

  • Over permissive any-to-any rules

Policy Overview Report Policy Overview Report2.A.B. Policy Optimization Report: Identifies shadow, redundancy, generalization, correlation, and grouping anomalies of the existing rules that impact the performance of the firewall.Policy Optimization Report Policy Optimization Report2.A.C. Rule Reorder Report: Suggestions on changing the rule position by correlating the number of rule-hits, complexities, and anomalies. This change might help in improving rule performance.Rule Reorder Report Rule Reorder Report

2.A.D. Rule Cleanup Report*: Lists all the unused rules, objects, and interfaces present under a firewall.

 *The Rule cleanup report for Vyatta firewall is not yet available, but will be available soon.
Rule Cleanup Report Rule Cleanup Report

2.B. Change Management Report: Firewall Analyzer automatically fetches configurations based on the logout syslog received from the firewall device and generates configuration change management reports for Vyatta, Huawai, and Check Point* firewall devices.

*Configurations for Check Point firewalls are fetched using the Check Point API.
Configuration Change Management Overview Configuration Change Management Overview This report helps you find who made what changes, when, and why. Not only that, it sends alerts to your phone in real time when changes happen. This report ensures that all the configurations and subsequent changes made in the firewall device are captured periodically and stored in the database.Change Management Report Change Management Report2.C. Compliance Reports: Firewall Analyzer also generates out-of-the-box industry standard compliance reports for SANS, PCI-DSS, NIST, ISO, and NERC-CIP. With these, security admins can track the configuration compliance status for Vyatta and Huawai firewall devices.Compliance Reports Compliance Reports

3. New log format supported: Barracuda Email Security Gateway

Barracuda Email Security Gateway is an email security gateway that manages and filters all inbound and outbound email traffic to protect organizations from email-borne threats and data leaks. As a complete email management solution, Barracuda Email Security Gateway lets organizations encrypt messages and leverage the cloud to spool email if mail servers become unavailable.

Firewall Analyzer analyzes syslogs generated by Baracuda Email Security Gateway and provides security and traffic reports.

Download Firewall Analyzer and check out all the latest updates now!