Watchguard XTM support
Do Firewall Analizer suports new Watchguard fireware XTM v11? Our Devices is watchguards x550e and x10e
Cost of licensing Firewall Analyzer
Good Morning I have two questions about the cost of licensing 1. How much does it cost to renew a premium license? 2. How much does it cost to update a professional license to premium license? My email is: jairo.isoza@telefonica.com Thanks for your help Regards, Jairo
How do I see the traffic per interface on my firewall
Watchguard x750e and 9.0 firmware
Does anyone have this working on a watchguard platform running the latest firmware? I'm batting 000 trying to get this software to work. I can import logs and it shows records are being imported ( these are the xml logs generated from the watchguard) Any thoughts?
login problem in fwanalyser mysqld-nt.exe faulting
Dear Sir, We are not able to login fwanalyser 5. when we give user name & passsword its stops at http://serverip:8500/fw/j_security_check. Atfere reboot system we are able to login in fwanalyser Until the error "mysqld-nt.exe encounter a problem and needed to close" comes. ( A screen shot Attached) Please do needful Regards, Dipak Parmar
How to load custom reports in profiles for other users?
Hi, I created quite a few custom reports for individual Web usage. However, they show only in my profile (or other administrator's profile). I tried importing into someone else's profile with the operator roll and they will not load, stating the reports already exist. The documentation states "If the report already exist in Firewall Analyzer, clicking Import button will list Failed To Import option and the existing reports with check boxes and you will find Over Write button and Cancel button to
How do I load ruleset from a Cisco ASA firewall
Hi I'm evaluating the Firewall Analyzer which looks great so far. I do want to try importing the rules but not sure how to get them from the ASA firewall into the Analyzer. I've tried saving the rules to a TFTP server but when importing the AnalyZer says it's an invalid format. Any help will be appreciated.
FWA and Microsoft IAG
Hello, Will there be plans to support Microsoft's Intelligent Access Gateway UAG (Forefront Unified Access Gateway) when it is released? This is an end-to-end solution that will attract many FWA clients and is something we are presently investigating. Regards, LeRoy
Need to include URL in a report
First off, here is my setup: Firebox Edge X20e-W v 10.2.11, outputting the syslog Firewall Analyzer 6I have been able to create reports filtering for the HTTP protocol. It gives me the proper results: Now, what is being requested of me is this kind of report (with date/time and user) but with the URLs instead. Similar to below, but showing url's for a particular user instead of for the entire network.
Firewall Analyzer's fall winter bundle on way!!
Jingle bells are ringing on SIEM clouds!! We have taken up support for Netflow on Firewall Analyzer, with more features on this bundle, probably a Christmas or a New year gift from Manage Engine shop. For instance, a device's capability to throw Netflow packets were more restricted to devices like routers and switches. Cisco ASA v.8.2 firewall device has capability to throw Netflow packets along with Syslogs. This is one of the mile stone achieved by Cisco. Firewall Analyzer currently supports Syslogs
Bandwith used by each URL
Hello, I'd like to know how much bandwith my users are using when sufing the web. The problem is that the "Top URLs Allowed" report always shows 0 as the bandwith used. I can see the Hits but not the bytes. I'm using FirewallAnalyzer 6 and a Fortigate 80c with HA. thanks! Top URLs List of URLs to which 9lq8l0j.helios.local sent higher volume of data Url Hits Bytes Rcvd (MB) % Bytes Rcvd mail.google.com/ 35 0 liveupdate.symantecliveupdate.com/minitri.flg 1 0 liveupdate.symantecliveupdate.com/norton$20wmi$20master$20patch_0.1_spanish_livetri.zip
Include or exclude filter using partial site name?
Hello, Does anyone know how to use a partial host address as a filter in a custom report? For example, we want to create reports for individual users from our squid usage. We don't want to report on Google, Microsoft, IBM, or other such sites we might use for work purposes. I thought perhaps an exclusion filter like *.google.com would work, but it doesn't. Any ideas? Thanks in advance. LeRoy
Renew license
hello, good morning ... how can renew my license? regards
Reports
How can I create customized reports?
Any Way Blocking Guest from Server Diagnostics?
Any way to block a guest login from seeing server diagnostics? From Settings I would like to prevent a guest login from seeing the Server Diagnostics page.
Traffic not shown on Fortigate 50B and 60B
Hi there, i have 17 Fortigates but only could see the traffic of two of them. The Security Statistics are correct, but the traffic told me that: No data received for the selected time period Any Idea of what is the problem?? Thanks
question about firewall analyzer
Hi Support Team, I have used your firewall analyzer product and i like it. I have my data centers world wide in more than 13 locations. Would like to install firewall analyzer for my firewalls running across all of my locations. i do not think it is good idea to send the traffic to one single server. hence, i am going to have firewall analyzer server per location. any firewall will be firing its logs to this localized server. i would like to cover in terms of finance a one deal which will allow
Summarizing stops
The summarizing sudendly stop of works then I need to know how can I start a manually summarizing, any idea?
Unknown host ip addresses in the top host outbound firewall traffic reports
hi, firstly i have to say incredible application!!. I have a query about the top host outbound firewall traffic report in the inbound outbound traffic report from the manageengine firewall analyser 6 . If i understand the graph correctly , it should show hosts that exist in my network pushing data out but what i find puzzling is that i see ip address that don't belong or exists in my internal network range? if these are indeed external hosts why are they showing up as hosts in the outbound traffic
New feature in Firewall Analyzer 6 Released
How do i have to configure Manage Engine Firewall Analyzer 6 Released to get SMS notification for alerts??? Thank you in advance,
DNS Cache clear?
Is there a way to dump the dns cache and start fresh? Thanks
Unassigned Ports - Unable to view real port numbers
How will I be able to run / view a report showing all protocol/port numbers. For some reason, it shows up just "Unassigned protocol" group but not the actual port numbers.
VPN users
Hello, I have installed Firewall Analyzer build 4033 to monitor Netscreen 208 firewalls. The first thing I have noticed is that all ipsec VPN users are showing as unknown however in the syslog the user name shows correctly. I am using WebTrends to log the firewall activity as the syslog did not work. Regards, Ramzi
Firewall Analyzer for Windows Server
Hi, At present I am using GFI product for Syslog. I have 2 Firewall (Cisco ASA and Cybetr Roam) I have download the Firewall Analyzer trail version and installed on Windows 2003 Server and it is working fine.I am getting all logs of Firewall.I just want to know how can I get logs of Windows Servers.( 5 Win Server 2003) I know EventLog Analyzer serve I requirement but I do not want to use 2 products. Can you tell me how can I achieve that. Thanks in advance Girish Jain
Can you run Firewall Analyzer on windows server 2008 64 bit ?
Can you run Firewall Analyzer on windows server 2008 64 bit ?
Creating an Alert Profile for VPN users
Is there a way to create an alert profile so I can get an email whenever a particular user/users log into the VPN. I can see their user names underneath the VPN live report, but i have had no success in creating an alert on it.
Stopeed receiveing web traffic from Sonicwall pro 2040 with enhanced OS 4.x
This morning when i checked the FA i found that the security events are coming through but no web traffic. Very odd! I checked the sonicwall and both 514 and 1514 are pointing to the FA server. Syslog Facility is set to local use 0. Anyone have any ideas?
SSG-140
Config: FAW 6.0 x64 trial Windows Server 2008 R2 ScreenOS 6.3.0r1.0 (Firewall+VPN) Just installed v6.0 trial but the only way to get any data is Webtrends... if I disable Webtrends but enable Syslog there's nothing flowing into FWA... ...any tip? TIA
Issue in viewing data on FA
I have FA up and running for a couple of months now. The problem is that from a few days the web-console would show no data even if data is being collected. I can see data being collected at the server but am unable to view the same on web-console. Please advise..
Firewall Analyzer not listening on UDP514
I've just setup a test XP machine running the latest eval of FA. I've run a few tests using Kiwi syslog message generator and can send test syslog messages to the FA on port 1514 but not on port 514. According to the manager 514 is up and running. I've tried removing the port and re-adding but this has no effect. Any ideas? This is a new XP machine running SP3 (no firewall) with a default install of FA.
Firewall Analyzer 6 w/ Cisco ASA 8.2
I have the configuration on the ASA and I see it reporting back to the Firewall Analyzer. In the traffic reports however, I see the hosts and the number of Hits but each record has 0 for MB sent or MB received. What do I need to do in order to see the AMOUNT of traffic going through the firewall? Here is the relevant configuration on my ASA logging enable logging timestamp logging trap informational logging device-id ipaddress inside logging host inside 172.30.x.x Thanks, Brandon
Security Reports : Top Denied Hosts
Firewall Analizer with cisco asa logs doesn't show information about "top denied host" or "top denied protocol" inside Security Reports., just shows the "top security events" pie graph. It says "No data Available". The logs are incoming correctly and other reports are ok.
Empty Syslog with Cisco Pix 515
Hello, I've a Cisco Pix 515 working with Manageengine Firewall Analyzer, it's working great but the Syslog always is empty. I've check all configuration on Cisco Pix and everything it's ok, someone could tell what more I've to do... I hope for you answer, Thanx
Windows 7 compatibility
Hi there, Just wondering before I build my system if FWA6 if compatible with Windows 7 and if it is, if it will work with either the 32 or 64-bit versions. If it's not, I'll have to build it using an earlier OS version and then look at converting afterwards. Thanks, Rick
VPN Date-Time
Hi, I use version 6.00 build 6.00, and when I go make report about VPN/Users , the columm Date/Time only show the time in the format of the example below: User Date/Time John 2009-09-08 19:59:59.0 Celine 2009-09-09 15:59:59.0 Mary 2009-09-09 11:59:59.0 Bob 2009-09-08 11:59:59.0 The minute and second not change, only the hours. Can you help ? Best Regards. Jean Tomaz
Problem with Archived File Load to Search
I've the problem with the Archived Files Load to Search. I click Load to Search and then IE pop up blocker is block (Please see the attach file.). After that I click the report I didn't see any log for searching. If it's possible to change this archived file from "report" back to "Load to Search" again. I'll turn off the pop up blocker and try load to search again. I think the problem come from IE pop up blocker block the index process. I need to search this archived file again.
Add Device Info
I am trying to enter the login name etc to fetch the rules from the Cisco pix however the login fails each time despite being given the correct credentials. We use SSH to connect to the pix and when we have entered our initial credentials we have to type login to enter the elevated privelages credentials. Regards, John Paul
Targeted report
Hi there, I was wondering if it was possible to create a customized report to illustrate top web destinations. I have tried to set the destination by IP and by hostname (eg. 69.63.x.y and website, *.website.com) but I'm unsure if the report is correct as I've reviewed my firewall logs and there are hosts that show up in the log but not in the report. Also, under the web usage sub-report, there is no data for the Destination/URL table. The main idea is to be able to create a report that we can customize
Bytes Sent/Received
I am just wondering how the Firewall Analyser calculates the amount of data sent to/from a host based on the syslog messages. I am seeing a lot of traffic transferred between 2 servers and I would like to know how Firewall Analyser gets this information. Thanks, JP
Streaming Reports
Hi there, New to Firewall Analyzer and currently running the eval. I was just wondering if there's a way to track the Streaming and Chat traffic from Checkpoint R61 firewalls. I have added the ports I thought would be used to the port/service group but am not seeing anything in the reports (empty). Thanks in advance for your help. Cheers, Rick
Next Page