Fortigate 60B and Fortigate 310B
Dear Admin, I have 2 forewall which is Fortigate 60B and Fortigate 310B. May I know Firewall Analyzer support for the above model ? Regards, Ramli
Applying filters shows incorrect results
Hi, When we apply a filter to a report that shows traffic and protocols from and to a particular IP address, FWA seems to apply the filter to the traffic but not to the protocols. The charts for the protocols seem to be unfiltered, showing everything that went through the firewall and not just what should apply to the IP address in the filter. Does anyone else see this problem? Regards, LeRoy
traffic overview is empty
hi, some days traffic overview is empty instead security overview is ok, this for all devices configured. thanks!
problems to load my license
Good day I have problems to load my license of the Fire Wall Analyzer. What happens that I had a problem with my server and reinstates the application again but this not letting to me load the license that tape worm. If you need my Date of the License just tell me. Thanks.
Raw Logs Showing No Data Available
My Cisco ASA and VPN Concentrator are showing events, evident by the values in the graphs, and all data being showed in Live Report tab. However, I would also like to view the raw log files unfortunately FWA shows "no data available". How do I solve this?
Fortigate 110C URL Reports
Dear all, I am trying your Firewall Analyzer report with one of my firewalls, a Fortigate 110C, everything is running properly but I don't get any information about URL logs. This is exactly what my customers want. Could you please help me? Kind regards, Txema
FA confused about inbound/outbound?
I am testing firewall analyzer using three cisco firewalls: a pix 506 running 6.3 code, a 515E running 7.2.2, and an ASA 5505 running 8.2.1. On the 506 and ASA, hardly anything shows up as inbound, it almost all shows as outbound. The 515E seems to be reporting correctly. Here is a test I did using the 506: I connected to a remote site and uploaded approx. 200mb of data(just an http upload). The additional data did show up on FA, but as received data, not sent. I did see the correct source/dest.
problem in firewll analyzer
hello actually i configured firewall analyzer5.0 .when i directly connect my monitroing PC (inside of firewall ) with my PIX515E.i can see all the generted report and logs .As i put L3 or L2 device between firewall and my monitoringv PC the report's i see is alomost zero even i use bittorrent and different tools for generating high dat trafiic but still fail to see reports .where i m geting wrong can any1 help me
watchguard III 1000 VERSION 7.4
Hi, We are using WatchGuard III 1000 device. What's the detail step to configure / connect to firewall and link log file and generate report. Best Regards
Watchguard version 7.4
i have two Firebox III/1000 box. Want to use your tools to generate report. Pls help and detail steps how to capture its log Thanks
firewall analyzer
hello i m having problem in configuring adventnet firewall analyzer . whn i directly connect my monitroing PC to firewall (inside interface) with my pix 515E .i can see la the generated log.As i put L2 and L3 device betwen my monitoring PC and firewall.it seem that all the report vanish or generated report zero log can any 1 help in this regrads where i m getting wrong
Site to Site Traffic not captured in reports
Hello, We are currently evaluating NFA. NFA 5 does not seem to be catching my site to site VPN traffic statistics. We have a PIX 506 6.3.5 setup per your documentation. I can see the traffic register when traveling outside the tunnel, but very very little is actually logged flowing through the tunnnel. Any suggestions?
not resolved hostname
hi, i used demo ver of FWA 4.0 at that time i got hostname but i could not resolved dns so i installed new FWA 5 which one have option of resolve dns . But now installing FWA 5 i am not getting hostname. Is it possible to get hostname & dns both ? than how does it? we require report showing hostname to dns like (source IP to Destination IP ) Regards, Pinesh
Missing Information in Reports!
We are currently evaluating your Firewall Analyzer product for purchase and running into multiple issues. We are unable to view any information/statistics on VPN...We are unable to view any info on traffic i.e. BYTES RCVD, BYTES SENT show 0 in every report....We are unable to see any statistics in the Mail Reports, SMTP or otherwise. We are monitoring syslogs from a CISCO PIX 515e firewall. Please let us know if you can resolve the issues. Thanks Jason Shaw Tronitech
Listening port Error
Listening port Error
I am having a problem setting up firewall analyzer with a seperate MySQL instance.
Initially when i first set it up, everything seemed to work except i was getting an internal server error 500. Now i am getting the following following error when i try and login: HTTP Status 404 - /fw/mindex.do type Status report message /fw/mindex.do description The requested resource (/fw/mindex.do) is not available. Apache Tomcat/5.0.28 If you could please assist me with this it would be greatly appreciated as i can't even apply my license file as yet. I would prefer to use the seperate SQL instance
System backup/restore and antivirus?
Regarding backup and antivirus services on the server, what's you recommendation here? How do i make sure the database is backed up correctly so i can do a meanigful restore after a failure? (The manual states that the database files should be exempted from both antivirus and backup-softwares!!! OK, but how do i make sure i have a valid backup then???)
VPN Reports - Total MB shows 0
I have installed FWA ver.5 (built 5000) and VPN Reports show "0" for "Total MB". VPN traffic is heavy (100's of MB - verified via Wireshark). Other reports seem to work fine. Regards, Clemens
Restore cover page and footer in reports.
I uploaded my own cover page and footer image in "Report View Customization" but now I would like to restore them to the default images; how do I go about doing this? TIA!
Cisco FWSM - Live report is incorrect
I am evaluating Firewall Analyzer 5 for use in our network. When looking at the Live Reports they are incorrect. The incoming traffic levels are being reported as "Traffic OUT" on the graph. The "Traffic IN" on the graph is almost 0, when in reality we have a lot of outbound traffic. I will post an image example. In the SNMP example, we are reporting the link utilization with SNMP. The traffic peaks at about 150mbit IN, and 25mbit OUT. However in the Firewall Analyzer report we see 150mbit OUT and
Problems with data input
I have had to reinstall FA yesterday due to loss of data from a significant number of my firewalls. I am running on a dual proc quad core (8 processors available) 16 Gb ram and a pair of 300Gb SAS (RAID 1 Mirror). I was working fine for a few weeks and then I had to turn my data storage down to 1week and 1week so I wouldn't run out of space. A few weeks later, when the app started loosing data I was at ~160GB in the /Firewall directory. I can get to the 160GB mark in about 7 days, then it hovers
Juniper NetScreen-25 something is not working
Im using a NetScreen-25 and trying to evaluate FWA5, but i cant get them to work together, i followed the guide and still no go. Im attaching a pair of screen of my configuration, maybe someone can help me see if something is wrong here. ethernet 1 is mi trusted zone by the way. Thanks!
Unassigned Unkown protocols?
Hi all, I know how to assign "unassigned known protocols" to a specific protocolgroup. But what can i do if there are "unassigned protocols" which are "unkown"? Is there a method to make the unkown protocols known and assign them to a protocol group? Best regards Matthijs
Issues running the linux version
Hello, I'm trying to find our company a solution for managing our Fortigate log files. I was impressed with the software after testing it on my local workstation. However, I'm now trying to run it from one of our linux servers (Fc10) and having some troubles. The install was successful, and I configured it to use the existing mysql package that already existed on the system. The first run went through the motions of creating all the tables and starting the service and it all looked good. Web interface
User Management - Can't change access levels?!?
Once a user is created why can't you chance their access level? In other words, if I created an account and gave it "Operator" access but then decided that "Guest" was more appropriate I have to delete and re-create their account. I suppose the access levels can also be done at the database level - I just haven't queried the database deep enough to look for the respected table(s). Are there plans to allow at least the "Administrator" account to change user access levels? Thanks.
i love this site
very intresting
Unload archive report
How do you unload a loaded archive report? Or better yet, how do you prevent "Guest" from being able to access it?
Admin Reports
I apologize for double posting, but I forgot to mention that the Admin Reports do not display "commands executed" either. I issued several commands yesterday and nothing is displayed in the reports for that day? Any Ideas?
FWA is not displaying data
Hello, I am evaluating FWA5. I am curious why it is not displaying all data, or if its some how lost data? The reason I ask is because I know that particular traffic, such as secure shell, or Remote Desktop, from my machine to other servers traverses my firewall yet I do not see the traffic when searching for it in FWA. Any ideas?? I have conducted some of my tests yesterday, and some today it appears as if time has not corrected this issue. Thank you, Peter
Firewall Analyzer is not collecting and showing traffic data
I'm currently testing the Firewall Analyzer 5 with evaluate version running firewall log collection for Cisco ASA for among 8 days until today. The syslog files are all collected except the traffic data, it says data is available on 3 sep and tell me to adjust the calendar. (only day 1-3 have the data, and loss from day 4 to 8) please provide me some advices.
ASA 5520 stops showinf Data after three or four days
I have installed Firewall Analyzer on alternative port listener 1514 UDP. The first days evrything works great, i can see all data flowing. Three days later, the Data stops showing for some reason. I thought maybe changes happened on the ASA, but i realized nothing had changed. So i unistalled Firewall Analyzer, re installed, everything started working again. Three or four days later, again the traffic stops showing Data and getting NO DATA AVAILABLE. Suggestions? Thank you, Zeek
Cisco ASA VPN Reports
Hi I'm currently evaluating your product and have a number of cisco ASA's logging, I find the product very good on the whole. but 1 thing I need for compliance is the ability to report the start and end time, or the start time and duration of VPN sessions. I cant seem to find this information in any of the reports. Is this something I'm missing somewhere or is this something the firewall analyzer can't report Thanks In Advance Jeff
Problem "Traffic distribution during Working Hours"
Hello, I'm trying an evaluation Firewall Analyzer 5 with Fortigate 200A Configuration in Fortigate minimum log Information facility local7 and in rule I have checked Registry Traffic, in Profile protection all logging checked. My problem -> In Analyzer, graph traffic by user : No Data Found but in Traffic Trend Reports working hour and non working hour is OK. Is not possible view Working Hours by user??? Thanks! :-D
Firewall Analyzer Report a lot of Firewall when I have only1
I configured My Fortinet 200A to report to firewall analyzer via Syslog non other format selected My OS is 3.00 When I see to my Firewall Analyzer it report 3 after initial setup A couple days after are 30 firewall Today Are 780 Devices All are the same Firewall but Firewall Analyzer report me a lot of devices I download the latest version of Firewall Analyzer Thanks for your support
Reports not generated
I have imported 2 different device logs into the FA, but report is generated only for the 1st device log. For the 2nd device log, no report is generated. The logs are imported successfully and I can view the raw log data. Need advice, thanks.
After install can't display login window
Hello I have a problem reaching to the "login" page. I've just installed FA to the brand new CentOS environment. The service firewallanalyzer is up and running and port 8500 is wide open. But i can't display login window. This installation is for the production use and I've tested same thing in my evaluation server and works great... I've tried everything I could do,,but still can't display login page. Please help! Justin
Device rule file format
Hi, May I know what is the format of the file to be imported into the Device Rule Info section? I tried to import the rule file extracted from checkpoint firewall but it does not recognise the format. Is there any example format or converter that can convert the rule file to your supported format ? Thnx.
New Release
When is the next release coming out? Do you have a sneak peak of new features if any?
Dlink Firewall
Is it possible to use this software to monitor logs from a DLink DFL 700 firewall? If so how do I set it up to do this
Solution for unassigned unkown protocols?
Hi all, If there are "unassigned protocols" which are "unkown" how can i make this "unkown" protocols "known"? After making them known i can assign them to a specific protocol group. I think FWA can't handle all the 65535 tcp/udp ports! If i use FWA for customers they will ask questions about "unkown protocols" which I can't answer....... I think this problem have to be solved in the next release of FWA........
Next Page