Firewall Analyzer 7.2 - Vulnerable Tomcat Version
After carrying out some vulnerability scanning using Nessus, it was found that FWA 7.2 is using an obsolete version of Tomcat - is there anyway to manually upgrade to newer versions? Findings as follows - Obsolete Web Server Detection Apache Tomcat 5.x < 5.5.1 Information Disclosure Apache Tomcat 5.x < 5.5.21 Multiple Vulnerabilities It's somewhat ironic that a security product uses vulnerable software.
Password Problem
Hi , I was evaluating a new softwares during which there was a clash in the port address assigned to the firewall analyzer,while invoking the firewall analyzer I was prompted to change the port no ,once a new port address was given , I am not able to login to the firewall analyzer with the default password. What could be the problem , Is there a way to reset the password. Regards Gopichand P S
where to place the Firewall Analyzer?
Silly question: where does the Firewall Analyzer need to be on the network to operate correctly? does it need to be directly connected to our ASA? Thoughts? thanks, Gary
License question
Hi! I'm evaluating FWA on a Windows and Linux (both VMware VMs in separate environments). I haven't decided yet which plattform FWA will run in production. If I buy and install the license on Windows, can I move it to a Linux afterwards? Shall I to ask a new license? Kind regards, Daniel S. Rozenzon
VPN Report with user, Group, policy, public and private ip address for cisco ASA
Hi! Need to generate a report with: User,Group, Group Policy, Public_IP, Private_IP(Pool/dhcp), Start Time, End Time, Bytes The cisco Asa does give the Internel IP address that allocatel to the VPN remote user. At least I see it on some event's : 6 Mar 05 2010 15:24:29 737016 IPAA: Freeing local pool address 10.10.xx.37 4 Mar 05 2010 15:19:59 722051 Group <xxx_group> User <yyyyy> IP <217.129.xx.xx> Address <10.10.xx.37> assigned to session
Reg customized reports
Hi, I'm running a customized report with filter to generate report for only particular range of IP addresses. When I customize and generate the report, it only shows top 5 IP addresses. Every time, I have to manually go to Analyzer and generate report, for all IP addresses. Is there any way, we can get automated report, with more than 5 IP addresses? The customized report that I get is much similar to Top Hosts or Top Destination reports in Quick Reports. Thank you, Arun Kumar Karidi
Firewall Analyzer - Reporting Issue
Hi, I want to create reports which show me the total bandwidth going in/out on a specific IP address for specific protocols. The reporting options within the app itself are not flexible enough to allow this type of report to be created. There was a similar question with a response (https://forums.manageengine.com/topic/report-profile-filters), but this does not seem to fit what I want. I need to be able to have -> 'source is x.x.x.x' OR 'destination is y.y.y.y' AND 'protocol is http' - the reporting
SQL Backend
Can the Firewall Analyzer use MS SQL as the DB storage?
installation of firewall analyzer on linux
When I try to install firewall analyzer 7.2 on linux CentOs 6.2 x86_64, the wizard doesn't start and I get message as below #./ManageEngine_FirewallAnalyzer.bin Initializing InstallShield Wizard... Searching for Java(tm) Virtual Machine... . Preparing Java(tm) Virtual Machine... .................................. ................................... ................................... ................................... ................................... ................................... ...................................
Confidential User Showing in Reports
Hello. Some of our reports which show users are showing a user with a user name of *** Confidential ***. Has anyone else seen this? And is there a way to turn this off so it will show the actual username? Thanks in advance for your help! David ========================== FWAnalyzer Build Version: 7.2.0 Build Number: 7020 Service Pack: SP-2.0 Build Date: 23_Dec_2011 Build Type: 32bit Server Type: Standalone Server Database: MYSQL Firewall: Checkpoint VPN-1/Firewall-1 R75.30 (SPLAT) Primary
FWSM Interface Speed
Dear Sirs when the FWSM appeared on the Firewall analyzer, we have to define the link speed. I can see the default is 1024 Kbps down and 1024 Kbps up. Is it right 1024 Kbps for the FWSM although it doesn't have a physical interface. Thanks,
Bandwidth stats with Watchguard
Hi I'm current evalulating the product for monitoring a 3 Watchguard firewalls on seperate sites. All are configured for Syslog and are sending data to the management server. I am only getting stats for web traffic though, BOVPN traffic isn't shown in the statistics. This is a big problem as we need stats for BOVPN tunnels to look at trends for improving WAN links. As stated in the documentation all firewalls have been configured with logging enabled for External an VPN statistics (Setup..Logging
FWSM Intranet Settings
Dear Sirs 1- If I didn't configure the Intranet settings for the FWSM, does it affaect the live report total traffic amount for the FWSM? 2- The FWSM is a datacenter firewall not a perimeter firewall, How can I configure the intranet settings? outside: 192.168.50.0, 192.168.60.0, 192.168.70.0,192.168.90.0 dmz1:192.168.12.0 dmz2:192.168.13.0 dmz3:192.168.14.0 The outside is the users. the dmzs are the servers. Thanks,
Logging/Reporting Error since upgrade to 7020
I've found that since I upgraded to build 7020, when I search for an IP address and view the information about it (like Initiated Top Conversations) it no longer shows the user name. As you can see in the attached img-1, this was the result on the old build, img-2 is the day after I applied the new build. When I look at the raw logs (img-3) I can see username info there. Please advise... Thanks, --rob
Cisco FWSM with SNMP v 2c
Dear Sirs We have installed firewall Analyzer 7.2. We configured a Cisco Firewall Module with SNMP version 2c configuration.We have more than 6 interfaces and I can get the traffic of 4 interfaces but I can't get for the other 2 in the firewall analyzer. Thanks,
Export live data
Hello, is it possible to export live data graphs without all the data tables? Thanks.
users report with LDAP Auth
can i configure Fw Analyzer in order to let our users check their squid logs individually? i mean each authenticated user can only see his own log related to his username? i appreciate your help bahaa bacharouch
UNKNOWN log format from Juniper SRX 1400 to Firewall analyzer 7.2
hi every one i downloaded Trial version of firewall analyzer 7.2 for managing logs from my juniper firewall. As Mangeengine said i configured my firewall to send syslog messages to Firewall analyzer like here: http://www.manageengine.co.in/products/firewall/help/configure-firewall/configure-juniper.html#SRXDevicever but when i login to FWanalyzer, it show me an error about unknown log received! any idea? thanks
Firewall Analyzer will not start
mysql will not start Event 100: ../mysql/\bin\mysqld-nt: Got signal 11. Aborting! Database creation failed. Stopping the Server. Please refer logs for more information JVM exited unexpectedly. Unable to run reinitializeDB.bat - it fails as well Running version 4030 Support_info.zip is to big to attach. Attached the logfiles for fwa and mysql
AdventNet 5.0 Full disk
Hi~ I use the AdventNet 5.0 , there has a folder to full disk of server C:\AdventNet\ME\Firewall\server\default\records Could i clear the files in the folder ,or not?
Firewall Analyzer and Checkpoint R70
Hey all, I installed the trial of FA 7.2.0. Got everything pretty much up and running. Im having an issue with the nipper when I try to import a zip file with all the required .C files in device details The file will upload and a few seconds later I get a java.io.IOEXCEPTION: /opt/nipper: cannot execute This looks like a great product, but without an easy way to import rules for unsused rules reporting, its pretty much useless. Thanks!
graphs do not update
I am testing FWA and have it installed and setup. I added my first firewall - ASA5510 and FWA saw it and added it to the list. It shows only 4 events on the list. The number of packets shows that it is getting more packets but it is not updating the graphs. If I delete this device, FWA starts again with the boxes that say it is receiving data and graphs will be updated. The graphs are then updated with more data but will not update again. Seeing some other posts I delete the device and reinitialized
FW Analayzer VPN user session reports issue
Hi, Im evaluating Firewall Analayzer, the problem i'm facing is it's not showing the VPN user session details like username, Start time and endtime of session, VPN user session report is blank. i'm using fortigate 60 and all the users are local users created on the firewall itself. Did someone know how to resolve the issue. Regards, Arun
CP 64 bit
Hi, Firewall Analyzer do not support 64 bit OS for Lea Connection ? Any suggestions ? Regards,
ManageEngine ® Firewall Analyzer 7.2 Released
ManageEngine ® Firewall Analyzer 7.2 Released We are glad to announce the release of ManageEngine Firewall Analyzer 7.2 (GA) Download Standalone Edition Distributed Edition Read More What's new in this release? 7.2 - Build 7021 - Distributed Edition GA release of Firewall Analyzer Distributed Edition. New Features - Collector Server The general features available in this release include, Collector Server contains all the features of Firewall Analyzer Standalone Edition 7.2 - Build 7021 - Standalone
Problem working with BlueCoat and Firewall Analyzer
Support Team - Firewall Analyzer, ManageEngine. Hi this is something that I have already done a couple of months back with your help, but doing it again .. i am facing problems..dont know why.. I am trying to integrate the proxy BlueCoat SG 5.x logs with the Firewall Analyzers. The format used is ELFF as suggested. But I am unable to integrate the Logs for analysis. Please find the below attached sample file to test in your environment and let me know what are the problems with this file. #Software:
How to determine what an Unknown Protocol
We have huge volumes of data being transmitted using an unknown protocol. Is there a way to determine what port is being used as the list only shows as 'unknown'. I suspect it may be traffic across our VPN. Damian
I can't get syslog from juniper SRX1400 with juniper os
I can't get syslog from juniper SRX1400 with juniper os I can see syslog from SRX1400 realtime,but I can't see firewall in cantrol pannal
Firewall Analyzer Fails to Create Database on Startup
We had a drive full issue and now Firewall analyzer fails to start with the error unable to create database. Need Reccomendation on remdediation to fix this. Thanks.
Mcafee firewall Unsupported Format
Hi We are evaluating the ManageEngine Firewall Analyzer , when we imported log file form Mcafee firewall (Sidewinder G2) getting error message unsupported format. Date="2011-09-30 16:30:00 +0100",fac=f_http_proxy,area=a_proxy,type=t_http_req,pri=p_major,pid=13794,logid=0,cmd=httpp,hostname=abc.co.uk,srcip=192.14.202.202,dstip=192.23.54.16,request_command=GET,url="im.media.ft.com/m/icons/favicon.ico",result_code=200,sf_cat="Games/News, General News",bytes_written_to_client=3950,netsessid=4e85e07000021d11
Firewall Analyzer Hits Question
Hello, i have installed the Firewall Analyzer and i send all the syslogs from ASA 5520 to the Firewall Analyzer. I have a question as regards the hits. What are the hits? It is every communication (session) from one IP to another? If for example a mail server begins a smtp communication with another mail server this is done with one hit? If this mail server send multiple email on one smtp session to another mail server this is one hit? Thank you
Manual DNS entries are not working
I am evaluating version 7.1 using a Zywall 35. Everything is working fine except a few things. I have set the intranet settings and selected "No lookup at all. I want to see IPAddresses everywhere." option and have configured the maximum number of DNS to 20000. In "Manual DNS Configuration" I have entered about 50 entries. Most of these are for additional IP addresses that are set for websites in IIS not actual resolvable hosts. I have restarted the service and the server but the manual DNS entries
Linux AutoStart firewallanalyzer Service
Chkconfig doesn't work with firewallanalyzer service. How can I modify the autostart setting?
Bandwidht Montoring
Can Firewall Analyzer be used the bandwidth available? IE We have a 3Mb circuit. I would like to test the circuit regulary to verify we are getting the 3Mb download speed we are paying for.
Firewall Analyzer not logging remote access VPN info
We have firewall analyzer 7001 and we see almost every log except for VPN data. We have a number of SSL VPNs and users who connect to our ASA 5580 via Cisco VPN client but if we go to VPN reports or Trend there is no data. Let me know what info you need from us.
Firewall Analyzer Backup
Hi, We are in a need to do an automated backup of Firewall Analyzer on a daily basis. This process needs to be run at mid-night and would be completely unattended. Could you help us with a solution to achieve the same as in the current scenario we need to shutdown FW-Analyzer first the take a backup and then start FW-Analyzer service again. Thanks & regards, Kushal
how config the cisco IOS device to be monitored by firewall analyzer
i am testing the firewall analyzer. i have a cisco IOS router to do the firewall. i want to know that how config the cisco IOS device to be monitored by firewall analyzer
Resolving internal DNS Names
Has anyone been able to get Firewall Analyzer the ability to resolve internal dns computer names? I have set the Intranet settings to our local subnet but i don't where you have the program query your internal dns server. Would be nice to also get usernames but one step at a time...
pfSense Support (built on freeBSD)
I wish to manage / view logs from my pfSense firewall. I have the demo of FWA installed, but the first time my router connected to it, FWA indicated that it had "unparsed records" - that the logs were not in the correct format. I tried to make changes to my pfSense firewall logging, and now FWA says that no firewall is connecting - I also have KIWI set up on a different machine, and the pfSense router IS sending to it, but when I change the address to send to my FWA machine, it does not seem to
Unable to display graph on live Reports
Hi I recently just installed Firewall analyser. All the reports are working fine except for the Live Reports. There is no traffic display on the graphs Any idea on how to fix this? Thanks Regards Vincent
Next Page