EventId.Net - Firewalls
EventID.Net

Home Search Events Books Documents TCP/IP Ports Contributors About Us
Log in Q Finder Links Firewalls IT Admin Tasks Log Management Legal
 

FireGen for Netscreen 1.0 Log Analyzer Features
     
 

 

 
 

- Supports most of syslog existing servers: Kiwi, WinSyslog, Linux/BSD syslogs, Cisco PFSS, syslog-ng as well as the Netscreen native format. If a syslog is not supported, it can be added (typically within 24 hours).

- Breakdown of every type of message recorded by the firewall

- Breakdown of the 7 levels of messages, color-coded

- Hyperlinks to the Netscreen messages database at www.eventid.net

- Hyperlinks to the TCP/IP protocols database at www.eventid.net

- Hyperlinks to the Whois engine hosted at www.eventid.net

- Reverse host name resolution for the IP addresses shown in the report. The resolved IP addresses are saved in a cache file. The cache file can be modified directly with wildcards for entire subnets (i.e. 64.236.16 = cnn.com).

- Top N (configurable) visited web sites

- Top N (configurable) internal web users

- Top N (configurable) email users (inbound/outbound SMTP, POP3/IMAP)

- Top N (configurable) custom protocol section (Up to 10 custom protocols + 1 section with multiple protocols)

- Top N (configurable) internal users

- Top N (configurable) denied IP addresses

- Top N (configurable) denied protocols - for most common protocols, the name of the protocol is displayed

- Top N (configurable) IP addresses targeted by denied IP addresses

- Top N (configurable) protocols (by traffic) - for most common protocols, the name of the protocol is displayed

- Top N (configurable) protocols (by number of connections) - for most common protocols, the name of the protocol is displayed

- Include/exclude regular expressions keywords

- Monitor certain IP addresses (color coded, comments)

- Monitor denied connections for every type of protocol (optional)

- Top N (configurable) FTP uploads and downloads

- Firewall management sessions (Telnet and SSH) including failed attempts

- Glossary of terms

- Ability to schedule daily analysis. The reports can be sent via email and/or be made accessible via intranet

- Hyperlinks to log analysis research resources, including our "Analyzing firewall logs with FireGen Log Analyzer" web page.

- Ability to detect and separate entries from multiple firewalls reporting to the same syslog server.

- Several report types: Last N hours, Start date/End date, Yesterday

- Ability to detect and analyze zipped log files.

- Support forums

- Last but not the least - FireGen is developed by Senior Firewall Administrators that are daily involved in tasks like installation, troubleshooting and monitoring of firewalls and VPN devices.

 

 
 

  Featured Links
GFI EventsManager - Network-wide event log management - Download free 30-day trial!

Free Online Event Scanner - Scan your pc for high security events with GFI's free online service.
EventID.Net Subscription - So much information for so little!

 

 

 

 

Legal - EventID.Net © 2001-2008 Altair Technologies Ltd., All rights reserved - Sign up for our Email Newsletter