cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
324
Views
0
Helpful
2
Replies

PIX log analysis

scottdaffron
Level 1
Level 1

Simply put, I am looking for a log analysis tool for the PIX similiar to that of Checkpoint's (I know a dirty word) log file analyzer. I would think that to support multiple PIX's, the ideal product would have a robust back-end database tied into a syslog server (for data collection) and possibly a web front-end. It should support multiple PIX's, each supporting 10Mb+ bandwidth, with ALL traffic being logged.

I am NOT just looking for "summary" reports, but also want to search a given time frame by IP, protocol, port, etc, and see all matches for all traffic seen by the firewall. I would also need to see all/selected traffic in real-time, as it passes through the firewalls (for troubleshooting).

So far the only thing that I have come accross that seems to offer this functionality would be the suite of products from NetIQ. Can anyone else recommend some other ENTERPRISE reporting tools for the PIX?

Thanks in advance....

Scott Daffron

Sentara Healthcare

2 Replies 2

mostiguy
Level 6
Level 6

http://www.network-intelligence.com/

Their stuff should be exactly what you seek.

tvanginneken
Level 4
Level 4

Hi Scott,

Symantec has recently developped their SESA infrastructure. They have a plug-in for several security vendors (Check Point, Cisco PIX, ...). It is a robust back-end database with a graphical user interface for reporting. It also provides event aggregation and correlation.

Regards,

Tom

Review Cisco Networking for a $25 gift card