07-18-2003 10:47 AM - edited 03-09-2019 04:06 AM
Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to discuss Management for IDS and Firewalls with Cisco expert Nadeem Khawaja. Nadeem supports Security related products, including Cisco Secure PIX Firewall, Cisco IOS Firewall, Cisco Secure Access Control Server UNIX & Windows NT and Cisco Secure Introduction Systems. He is a computer graduate and is a double CCIE in Routing & Switching and in Security. Feel free to post any questions relating to Management for IDS and Firewalls. Remember to use the rating system to let Nadeem know if youve received an adequate response.
Nadeem might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through August 1. Visit this forum often to view responses to your questions and the questions of other community members.
07-31-2003 03:55 PM
Hi Nadeem.
I am looking for a log analysis tool for the PIX similiar to that of Checkpoint's (I know a dirty word) log file analyzer. I would think that to support multiple PIX's, the ideal product would have a robust back-end database tied into a syslog server (for data collection) and possibly a web front-end. It should support multiple PIX's, each supporting 10Mb+ bandwidth, with ALL traffic being logged.
I am NOT just looking for "summary" reports, but also want to search a given time frame by IP, protocol, port, etc, and see all matches for all traffic seen by the firewall. I would also need to see all/selected traffic in real-time, as it passes through the firewalls (for troubleshooting).
So far the only thing that I have come accross that seems to offer this functionality would be the suite of products from NetIQ. Can anyone else recommend some other ENTERPRISE reporting tools for the PIX?
Thanks in advance....
Scott Daffron
Sentara Healthcare
07-31-2003 06:09 PM
Simply put, I am looking for a log analysis tool for the PIX similiar to that of Checkpoint's (I know a dirty word) log file analyzer. I would think that to support multiple PIX's, the ideal product would have a robust back-end database tied into a syslog server (for data collection) and possibly a web front-end. It should support multiple PIX's, each supporting 10Mb+ bandwidth, with ALL traffic being logged.
I am NOT just looking for "summary" reports, but also want to search a given time frame by IP, protocol, port, etc, and see all matches for all traffic seen by the firewall. I would also need to see all/selected traffic in real-time, as it passes through the firewalls (for troubleshooting).
So far the only thing that I have come accross that seems to offer this functionality would be the suite of products from NetIQ. Can anyone else recommend some other ENTERPRISE reporting tools for the PIX?
Thanks in advance....
Scott Daffron
Sentara Healthcare
08-01-2003 08:48 AM
Hi Scott,
Thanks for your question. I think CWSIM is a product you are looking for. Here are some of the links for this product.
http://www.cisco.com/warp/partner/synchronicd/cc/pd/wr2k/cwsims/prodlit/2152_pp.htm
http://www.cisco.com/en/US/products/sw/cscowork/ps5209/
Hope this helps.
Thanks
Nadeem Khawaja
08-01-2003 12:38 AM
I have download vms 90 days trial. There are 4 files. I have tried uncompressing then but I cant. Is there any special process to uncompressing them?
Thanks.
08-01-2003 08:30 AM
Hi,
Thanks for your question. Please download all the files in one folder and then open the file with .zip extension, through winzip.
Thanks
Nadeem Khawaja
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide