Network Information for the IT Manager

Traffic and Security of Enterprise Network - Snapshot View

As a CIO/CSO/IT Manager of an enterprise, you would like to apprise yourself of the traffic usage and security threatening activities of the enterprises network.

Firewall Analyzer addresses your requirements. It provides a snapshot view of the network traffic and security events of your network in the form of a dashboard. The dashboard displays the graphical overview and statistical snapshot of the total network traffic distributed among the protocols and security events distributed among various categories.

Network Traffic

For the network traffic, it addresses a critical question like who, when, and where, i.e., who (which host) is using your traffic, when (what time) the traffic was used, and where (which destination) the traffic was directed to. It provides trend of Internet traffic across the perimeter security devices.

Network Security

For the network security, you can view the latest security events received (formatted or raw SysLogs) from a particular device. You can get alerted for any of these security events and pinpoint the exact event by drilling down the reports or searching.

It provides valuable information about usage of Firewall rules. It segregates the unused rules of the Firewall and lets you to manage the rules to optimize the Firewall performance.

There are slew of pre-built reports available in Firewall Analyzer. Firewall Analyzer allows you to create the management reports, for you to peruse.

Network Information for the Security / Network Administrator

Traffic and Security Analysis of Enterprise Network

As a Security/Network Administrator of your enterprise, you would like to constantly monitor the traffic usage and security threatening activities of the enterprises network.

You get a graphical overview and statistical snapshot of the total network traffic distributed among the protocols and security events distributed among various categories, in the dashboard.

There are slew of pre-built reports available in Firewall Analyzer. You have the quick traffic reports. From the quick reports you can find out the traffic usage by

• top hosts who initiated the traffic
• top destinations who received the traffic
• top protocols used for communication
• top requests received by the URL
• top conversations between host and destination
• top Firewall rules used, top VPN users
• top hosts from where the attacks originated

From the quick reports you can find out the security incidents by

• top attacks
• top viruses
• top denied events
• top security events
• top failed log-ons

This gives a comprehensive yet concise view of traffic usage and security events.

You can always drill down to any level of details (unto raw log level) you want. It allows you to create the network reports to be submitted to the management on daily basis.

You can search from heap of raw logs for forensic analysis and network audit. You can load and search the archived logs. The search results can be used to generate reports.

You can gather valuable information about usage of Firewall rules. You can modify or remove the unused rules.

You can get alerts triggered for anomaly and threshold conditions. You can administer the alerts (a bare bone trouble ticketing utitlity).