Vendor-agnostic Firewall Security and Change Management Software - Firewall Analyzer

Firewalls, along with IDS / IPS, are your first line of defense against malicious attacks on your network. Regardless of which type of perimeter security devices are being used, monitoring these devices are critical to ensure that they functioning smoothly and you are alerted in advance of any suspicious user activities, network anomalies, or device mis-configuration.

ManageEngine Firewall Analyzer provides Firewall Security Management capabilities to:

• Audit the security of the firewall devices
• Analyze the configuration of the firewall devices to assess the security vulnerability of the device
• Track the configuration changes made on the firewall devices
• Monitor the effectiveness of the rules/policies/ACLs of the firewall devices
• Monitor the firewall user activities
• Diagnose the firewall connections in real-time

Firewall Analyzer provides elaborate reports on the firewall security and compliance. They are:

• Security Audit report
• Configuration Analysis report
• Configuration Change Management report
• Unused and Used Rules report
• Admin Reports
• Firewall Live Connection Diagnosis

Firewall Security Management Reports

Security Audit report

Firewall Analyzer audits the firewall security periodically and generates thefirewall security audit report.The screen shot of the sample report is given below:

Configuration Analysis report

The complete configuration of the firewall device is listed in this report. This includes the firewall policies or ACLs or firewall rules.

Change Management report

Firewall Analyzer monitors the firewall configuration changes in real-time. It can trigger alerts for any change done. It generates elaborate change management report. The report addresses the question like who made the change, what was the change, and when was it made.

Unused and Used Rules report

Unused rules indicate that the rules are redundant and are not being used to the control or monitor the traffic through the firewall. Either the rules should tweaked to make the rule effective or removed entirely. This will help you manage your firewall policies/rules and strengthen the overall security of your network. In the case of used rules, if a particular rule is overused, that may be an indication that the rule is not so effective and may allow exploits in to the network. Those rules should be carefully analyzed and tweaked to tighten the security. Firewall Analyzer presents exhaustive reports about unused and used rules.

Admin Reports

Admin Reports provide detailed information on successful logons, successful logoffs, failed logons and the commands executed by the firewall users like security administrators, network administrators, etc.

Live Diagnosis of Firewall Connections

Firewall Analyzer helps to identify current live connections / sessions (specific to IP address, range of IP addresses, Port / Protocol) established with the firewall device through it's Diagnose Connections feature. This will help firewall administrators to track the connections and ensure that the device is accessed properly in their network.