Enterprise FWSM management solution?

Unanswered Question
Jul 31st, 2008
User Badges:

hello, what's the current thinking these days for an all-round enterprise firewall solution based on the FWSM.

I'm most interested in firewall log queries/reporting/alerting/archiving.


Let's say for example, I want to see a report showing firewall activity for a group of IP addresses in a specific 15 minute period four days ago. Fingers crossed for something slightly more advanced than grep on a raw syslog file.


thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Farrukh Haroon Fri, 08/01/2008 - 04:18
User Badges:
  • Red, 2250 points or more

Have you looked at Cisco MARS? (Its actaully a SEM)


http://www.cisco.com/en/US/products/ps6241/products_data_sheets_list.html


http://www.sawmill.net/features.html

(Found it to be pretty nice, but might be pricy)


If you want a real-time thing, fireplotter is pretty cool:


www.fireplotter.com


Alternates:


http://manageengine.adventnet.com/products/firewall/

(never tried it tough)


http://www.eventid.net/firegen/firegenpix2.asp

(had serious performance issues)


Some more:

http://www.windowsecurity.com/software/Firewall-security-log-analyzers/


Please rate if helpful


Regards


Farrukh

Actions

This Discussion