Enterprise FWSM management solution?

Unanswered Question
Jul 31st, 2008

hello, what's the current thinking these days for an all-round enterprise firewall solution based on the FWSM.

I'm most interested in firewall log queries/reporting/alerting/archiving.

Let's say for example, I want to see a report showing firewall activity for a group of IP addresses in a specific 15 minute period four days ago. Fingers crossed for something slightly more advanced than grep on a raw syslog file.

thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Farrukh Haroon Fri, 08/01/2008 - 04:18

Have you looked at Cisco MARS? (Its actaully a SEM)

http://www.cisco.com/en/US/products/ps6241/products_data_sheets_list.html

http://www.sawmill.net/features.html

(Found it to be pretty nice, but might be pricy)

If you want a real-time thing, fireplotter is pretty cool:

www.fireplotter.com

Alternates:

http://manageengine.adventnet.com/products/firewall/

(never tried it tough)

http://www.eventid.net/firegen/firegenpix2.asp

(had serious performance issues)

Some more:

http://www.windowsecurity.com/software/Firewall-security-log-analyzers/

Please rate if helpful

Regards

Farrukh

Actions

This Discussion