Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Firewall Analyzer & Reporter

I am after a good Firewall Analyzer & Reporter for cisco PIX, ASA's. Dont mind open source.

I would like to minitor the followings

Traffic and Bandwidth Monitoring

Employee Internet Monitoring

Firewall Rules and URLs Monitoring

Firewall Alerts & Notifications

Firewall Alert Administration

Firewall Reports

VPN Reports

Proxy Server Reports

Network Security Reports

Custom Reports

Ad-hoc Reports & Scheduling Reports

Raw Log Search and Reports

Historical Trend Analysis

Cisco Employee

Re: Firewall Analyzer & Reporter

Syslog server could be:

- Kiwi Syslog:

- 30COM Deamon

- There is also a Cisco Syslog Server which supports TCP Syslog 514 - pfss512.exe

Commercial products that creates graphs and analyzes Syslog to generate stats could be:

- FireGen

- Try this one FWLOGSUM (Freeware).

It uses basicly PERL scripts and supports a wide range of Firewalls. You just need to install Perl in your Windows environment.

- Try Sawmill (Eval version)

- EIQ Networks Network Security Analyzer

Hope that gives you some ideas what to try.



You can opt for :





Re: Firewall Analyzer & Reporter


i also need something to monitor vpn usage.

Cisco Employee

Re: Firewall Analyzer & Reporter

Some info which might be helpful in ' monitoring VPN ':

How to monitor VPN sessions, and specific info ( ex: number of sessions, source of session ,date ,duration, bandwidth used etc. )

Possible solutions :

1) Included with Cisco Security Manager is an application called Performance Monitor, which supports the monitoring of remote-access and site-to-site VPNs.


Security Manager:

Performance Monitor User Guide:

Performance Monitor originates from the previous security managment product called CiscoWorks VMS and is currently not undergoing much further enhancement.

Performance Monitor requires a different license file. For Security Manager 3.0, the license file is included on the DVD, but for 3.1 it is delivered via registering the included PAK on and receiving via email. The Performance Monitor license file is installed using the Common Services browser interface (not the Security Manager client). Click CiscoWorks in the upper right of the browser after logging in, then Common Services > Server > Admin > Licensing.

2) Open source tool which can be used :

3) Using the ASDM --> Under monitoring, VPN statistics, Sessions you can filter by Remote Access, Site-to-Site, clientless SSL, SSL client or email proxy. Under Site-to-Site there are stats for connection/IP address, protocol/encryption, login time/duration and Bytes TX/RX

Do rate helpful posts.



CreatePlease to create content