Configuring Firewalls
Firewall Analyzer listens at the default ports for exported log files.
The following is a list of firewalls and versions for which configuration
instructions are included. Click the firewall name to see the corresponding
configuration instructions.
Firewall Name |
Version Numbers |
Check Point |
Log import from most versions and LEA support for R54 and above |
NetScreen |
Most version |
Cisco Systems |
Cisco Pix Secure Firewall v 6.x, 7.x, Cisco ASA, Cisco IOS 3005, 1900, 2911, 3925, Cisco FWSM, Cisco VPN Concentrator, Cisco CSC-SSM Module 6.3.x,
Cisco SSL WebVPN or SVC VPN, Cisco IronPort Proxy, Cisco Botnet module |
Microsoft ISA |
(Firewall, Web Proxy, Packet Filter, Server 2006 VPN)
Server 2000 and 2004, W3C log format Threat Management Gateway (TMG) |
CyberGuard |
CyberGuard Firewall v4.1, 4.2, 4.3, 5.1 |
Cyberoam |
Cyberoam Firewall Version: 9.5.4 |
FortiNet |
FortiGate family, Webfilter, DLP, IPS modules, and IPSec, SSL VPN - v300A, v310B, FortiOS 5.x VPN |
WatchGuard |
All Firebox Models v 5.x, 6,x, 7.x, 8.x, 10.x, 11, Firebox X series, x550e, x10e, x1000, x750e |
Snort |
Most versions |
Secure Computing Sidewinder |
Sidewinder G2, FIrewall Enterprise - Sidewinder (S4016) |
SonicWALL |
SOHO3, SOHO TZW, TELE3 SP/TELE3 Spi, PRO 230, 2040, 3060, 4060, 5060, TZ 100/ TZ 100w, TZ 170, TZ 170 Wireless, TZ 170 SP Wireless, TZ 200/ TZ 200w, TZ 210/ TZ 210w, NSA 240, NSA 2400, NSA 2400MX, NSA 3500, NSA 4500, NSA 5000, NSA E5500, NSA E6500, NSA E7500, NSA E8500, NSA E8510, Management, Application control & SSL-VPN logs |
Juniper Networks |
SRX100, SRX210, SRX220, SRX240, SRX650, SRX1400, SRX3400, SRX3600, SRX5600, SRX5800
NetScreen most versions of Web Filter & Spam Modules
4500 & 6500, New Format Logs
2000
|
3Com |
3Com X-family Version 3.0.0.2090 or later |
IPCop |
IPCop Firewall Version 1.4.17 / 1.4.18 |
Stonesoft |
Firewall version 5.5 |
Palo Alto |
Palo Alto Firewalls PA 5000 series, PANOS 4.1.0 |
|
If the Firewall device logs contains the time zone information, Firewall Analyzer processes it and normalizes it to time zone of Firewall Analyzer Server |
|