Steps to configure SAML SSO for ManageEngine Firewall Analyzer

About Firewall Analyzer

Firewall Analyzer is a comprehensive log analysis and reporting tool that provides in-depth insights into network traffic and security threats. It helps admins track policy changes, optimize firewall performance, and maintain compliance standards.

MFA configuration: Upon successful SSO configuration for the application, click here to learn how to set up MFA, ensuring users complete multiple verification methods before accessing the Identity360 portal.

The following steps will help you enable single sign-on (SSO) for Firewall Analyzer from Identity360.

Prerequisites

  1. The MFA and SSO license for Identity360 is required to enable SSO for enterprise applications. For more information, refer to pricing details.
  2. Log in to Identity360 as an Admin or Super Admin.
  3. Navigate to Applications > Application Integration > Create New Application, and select Firewall Analyzer from the applications displayed.
    Note: You can also find Firewall Analyzer from the search bar located at the top.
  4. Under the General Settings tab, enter the Application Name and Description.
  5. Under the Choose Capabilities tab, choose SSO and click Continue.
    Identity360 application configuration general settingsGeneral settings of SSO configuration for Firewall Analyzer
  6. Under Integration Settings, navigate to the Single Sign On tab, click on Metadata Details. You can configure Firewall Analyzer by either uploading the metadata file or entering the details manually.
    • For uploading metadata file: Download the metadata file to be uploaded during the configuration of Firewall Analyzer by clicking Download from the Metadata field.
    • For manual configuration:
      • Copy the Login URL and Logout URL, which will be used during the configuration of Network Configuration Manager.
      • Download the SSO certificate by clicking Download from the Signing Certificate field.
        Identity360 application configuration integration settingsIntegration Settings of SSO configuration for Firewall Analyzer

Firewall Analyzer (service provider) configuration steps

  1. Log in to Firewall Analyzer with an admin's credentials.
  2. In the Firewall Analyzer portal, go to Settings > General Settings > Authentication.
    Firewall Analyzer portal viewPortal view of Firewall Analyzer
  3. Select the SAML tab under Authentication.
  4. Under the Service Provider Details section, copy the Entity ID and Assertion Consumer URL. These will be used later.
    Firewall Analyzer Set up SSOConfiguration of SAML SSO from Firewall Analyzer
  5. The IdP details can be entered in two ways:
    • Using the Metadata file
      • Under the Identity Provider Details section, choose the Upload IdP metadata file radio button.
      • Enter Identity360 as the Name, and select Email ID from the Name ID Format drop-down.
      • Upload the metadata file downloaded in step 6a of the prerequisites section.
      • Click Save.
      • Firewall Analyzer metadata configurationMetadata configuration from Firewall Analyzer
    • Manually entering the IdP details
      • Under the Identity Provider Details section, choose the Configure IDP information manually radio button.
      • Enter Identity360 as the Name, and select Email ID from the Name ID Format drop-down.
      • Paste the Login URL and Logout URL copied in step 6b(i) of the prerequisites section in the IdP Login URL and IdP Logout URL fields, respectively.
        Note: The Logout URL is optional and can be skipped if single logout (automatically log out from Identity360 when logging out from Firewall Analyzer) is not required.
      • Upload the X.509 certificate file downloaded in step 6b(ii) of the prerequisites section in the IdP's Certificate field.
      • Click Save.
      Firewall Analyzer manual configurationManual configuration from Firewall Analyzer
  6. Click Test connection to test the connection.
  7. Click Enable SAML SSO.
    SP connection test and SSO enablementFirewall Analyzer connection test and SSO enablement

Identity360 (identity provider) configuration steps

  1. Switch to Identity360's application configuration page.
  2. In the ACS URL field, enter the Assertion Consumer URL copied in step 4 of Firewall Analyzer configuration.
  3. In the Entity ID field, enter the Entity ID value copied in step 4 of Firewall Analyzer configuration.
  4. Click Save.
    Identity360 application configurationIntegration Settings of SSO configuration for Firewall Analyzer
  5. To learn how to assign users or groups to one or more applications, refer to this page.

Your users should now be able to sign in to Firewall Analyzer through the Identity360 portal.

Note: You can also find NetFlow Analyzer from the search bar located at the top.

Don't see what you're looking for?

  •  

    Visit our community  

    Post your questions in the forum.

     
  •  

    Request additional resources  

    Send us your requirements.