Thunder Bay District Health Unit uses ManageEngine Firewall Analyzer for Live Traffic Monitoring and Network Anomaly Detection

Institution : Thunder Bay District Health Unit

Industry : Health care

Location : Thunder Bay, Ontario, Canada

This software is used for end-point security monitoring & analysis, change management, employee Internet monitoring, bandwidth monitoring, capacity planning, policy enforcement, security & compliance audit reporting. Being agent-less log analytics and configuration management software for network security devices, TBDHU Information Systems team could deploy, monitor and generate firewall traffic and security reports using Firewall Analyzer within minutes!

They were receiving useful and important insights on their network traffic like, Internet bandwidth utilization, top used and unused firewall rules, top attackers, top viruses and worms that have affected the network. "The Live Reports available in Firewall Analyzer helps me monitor the Network and Internet traffic all day long and notifies us about any sudden jumps or dips in traffic. The software allows us to better manage not only our Internet connection but also our Firewalls too" said Phil.

"There were few instances where Firewall Analyzer helped us pinpoint security breaches, and we were able to immediately respond to such security threats and x them," mentioned Phil. Firewall Analyzer continuously monitors the traffic owing through TBDHU's network firewalls and looks out for abnormal network events which identifies viruses, attacks or security breaches. The software alerts the IS Team for any such network anomalies and provides them with detailed reports on the viruses active on the network, the hosts that have been affected, top attackers, top targets, protocols used for the attack, top denied hosts, denied protocols, and top security events generated.

"There were few instances where Firewall Analyzer helped us pinpoint security breaches, and we were able to immediately respond to such security threats and x them," mentioned Phil. Firewall Analyzer continuously monitors the traffic owing through TBDHU's network firewalls and looks out for abnormal network events which identifies viruses, attacks or security breaches. The software alerts the IS Team for any such network anomalies and provides them with detailed reports on the viruses active on the network, the hosts that have been affected, top attackers, top targets, protocols used for the attack, top denied hosts, denied protocols, and top security events generated.

TBDHU's IS Team often use Firewall Analyzer for their forensic investigations on past network activities, and detect any historical trends/patterns. Firewall Analyzer archives the logs received from their firewalls at pre-determined intervals, and these archived log files are then encrypted, hashed, and time-stamped to make them tamper proof. During forensic investigations the IS Team loads these archived files into the database and use Firewall Analyzer's powerful search engine to search the archived logs for anomalous events/patterns and generate forensic reports based on the search results.

"It is a fantastic product backed up by a responsive support team," says Phil Avella, who goes on to add "Obviously I had no idea how great the support would be until I experienced it first hand, right from the day I started evaluating Firewall Analyzer. Support is one of the things that I will continue to bring forward whenever I recommend your product."

"The implementation was so easy and the Firewall Analyzer immediately started showing me how much inbound and outbound traffic was passing through our firewalls. I now use Firewall Analyzer daily!".
Phil Avella, Manager, Information Systems, Thunder Bay District Health Unit