Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

OPSEC Partners

ZOHO Corporation

MangeEngine

Product Version Certified: ManageEngine Firewall Analyzer 4.0 tested with Check Point NGX R62

Certified for use with: Check Point Next Generation with Application Intelligence

Product Description: ManageEngine Firewall Analyzer is a firewall log analysis and device managemnt tool. It collects, correlates and reports on enterprise-wide, vendor-neutral firewalls, VPN’s, and proxy servers which will help to track intrusion detection, manage user access, audit traffic, detect anomalies, and helps you to manage your network bandwidth efficiently & continuously. It helps you to manage the Firewall device configuration to optimize the performance of the device.

Company Description: ManageEngine® is the Enterprise IT Management Software division of Zoho Corporation Founded in 1996 and known until 2009 as AdventNet Inc., Zoho Corporation has offices in CA, Austin, New Jersey, Chennai, Singapore, Tokyo and Beijing. Zoho Corporation is privately held.

ManageEngine is an innovative producer of Enterprise IT Management Software, offering high-end functionality of large network management frameworks at cost-effective prices to enterprises world-wide. With more than 50,000 Customers Worldwide, including 3 out of every 5 Fortune 500 companies, we are the fastest growing alternative to traditional network management frameworks.

Key Features and Benefits

ManageEngine Firewall Analyzer is a browser-based firewall/VPN/proxy server reporting solution that uses a built-in syslog server to store, analyze, report, and archive on these logs. Firewall Analyzer provides daily, weekly, monthly, and yearly reports on firewall traffic, security breaches, and more. This helps network administrators and MSSP’s to proactively secure networks before security threats arise, avoid network abuses, manage bandwidth requirements, monitor web site visits, and ensure appropriate usage of networks by employees.

Firewall Analyzer analyzes your firewall, vpn, and proxy server logs and answers questions like the following:

  • Who are the top Web surfers in the company, and what web sites are they visiting?
  • How many users inside the firewall are trying to access web sites with inappropriate content?
  • How much network activity originates on each side of the firewall?
  • Are we experiencing hack attempts? Where are they originating?
  • Which servers receive the most hits?
  • How much bandwidth is consumed across each firewall?

OPSEC Integration

Firewall Analyzer gets Logs from Check Point firewall through LEA both in authenticated and unauthenticated mode.

Diagram

This integration offers customers with a centralized web-based user interface to monitor the firewall activities across all their firewalls and help them to proactively secure networks before security threats arise, to avoid network abuses, manage bandwidth requirements, monitor web site visits, and ensure appropriate usage of networks by employees. Also using Firewall Analyzer a variety of useful reports can be generated (as listed below):

  • Traffic Reports (Inbound/Outbound reports with respect to firewall, Sent/Received reports with respect to the originating source, Intranet/Internet reports based on LAN settings)
  • VPN Reports (Users who are using VPN, transactions that are part of VPN tunnels)
  • Rules Reports (Highly used rules)
  • Security Reports (Users who are denied/rejected more, Events with high criticality)
  • Attack Reports (Attacks identified by Check Point firewall and identifying Top Attackers etc)
  • Live Reports (getting correct duration in the Check Point firewall logs)
  • User based reports (getting user-id in the logs)
  • URL based reports (getting resource value in the logs)
  • And many more…