Firegen Log Analyzer

FireGen 4.0 Log Analyzer

Firegen 4 Firewall Log Analyzer is a log analyzer developed by firewall administrators. Its purpose is to replicate the steps that a “real world” firewall administrator would take in analyzing firewall logs. It provides support for several types of firewalls: AdTran, Cisco Pix, Cisco ASA, Cisco IOS, Fortigate, ipTables, Juniper SRX, Juniper SSL VPN, Mikrotik, Netscreen, Palo Alto, SGS, Sonicwall and Sophos UTM.

The analysis engine provides machine learning-based anomaly detection, detecting unusual patterns in your log data based on the previous analysis

The logs size is only limited by the capabilities of the analysis workstation.

Forensics analysis – Report on activities of a certain IP address

Buy

Firegen 4.0 – $399.00
Various payment types
Reseller discount
Software maintenance

Read more…

FAQ

How many firewalls?
How do I start?
How fast?
How detailed?

Read more…

Features

  • Unlimited number of firewalls/log profiles
  • Support for several types of firewalls: AdTran, Cisco Pix, Cisco ASA, Cisco IOS, Fortigate, ipTables, Juniper SRX, Juniper SSL VPN, Mikrotik, Netscreen, Palo Alto, SGS, Sonicwall and Sophos UTM. Support for additional firewall types added on demand
  • Built-in syslog server but supports most of syslog existing servers: Kiwi, WinSyslog, Linux/BSD syslogs, Cisco PFSS, syslog-ng and more. The user can add their own log entry parsing statements. The firewall format is autodetected
  • Artificial Intelligence algorithms for anomaly detection
  • Support for large files (the size of the analyzed data is limited only by the hardware capabilities)
  • Reports in HTML format (can be view directly in the browser or published on internal website)
  • Report sections for each firewall detected in the logs
  • Report sections for each pair of firewall interfaces (i.e. inside to external, inside to dmz, external to dmz, external to inside)
  • Hourly traffic and denials graph
  • Hourly distribution of denial reasons graph
  • Top traffic sources, destinations, protocols, warnings, denials and URLs
  • Dedicated sections for each protocol
  • Reports sorted by connections or traffic (MB) as applicable
  • Bar graphs for various reports sections (protocols, sources and destinations)
  • Denied protocols and denial reasons with link to our TCP/IP protocols database and common reasons
  • Learning of top denied source hosts
  • Notification of discrepancy between the levels of traffic and denials for a specific time interval
  • Notification of unusual log entries (new types of entries, entries recorded more than 30 days ago, etc)
  • Reversed DNS resolution
  • Each host name and IP address link to our WHOIS database
  • Breakdown of firewall messages by severity level
  • Forensics analysis – chronological report on network-related activities of a certain IP address
  • Customized list of known protocols
  • Customized list of traffic patterns (i.e. TCP/80 traffic = Web browsing, TCP/25 = Email traffic)
  • Scheduled and emailed reports, publication on internal websites
  • Customizable report formats (by replacing the standard CSS (cascading styles sheet)
  • Analysis data export

Firegen Log Analyzer Articles

Firegen 4.0 CLI

Firegen Command Line Interface Analyzer

/
  Firegen provides a command-line version of the analysis…
Firegen cron expressions

Using cron expressions for Firegen scheduled reports

/
  The Firegen scheduler settings provide the option…

Firegen Custom Log Patterns Explained

/
When you select one of your logs, if we did not ship a pre-configured…

Firegen Log Analyzer Newsletter