Firegen Log Analyzer
Firegen 4 Firewall Log Analyzer is a log analyzer developed by firewall administrators. Its purpose is to replicate the steps that a “real world” firewall administrator would take in analyzing firewall logs. It provides support for several types of firewalls: AdTran, Cisco Pix, Cisco ASA, Cisco IOS, Fortigate, ipTables, Juniper SRX, Juniper SSL VPN, Mikrotik, Netscreen, Palo Alto, SGS, Sonicwall and Sophos UTM.
The analysis engine provides machine learning-based anomaly detection, detecting unusual patterns in your log data based on the previous analysis
The logs size is only limited by the capabilities of the analysis workstation.
Forensics analysis – Report on activities of a certain IP address
Sample Reports
Real data reports
Forensics analysis
Screenshots
Performance stats
Download
Download 30-day trial
No limitations
Free support
Customizable on request
Buy
Firegen 4.0 – $399.00
Various payment types
Reseller discount
Software maintenance
FAQ
How many firewalls?
How do I start?
How fast?
How detailed?
Features
- Unlimited number of firewalls/log profiles
- Support for several types of firewalls: AdTran, Cisco Pix, Cisco ASA, Cisco IOS, Fortigate, ipTables, Juniper SRX, Juniper SSL VPN, Mikrotik, Netscreen, Palo Alto, SGS, Sonicwall and Sophos UTM. Support for additional firewall types added on demand
- Built-in syslog server but supports most of syslog existing servers: Kiwi, WinSyslog, Linux/BSD syslogs, Cisco PFSS, syslog-ng and more. The user can add their own log entry parsing statements. The firewall format is autodetected
- Artificial Intelligence algorithms for anomaly detection
- Support for large files (the size of the analyzed data is limited only by the hardware capabilities)
- Reports in HTML format (can be view directly in the browser or published on internal website)
- Report sections for each firewall detected in the logs
- Report sections for each pair of firewall interfaces (i.e. inside to external, inside to dmz, external to dmz, external to inside)
- Hourly traffic and denials graph
- Hourly distribution of denial reasons graph
- Top traffic sources, destinations, protocols, warnings, denials and URLs
- Dedicated sections for each protocol
- Reports sorted by connections or traffic (MB) as applicable
- Bar graphs for various reports sections (protocols, sources and destinations)
- Denied protocols and denial reasons with link to our TCP/IP protocols database and common reasons
- Learning of top denied source hosts
- Notification of discrepancy between the levels of traffic and denials for a specific time interval
- Notification of unusual log entries (new types of entries, entries recorded more than 30 days ago, etc)
- Reversed DNS resolution
- Each host name and IP address link to our WHOIS database
- Breakdown of firewall messages by severity level
- Forensics analysis – chronological report on network-related activities of a certain IP address
- Customized list of known protocols
- Customized list of traffic patterns (i.e. TCP/80 traffic = Web browsing, TCP/25 = Email traffic)
- Scheduled and emailed reports, publication on internal websites
- Customizable report formats (by replacing the standard CSS (cascading styles sheet)
- Analysis data export