Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Statistics for Firewalls

From: Volker Tanger <volker.tanger () discon de>
Date: Tue, 10 Sep 2002 17:23:48 +0200
Greetings!

Sutantyo, Danny wrote:

Has anybody done statistics from Cisco PIX firewall or CheckPoint FW-1
firewall?

My boss wants to have a report every week something like a graph that
contains protocol, bandwidth, load, etc...
fwlogsum, for example - or WebTrends. Maybe give Analog with a custom logfile format entry a try. 




So I know CheckPoint FW-1 has a module but from some people don't recommend
to use that module because it will increase the load of the production FW-1.
Yes - if you want to know the bytes transferred you will need to switch from "short" or "long" tracking to "accounting" - which in return will increase the load. If your machine is not maxed out already, you should try the increased "accounting" logging. 



So the only way I can do is to export the log from the GUI to ASCII and do
it in Excel, but the problem is that the log viewer does not tell me the
bandwidth, just the number of event.
Aha - using excel indicates a low traffic site as the excel sheet otherwise exceeds bonds way too quickly. For bigger logfile you will have to use specialized tools. 

Bye

Volker Tanger
IT-Security Consulting

--
discon gmbh
WrangelstraƟe 100
D-10997 Berlin

fon    +49 30 6104-3307
fax    +49 30 6104-3461

volker.tanger () discon de
http://www.discon.de/


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: