Firewall Wizards mailing list archives

RE: performance management on pix firewalls

From: "Strydom, Willie" <WStrydom () fnb co za>
Date: Mon, 26 May 2003 07:52:41 +0200

Hi All,

I use mrtg to graph cpu (ver 6.22 only)
Interface throughput
firewall connections (total & current)
memory consumption:
4 byte blocks (DNS,ISAKMP,URL,uauth,tftp & TCP)
80 byte blocks (ACT packets & failover Hello) 
256 byte blocks (Failover/Syslog)
1550 byte blocks (Ethernet packets)

works well for my needs..

I would like some ideas on how you get alerted to failovers. Greping through
"debug" syslog is not really cool.

cheers!!




-----Original Message-----
From: Crissup, John (MBNP is) [mailto:John.Crissup () us millwardbrown com]
Sent: 22 May 2003 06:25
To: firewall-wizards () honor icsalabs com
Subject: RE: [fw-wiz] performance management on pix firewalls


  I am working on this same task.  We are currently evaluating LogAppliance
from FireVue (http://www.firevue.com/LA-PIX%20datasheet.pdf).  It's
basically a syslog server with a web front end and a MySQL back end runnign
on a linux distribution.  You configure your PIX to send debug level syslog
entries to it and it generates traffic logs based on the TCP connections and
teardown events.  However, at this point in time, I'm not real impressed
with what I see.  The box is around $20,000 including one year maintenance
and seems to be lacking in any real reporting features.  I'm being told that
the reporting features are in the works and will be added soon.  I also seem
to be having difficulty always finding the info I want and find myself going
back to my old syslog server looking for attack trends that this box seems
to mask.

  I would love to know what other admins are using.  I'm looking for
something that will allow me to see trends and also do some analysis graphs.

--
John



-----Original Message-----
From: Luciano Z [mailto:user_luciano () yahoo com br]
Sent: Wednesday, May 21, 2003 2:01 PM
To: firewall-wizards () honor icsalabs com
Subject: [fw-wiz] performance management on pix firewalls


Hi!

I would like to hear some opinions from the list about
this topic. What tools you are using, what metrics
were adopted, etc.

[]
lwulff

_______________________________________________________________________
Yahoo! Mail
O melhor e-mail gratuito da internet: 6MB de espaço, antivírus, acesso POP3,
filtro contra spam. 
http://br.mail.yahoo.com/
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_____________________________________________________
This email is confidential and intended solely for the use of
the individual or organization to whom it is addressed. Any
opinions or advice presented are solely those of the author
and do not necessarily represent those of the Millward Brown
Group of Companies.  DO NOT copy, modify, distribute or
take any action in reliance on this email if you are not the
intended recipient.  If you have received this email in error
please notify the sender and delete this email from your system.
Although this email has been checked for viruses and other
defects, no responsibility can be accepted for any loss or
damage arising from its receipt or use.
______________________________________________________

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
___________________________________________________________________________________________________


The views expressed in this email are, unless otherwise stated, those of the author and not those
of the FirstRand Banking Group or its management.  The information in this e-mail is confidential
and is intended solely for the addressee. Access to this e-mail by anyone else is unauthorised. 
If you are not the intended recipient, any disclosure, copying, distribution or any action taken or 
omitted in reliance on this, is prohibited and may be unlawful.
Whilst all reasonable steps are taken to ensure the accuracy and integrity of information and data 
transmitted electronically and to preserve the confidentiality thereof, no liability or 
responsibility whatsoever is accepted if information or data is, for whatever reason, corrupted 
or does not reach its intended destination.

                               ________________________________
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

performance management on pix firewalls Luciano Z (May 22)
- <Possible follow-ups>
- RE: performance management on pix firewalls Jens von Bülow (May 23)
- RE: performance management on pix firewalls Crissup, John (MBNP is) (May 23)
- Re: performance management on pix firewalls Tim Glen (May 23)
- RE: performance management on pix firewalls Strydom, Willie (May 26)