Firewall Wizards mailing list archives
RE: performance management on pix firewalls
From: "Strydom, Willie" <WStrydom () fnb co za>
Date: Mon, 26 May 2003 07:52:41 +0200
Hi All, I use mrtg to graph cpu (ver 6.22 only) Interface throughput firewall connections (total & current) memory consumption: 4 byte blocks (DNS,ISAKMP,URL,uauth,tftp & TCP) 80 byte blocks (ACT packets & failover Hello) 256 byte blocks (Failover/Syslog) 1550 byte blocks (Ethernet packets) works well for my needs.. I would like some ideas on how you get alerted to failovers. Greping through "debug" syslog is not really cool. cheers!! -----Original Message----- From: Crissup, John (MBNP is) [mailto:John.Crissup () us millwardbrown com] Sent: 22 May 2003 06:25 To: firewall-wizards () honor icsalabs com Subject: RE: [fw-wiz] performance management on pix firewalls I am working on this same task. We are currently evaluating LogAppliance from FireVue (http://www.firevue.com/LA-PIX%20datasheet.pdf). It's basically a syslog server with a web front end and a MySQL back end runnign on a linux distribution. You configure your PIX to send debug level syslog entries to it and it generates traffic logs based on the TCP connections and teardown events. However, at this point in time, I'm not real impressed with what I see. The box is around $20,000 including one year maintenance and seems to be lacking in any real reporting features. I'm being told that the reporting features are in the works and will be added soon. I also seem to be having difficulty always finding the info I want and find myself going back to my old syslog server looking for attack trends that this box seems to mask. I would love to know what other admins are using. I'm looking for something that will allow me to see trends and also do some analysis graphs. -- John -----Original Message----- From: Luciano Z [mailto:user_luciano () yahoo com br] Sent: Wednesday, May 21, 2003 2:01 PM To: firewall-wizards () honor icsalabs com Subject: [fw-wiz] performance management on pix firewalls Hi! I would like to hear some opinions from the list about this topic. What tools you are using, what metrics were adopted, etc. [] lwulff _______________________________________________________________________ Yahoo! Mail O melhor e-mail gratuito da internet: 6MB de espaço, antivírus, acesso POP3, filtro contra spam. http://br.mail.yahoo.com/ _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards _____________________________________________________ This email is confidential and intended solely for the use of the individual or organization to whom it is addressed. Any opinions or advice presented are solely those of the author and do not necessarily represent those of the Millward Brown Group of Companies. DO NOT copy, modify, distribute or take any action in reliance on this email if you are not the intended recipient. If you have received this email in error please notify the sender and delete this email from your system. Although this email has been checked for viruses and other defects, no responsibility can be accepted for any loss or damage arising from its receipt or use. ______________________________________________________ _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards ___________________________________________________________________________________________________ The views expressed in this email are, unless otherwise stated, those of the author and not those of the FirstRand Banking Group or its management. The information in this e-mail is confidential and is intended solely for the addressee. Access to this e-mail by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted in reliance on this, is prohibited and may be unlawful. Whilst all reasonable steps are taken to ensure the accuracy and integrity of information and data transmitted electronically and to preserve the confidentiality thereof, no liability or responsibility whatsoever is accepted if information or data is, for whatever reason, corrupted or does not reach its intended destination. ________________________________ _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- performance management on pix firewalls Luciano Z (May 22)
- <Possible follow-ups>
- RE: performance management on pix firewalls Jens von Bülow (May 23)
- RE: performance management on pix firewalls Crissup, John (MBNP is) (May 23)
- Re: performance management on pix firewalls Tim Glen (May 23)
- RE: performance management on pix firewalls Strydom, Willie (May 26)