[nsp] enterprise-scale PIX log reporting
Scott P. Daffron
scott at cs.odu.edu
Thu Jul 31 21:27:48 EDT 2003
Oh most wise cisco gurus,
I am looking for a log analysis tool for the PIX similiar to that of
Checkpoint's (I know a dirty word) log file analyzer. I would think that
to support multiple PIX's, the ideal product would have a robust back-end
database tied into a syslog server (for data collection) and possibly a
web front-end. It should support multiple PIX's, each supporting 10Mb+
bandwidth, with ALL traffic being logged.
I am NOT just looking for "summary" reports, but also want to search a
given time frame by IP, protocol, port, etc, and see all matches for all
traffic seen by the firewall. I would also need to see all/selected
traffic in real-time, as it passes through the firewalls (for
troubleshooting).
So far the only thing that I have come accross that seems to offer this
functionality would be the suite of products from NetIQ. Can anyone else
recommend some other ENTERPRISE reporting tools for the PIX?
Thanks in advance....
Scott Daffron
More information about the cisco-nsp
mailing list