ManageEngine Firewall Analyzer License

  • Technical Support
  • Last updated on: 14 Jan 2020

Firewall Analyzer

Log analytics and configuration management software for network security devices

ManageEngine Firewall Analyzer is an agent less log analytics and configuration management software that helps network administrators to centrally collect, archive, analyze their security device logs and generate forensic reports out of it.

Real-time event response system and Integrated Compliance Management module of Firewall Analyzer automates your end point security monitoring, network bandwidth monitoring and security & compliance auditing. Firewall Analyzer eases your Device Configuration Management by providing out-of-the-box reports and alerts for configuration changes. Firewall Analyzer is vendor-agnostic and supports almost all open source and commercial network firewalls like Check Point, Cisco, Juniper, Fortinet, Snort, Squid Project, SonicWALL, Palo Alto and more, IDS/IPS, VPNs, Proxies and other related security devices.

Unlock the Real Value of Your Network Security Devices

 Compliance Management

  • Automate compliance audits with out-of-the-box reports for Regulatory Mandates such as PCI-DSS, ISO 27001, SANS, NERC-CIP, NIST and SANS
  • Get your firewall security validated with security audit and device configuration analysis reports

 Firewall Configuration Change Management

 User internet activity monitoring

  • Monitoring internet usage (overuse or misuse) of employees in your organization
  • Get real-time notifications when a user tries to access restricted sites

 Network Traffic and Bandwidth Monitoring

  • Monitor network traffic and get instant notifications upon sudden spikes in bandwidth
  • Analyze which user,protocol group or network activity is consuming more bandwidth with interface-wise live bandwidth usage reports

 Network Security Management

  • Get detailed information on all possible network attacks and security breaches in your network
  • Know which viruses are active on the network, the hosts that are affected and more
  • Find out the anomalies in the firewall policies and rectify them to improve the firewall performance
  • Identify the highly used rules, which can be optimized to enhance the network security
  • Identify the unused rules and modify/remove them to improve your firewall performance

 Real-time VPN and Proxy Server Monitoring

  • Obtain active VPN users, user-specific & user group specific VPN usage, sessions, and bandwidth consumed
  • Monitor the outgoing traffic through the proxy, obtain details on users generating traffic, websites accessed and bandwidth consumed

 Network Forensic Audits

  • Search the logs and pinpoint the exact log entry which indicates the cause of the security event in minutes
  • Find the data quickly and repetitively using advanced log search & generate reports based on search results

 Log Analysis

  • Centrally collect,analyze and archive logs from all your security devices such as Microsoft ISA, NetScreen, SonicWALL, WatchGuard, Squid Proxy and more
  • Extract the security and bandwidth information from flow data like IPFIX with extensions and Cisco


Why Choose Firewall Analyzer

Unlock the real value of your security devices

  • Supports an extensive array of perimeter security device logs which include firewalls, VPNs, IDS/IPS and proxy servers
  • Provides a wide range of reports for external threat monitoring, change management and regulatory compliance

Attractive TCO and rapid ROI

  • No additional hardware required, minimal entry cost and maintenance inclusive subscription model ensures a low TCO
  • Competitively priced. Quick deployment, instant results, reduced IT overhead ensures rapid ROI

Meet dynamic business needs quickly

  • Rapidly transforms perimeter security device logs into actionable information
  • Generates reports in user friendly formats like PDF and CSV formats

Productivity improvement for IT / MSSP

  • From product deployment to report generation in minutes!
  • Real-time alerts to security events enable IT to respond instantaneously to security threats


Firewall Analyzer is available in two editions to suit the needs of different industries / domains. The depth and level of features available in various editions are same. The Evaluation edition offers all the features available in the Premium Edition during the period of evaluation. The Premium edition offers value added features.

FeaturesDistributed / Premium Edition
Bandwidth Monitoring
Traffic Analysis
Firewall Rules and URLs Analysis
Attack and Virus Analysis
VPN and Security Events Analysis
Admin Reports for Compliance
Ad-Hoc Reports and Scheduling
Raw Log Search and Reporting
Basic and Anomaly Alerting with Thresholds
OpManager Integration
Dashboard Customization
Interface based Live Report
Export/Import of Alert and Report Profiles
Cisco ASA Netflow log support
IPFIX with Extensions Flow support for SonicWALL (SonicOS 5.8) devices
Encryption and Time stamping of archived logs
Scheduled import of logs from the Firewall Analyzer server machine locally
Virtual Firewall Support for Cisco, FortiGate & CheckPoint devices
Application Report for FortiGate, Check Point, SonicWALL, Palo Alto, and Blue Coat Firewalls
Geolocation Map View Bandwidth and Security Reports
VPN Active Connection Trend Reports
Firewall Policy Optimization Reports
Cloud Control Reports
User based Views
Live VPN Users
Firewall Policy Overview Report
Rule Reorder & Recommendation
Firewall Unused Rules
Alert Administration
Command Execution on Alerts
Rebranding Web Client
SMS and SNMP Trap Notification for Alerts
User/ Hostname Vs IP Address mapping based on Proxy / DHCP logs
Provision to create and apply Credential Profiles to fetch Firewall Rules/Policies/ACLs
Security Audit and Configuration analysis of Firewall device
External Authentication Support: Active Directory and RADIUS Server
Change Management Report for Cisco, Netscreen and Fortigate devices with exclusion filter
Dedicated Compliance section for device rule monitoring, configuration change monitoring, and security audit and analysis
Diagnose/Analyze Firewall Connections
MS SQL, MS SQL Cluster as back end database