Operations management ensures IT network is kept up. It continuously monitors the nodes in the network for their availability. But, keeping the network up in itself won't suffice. The network has to be secured. For that you need to manage the firewalls, which keeps the network safe from the external attacks.
Firewall log management compliments operations management performed by OpManager. It taps the full potential of the log data generated by firewalls to extract information crucial to the network security.
With firewall log analysis, you get security, compliance and bandwidth reports.
Security reports are:
Compliance reports are:
Bandwidth reports are:
OpManager supports analysis of the following firewall and security device logs:
Simply configure your firewall to forward logs to OpManager. Firewalls are then automatically detected and reports are generated instantly. It also supports firewalls that forward logs in WELF format.
In the case of firewalls and other security devices that do not forward logs, you can import logs files directly in to OpManager and generate reports for the same.
OpManager lets you add LEA servers to establish connections and retrieve logs from Check Point firewalls. You can add as many LEA servers as needed, and set up authenticated or unauthenticated connections to retrieve firewall logs.
OpManager comes pre-bundled with a syslog server that listens for forwarded firewall logs at the defined listener ports. You can add more listener ports to this syslog server, to collect logs from different firewalls. The syslog server is a part of OpManager and does not require a separate installation.
OpManager provides an easy way of saving the report and alert profiles. You can export the profiles and save it. You can import the profiles to get the profiles back. This will come handy in case of exigencies like when you are moving the server to a different machine etc.