Symantec VPN/Firewall Appliance
Results 1 to 3 of 3

Thread: Symantec VPN/Firewall Appliance

  1. #1
    Senior Member
    Join Date
    Jul 2001
    Posts
    461

    Symantec VPN/Firewall Appliance

    Has anyone ever used the Symantec VPN/Firewall appliances? the 100, 200, or 200r?

    http://enterprisesecurity.symantec.c...uctID=63&EID=0

    If so, did you manage to find any log analysis app which would actually deal with their logformat, and messages? I currently have one setup to log to a syslog server, and another one which is emailing me the logs, but, I can't seem to get the info into any product which we can use with our other firewalls, like the NetIQ Firewall analyser, or any of the others. It is seriously a pain to have to review this data seperately.

    Thanks,

    IchNiSan

  2. #2
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    If it outputs to syslog format, just about any log analysis/correlation utility should be able to read the logs.

  3. #3
    Senior Member
    Join Date
    Jul 2001
    Posts
    461
    Thanks Invictus,

    I can read the syslog with any number of utilities, doing as much correlation/analysis as possible that way. My issue is, If I do it that way, I need to develop my own filters etc to correlate it all together and to get the required outcome from all the processing which goes on. I can do that if needed, no problem except time. However, we have software which does all of that for us with checkpoint and raptor firewall logs, including about 25 other types it could do. It makes accounting/usage and error and security reports automagically.

    I was just hoping that someone somewhere had found a neat way to deal with these logs.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •