配置防火墙
防火墙分析仪在缺省端口监听输出的日志文件。下面是包含有配置指令的防火墙列表及其版本。点击防火墙名称来查看相关的配置指令。
| 防火墙名称 |
版本号 |
| Check Point |
可以导入大多版本的日志,LEA支持R54或者更高版本 |
| NetScreen |
大多数版本 |
| Cisco 系统 |
Cisco Pix Secure Firewall v 6.x, 7.x, Cisco ASA, Cisco IOS 3005, 1900, 2911, 3925, Cisco FWSM, Cisco VPN Concentrator, Cisco CSC-SSM Module 6.3.x,
Cisco SSL WebVPN or SVC VPN, Cisco IronPort Proxy, Cisco Botnet module |
| Microsoft ISA |
(Firewall, Web Proxy, Packet Filter, Server 2006 VPN)
Server 2000 and 2004, W3C log format Threat Management Gateway (TMG) |
| CyberGuard |
CyberGuard Firewall v4.1, 4.2, 4.3, 5.1 |
| Cyberoam |
Cyberoam Firewall Version: 9.5.4 |
| FortiNet |
FortiGate family, Webfilter, DLP, IPS modules, and IPSec, SSL VPN - v300A, v310B, FortiOS 5.x VPN |
| WatchGuard |
All Firebox Models v 5.x, 6,x, 7.x, 8.x, 10.x, 11, Firebox X series, x550e, x10e, x1000, x750e |
| Snort |
大多数版本 |
| Secure Computing Sidewinder |
Sidewinder G2, FIrewall Enterprise - Sidewinder (S4016) |
| SonicWALL |
SOHO3, SOHO TZW, TELE3 SP/TELE3 Spi, PRO 230, 2040, 3060, 4060, 5060, TZ 100/ TZ 100w, TZ 170, TZ 170 Wireless, TZ 170 SP Wireless, TZ 200/ TZ 200w, TZ 210/ TZ 210w, NSA 240, NSA 2400, NSA 2400MX, NSA 3500, NSA 4500, NSA 5000, NSA E5500, NSA E6500, NSA E7500, NSA E8500, NSA E8510, Management, Application control & SSL-VPN logs |
| Juniper Networks |
SRX100, SRX210, SRX220, SRX240, SRX650, SRX1400, SRX3400, SRX3600, SRX5600, SRX5800
NetScreen 大多数的Web Filter & Spam模块
4500 & 6500, New Format Logs
2000
|
| 3Com |
3Com X-family Version 3.0.0.2090或以后 |
| IPCop |
IPCop Firewall Version 1.4.17 / 1.4.18 |
| Stonesoft |
Firewall version 5.5 |
| Palo Alto |
Palo Alto Firewalls PA 5000 series, PANOS 4.1.0 |
|
如果防火墙设备的日志中包含有时区信息,防火墙分析仪将对它进行处理,归一到服务器所在的时区。 |
|
