Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 3 subscribers
  • Views 6035 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

slfow , jflow , firewall analyzer and monitoring tools

vannyx
we have 6 locations 3 protected by cisco asa  3 by ASG.  Lately we have invested in products like firewall analyzer from manage engine and foglight NMS and these devices work flawless with the asa to give us detailed information of the goings and comings of users, attackers and general traffic usage. 

because of these tools we were able to correlate an attack by a single attacker on 2 of our locations.

but now our astaro side is completely blind.  We cant access them in the same way and finding documentation on how is nonexistent.  so i ask what standard interface does astaro have beyond the basic snmp ( ram and cpu) that will allow us to get actionable information from all our ASGs and correlate that information across our enterprise.

Thank you.


This thread was automatically locked due to age.
Parents
  • 0
    Hopefully the upcoming Log Management product (backend support included in Version 8.200, with the cloud side of things being available a bit later) will be able to do this, or at least assist you with this; it collects logging data from ASGs and other systems (Cisco boxen, Servers, etc.) and you should be able to, at some point, use it to do what you're looking for.  I've looked at the beta, and it's not quite there yet, but they are working on it.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • 0
    Hopefully the upcoming Log Management product (backend support included in Version 8.200, with the cloud side of things being available a bit later) will be able to do this, or at least assist you with this; it collects logging data from ASGs and other systems (Cisco boxen, Servers, etc.) and you should be able to, at some point, use it to do what you're looking for.  I've looked at the beta, and it's not quite there yet, but they are working on it.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
No Data
Unfiltered HTML