Home > Products > ManageEngine Firewall Analyzer > Release Notes


Firewall Analyzer Release Notes


Listed here are the feature enhancements, bug fixes and limitations of each release update of Firewall Analyzer.

For further information please contact Firewall Analyzer Support.

4.0.3 - Build 4030

New Features and Enhancements

  • Cisco VPN Concentrator (versions 3000 & 3005) supported.
  • Secure Computing Sidewinder supported.
  • WatchGuard 8.0 Syslog supported.
  • D-Link DFL series supported.
  • Security statistics dashboard view for port scans, virus, attacks, failed logon's, and other security events has been included.
  • View cumulative flow rate of firewall logs for troubleshooting.
  • Protocol Identifiers range support for the addition or modification of protocols.
  • Custom report profile creation now supports IP Address range and CIDR format while adding filters.
  • Automatic hard disk space alert has been provided.
  • NetScreen, and FortiGate Firewall Admin reports for compliance has been included.
  • Japanese language support has been provided.
  • Guest user privileges now satisfy the strict access control requirements of MSSP customers.

Bug Fixes

  • Search for host or destination IP address over vast collected firewall log samples did not return any search results.
  • Load Archive for WatchGuard 7.x, 8.x syslogs were not supported.
  • NetScreen user to IP address mapping, where users authenticated using single sign-on servers, were not mapped to the IP address logged in the firewall logs.
  • PDF formatting issues.
  • Issues in CheckPoint VPN reports.

Known Issues

  • Load Archive and Import of Logs not supported for Cisco VPN Concentrator.
  • The inbuilt MySQL database of Firewall Analyzer could get corrupted if other processes are accessing these directories. Kindly exclude the Firewall Analyzer installation directory 'AdventNet' (it could be in C:\AdventNet or D:\AdventNet) from both the Backup process and Anti-Virus Scans.

4.0.2 - Build 4022

  • This build contains the following bug fixes over build 4021 or 4020, customers already using Build 4020 or 4021 should apply the HotFix for 4020/4021, in order to upgrade to the latest build 4022. Customers using earlier builds like 4012, 4011, or 4010 should first apply Service Pack before applying the HotFix for 4020/4021.

Bug Fixes

  • "No Data Available" issue caused due to FirewallRecords_Tmp table getting full has been fixed.
  • Issue with quotes in RuleName for Cisco Pix firewall has been fixed.
  • Issue with parsing of User information from CheckPoint Firewall has been fixed.

4.0.2 - Build 4021

  • This build primarily contains fixes over build 4020, to prevent slow server startup which may be caused due to the presence of source/destination ip address in custom report profiles.

Bug Fixes

  • Negative connection ID support for Cisco Pix firewall has been provided.
  • VPN report issues in CheckPoint firewall fixed.
  • Number of records in Firewall Rules report can now be configured through limits.xml.
  • Port information getting appended to source and destination ip address has been fixed.
  • Issue related to source and destination criteria in report profile creation has been fixed.

4.0.2 - Build 4020

New Features and Enhancements

  • Anomaly detection filters for Network Behavioral Analysis
  • Internationalization and Chinese language support.
  • User-based firewall views.
  • Firewall-based Intranet Settings.
  • Advanced Search
  • Create reports from search results.
  • Cisco PIX & Identiforce Firewall Admin reports for compliance.
  • Streaming & Chat site reports.
  • Peer to Peer attack reports.
  • Edit alert profiles.
  • Enhanced custom report profile creation.
  • HTML Mails for Alert Profiles and Anomaly Profiles.
  • Provision to test mail server settings.
  • Option for receiving reports in PDF instead of ZIP.
  • Rebranding of PDF reports.
  • Customizable number of records in scheduled (PDF) reports.
  • Quick Reports for firewalls and squid proxies.
  • Native syslog support for WatchGuard.
  • BlueCoat proxy log support.
  • Identiforce Gateway support.
  • Netfilter Linux IPTables support.
  • SNORT syslog support.
  • NetCache log support.
  • Squid AWStats support.

Bug Fixes

  • Time based grouping of records while importing the logs which spans across days.
  • Re-addition of CheckPoint firewall in Firewall Analyzer, whenever you restart CheckPoint firewall/Management station, is not required now onwards.
  • When you select Last Day in the calendar, data was shown in 4 hours aggregate. It has been fixed such that it will be shown in 5 minutes aggregate.
  • Fortigate virus log getting displayed in Security Reports rather than in Virus reports has been fixed.
  • FTP directory import issue in Windows has been fixed.

Known Issues

  • The inbuilt MySQL database of Firewall Analyzer could get corrupted if other processes are accessing these directories. Kindly exclude the Firewall Analyzer installation directory 'AdventNet' (it could be in C:\AdventNet or D:\AdventNet) from both the Backup process and Anti-Virus Scans.

4.0.1 - Build 4010

New Features and Enhancements
  • Netscreen native log format support.
  • Zywall support.
  • FreeBSD support.
  • Microsoft ISA (firewall, web-proxy, packet filter) Server support.
  • Cisco ASA support.
  • IPSec VPN support for Cisco PIX - firewall reports capture duration of traffic and IPSec VPN client IP address.
  • NetASQ support.
  • Improved FWSM support - both UDP (with and with out connection id) and TCP connection logs support.
  • Checkpoint LEA support for versions R54 and above.
  • On demand DNS Resolution of IP addresses in reports.
  • Report view customization to configure the device specific reports to be shown in Device Tree and the Reports page.
  • Destination based Filter Criteria option provided in Include/Exclude filters for Add Report Profile.
  • Directory level recursive import of log files from remote hosts.
  • Importing of archived files in .zip format is supported.
  • Provision to Change Archive Location from the default location to the location of choice.
  • Drill-down for Traffic Statistics has been provided.
  • View reports for any type of archived firewall log files.
  • Enhanced Alert Criteria selection in Alert Profile creation.
  • Support for analysis of denied logs in WatchGuard firewall.

Bug Fixes

  • Issue regarding MySQL port 33336 being occupied by an earlier run of Firewall Analyzer has been fixed.
  • Out of memory issue while archiving huge log files have been fixed.

Limitations

  • Working hour and Non-Working hour traffic details for external hosts (hosts outside the intranet) will not be available in the Firewall Analyzer reports.
  • Viewing reports of archived log files of Microsoft ISA Server is not currently supported.
4.0.0 - Build 4003

Bug Fixes

  1. Integrates the fix for MySQL Bug in Win 2003 SP1

4.0.0 - Build 4002

New Features and Enhancements

  • The following reports have been added newly :
    • Attack Reports
    • Internet Reports
    • Inbound and Outbound Traffic reports
  • Global "Search" in the product.
  • Desktop Tray Icon for Windows.
  • Automatic web-client connection, using the default browser, once the server has been started.
  • URL reports for Cisco PIX.
  • HTTP and FTP URL reports.
  • Destination based report information included in most reports.
  • Remote access VPN support in Cisco PIX.
  • Import log support for Check Point.
  • Exhaustive known protocol list support.
  • Up Link Speed and Down Link Speed support to calculate % IN Traffic and % OUT traffic.
  • Additional denied log messages support in Cisco PIX.
  • Conversation reports added in drill down.
  • Importing of archived files (.gz format) created by Firewall Analyzer.
  • FTP Utility added in Support tab, to send the support information file.
  • Ignore UnParsed Records while importing.

4.0.0 - Build 4001

This is a bug fix release.

Bug Fixes

  • Cisco PIX EMBLEM log format support.
  • Cisco PIX UNIX syslog format support.
  • Netscreen quot problem.
  • Wrong Hostname display in Top Inbound/Outbound Protocol drill down from Traffic Statistics table.
  • Additional default protocol addition.
  • Protocol identification issue which caused unknown protocol.

4.0.0 - Build 4000

The general features available in this release include,

  • Support for most enterprise firewalls
  • Support for VPN, and proxy server logs
  • Support for WELF, LEA, Syslog, and Native Log formats
  • Built-in MySQL database to store log data
  • Web-based user interface

The reporting features available in this release include,
 AdventNet, Inc. All rights reserved. Trademarks | Privacy Policy | Site Map | Contact Us | Careers | Tell Us