Anymon FWL

Anymon FWL is a firewall log analysis solution to manages logs from different firewall sources. Anymon FWL allows you to do the proactive response against various security threats and also use the analyzed data as the reference data to increase network efficiency.

OVERVIEW

The most important factor in the perimeter security between the internal and the external network is the firewall. The firewall located in the perimeter monitors all the communication traffic information and controls the communication. By this reason, the firewall log is important to the network security and the operation management.

However, the analysis of a large log from a firewall system is not a simple. Administrators put in a lot of time and effort on this task. Moreover, the analysis of a very large log from different firewall systems is almost impossible to handle for a few days.

Anymon FWL collects logs from different firewall sources and analyzes them by the pre-defined policy in real time. The various types of reports including the results are generated to support network security management and to use increasing operation efficiency.

FEATURE HIGHLIGHT

High Speed Network Behavior Analysis

Anymon can analyzes firewall logs at 10,000 sessions per second (150Gbytes/day) and also guarantees searching speed at 500Mbyte per second. These processing speed is equal to the processing 1 billion session logs (150Gbytes) in a few minutes.

Intelligent Network Profiling

Anymon automatically generates network profiles including normal/abnormal service, all services, services per time, network usage statistics and more. These network profile can be used in the references to detecting malicious traffics and analysis abnormal services. With this feature, administrator can easily understand the network and do rapid response against them.

Supporting various reports

Anymon provides various reports including service traffic top, source/destination traffic top per service and more. Administrator obtains all necessary reports to be used in the network security and operation management. The report can be created in PDF, XLS, DOC formats.

Supporting Hierarchical deployment for large network

Anymon might be deployed vertically or horizontally in large network between a headquarter and branches, or between a headquarter, regional headquarters and branches.


DIAGRAM

  • Firewall
    • Collect - Various Firewall Logs
      • All firewall logs supporting Syslog and OPSEC protocols
    • Store - Compressed Form
      • Extract & store necessary fields to do behavioral analysis from original logs
    • Analyze - Behavioral Log Analysis
      • Malicious/Abnormal Traffic Analysis
      • 2D-correlated Analysis
      • Malicious/Abnormal Traffic Analysis
    • Query - Real Time Query
      • IP based query
      • Sevice based query