I just got this information: The log analysis tool will be used for various firewalls (fortinet,sonicwall, pix etc.) My boss wants me to know if the tool can handle these requirements.. ________________________________________________________________ * Availability of technical support (ex: 24x7, email, phone, chat, etc.) * Patch or updating of software is this included or an additonal expense? * List of Managed Security Service Providers using the software * Sizing guidelines - what server specs for X number of clients * For contingency or redundancy purposes can we mirror the data on another server and would this entail additional cost? * Are there steps to backup and resotore data in case of a system crash? * Would it have a capability to have views for different clients * Can the reports be exported to a file, if so what formats? PDF, DOC, etc? * What reports can be generated: - # of blocked IPs/Ports - Source/Dest IP - IPs, AV, AS report from Fortigate? - Top Users - Weekly, Montly, Daily, historical, etc. - Others PLEASE EXPLORE * Would the built-in syslog have an ACL facility to avoid being probed from the public Internet. * Would it support different logging from various firewall vendor on a single machine. * Please list down features outside the above ____________________________________________________________ _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Thu Oct 12 2006 - 18:36:11 PDT