User guide

ManualsBrandsMSI ManualsHome building and DecorSupero CSE-M35S

231

232

233

234

235

236

237

238

239

240

ManageEngine Firewall Analyzer :: User Guide

236

Zoho Corp.

Configuring WatchGuard Firebox

Firewall Analyzer supports both WELF and native log formats of WatchGuard Firebox

Models v 5.x, 6,x, 7.x, 8.x, 10.x, 11, Firebox X series, x550e, x10e, x1000, x750e

For 8.x version, the XML log file format can be imported by Firewall

Analyzer.

Virus reports are supported only for WatchGuard v10.x

For analysing native logs, the configuration is straight forward, you just need to forward

the native logs from WatchGuard to the syslog listener ports of Firewall Analyzer.

By default, WatchGuard Firewall logs do not contain the bytes nformation. It just has the

size of the packet and header. So one needs to do the following to enable them,

• For version 7.3 , you need to go into General Setting area of your proxy and

select the check box Send log message with summary of each transaction.

• For version 7.2.1, you need to select the check box Log accounting/auditing

information in your proxy service.

• For version 8.x , you need to select the check box Send a log message with

summary information for each transaction in your proxy service.

• For version 10.X,

o For External and VPN interface based logging:

 Open Policy Manager.

 Select the Setup > Logging > Performance Statistics menu,

enable check box and save configuration.

o For proxy level tracking:

 Edit the proxy action and select the check box Turn on logging for

reports for each desired proxy and save configuration

Device configuration for Firebox X1250e, XTM 11 series

Bytes Information for Watch Guard:

Please follow the steps and configure the same in the Watchguard device to resolve the

issue.

• Ensure that your Watch Guard policies are created with Proxy Action and then

follow the steps

• Action > Proxies and add the new policy as per your requirement

Please follow the Steps to enable bytes information in the logs:

For External and VPN interface based logging:

Setup > Logging > Performance Statistics. Enable check box and save configuration.

For proxy level tracking, edit the proxy action and select 'Turn on logging for reports'

for each desired proxy and save configuration.