Why don't you consider that "dynamically adapting the FW rules "
afterward ?
A good solution might be a third party "log agregator" like SAS for the
data minning thingy, and then __manually__ adapt w ruleset.
Rafael
Aevin Emerc wrote:
>
> Hi,
>
> I want to set up a monitoring, reporting and IDS solution for our Checkpoint
> FW1 firewalls.
> I'm currently thinking to use these tools:
>
> IDS - CP RealSecure
> reporting - WebTrends FirewallSuite
>
> Has anyone made good or bad experiences with these tools? other suggestions
> for tools I should try ?
>
> I'm not sure wether CP RealSecure can do what I want: monitoring the FW
> logfiles, sniffing traffic and reacting on known patterns by alerting the admin
> and dynamically adapting the FW rules :-)
>
> Thanks,
>
> Aevin
>
> --
> Sent through GMX FreeMail - http://www.gmx.net
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
--
"And you may ask yourself,
Well ... How did I get here?"
- Talking Heads
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
