Mike,
Please read this with an open mind :)
I don't think we missed the question, I think we indirectly
answered your question. To directly answer to your
question, none to my knowledge. Others may have knowledge
of a commercial tool, but it's doubtful one exists - yet.
I have to ask, why re-invent the wheel? Let's say there is a
tools/web based system out there. I can almost guarantee
you'll have administrative work involved(unless this unknown
tool allows anyone to see your logs upon pointing their browser
at your fw/fw manager.) You'll also have to install and
manage yet another application and all the fun of learning the
ins & outs of it..
So how hard is it to add a user, show them how to double-click
ICON(even better, run logviewer automatically at login!), login and
watch logs scroll by? You could even teach them how to filter to
make them more efficient admins!! One common tool, many admins,
already there.
Not sure which fw-1 version you have, but v4.0 will allow some
granularity and v4.1 will give you even more. You will have central
control and administration over your sub-admins, they will only be able
to see and not touch and it's already there when you install the
fw-1 software.
Have you told us everything. Is there another reason your looking for
a web based tool that we're not aware of??? Based on the simple fact
that you want to simplify this, you already have the tool. If your admins
are not smart enough, get better admins. If support can't see the fact
that it's not the firewalls, then document it in detail everytime it
happens. If they still can't see this, then replace support. It truely
sounds like your trying to hard for something that has little or no return
on the investment.
Albert Einstein said: Everything should be made as simple as
possible but not simpler.
Best of Luck!
Robert
- -
Robert P. MacDonald, Network Engineer
e-Business Infrastructure
G o r d o n F o o d S e r v i c e
Voice: +1.616.261.7987 email: [EMAIL PROTECTED]
>>> "Mike Anning" <[EMAIL PROTECTED]> 5/29/00 6:56:26 AM >>>
>
>Thanks to all that responded to this question, altough I'm afraid some may have
>slightly missed the point :-)
>
>I would like for helpdesk and other support staff to be able to point their
>browser to a specified address and be able to view the Firewall logs realtime
>(from the inside only), without installing the Log Viewer software, thus without
>the need for additional user accounts on the Firewall itself.
>The majority of use on this particular Firewall is VPN so there are a multitude
>of users connecting through and if they cannot get to where they need to get to
>then the inital response from them and the support people is that there is a
>problem with the Firewall!! Obviously this is rarely true as the users are
>either entering incorrect credtentials or are simply not allowed to go where
>they are trying to go.
>
>If support could quickly view the Logs through a browser it would save me a
>whole heap of time and generally raise the awareness and confidence within the
>support departments (It doesn't matter how many times I tell them something they
>still don't get it! :-)
>
>Many thanks again
>
>Mike
>
>"Frost, Timothy E" <[EMAIL PROTECTED]> on 26/05/2000 00:17:55
>
>To: "'Robert MacDonald'" <[EMAIL PROTECTED]>, Mike Anning/WEY/EU/CHEP@CHEP,
> [EMAIL PROTECTED]
>cc:
>Subject: RE: [FW1] Log Viewer
>
>It is possible to give different people different rights. From table 7.1 on
>page 225 of the version 4.0 Architecture and Administration manual:
>Monitor-Only can access the log viewer and system status only
>Read only can view, but not change, policy
>User edit can modify user data (but presumably not the policy
>and rulebase)
>Read-Write Can do everything
>
>
>If Mike's helpdesk staff have Monitor-Only access, they can run the log
>viewer and status monitor tools, but not the policy editor.
>
>Tim
>--
>Timothy Frost mailto:[EMAIL PROTECTED]
>EDS New Zealand Fax: +64-4-495-0473
>8 Gilmer Terrace Phone: +64-4-495-0504
>P O Box 3647
>Wellington
>New Zealand
>
>> -----Original Message-----
>> From: Robert MacDonald [SMTP:[EMAIL PROTECTED]]
>> Sent: Friday, May 26, 2000 6:22 AM
>> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
>> Subject: Re: [FW1] Log Viewer
>>
>>
>> For simple problem resolution, the logviewer is a good place to be(as long
>> as the problem is being logged - hint, FW-1 <=v4.0 doesn't log policy
>> properties). You see almost immediately, the successes and failures(both
>> intended and not intended ;-)
>>
>> If what you want is after the fact short &/or long term problem analysis,
>> look into something along the lines of WebTrends for Firewalls &
>> VPNs(www.webtrends.com). It iwll create reports and put them into a very
>> detailed HTML, among other formats(see examples on their site). These can
>> also be scheduled.
>>
>> Like most logging, it's a reactive world. If you need something to tell
>> you if your being 'attacked', then IDS's are the area closer to
>> proactivity.
>>
>> Best of Luck!
>> Robert
>>
>> - -
>> Robert P. MacDonald, Network Engineer
>> G o r d o n F o o d S e r v i c e
>> Voice: +1.616.261.7987 email: [EMAIL PROTECTED]
>>
>> >>> "Mike Anning" <[EMAIL PROTECTED]> 5/25/00 1:27:53 PM >>>
>> >
>> >Does anyone know if there is an easy way for the Log Viewer, or the log
>> at least
>> >to be accessible to others.
>> >
>> >I'm thinking of allowing helpdesk type people to view the log so they can
>> easily
>> >diagnose simple problems.
>> >I realise I could install the Log Viewer onto their systems with a Read
>> Only
>> >account, but I was wondering if anyone knows of a way to make the current
>> log
>> >available through a web browser.
>> >
>> >Any thoughts would be greatly appreciate
>> >
>> >Cheers
>> >
>> >Mike
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
