Introducing 

Prezi AI.

Your new presentation assistant.

Refine, enhance, and tailor your content, source relevant images, and edit visuals quicker than ever before.

Loading…
Transcript

Firewall Log Analysis

INTRODUCTION

Introduction

Analyzing firewall logs is the process of examining data generated by a firewall to gain insights into network security. It helps in identifying and mitigating threats, monitoring network activity, and ensuring the security of an organization's digital assets.

Rationale

1. Need for a Firewall Log analysis Tools?

2. Cost- Effective Solution

3. Data Visualization & Analysis Capabilities

Rationale for Choosing this Model

Cost-effectiveness

POWER BI PRO: $10/user/month, POWER BI PREMIUM: $20/user/month

Splunk Enterprise:$150/month.

SUMO LOGIC: $324/month

Cost-Effective

Datadog: $70/month

Logentries: $48/month

Sematext: $50 per GB per day for 7-day retention

Model

1. Expanding on the Cost-effectiveness

2. Compatibility with Varied Log formats

3. User-friendly Interface

4. Data-driven Decision-making

Model

Key Data Points

Key Data Points

The following are the vital parameters which are essential for the analysis:

1. Timestamp

2. Source/Destination Address

3. NAT Source/Destination Address

4. Content-type

5. Severity

6. Action-block,allow,alert

7. URL/Filename

8. Source Country

9. Destination Country

10. Direction - inbound, outbound

Handling Formats & Input Data

Formats:

1. Log formats from different firewall vendors?

2. How to handle these diverse log formats?

Input data:

1. Process of importing log files to tool

2. Supported log formats- vendor specific

Handling Formats & Input Data

Beautified GUI

Beautified GUI

Conclusions

Conclusions

1. Potential Impact

2. Importance to organization

Learn more about creating dynamic, engaging presentations with Prezi