Back to Article List
InsideOut Makes Firewall Reporting Useful
By Brien Posey
January 9, 2002
If you've read Laura Taylor's Read Your Firewall Logs! then you understand just how important it is to review your firewall's logs on a daily basis. Unfortunately, firewall logs can be cryptic and very difficult to analyze. There are a number of firewall reporting products on the market that attempt to address this problem, however one particular product recently caught our attention. Unlike many of the other firewall reporting products on the market, Stonylake Solutions' InsideOut Firewall Reporter is truly useful. InsideOut reports the same basic type of information as most other firewall reporting software, but does so in a manner that's surprisingly easy to comprehend.
In the summer of 2000, Blair Robert (Founder Nevada Learning Series) and Pradeep Pathade (former CTO of Nevada Learning Series) decided that they were frustrated with other firewall reporting tools and needed to develop a product that addressed the shortcomings of the firewall reporters that were presently on the market. The duo formed Stonylake Solutions and their dreams were realized in July of 2001 when they released the first version of InsideOut.
The first feature that makes InsideOut so unique is its accessibility. InsideOut works on both Windows and Linux servers, and the reports are Web accessible. InsideOut allows you to view real-time firewall statistics through a Web browser from anywhere in the world. To showcase this functionality, Stonylake Solutions has placed a live demo of InsideOut on their Website (www.stonylakesolutions.com). This demo allows you to see firsthand exactly what the InsideOut experience is like.
While Web accessibility is nice, InsideOut's best features by far are the reports that it generates. From the beginning Stonylake Solutions realized that traditional firewall reports tend to be difficult to read. Often an experienced IT professional will have to take special training just to be able to understand what the reports are telling them. Even after attending such training, the process of deciphering the reports tends to be very time consuming.
Stonylake Solutions took a different approach though. They decided to develop a firewall reporting product that was so easy to use that it could be used by non IT people, with absolutely no training -- quite an accomplishment for a firewall reporting product. With InsideOut, you can tell at a glance exactly what's going on with your firewalls, rather than having to spend hours going through the logs. You can see an example of one of InsideOut's firewall reports in Figure 1.
Just because InsideOut makes it easy to read the reports, it doesn't mean that it sacrifices performance. InsideOut contains 10 major reports and is capable of generating over 150 other types of reports. As you look through the various reports, InsideOut's powerful navigation and drill down capabilities make it easy to quickly access more detailed information about your firewall. Additionally, the software contains hacker alerts that not only tell you who's persistently chipping way at your firewall, but it will also notify you if your specified refusal threshold is being threatened.
Another way in which InsideOut distinguishes itself from other firewall reporting solutions is that it is the only firewall-reporting product on the market that offers ad hoc, or on the fly, reporting capabilities. This means that you can easily examine your firewall on a whim. This makes InsideOut very useful for both forensic investigations and for simple connection troubleshooting.
Another great thing about InsideOut is the price. At the time of the review, the standard version was selling for $175, and the professional version cost $995.
What's Next For InsideOut?
It seems obvious that InsideOut is setting a new benchmark for firewall reporting. Even so, developers at Stonylake Solutions are already looking to the future. Future versions of InsideOut will include features that make the software even better than it already is.
One of the first things that Stonylake Solutions plans on doing is expanding the InsideOut firewall compatibility list. At the time that this review was written, InsideOut only supported Check Point's Firewall-1, Cisco's PIX firewall, NetScreen and BorderWare. However, in the very near future, InsideOut will support other firewalls including Stonegate, Raptor, Cisco IOS, Gauntlet, and Microsoft's Proxy Server.
Another thing that Stonylake Solutions plans on doing in the near future is releasing firewall specific versions of InsideOut. For example, in the future there will be a version of InsideOut that's specifically designed for Cisco firewalls, and another version that's designed specifically for Check Point firewalls. The advantage to producing firewall specific versions of InsideOut is that presently, each firewall manufacturer uses a different set of codes to report on various events. By creating firewall specific versions of InsideOut, it will be possible for the software to report exactly what's going on with the firewall. For example, rather than simply reporting that your firewall is being attacked, InsideOut will be able to tell you exactly what type of attack is being attempted.
Yet another way in which Stonylake Solutions plans on improving InsideOut is by offering an enterprise edition. Presently, you must run a separate copy of InsideOut for each firewall that you're running. Stonylake Solutions recommends that each copy run on a dedicated server, although the server can be a small one. This technique works well for companies that only have one or two firewalls, but having software distributed across multiple servers can cause management headaches for larger companies. The enterprise edition will allow administrators to manage InsideOut through a single server. As the enterprise grows, administrators simply need to acquire additional InsideOut licenses.
In our opinion, InsideOut is an extremely effective firewall-reporting tool that is well worth its nominal cost. As the product matures, we expect to see InsideOut become a major contender in the firewall reporting market.
If you're interested in acquiring a copy of InsideOut, or would like to know more about it, you may contact Stonylake Solutions directly through the contact information shown below:
P.O. Box 69102
12 St. Clair Ave East
Toronto, Ontario M4T 3A1
(416) 992-0343 Voice
(866) 757-0852 Toll Free
(416) 929-7479 Fax
|Copyright 1997-2015 Relevant Technologies. All rights reserved | Legal and Privacy | Sitemap
Email: email@example.com | Tel: 240.786.4858 | Fax: 855.451.5466 | 8160 Maple Lawn Blvd, Suite 200, Fulton, MD 20759