InsideOut Makes Firewall Reporting Useful

Brien Posey - December 17, 2001

Printer Friendly

E-Mail Article
- To: (e-mail address)
  
  From: (e-mail address)
  
  Subject:
  
  Message:

Articles RSS

Rate this article

Average Reader Rating 0.00

Other articles written by Brien Posey:

Product Review: GFI's LANguard Network Security Scanner

Legacy Single Sign-On: Novell, Evidian, IBM, PassGo, or Computer Associates?

Social Engineering Can Thwart the Best Laid Security Plans

Read Comments

Introduction

If you've read Laura Taylor's Read Your Firewall Logs! then you understand just how important it is to review your firewall's logs on a daily basis. Unfortunately, firewall logs can be cryptic and very difficult to analyze. There are a number of firewall reporting products on the market that attempt to address this problem, however one particular product recently caught our attention. Unlike many of the other firewall reporting products on the market, Stonylake Solutions' InsideOut Firewall Reporter is truly useful. InsideOut reports the same basic type of information as most other firewall reporting software, but does so in a manner that's surprisingly easy to comprehend.

In the summer of 2000, Blair Robert (Founder Nevada Learning Series) and Pradeep Pathade (former CTO of Nevada Learning Series) decided that they were frustrated with other firewall reporting tools and needed to develop a product that addressed the shortcomings of the firewall reporters that were presently on the market. The duo formed Stonylake Solutions and their dreams were realized in July of 2001 when they released the first version of InsideOut.

The first feature that makes InsideOut so unique is its accessibility. InsideOut works on both Windows and Linux servers, and the reports are Web accessible. InsideOut allows you to view real-time firewall statistics through a Web browser from anywhere in the world. To showcase this functionality, Stonylake Solutions has placed a live demo of InsideOut on their Website (www.stonylakesolutions.com). This demo allows you to see firsthand exactly what the InsideOut experience is like.

While Web accessibility is nice, InsideOut's best features by far are the reports that it generates. From the beginning Stonylake Solutions realized that traditional firewall reports tend to be difficult to read. Often an experienced IT professional will have to take special training just to be able to understand what the reports are telling them. Even after attending such training, the process of deciphering the reports tends to be very time consuming.

Stonylake Solutions took a different approach though. They decided to develop a firewall reporting product that was so easy to use that it could be used by non IT people, with absolutely no training -- quite an accomplishment for a firewall reporting product. With InsideOut, you can tell at a glance exactly what's going on with your firewalls, rather than having to spend hours going through the logs. You can see an example of one of InsideOut's firewall reports in Figure 1.

Figure 1. InsideOut makes firewall reports that are extremely easy to read.

click here for larger version

Just because InsideOut makes it easy to read the reports, it doesn't mean that it sacrifices performance. InsideOut contains 10 major reports and is capable of generating over 150 other types of reports. As you look through the various reports, InsideOut's powerful navigation and drill down capabilities make it easy to quickly access more detailed information about your firewall. Additionally, the software contains hacker alerts that not only tell you who's persistently chipping way at your firewall, but it will also notify you if your specified refusal threshold is being threatened.

Another way in which InsideOut distinguishes itself from other firewall reporting solutions is that it is the only firewall-reporting product on the market that offers ad hoc, or on the fly, reporting capabilities. This means that you can easily examine your firewall on a whim. This makes InsideOut very useful for both forensic investigations and for simple connection troubleshooting.

Another great thing about InsideOut is the price. At the time of the review, the standard version was selling for $175, and the professional version cost $995.

What's Next For InsideOut?

It seems obvious that InsideOut is setting a new benchmark for firewall reporting. Even so, developers at Stonylake Solutions are already looking to the future. Future versions of InsideOut will include features that make the software even better than it already is.

One of the first things that Stonylake Solutions plans on doing is expanding the InsideOut firewall compatibility list. At the time that this review was written, InsideOut only supported Check Point's Firewall-1, Cisco's PIX firewall, NetScreen and BorderWare. However, in the very near future, InsideOut will support other firewalls including Stonegate, Raptor, Cisco IOS, Gauntlet, and Microsoft's Proxy Server.

Another thing that Stonylake Solutions plans on doing in the near future is releasing firewall specific versions of InsideOut. For example, in the future there will be a version of InsideOut that's specifically designed for Cisco firewalls, and another version that's designed specifically for Check Point firewalls. The advantage to producing firewall specific versions of InsideOut is that presently, each firewall manufacturer uses a different set of codes to report on various events. By creating firewall specific versions of InsideOut, it will be possible for the software to report exactly what's going on with the firewall. For example, rather than simply reporting that your firewall is being attacked, InsideOut will be able to tell you exactly what type of attack is being attempted.

Yet another way in which Stonylake Solutions plans on improving InsideOut is by offering an enterprise edition. Presently, you must run a separate copy of InsideOut for each firewall that you're running. Stonylake Solutions recommends that each copy run on a dedicated server, although the server can be a small one. This technique works well for companies that only have one or two firewalls, but having software distributed across multiple servers can cause management headaches for larger companies. The enterprise edition will allow administrators to manage InsideOut through a single server. As the enterprise grows, administrators simply need to acquire additional InsideOut licenses.

The Verdict

In our opinion, InsideOut is an extremely effective firewall-reporting tool that is well worth its nominal cost. As the product matures, we expect to see InsideOut become a major contender in the firewall reporting market.

About The Author

Brien Posey is Relevant Technologies' Vice President of Research and is a Microsoft Certified Systems Engineer (MCSE). Mr. Posey is an award winning technology author, and has published over 2000 articles for a variety of web sites and printed publications including ZDNet, TechRepublic, Microsoft's TechNet Portal, and Windows 2000 Magazine.

http://www.relevant.com

If you're interested in acquiring a copy of InsideOut, or would like to know more about it, you may contact Stonylake Solutions directly through the contact information shown below:

Stonylake Solutions
P.O. Box 69102 12 St. Clair Ave East
Toronto, Ontario
M4T 3A1

http://www.stonylakesolutions.com

comments powered by Disqus

Demystifying SAP Solution Manager | Cloud Assets: A Guide for SMBs—Part 3 | I Want My Private Cloud | The Sum of All Malware Fears: Siemens on Stuxnet | Managing the Overflow of E-mails | Security Risk Assessment and Management in Web Application Security | Are You Adequately Protecting Your IT Infrastructure Components Inside the Firewall? | Enterprise Resource Planning Giants Eye the Shop Floor | Who Else is Using Your Wireless Network? | Information Security Firewalls Market Report Part Two: Current Market Trends and User Recommendations | Information Security Firewalls Market Report Part One: Market Overview and Technology Background | Automated Enterprise: Many High-ROI Opportunities | Secure Transfers of Large Files Over the Internet Using YouSendIt | Fed Warms Up to ERP Spending, but Will Contractors and Their ERP Vendors Comply? Part Two: Challenges and User Recommendations | Feds Warms Up to ERP Spending, but Will Contractors and Their ERP Vendors Comply? Part One: Event Summary and Market Impact |

Product Review: GFI's LANguard Network Security Scanner | The Best ACT! Is Still to Come | HIPAA-Watch for Security Speeds Up Compliance Part Two: Phase III and IV, and Product and User Recommendations | HIPAA-Watch for Security Speeds Up Compliance Part One: Vendor and Product Information | EAM Versus CMMS: What's Right for Your Company? Part One | Using PKI to Protect Your Business Information | The CyberAngel: Laptop Recovery and File Encryption All-in-One | Evaluating Enterprise Software-Business Process or Feature/Function-Based Approach? All the above, Perhaps? Part Three: Knowledge Bases and User Recommendations | InsideOut Firewall Reporter Unravels the Mysteries of Your Firewall Logs | The Future of Secure Remote Password (SRP) Part Two: Overcoming Obstacles to Success | The Future of Secure Remote Password (SRP) | Integrated Security: A New Network Approach Part Two: The Shift Toward Integration | Integrated Security: A New Network Approach | Vendor Analysis: Kaspersky Anti-Virus Products Examined | 6 Immediate Business Improvements Offered by an Online SRM System: Part 3: Other Points to Consider | Legacy Single Sign-On: Novell, Evidian, IBM, PassGo, or Computer Associates? | Fourth Shift's evolution Within SoftBrands' DemandStream | OKENA Brews Up a StormSystem that Secures All Applications | Incident Handling and Response Capability: An IT Security Safeguard Part 2: Establishing the Capability | Incident Handling and Response Capability: An IT Security Safeguard Part 1: Are You Ready to Support an Incident Response Capability? | Outsourcing Security Part 3: Selecting a Managed Security Services Provider | Outsourcing Security Part 2: Measuring the Cost | Outsourcing Security Part 1: Noting the Benefits | Vendor Review: SecureWave Protects Microsoft Operating System Platforms | Thanks to a Smart Little Company called Lexias, CIOs Can Now Empower their Users to Assist in eBusiness Security | Feds Buckle Down on Customer Information Security | Identix Leads Biometric Authentication | Bootcamp for the Pros; Why Ernst & Young Will Lead Security Auditing Standards | Vendor Analysis: Interliant's Security Vulnerability Assessment | OKENA Pioneers Next-Generation Intrusion Prevention | Social Engineering Can Thwart the Best Laid Security Plans | Application Single-Sign On: Netegrity, Securant, or Evidian? | Lost Your Laptop? The CyberAngel® Brings It Back | The SOAP Opera Progresses - Helping XML to Rule the World | Talarian and NextSet Team for B2B Solutions | Tempest Creates a Secure Teapot | E*Trade Ignores Private Security Warning, But Public Hullaballoo Gets Response | My Network Engineers are Talking about Implementing Split DNS. What Does that Mean? | Human-Machine Interaction Company Ramps Up Firewall Product Line | Security Information Market Heading for Growth | Alibris Charged with Intercepting Email | Cart32 in Need of Duct Tape | Deutsche Telekom to Acquire VoiceStream Wireless | Study Shows: FBI Alienates Industry Security Experts | Firewall Cowboyz Set the Stage to Free Innocent Convict | Symantec Swallows AXENT; Takes on Network Associates | Novatel Wireless and Diversinet Team Up to Provide Security for Wireless Modems | Windows 2000 Bug Fixes Posted | Baltimore Technologies Doubles Revenues, Offers World-Class PKI Hosting | The Whys and Hows of a Security Vulnerability Assessment | Earthlink Leads the Way in DSL Security | PKI and Biometrics Ready for Take-Off | Secure Transport of EDI and XML for Trading Exchanges | Can You Trust Entrust? | Standard & Poor's Announces Security Certification | Check Point Leads Firewall Market | Fighting Cybercrime on the Internet | NetWare for Small Business – NetWhy? | Let Your Hard Drives Tell You Where they Are! | E&Y Spins-Off eSecurity Online and Unveils Security Vulnerability Assessment Services | With Record Revenues, AXENT Puts Down a Solid Fist | NAI Will Pay Trend $12.5 Million Resulting from Law Suit | Sub7 Tells Chat Rooms All Your Stuff; F-Secure Leads the Battle | E-Cash Rollout Replaces Amex | GSA Schedule Partnership Gets Network-1 in the Door | Los Alamos Loses Top-Secret Information, Again! | Standard & Poor's Exposes Customers' Security | The AS/400 Takes You Securely Where You Want to Go | Trend Micro Steps into PDA/Wireless AntiVirus Information Market | CryptoSwift Takes Rainbow Revenues Up 620% | Smart Shoppers Go Abroad for Affordable Information Security Programs | Anti-Virus Advisories: Rating Them | The 7 Habits of Highly Effective Security | Fischer’s Prio! SecureSync ~ A Solution to Enterprise Directory Chaos | Abandon All Insecurity, Ye Who Enter Here | Top 10 Excuses For Not Securing Your Website or Network | Ernst & Young Leads Big 5 in Security | 6 Days After Advisory Posted, AboveNet Gets Hit | A Firewall is Cheaper Than a Lawyer | Fixing Security Backdoors:
Red Hat 1, Microsoft 0 | WAP Forum Specifies RSA’s RC5 Encryption For Wireless | Netpliance Responds Quickly to Hardware Hack | Security Stocks Burn Rubber | DSL Provider Scoops up Netscreen Firewall Goldmine | Cyclone Untangles Digital Partnerships | Security Begins on Your Desktop | Network Associates Hopes to Rekindle the Flame | Hacker Publication Gets Top Defense Attorney | Saudi Arabian Network Security Provokes Local Considerations | Gosh, There’s a Bug in Windows 98 | Robust Systems are Built from the Bottom Up | DOJ Keeps Low Profile on Curador; Protect Your IIS Server Today! | Security Breach: Now What? | Sendmail, Inc. and Disappearing, Inc. Team Up to Add Enhanced Security | Is Your Financial Transaction Secure? | Compaq, HP, IBM, Intel and Microsoft Create New PC Security Alliance | Expect Boom in Electronic Signatures | Secure Your Search Engine | President Proposes Security of Medical Records | Sendmail Takes Security to the Next Level with Version 3.0 for NT | CheckPoint & Nokia Team Up to Unleash a Rockin' Security Appliance | Trend Micro Anti-Virus Server for Microsoft Exchange ~ A Secure Choice For Enterprise Wide Anti Virus Protection. | Security Snafu at NetBank | Freeware Vendor's Web Tracking Draws Curses | The "S" in SAP Doesn't Stand for Security (that goes for PeopleSoft too) | Content Technologies releases MIMEsweeper PolicyPlus | Hackers Will Be Out in Full Force On New Year's Eve | Analysis of Virgin Net's Hacker Scare | Network Associates RePositions Itself as a Security E-Village | Lexiguard™: The Coming "Adobe Acrobat" of Encryption | CyberPeepers from Korean Sites Peek at U.S. Networks | Would You Hire a Hacker? What Would Your Mother Say? | @Home Scans Own Customers | CIOs Need to Be Held Accountable for Security | New Market for Security Insurance | At Least Your Boss Can't Read Your Home E-mail, Right? Wrong! | PrettyPark Virus Litters Cyberspace | Packard Bell / NEC Leads Secure Etoken Deployment | Congress Acknowledges Outdated Banking Laws | How Secure is Your E-Mail? | Trend Virus Control System - A Centralized Approach to Protection | VPNs Are Hot, but What Are They? | ATM Machines Hacked in Moscow | How To Mitigate Holiday Cybercrime | Surf's Up at Akamai |

Hersheys Halloween Nightmare Of	How To Respond To A Request For Proposal Sample	Informatica Software Free Version Install	Information Management System Of Maruti Udyog	How To Test Laptop Performance	How To Write Formal Applications	How To Write Request For Funding
High Jump Spikes	Influence Of Time In Decision Making	Influence Of Marketing Managers In Decision Making	Intention Example	How To Use A Scoring Matrix	Justification For Sole Source Example	How To Value An Electrical Contracting Business
Hold Invoice Pending Approval	Infor Erp Business Processes	Informatica Power Center Tutorial	International Asset Management	Job Or Service Proposal Letters	How To Write Criteria In Excel

Analyst Reports

Interactive Case Studies

Downloadable Reports and Templates

Custom Reports

Selection Services Overview

Complete Selection Projects

Software Selection Reports

Supplementary Services

Case Studies and Brochures

Consultants

TEC Advisor

ERGO

RFI / RFP Templates

Software Evaluation Reports

Company Overview

Careers

Press Room

Analysts / Selection Services

InsideOut Makes Firewall Reporting Useful