Talk With an Expert

Check Point Firewall Log Analysis In-Depth

Check Point Firewall Log Analysis In-Depth (PDF, 2.32MB)Published: 10 Nov, 2009
Created by
Mark Stingley

This is a short guidebook for network security analysts who want to find answers about their networks and systems quickly. Using open-source software and off-the-shelf components, an outstanding Check Point firewall log analysis platform can be built for well under $10,000 for an enterprise, or as little as $1,000 or less for more modest needs. Though the focus is on streaming near real-time Check Point firewall logs, the principles herein can be applied to any firewall, or virtually any other log source. This document provides real-world examples of ad-hoc investigations, watchdog anomaly alerting, host profiling, and much more. Through hands-on application of skills every network security analyst needs anyway, raw data can be sifted in every way imaginable. The resulting experience is invaluable.