ManageEngine Firewall Analyzer Changelog

What's new in ManageEngine Firewall Analyzer 12.8 Build 128236

Apr 28, 2024

Support ID : 9685842, 9704305 - Risk Analysis support has been extended for Cisco & FirePower devices.
Support ID : 9671474 - "Source MAC Address" is available in FortiGate syslog. Firewall Analyzer now provides an option to show the "Source MAC Address" instead of "Source IP Address" in Reports and RAW search report.
Support ID : 9446760 - Now, customers can map "Multiple IPAddress" for single user in 'Manual Mapping' under 'Username-IP Mapping' settings.
Support ID : 9770587 - Source Country and Destination Country values have been included in "Alarm Notification Mail" message now.

New in ManageEngine Firewall Analyzer 12.8 Build 128181 (Mar 15, 2024)

New in ManageEngine Firewall Analyzer 12.8 Build 128151 (Feb 5, 2024)

New in ManageEngine Firewall Analyzer 12.8 Build 128100 (Jan 18, 2024)

New in ManageEngine Firewall Analyzer 12.7 Build 127261 (Dec 22, 2023)

New in ManageEngine Firewall Analyzer 12.7 Build 127314 (Dec 1, 2023)

New in ManageEngine Firewall Analyzer 12.7 Build 127257 (Oct 27, 2023)

New in ManageEngine Firewall Analyzer 12.7 Build 127244 (Sep 29, 2023)

New Features and Enhancements:
Support ID: 8306567, 8317051, 8612227 - 'Rule Change History Reports': Customers can find out who made, what operation, (add, modify, delete) and when on any of the firewall rule during various time periods and the trend.
Support ID: 8887965 - 'Rule Management reports' (Policy Overview, Optimization, Change Management, Security Audit, Config Backup) are now supported for Cisco Routers.
Support ID: 8948139 - 'Risk Analysis report' is now supported for Palo Alto firewalls.
Support ID: 8580609 - Policy Optimization support for MikroTik devices.
Support ID: 8399927 - 'Allowed URL' report is now supported for Huawei firewalls.
Support ID: 8948139 - SOC-II Compliance support is now available for all firewalls.
Support ID: 9079992 - 'Risk Analysis report' complete export has been provided while selecting 'Show by Risk' option from UI.
Support ID: 8948139 - Option to customize the report name and description for all Standards/Compliance reports.
Support ID: 8910202 - 'Policy Optimization report' population is considered with different accept and deny actions like 'deny', 'drop', 'reject' and 'accept', 'allow', 'permit' for different vendor cases.
Firewall Analyzer server's disc space information (Total disk space, Free disk space, Table size in GB and redirection to cleanup settings) is shown as warning in 'Change Management report' page when the installation folder goes below the configured one to avoid disk full issue.
Issues Fixed:
Support ID: 8601828, 8814706 - Fixed the Cisco Firepower rules count mismatch issue comparing with the vendor GUI.
Support ID: 8808655, 8797006 - Unable to add user in 'Probe server' while selecting multiple firewalls. This issue is fixed.
Support ID: 8605633 - Fixed the Sophos XG device rule data population issue.
Support ID: 8705545 - Fixed the Cisco device rule data population issue.
Support ID: 8956460 - Fixed the issue with device rule commands executed in the reverse order randomly.
Support ID: 8949016 - Fixed the Palo Alto firewalls device rule data parsing issue.
Support ID: 8925777 - Firepower detected as Cisco firewall due to timestamp parsing issue.This issue is fixed.

New in ManageEngine Firewall Analyzer 12.7 Build 127187 (Aug 19, 2023)

New Features and Enhancements:
SupportID : 8846697 - Rule Expiry Notification feature support extended for PFsense firewall.
SupportID : 8846697 - Rule Tracking ID is now displayed in Policy overview & Cleanup reports for Pfsense firewall.
SupportID : 8856344 - Real-time change detection based on "Install policy" syslog is now supported for Checkpoint firewalls.
SupportID : 8784836 - Translated source IP, Translated source port, Translated destination IP, Translated destination port information are parsed in Sonicwall enhanced syslog format and these details are showing in RAW search report.
SupportID : 8958939 - In Custom reports, we were previously showing "Resource name" for newly added Report types. It has been replaced with "Display name".
Multibyte characters support is now available for all user specific input report pages.
Enterprise : Now, Firewall EE summary dashboard in the OPM-Enterprise Edition "Scalability & Unified-Console" modes has been made available with Firewall add-on data.
Issues Fixed:
SupportID : 8918114 - Incorrect logging disabled rules were displayed in security audit report of Firepower device. This issue is fixed now.
SupportID : 8909486 - For Netscreen firewalls, even when device rule is success, no data is displayed for policy overview and policy optimization. This issue is fixed now.
SupportID : 8846697 - All Objects were displayed under Rule cleanup - unassigned objects report for Pfsense firewall. This issue is fixed now.
SupportID : 8757385 - NIST section 2.10.1 is showing Failed for Fortigate firewall even when it has explicit deny rules. This issue is fixed now.
SupportID : 8965053 - VPN sessions report showing "Total bytes" as 0 MB for all VPN transaction for Sonicwall firewall. This issue is fixed now.
SupportID : 8885931 - Audit Logs report is empty for Sophos XG firewall due to parsing issue. This issue is fixed now.
SupportID : 8901512 - Active VPN Users Report showing empty under Device summary page in Inventory for Checkpoint firewalls. This issue is fixed now.
SupportID : 8846697 - pfSense device rule parsing issue has been fixed.
SupportID : 8996020 - VPN parsing issues in Barracuda firewalls has been fixed.
SupportID : 8977066 - Unable to generate standards report in some specific cases. This issue is fixed now.

New in ManageEngine Firewall Analyzer 12.7 Build 127131 (Jul 19, 2023)

New in ManageEngine Firewall Analyzer 12.7 Build 127130 (Jul 5, 2023)

New Features and Enhancements:
New device support: Barracuda Web Application Firewall (WAF).
Rule Management and Compliance support for 'Mikrotik' firewalls using CLI.
Auth token based 'Device rule' support is provided for FortiGate firewalls to generate Rule Management and Compliance reports.
XLS and CSV export options provided for 'Rule Expiry' reports.
New 'Proxy server settings' page is introduced under 'Settings' tab.
Translated source IP, Translated source port, Translated destination IP, Translated destination port details are included in RAW search report.
Option to delete the configuration version data from database is provided to manage the hard disk optimally.
New 'Device Group' based Rule Management and Compliance Report support for multiple firewalls.
Customers can push 'Network objects' and 'Security rules' to multiple firewalls simultaneously.
Rule and Object search across firewalls.
Usability Enhancements:
Compliance Standards summary and details page has been revamped for better usability.
All graphs shown under 'Reports' and 'Rule Management' tabs are now loaded with 'Data labels' for all charts types (Bar, Line, and Area).
Issues Fixed:
Admin log parsing issue for SonicWall firewalls. This issue is fixed.
VPN syslog parsing issue for OPNsense firewall is fixed.
Unable to save the 'Archived files' in collector server of Firewall Analyzer Enterprise edition. This issue is fixed.
Device delete from the 'Inventory snapshot' page is not properly deleting the manual device add entries. This issue is fixed.
Exported data of 'Object Usage report' in XLS, PDF, and CSV formats is not matched which is populated under 'Rule Management > Optimization' page. This issue is fixed.
User specific filter is not applied properly in 'Custom Report' for Active VPN users and VPN sessions report.This issue is fixed.
VPN type showing as 'SSL VPN' for all VPN sessions by default for Sophos XG firewalls. This issue is fixed to show the proper VPN type (i.e., SSL VPN or IPsec VPN).
Hourly Trend Comparison reports of 'Traffic trend report', 'Event trend report' and 'Protocol trend report' are not showing the data in the correct order. This issue is fixed.
Username value having more than 200 characters for few users when we fetch from Active Directory. So this value is skipped for proper reporting.
Byte value in IPsec tunnel traffic syslog is huge, because it is accumulated value. Now the 'Byte' calculation for IPsec tunnel traffic is properly handled.
Alarm generation stopped working after sometime due to an internal issue. This issue is fixed.

New in ManageEngine Firewall Analyzer 12.7 Build 127101 (May 11, 2023)

New Features and Enhancements:
Support ID: 6540464, 7494865, 8186738 - Risky rules analysis and reporting for FortiGate firewalls.
Support ID: 8627050 - SSL VPN log Report is now supported for Cisco Meraki firewalls.
Support ID: 8634992 - New timestamp format is now supported for pfSense firewalls.
Webhook integration has now been added to Firewall Analyzer's Notification Templates. With this, users can configure Webhook calls to be made based on certain trigger criteria.
Empty email subject has been replaced with report name for 'Send Mail' options in Inventory, Reports, Rule Management and Standards report pages
Issues Fixed:
Support ID: 8743128 - pfSense firewall's 'Policy Overview' report shows wrong interface name. This issue is fixed now.
Support ID: 5982896 - Weekly trend comparison reports of 'Traffic trend report' and 'Event trend report' is not showing the data in the correct order. This issue is fixed now.
Support ID: 8638646 - VPN syslog parsing issue in Check Point Log Exporter CEF format is fixed now.
Support ID: 8608159 - Parsing issue of SonicWall device is fixed to populate the report under Admin Reports > Successful Login.
Support ID: 8605633 - Parsing issue in the Sophos XG configuration file have been fixed.
Support ID: 8523005 - Policy overview report is not populated for FortiGate devices due to 'null' value in ISDB service data is fixed.
Support ID: 8297281 - VPN type showing 'SSLVPN' for all VPN session by default for SonicWall firewall. This issue has been fixed to show the proper VPN type (i.e. SSLVPN or IPsec VPN).
Support ID: 8698521 - In Alarms, we are showing the Resource name in Alarm pop-up and Alarm Mail. Now, we are showing the Display name of the device in Alarm pop-up and Alarm Mail.
Support ID: 8670029 - After applying the extended license, unable to add more than two devices manually during the evaluation period. This issue has been resolved.
Support ID: 8666012 - Login prefix handling changes done for 'Device Rule' configuration for CLI based configuration fetch cases.
Check Point LEA server configuration for Log monitoring support has been removed to avoid 32-bit dependency.

New in ManageEngine Firewall Analyzer 12.6 Build 127000 (Apr 26, 2023)

New in ManageEngine Firewall Analyzer 12.6 Build 126307 (Mar 21, 2023)

New Features and Enhancements:
Support IDs: 8416974, 8285818, 8411305 - 'Source Country' column has been added extra in 'Active VPN Users' and 'VPN Sessions' reports.
Support ID: 8446080 - New timestamp and syslog format supported for VMware NSX firewall.
Support ID: 8475348 - The CLI based device rule page now supports a new prompt ("]") value.
Support ID: 8590688 - Dynamic configuration path changes have been included for the pfSense firewalls in device-rule configuration page.
Support ID: 7289486 - Export to 'XLS' option has been provided for 'Configuration Comparison Report'.
Firewall Analyzer Enterprise Edition:
Customers will receive notifications, if the Probe to Central communication is lost for long time.
Automatically shutdown of Probe server, if the communication has been lost over 15 days with Central server.
Issues Fixed:
Support ID: 8378102 - Rule fetching actions skipped for root device for FortiGate Split-task VDOM enabled cases.
Support ID: 8378363 - Updated the access code for Sophos XG Rest API.
Support ID: 8590688 - Dynamic configuration path changes have been included for the pfSense firewalls.
Support ID: 8590688 - Shell option handling done for the pfSense firewalls.
Support ID: 8590688 - pfSense device rule parsing issue has been fixed.
Support ID: 8590688 - pfSense schedule configuration is not working issue has been fixed.
Support ID: 8188533 - Parsing issue in the commit syslog for Palo Alto firewall is fixed.
Support ID: 8439266 - VPN logout syslog '721018' event is parsed now and the Active VPN Users report showing properly for Cisco firewall.
Support ID: 8476306 - Fixed the issue to show the VPN type as 'VPN tunnel name' instead of IPSEC for tunnel based VPN sessions for FortiGate firewall.
Support IDs: 8080124, 8489754 - Syslog parsing issue in Watch Guard firewalls has been fixed.
Few I18N keys were missing, when 'Rule Suggestion Report' was exported to 'XLS' or 'CSV'. This issue is fixed.
PDF on demand and mail export options were not working, if both HTTP and HTTPS were enabled on a server. This issue is fixed.

New in ManageEngine Firewall Analyzer 12.6 Build 126307 (Mar 19, 2023)

New Features and Enhancements:
Support IDs: 8416974, 8285818, 8411305 - 'Source Country' column has been added extra in 'Active VPN Users' and 'VPN Sessions' reports.
Support ID: 8446080 - New timestamp and syslog format supported for VMware NSX firewall.
Support ID: 8475348 - The CLI based device rule page now supports a new prompt ("]") value.
Support ID: 8590688 - Dynamic configuration path changes have been included for the pfSense firewalls in device-rule configuration page.
Support ID: 7289486 - Export to 'XLS' option has been provided for 'Configuration Comparison Report'.
Firewall Analyzer Enterprise Edition:
Customers will receive notifications, if the Probe to Central communication is lost for long time.
Automatically shutdown of Probe server, if the communication has been lost over 15 days with Central server.
Issues Fixed:
Support ID: 8378102 - Rule fetching actions skipped for root device for FortiGate Split-task VDOM enabled cases.
Support ID: 8378363 - Updated the access code for Sophos XG Rest API.
Support ID: 8590688 - Dynamic configuration path changes have been included for the pfSense firewalls.
Support ID: 8590688 - Shell option handling done for the pfSense firewalls.
Support ID: 8590688 - pfSense device rule parsing issue has been fixed.
Support ID: 8590688 - pfSense schedule configuration is not working issue has been fixed.
Support ID: 8188533 - Parsing issue in the commit syslog for Palo Alto firewall is fixed.
Support ID: 8439266 - VPN logout syslog '721018' event is parsed now and the Active VPN Users report showing properly for Cisco firewall.
Support ID: 8476306 - Fixed the issue to show the VPN type as 'VPN tunnel name' instead of IPSEC for tunnel based VPN sessions for FortiGate firewall.
Support IDs: 8080124, 8489754 - Syslog parsing issue in Watch Guard firewalls has been fixed.
Few I18N keys were missing, when 'Rule Suggestion Report' was exported to 'XLS' or 'CSV'. This issue is fixed.
PDF on demand and mail export options were not working, if both HTTP and HTTPS were enabled on a server. This issue is fixed.

New in ManageEngine Firewall Analyzer 12.6 Build 126290 (Feb 10, 2023)

New in ManageEngine Firewall Analyzer 12.6 Build 126275 (Jan 12, 2023)

New in ManageEngine Firewall Analyzer 12.6 Build 126262 (Jan 4, 2023)

New in ManageEngine Firewall Analyzer 12.6 Build 126255 (Jan 4, 2023)

New Features and Enhancements:
Object overview with associated rules report support for all firewall devices.
Support ID: 8163066 - Rule Management, Compliance and Configuration backup support provided for FortiGate VDOM devices with API mode.
Support ID: 7946876 - Remote Access VPN type logs support for Juniper SRX firewall device.
Support ID: 8043068 - Option to change the IP address in SNMP settings.
Support ID: 7954995 - New Timestamp format support for Cisco ASA firewall.
Issues Fixed:
Support ID: 7941797, 8089961 - Unused rule data population issue for the Cisco firewalls while using the configuration file is fixed.
Support ID: 8175244, 8089961 - For the FortiGate rule name value empty cases, rule id population changes to be done in the device rule parsing code. This issue is fixed.
Support ID: 8067039 - Cisco device rule parsing issue fixed.
Support ID: 8021274 - Sophos UTM device rule processing issue fixed.
Support ID: 8163066 - Palo Alto device rule failed due to special character availability in the Palo Alto device configuration file issue fixed.
Support ID: 8186738 - Check Point firewall cases, standard reports show undefined values in few cases. This issue is fixed.
Support ID: 7981069 - When any new API access code included for the Sophos UTM firewalls, facing the error in the primary API access code. This issue is fixed.
Support ID: 8163066 - FortiGate API access not working issue fixed.
Support ID: 7794632 - Email ID field having '&' symbol. Customer wants to create a custom report profile with notification for Email with '&' symbol. This issue is fixed.
Support ID: 7921661 - Sent byte, Received byte, Duration values are null in web filter logs for Sophos XG firewall device is handled.
Support ID: 8017870 - RAW search for denied logs showing no data for Cisco Meraki firewall. This issue is fixed.
Support ID: 8021274 - Logout event is not showing in Admin Reports and Audit Logs report for Sophos UTM firewalls. This issue is fixed.
Support ID: 8159724 - 'Active VPN users' report under 'Custom Reports' is not generated for MS SQL. This issue is fixed.
Support ID: 8163818 - Unable to create schedule for security audit report as device name contains more than 50 characters. This issue is fixed.
Support ID: 8216879 - Date and time is not correct under Duplicate Objects. This issue is fixed.

New in ManageEngine Firewall Analyzer 12.6 Build 126165 (Oct 14, 2022)

New in ManageEngine Firewall Analyzer 12.6 Build 126150 (Sep 28, 2022)

New in ManageEngine Firewall Analyzer 12.6 Build 126133 (Aug 19, 2022)

New in ManageEngine Firewall Analyzer 12.6 Build 126118 (Jul 28, 2022)

New in ManageEngine Firewall Analyzer 12.6 Build 126116 (Jul 19, 2022)

New in ManageEngine Firewall Analyzer 12.6 Build 126115 (Jul 13, 2022)

New Device/Log format support:
Support ID: 7738902 - New device support - ContentKeeper proxy device.
New Features and Enhancements:
Security audit report supported for Huawei firewalls.
New 'Basel II' compliance audit report is supported for all firewalls.
Support ID: 7771759 - Application Report for WatchGuard firewalls.
Support ID: 7790516 - TFTP support provided for Hillstone firewalls for Rule management functionalities and reports.
Support ID: 7810056 - Option to exclude the archive storage for the syslogs with the IPs given in the Exclude host settings.
Support ID: 7769738 - Provided an option to customize the Duration column in HH:mm:ss format in Reports.
Support ID: 7778839 - Severity Level field is parsed and shown in RAW search report and provided a criteria for Severity Level in RAW search.
Firewall Analyzer - Enterprise Edition: Option to update Central server details in Probe UI has been provided.
Issues Fixed:
Support ID: 7773520 - Fixed PaloAlto device rule parsing issue.
Support ID: 7748969 - SSH and VPN relation section details are corrected in the Sophos-XG security audit reports.
Support ID: 7757786 - Device rule data population issue fixed for the FortiGate firewalls.
Support ID: 7752707 - Application control logs are falling under Attack Reports for SonicWall Firewall. This issue is fixed.
Support ID: 7698475 - Configuration backup 'monthly' schedule was not working properly. This issue is fixed.
Support ID: 7766446 - URL log parsing issue for Juniper SRX firewalls is fixed.
Support ID: 7776576 - URL log parsing issue for FortiGate firewall is fixed.
Support ID: 7764286 - VPN log parsing issue in SonicWall SSL-VPN SMA appliances is fixed.
Support ID: 7793554 - PCI DSS 1.1.7 section got failed when schedule is configured case. This issue is fixed.
Support ID: 7823846 - Huawei device unused rule shows garbled character. This issue is fixed.
Support ID: 7647221 - File import failed for PaloAlto vsys devices in Device Rule. This issue is fixed.
Support ID: 7737753 - 'log enabled' status is shown as failed in ISO compliance report for Cisco device. This issue is fixed.
Support ID: 7586558 - IP address is changed to Management IP for Check Point Firewall Log Exporter CEF format. This issue is fixed.
Support ID: 7757136 - Cisco syslog ID '733100' got stuck while parsing. Due to this, Reports generation was not working as expected. This issue is fixed.
Support ID: 7761858 - In the Security audit report, the SSH check was removed in the 'clear text protocol services' and 'access allowed dangerous services' sections. This issue is fixed.
Support ID: 7729448, 7700328 - Duplicate vdom devices got added for FortiGate firewall. This issue is fixed.
Report export failed in non-English OS machines. This issue is fixed.
Total and Others value included in Scheduled CSV report.
When export CSV report with custom time frame, Start time and End time shown twice in CSV report .This issue is fixed.
Configuration Change Notification report name starts as Chart. Proper naming done.

New in ManageEngine Firewall Analyzer 12.6 Build 126101 (Jun 23, 2022)

New in ManageEngine Firewall Analyzer 12.6 Build 126000 (Jun 14, 2022)

New in ManageEngine Firewall Analyzer 12.5 Build 125648 (May 16, 2022)

New in ManageEngine Firewall Analyzer 12.5 Build 125647 (May 12, 2022)

New Features and Enhancements:
Firewall specific log flow rate and option to stop/start flow processing for individual firewalls.
Support ID: 7680401 - 'Previous Day' schedule option is provided for Change Management schedules.
Support ID: 7744105 - Password protection is available for XLS report type schedule in Custom Report page.
Issues Fixed:
Support ID: 7602649 - In ISO Compliance, 'logging enable section' is failed for FortiGate devices due to parsing issue. Fixed the issue.
Support ID: 7577847 - For Huawei devices, Rule name is not properly shown in Policy optimization and Anomaly reports. Fixed the issue.
Support ID: 7586558 - Anomaly details are not populated on 'Rule Impact Report' for Check Point. Fixed the issue.
Support ID: 7647827 - Rule suggestion failed due to different format in destination port;.Fixed the issue.
Support ID: 7636560 - Update widget action is not working for "Firewall live interface traffic" widget. Fixed the issue.
Support ID: 7618894 - Search action in Raw log search result page is not working. Fixed the issue.
Support ID: 7604024 - Sophos XGS 3100 logs are not added due to different syslog fields are introduced. Fixed the issue.
Support ID: 7579021 - Trend Report is not populated properly in Custom Report. Fixed the issue.
Support ID: 7507077 - VPN log parsing issue for WatchGuard firewall. Fixed the issue.
Support ID: 7629496 - PCI-DSS schedule with LAN not configured case is not working. This issue is fixed.
Support ID: 7448099 - Fixed the 'Unused Rules' showing no data issue is fixed for SonicWall firewalls.
Support ID: 7480045 - Multiple configuration backup tasks executed at same time has failed. Fixed the issue.
Support ID: 6077724 - Check Point device rule data parsing issue fixed.
Support ID: 7682053 - Security Audit report date not updated issue fixed.
Support ID: 7599157 - Device rule command status update code corrected.
Support ID: 7726555 - Unable to delete any created 'Rule Suggestion' report. Fixed the issue.
Support ID: 7573416 - Alarm Drill down is not happening. Fixed the issue.
Support ID: 7692706 - Date Filtering added for OpManager issue is fixed.
Support ID: 7693770 - Rule fetch failed issue fixed for FortiGate firewalls.
Support ID: 7660785 - Issue fixed while getting Change Management related data.
Support ID: 7712253 - The policy overview data not populated issue fixed for SRX firewall.
Support ID: 7727424 - Vdom device rule commands execution time dynamic values update changes in status view page. Fixed the issue.
Support ID: 7624246 - Anchor link removed in Security Audit PDF export. This issue is fixed.
Support ID: 7672560 - For WatchGuard devices, rule name in rule file and configuration file are different, so all rules are populated under 'Unused Rules' reports. Fixed the issue.
Support ID: 7663655 - 'TCP Xmas Tree dropped' logs are not parsed properly to populate under 'Attack Reports' for SonicWall firewalls. Fixed the issue.
Support ID: 7672560 - If Destination is reserved port value throws error while calculating anomaly for WatchGuard devices. Fixed the issue.
Support ID: 7448099 - Unused object is not populated due to parsing issue in SonicWall device if source, destination and service is configured as NA for some rules. Fixed the issue.
Support ID: 7480650 - Device Rule configuration got failed for Huawei devices, because the subnet mask contains description details in it. Fixed the issue.
Support ID: 7674428 - CSV and XLS export under Policy Optimization is not working , CSV export not working for ACE view in Unused Rules page. This issues are fixed.
Support ID: 7682811,7582577 - VPN log parsing issue for Check Point Log Exporter CEF format. This issue is fixed.
Support ID: 7531779, 7626091 - Palo Alto API based device rule configured VSYS cases, logout based configuration fetch failure issue fixed.

New in ManageEngine Firewall Analyzer 12.5 Build 125615 (Mar 25, 2022)

New in ManageEngine Firewall Analyzer 12.5 Build 125582 (Jan 18, 2022)

New Features & Enhancements:
Rule Management and Compliance support for Juniper SRX devices using vendor API.
Support ID: 6390296 - Security audit report support for Juniper SRX firewalls.
Support ID: 7066724 - Redundant/Duplicate object report similar to Redundant policy report.
Support ID: 7184640 - PDF as attachment in the Change Management Notification mail instead of mail content.
Support ID: 7083639 - Others and Total row are now shown in CSV and XLS for custom report.
Support ID: 7434018, 7490537 - Admin report is supported for Check Point Log Exporter CEF format.
Issues Fixed :
Support ID: 7298872 - Assigned IP is not updated in VPN Reports for FortiGate firewall. This issue is fixed.
Support ID: 7452984 - Traffic syslog parsing issue in WatchGuard firewall is fixed.
Support ID: 7446312 - PaloAlto SCP commands not working. This issue is fixed.
Support ID: 7318354 - Stormshield firewall device rule parsing issue fixed.
Support ID: 7194876 - Garbled characters shown in URL Report for non-English installations. This issue is fixed.
Support ID: 7066724 - IPv6 support related Firewall Analyzer device rule security XML regex issue fixed.
Support ID: 7452984 - WatchGuard device rule service protocol parsing issue is fixed.
Support ID: 7463171 - PaloAlto interface is not listed fully in standards page. This issue is fixed.
Support ID: 7289484 - In non-English installations, Security Audit report name garbled characters issue is fixed.
Support ID: 7275763 - Cannot disable schedule under custom schedule list when schedule name contains native language characters. This issue is fixed.
Support ID: 7290303 - Garbled characters are shown when Alert profile name is given as native language character. This issue is fixed.
Support ID: 7275254 - When Japanese character is included in custom report profile name, in Schedule list page, Japanese character is shown as ?. This issue is fixed.
Support ID: 7430658 - While importing a configuration file through file import native language character are garbled in total Rules pages under Overview. This issue is fixed.
Support ID: 7465202 - 'User Connected' report using Reports > Custom Reports option occasionally shows like 'Problem while generating data'. This issue is fixed.
Support ID: 7450412, 7153068 - Performance tuning on syslog processing for PaloAlto firewall.
Sensitive data like password/community fields are masked in Security Audit reports.

New in ManageEngine Firewall Analyzer 12.5 Build 125490 (Dec 6, 2021)

New in ManageEngine Firewall Analyzer 12.5 Build 125488 (Oct 29, 2021)

New in ManageEngine Firewall Analyzer 12.5 Build 125484 (Oct 13, 2021)

New in ManageEngine Firewall Analyzer 12.5 Build 125482 (Oct 8, 2021)

New in ManageEngine Firewall Analyzer 12.5 Build 125467 (Sep 17, 2021)

New in ManageEngine Firewall Analyzer 12.5 Build 125464 (Sep 8, 2021)

New Features and Enhancements:
Firewall Analyzer now supports audit report generation for one more industry standard compliance, GLBA.
Rule expiry feature support for Sophos XG firewalls.
Support ID: 6959349 - Security audit support for
Sophos UTM
WatchGuard M270 (M series)
Support ID: 7229923 - Security audit report schedule and on-demand mail options are now available.
Support ID: 6067997 - New 'VPN connection status' report for individual VPN users.
Support ID: 7220396 - Cisco policy name add option support provided for Rule Administration feature.
Support ID: 6013763 - 'Any User' option for Anomaly alert threshold criteria is available now.
Support ID: 6046758 - Week Days and Week Ends options provided under time criteria in Normal alert profile.
Support ID: 6962782 - Edit option for 'Aggregate search report' has been provided.
Support ID: 7028931, 6989163 - Edit option for 'Rule Suggestion report' has been provided.
Issues Fixed:
Support ID: 7024499 - In Policy Optimization report of Palo Alto, 'userid' field is not taken into account under source field. This issue is fixed.
Support ID: 7113622 - Sophos UTM policy optimization report shows no data issue is fixed.
Support ID: 7117739 - WatchGaurd device rule partial configuration fetch issue is fixed.
Support ID: 7107305 - Cisco policy optimization report shows no data issue is fixed.
Support ID: 7157156 - Customer is unable to open the PDF attachment received in email of the Scheduled Standards Compliance report issue is fixed.
Support ID: 7199808 - Cisco device rule IP v6 rules parsing issue is fixed.
Support ID: 7092596 - Parsing issue in Syslog ID 302304 for Cisco ASA firewall is fixed.
Support ID: 7083091 - Parsing issue in Virus Syslog of Cisco FirePower firewall is fixed.
Support ID: 7206889 - FortiGate security audit report is not generated properly. The issue is fixed.
Support ID: 7113622 - Based on the default rules, rule number population changes are done for Sophos UTM firewalls.
Support ID: 7214550 - If the firewall display name contains " " value cases, any report on the security audit page is not listed. This issue is fixed.
Support ID: 7180068 - Change Management PDF not working for 'custom' time frame and CSV, XLS export has a column missing. This issue is fixed.
Support ID: 6824997 - SNMP based live report is not showing properly for Check Point devices. Because, It is added with Management Server IP address. This issue is fixed.

New in ManageEngine Firewall Analyzer 12.5 Build 125447 (Aug 17, 2021)

New Features:
Support ID: 7052467 - Security Audit report support for FortiGate firewalls.
Support ID: 6825516 - Rule Expiry report support for Check Point firewalls.
Support ID: 6892855 - Rule Management and Compliance support for Hillstone firewalls with CLI and file import options.
XLS and CSV attachment for On-demand 'Send Mail' option from UI has been provided for below reports:
Policy Anomalies.
Rule Suggestion.
Policy Fine Tuning.
Rule Cleanup.
Rule Reorder.
Usability Enhancements:
Support ID: 5502408 - Page loading animation is shown for all firewall reports.
Support ID: 7052467 - Security Audit front page usability has been improved.
Issues Fixed:
Support ID: 7039340 - Sophos UTM device rule data parsing issue fixed.
Support ID: 6989163 - Rule Information in Rule Suggestion page is provided.
Support ID: 6985242 - Add 'Alarm Profile' is not working in other than English language. Fixed the issue.
Support ID: 6628822 - FortiGate SANS Section 15 'Block unwanted ICMP traffic' shows wrong data. Fixed the issue.
Support ID: 7032640 - Cisco FirePower policy overview rules count mismatch issue is fixed.
Support ID: 6840434 - Cisco security audit rule 'To' interface value is wrongly identified issue is fixed.
Support ID: 6891130 - SonicWall device rule partial configuration fetching issue is fixed.
Support ID: 6695851 - FortiGate vdom device rule issue due to same root and vdom device name configuration issue is fixed.
Support ID: 6924941 - Juniper SRX global network objects IP range parsing issue is fixed.
Support ID: 6897821 - Palo Alto rule reorder issue that Firewall Analyzer is suggesting to move the Deny All rule to position 1 due to high hit-count is fixed.
Support ID: 6689149 - Device rule status failed frequently for Cisco FirePower device issue is fixed.
Support ID: 6874460 - Device rule issue for Cisco - partial configuration fetching issue is fixed.
Support ID: 6713122 - Compliance standards report drill down on specific report is showing 'Device rule not configured' message for FortiGatevdom device is fixed.

New in ManageEngine Firewall Analyzer 12.5 Build 125429 (Jul 14, 2021)

New in ManageEngine Firewall Analyzer 12.5 Build 125410 (Jun 7, 2021)

New Device/Log Format Supported:
Support ID: 6897821 - Traffic and Security reports based on Syslog data is supported for Palo Alto VSYS.
New Features and Enhancements:
Support ID: 6897821 - Rule Management & Compliance support for Palo Alto VSYS with CLI and API options.
Support ID: 6897821 - Security Audit report support for Palo Alto VSYS.
Support ID: 6840434 - Security Audit report support for Cisco FirePower devices.
Support ID: 6689149 - Scheduled PDF report for Change Management supported.
Support ID: 6980691 : Check Point Management server policy support for 'Install target' based options.
Option to provide Terminal (SSH/TELNET) settings in user-configuration page.
Issue Fixed:
Support ID: 6715155, 6851245 - Fixed FortiGate VPN log parsing issue for FortiGate FGT100E firewalls.
Support ID: 6716343, 5772716 - SNMP based Live traffic report is not populated due to "IF_DESC" field is empty when fetch from SNMP for FortiGate Firewall, because we have added the interface using "IF_NAME" field. This issue is fixed.
Support ID: 6955963 - Sophos XG Security audit related configuration parsing issue fixed.
Support ID: 6689149 - Fixed parsing issue of Cisco Firepower FTD logs.
Support ID: 6802312 - Fixed parsing issue of Cisco ASA logs.
Support ID: 6813913 - Few users are missing in 'Active VPN Users' report under Reports > VPN Reports tab. This issue is fixed.
Support ID: 6868586 - Fixed StromShield Firewall log parsing issue.
Support ID: 6980691 - Rule cleanup page count mismatch issue fixed for Check Point firewalls.
Support ID: 6980691 - Rule cleanup page, UID based rule data population changes done for Check Point firewalls.
Support ID: 6790141 - Duplicate device added for Check Point Firewall CEF log format. This issue is fixed.
Support ID: 6805374 - FortiGate global command execution in logout Syslog case, VDOM condition was not included. This issue is fixed.
Support ID: 6851345 - Customer having SNMP v3 configuration without encryption password. Firewall Analyzer doesn't allow the customer to save the SNMP v3 settings without encryption password field due to Security XML restriction. This issue is fixed.
Support ID: 6989731 - In Sophos XG devices, Firewall Analyzer uses encrypt password Sophos XG API option to get device rule information. In case of any set up, if the encrypted password is not working, rule fetching did not happen. This issue is fixed.

New in ManageEngine Firewall Analyzer 12.5 Build 125399 (Jun 2, 2021)

New in ManageEngine Firewall Analyzer 12.5 Build 125381 (May 1, 2021)

New in ManageEngine Firewall Analyzer 12.5 Build 125376 (Apr 12, 2021)

New in ManageEngine Firewall Analyzer 12.5 Build 125362 (Mar 26, 2021)

New in ManageEngine Firewall Analyzer 12.5 Build 125361 (Mar 24, 2021)

New in ManageEngine Firewall Analyzer 12.5 Build 125329 (Feb 4, 2021)

General:
There was an Unauthenticated Remote Code Execution (RCE) vulnerability due to general bypass for the deserialization class, as reported by Johannes Mortiz. This has now been fixed. (Refer CVE-2021-3287)
New Device/Logs Supported:
Support ID: 6453957,6267843 - Cisco FMC firewall device support.
New Features & Enhancements:
'Rule Expiry Notification' for any Rule Schedules using configuration data.
Rule Management and Compliance support for Cisco FirePower FTD using vendor API.
Predefined alerts for Anomaly alert profile.
Schedule custom report profiles have another report option XLS in-addition to PDF and CSV.
Raw search report schedule has another report option XLS.
Option to copy Alarm Profiles to create a new alarm profiles with same or additional criteria.
Option to send CSV/XLS in addition to PDF for On demand mailing for all reports and inventory pages.
On demand mail attachments will be sent as zipped PDF/CSV/XLS file instead direct files.
Usability Enhancements:
Alarm Profiles UI revamped to combine multiple pages into single page to improve the usability.
Redirecting to snapshot traffic and report pages from Inventory page for devices, Interfaces, Users and Cloud Services.
Report details are shown clearly like PDF in CSV, XLS export files in all reports.
Support ID: 6413012 - Option to export all records in CSV and XLS for aggregated and raw search reports.
Support ID: 6376637 - Search option has been provided for VPN reports page.
Issues Fixed:
Support ID: 6380742 - pfSense device rule interface parsing issue fixed.
Support ID: 6430765 - FortiGate vdom device rule schedule failed because of no rules available in the root context. This issue is fixed.
Support ID: 6516201 - For Check Point devices, only top 500 rules are shown in reports. Fixed this issue.
Support ID: 6499357 - Partial configuration data fetching of few FortiGate firewalls which have huge number of rules is fixed.
Support ID: 6380742 - pfSense device rule add failed in few cases. This issue is fixed.
Support ID: 6401963 - Attack log parsing issue in Sophos XG firewall has been fixed.
Support ID: 6605606 - Device rule FortiGate isdb name objects configuration parsing is handled.
Support ID: 6589127 - FortiGate ISO Sec13.1.2 failed due to default implicit deny rule is not handled properly. The issue is fixed.
Support ID: 6644799 - Device rule export config failed status message is not shown in red colour. The issue is fixed.
Support ID: 6440012 - FortiGate device rule fails for HA cluster device using credential profile. The issue is fixed.
Support ID: 6477250 - Username shown as unknown in VPN User Transaction Report for FortiGate IPSEC VPN case. The Host IP address is shown as username instead of Unknown.
Support ID: 6416472 - Assigned IP address showing the same as 'Host IP' in active VPN users report for Palo Alto PAN OS 9 version.
Support ID: 6077724 - Rule name parsing issue in Check Point Log Exporter CEF format. This issue is fixed.
Support ID: 6474479 - Parsing issue in F5 BIG-IP firewall has been fixed.
Support ID: 6446762 - Archive and Index location update action under Archive settings is not working for 'Network path' which contains 'IP address' in it. It is fixed.
Support ID: 6314243 - Date and Time displayed in 'Raw Log Search' is not proper. This issue is fixed.
Support ID: 6436465 - Garbled character are shown as 'Raw search' result output, randomly. This isssue is fixed.
Support ID: 6582267, 6520398 - Palo Alto device rule add failed because of the column size of application tables. This issue is fixed.
Support ID: 6499086, 6393407 - SonicWall rule comparison report is showing data based on priority value. The issue is fixed.

New in ManageEngine Firewall Analyzer 12.5 Build 125323 (Jan 5, 2021)

New Features and Enhancements:
Rule Administration support for Cisco ASA using CLI.
Alarm Profiles notification has been enhanced with 'Notification Templates' feature,
Raise new trouble tickets in ManageEngine ServiceDesk Plus, ServiceNow.
Get notified by Slack.
Get notified with a sound alert (Web alarm) in web UI.
Send 'Syslog' messages with event details.
Send 'SNMP traps' with criteria and event details.
Run a system command when an alarm is triggered.
Alarms can be notified via, Email, SMS and Email based SMS template configurations.
Two new Industry compliance standards support based on firewall configuration data
GDPR
HIPAA
Backup files can be compared between latest and any configuration backup file.
Predefined alert configuration for 'Normal' alert profiles.
Rule Suggestion report generation and save for multiple time periods.
Alarm Profiles UI is revamped and merged multiple configuration pages into single page for more usability.
Support ID: 6401389 - On-demand 'Mail' and 'PDF Export' option for Change Management difference reports.
Support ID: 6253246 - Customer can generate 'Raw Search' reports with 'URL Category' and 'Application' criteria now.
Issues Fixed:
Support ID: 6450788 - OutOfMemory Exception issue while generating Change Management difference reports for PaloAlto, WatchGuard, Sophos XG firewalls is fixed.
Support ID: 6268243 - Fortigate device rule ISDB data parsing issue is fixed.
Support ID: 6350784 - WatchGuard device rule ICMP service objects parsing issue is fixed.
Support ID: 6104702 - Scheduled report Save Location option is not working properly. This issue is fixed.
Support ID: 6398383 - Schedule report is not working when Intranet settings is configured. This issue is fixed.
Support ID: 6302212 - Parsing issue in SonicWall logs is fixed.
Support ID: 6305551 - FirePower deny log parsing issue is fixed.
Support ID: 6300962 - Failed VPN login report is not showing for Fortigate firewall. This issue is fixed.
Support ID: 6254628 - URL log parsing issue of Fortigate firewall is fixed.
Support ID: 6108516 - Unused objects data is not populated for rule suggestion drill down report issue is fixed.

New in ManageEngine Firewall Analyzer 12.5 Build 125217 (Oct 1, 2020)

New Device/Log Format supported:
Support Ticket ID: 6232295 - SSL VPN logs support for Huawei firewall.
New Features and Enhancements:
New 'SOX Compliance' report based on firewall configuration analysis.
Scheduled configuration backup (daily, weekly, monthly and once-only).
Rule-Administration (policy add, edit, delete) support for FortiGate firewalls using vendor API.
'Firewall Policy Fine Tuning' report based on network traffic learning (syslog analysis) for different time periods.
A new VPN report 'VPN Usage' to view active users count for various interval over custom time period.
Users can establish device terminal connections using Spark gateway terminal.
Issues Fixed:
Support Ticket ID: 6249040 - Change Management report is not generated for custom time period. The issue is fixed.
Support Ticket ID: 6093916 - Custom Report Edit option is not working properly for non-English language installations. The issue is fixed.
Support Ticket ID: 6175209 - VPN Session Report is not showing proper data. The issue is fixed.
Support Ticket ID: 6216934 - VPN log parsing issue for SonicWall SMA firewall device. The issue is fixed.
Support Ticket ID: 6276594 - Empty page shown in Standards report dirll down pages. The issue is fixed.
Support Ticket ID: 6280717 - Standards report export isn't working. The issue is fixed.
Support Ticket ID: 6282911 - Traffic reports are not populated properly for WatchGuard firewall. It is fixed.
Support Ticket ID: 6254628 - User bandwidth report in 'Inventory' is not showing due to Security XML issue. It is fixed.
Support Ticket ID: 6245363 - VPN log format has been changed in PaloAlto PAN OS 9.1.3 version. Due to this, VPN Reports are empty. The issue is fixed.
Support Ticket ID: 6180774 - VPN, AD, and Other Authentication logs are having the similar pattern of Admin event logs in Sophos XG. So, itfalls under 'Admin' reports.The issue is fixed.
Support Ticket ID: 6281259 - Single user connected in two VPN session with same public IP address and different assigned IP addresses 'Active VPN User' report showing only one VPN session. It is fixed.

New in ManageEngine Firewall Analyzer 12.5 Build 125212 (Sep 9, 2020)

New in ManageEngine Firewall Analyzer 12.5 Build 125200 (Aug 28, 2020)

New Features & Enhancements:
Failover: Users will be able to configure Firewall Analyzer Failover as AddOn with virtual IP address. This helps you achieve 24x7 monitoring of your standalone and distributed network.
Rule Administration (add, edit, delete rules) feature supported for FortiGate device using CLI.
Rule management and Compliance reports support for FortiGate devices using vendor API.
Support ticket ID: 6190253 - Policy Fine Tuning - Rule optimization recommendations based on the history of rule usage for the overly permissive rules.
Support ticket ID: 6000751 - IPSec VPN report support for pfSense firewall.
Support ticket ID: 6189643 - Dial-up VPN type logs supported for Juniper SRX firewall.
Support ticket IDs: 6106756, 6237183, 6162257 - Policy Comparison reports:
Between two configuration, policy files.
Between a file with last fetched configuration available in Firewall Analyzer database.
Between running configuration versions available in Firewall Analyzer database.
Issues Fixed:
FortiGate VDOM device rule ISDB data is not handled properly. This issue is fixed.
Device added but not listed under Inventory issue is fixed.
Support ticket ID: 6180774 - Sophos XG Policy overview filters not working issue fixed.
Support ticket ID: 6045174 - Huawei device rule failed due to improper error message handling is fixed.
Support ticket ID: 6179063 - WatchGuard device rule action field parsing issue is fixed.
Support ticket ID: 6179063 - WatchGuard unused rule parsing issue is fixed.
Support ticket ID: 6206195 - SonicWALL device rule name field parsing issue is fixed.
Support ticket ID: 6142635 - VPN sessions report is not showing properly for PaloAlto firewall device. This issue is fixed.
Support ticket ID: 6152347 - Parsing issue in PaloAlto firewall logs is fixed.
Support ticket ID: 6189643 - URL report is not showing the data properly for Juniper SRX firewall issue is fixed.
Support ticket ID: 6115896 - Date, time text is formatted in UI for all report pages and the exported PDF reports.
Support ticket ID: 6182198 - Assigned IP address showing the same as Source IP address in Active VPN Users report for SonicWALL firewall issue is fixed now.

New in ManageEngine Firewall Analyzer 12.5 Build 125194 (Aug 8, 2020)

New in ManageEngine Firewall Analyzer 12.5 Build 125180 (Jul 25, 2020)

New in ManageEngine Firewall Analyzer 12.5 Build 125160 (Jun 19, 2020)

New in ManageEngine Firewall Analyzer 12.5 Build 125142 (May 26, 2020)

New in ManageEngine Firewall Analyzer 12.5 Build 125141 (May 21, 2020)

New device/Log format supported:
New device support - WinGate proxy server.
New timestamp format is supported in FirePOWER 6.4 or later version.
New features and enhancements:
Rule administration support (Add, Edit, Delete rules) for the below devices:
Sophos XG
Sophos UTM
Report profiles widget selection option given for all reports.
Individual report scheduling (on demand) with widget selection as custom report from report pages.
New separate 'VPN Reports' tab to view all VPN reports with more VPN statistics.
On demand and report profile schedule option for 'Active VPN Users' report for devices.
Store VPN session details in separate tables to maintain individual connections to get more VPN reports.
Customers can get more granular VPN data like start-time, end-time, duration, server and client IP addresses for each VPN connection without crunching.
VPN report support for Cisco Meraki device.
VPN report support for Stormshield device.
Internet service objects based policy handling supported for FortiGate device.
Rule management support for Juniper SRX logical systems.
NAT and WAF object supported for Sophos XG devices.
Issues fixed:
VPN log parsing issue in Cyberoam device has been fixed.
VPN user transaction report shows all the VPN traffic logs for SonicWall. The issue has been fixed.
Fixed the Sophos XG device 'Policy Optimization' shows inappropriate redundant rules issue.
Handled the Sophos XG case rule position support changes.
Handled the Check Point case, access layers containing empty values case exception.
Handled Check Point cases, cluster name based device rule data population changes.
Juniper SRX device cases partial configuration, rule fetched issue fixed for bigger configuration from device.
SonicWall case security audit report contains duplicated wrong rules list issue fixed.
Not able to edit and save the daily schedule report profiles issue fixed.
Cisco device rule service group parsing issue fixed.
Change management report is not generated for SonicWall device. Fixed the issue.
NetScreen device rule parsing issue fixed.
Juniper SRX device rule IPv6 address objects parsing issue fixed.
Archive zip handled for 'Schedule import' case.
Time value parsing issue in Cyberoam device has been fixed.
Change Management report has included additionally in the Scheduled PDF report even it is not selected. Fixed the issue.
URL log parsing issue in Cisco ASA and Juniper SRX has been fixed.
IPSec VPN parsing issue in FortiGate device has been fixed.
Import of encrypted log file (.enc file) is not working properly. This issue is fixed.
Firewall Analyzer version 8.x to 12.5 migrated cases, Sophos UTM device rule add failed issue fixed.
Fixed the Check Point security audit report not getting generated issue.
Check Point interface details population code correction issue fixed.
Alarm profile name parameter is restricted to "alphanumeric_basic" with few special characters. Fixed the issue.
'VPN Trend report' drill-down related issue fixed.

New in ManageEngine Firewall Analyzer 12.5 Build 125125 (Apr 29, 2020)

New in ManageEngine Firewall Analyzer 12.5 Build 125122 (Apr 21, 2020)

New in ManageEngine Firewall Analyzer 12.5 Build 125120 (Apr 16, 2020)

New in ManageEngine Firewall Analyzer 12.5 Build 125115 (Mar 31, 2020)

New in ManageEngine Firewall Analyzer 12.5 Build 125109 (Mar 5, 2020)

New device/log format support:
New Log Support - VMware NSX Edge Firewall.
New Feature/Enhancements:
Rule Management and Compliance reports support for Linux iptables.
On-demand PDF report generation using JasperReports changed to PhantomJS for Search, Compliance and Rule Management reports.
Support ID: 5654552 - Resolve DNS option provided in RAW Search page.
Support ID: 5826180 - Cisco FirePOWER Device Rule support enhanced to use TFTP protocol.
Support ID: 5847978 - Schedule Remote Host log import enhanced to use FTP protocol.
Support ID: 5555538 - Time stamping of Archive files handled properly.
Support ID: 5683114 - PaloAlto 'Panorama' config download enhanced to handle in API mode.
Time period selection is enhanced as drop down.
Enhanced 'From' and 'To' time period shown near 'Time' selection box.
Issues Fixed:
Support ID: 5780720 - Active VPN trend report graph shows multiple points for single day. This issue is fixed.
Support ID: 5314890 - If log import is scheduled with 24 hours gap, schedule will run with fixed interval. Fixed the issue.
Support ID: 5811442 - Alarm profile specific drill down page is empty. Fixed the issue.
Support ID: 5683114 - Issue in PaloAlto auth token based 'device rule'/'rule administration' support is fixed.
Support ID: 5842665 - For PaloAlto device SCP configuration cases, occasionally password prompt value missing in CLI response. Fixed the issue.
Support ID: 5871724 - Column chooser not reflecting in CSV and XLS export in Policy Overview tab. Fixed the issue.
Support ID: 5697672 - FortiGate policy optimization and rule re-order shows wrong data due to improper handling of security policies. Fixed the issue.
Support ID: 5827994 - Fixed the Cisco FirePOWER trust rules parsing issue.
Support ID: 5866185 - In the SonicWALL scheduled configuration fetch cases, Security Audit report is not generated. Fixed the issue.
Support ID: 5844575 - Fixed the Sophos XG configuration parsing issue.
Support ID: 5314890 - In Imported logs, for FTP connection failed cases, 'Processing logs' status is shown. Fixed the issue. This has been changed to 'Connection refused' status and added an entry in Audit report.
Support ID: 5778181 - In case of configuration download via TFTP, Firewall Analyzer was not waiting till full configuration transfer, because of that partial data is downloaded in configuration file and device rule data is not populated properly. Fixed the issue.
In the case of adding FortiGate VDOM devices and not restarting Firewall Analyzer, if device rule is created, reports are populated only for physical firewall devices. This issue is fixed.
In Rule Administration, earlier validation was not done before deleting Objects. Issue fixed by validating before deleting Objects.
In some Cisco ASA webVPN cases, wrong source IP was shown. This has been fixed.
FortiGate device rule add, edit cases VDOM data is populated for main physical device. This has been fixed now.
Cisco Admin and SonicWALL VPN log parsing issues fixed.
Action Column removed from Archive Files page.
Loading icon added, while generating Rule Impact report.
Showing 'No data' message beside widget name during on-demand export.

New in ManageEngine Firewall Analyzer 12.5 Build 125108 (Mar 5, 2020)

New in ManageEngine Firewall Analyzer 12.5 Build 125000 (Feb 19, 2020)

New in ManageEngine Firewall Analyzer 12.4 Build 124181 (Jan 28, 2020)

New in ManageEngine Firewall Analyzer 12.4 Build 124179 (Jan 22, 2020)

New Feature:
Rule Administration feature supported for below devices:
Check Point
PaloAlto
Enhancements:
Support ID - 5672098: Admin report supported for pfSense firewall.
Support ID - 5657055: For Scheduled PDF report, Time Filter (Custom Time, Working Hour, Non-Working Hour) will be shown in 'Report Criteria' field.
Support ID - 5458268: Enhanced Time Zone value handling for FirePOWER FTD 6.2, 6.3, 6.4 and above versions.
Enhanced report export to PDF, XLS, and CSV formats.
Enhanced the widget selection option for CSV and XLS export in reports.
'All Records' option given for export to CSV and XLS in 'Inventory', 'Reports' and 'Audit Log' pages.
In 'Inventory', 'Reports' and 'Audit Log' pages, enhanced export to PDF option up to 50,000 records in single page.
Report pages enhanced with two more row count options 'Top 50' and 'Top 100'.
Enhanced all reports export to generate PDF, CSV and XLS formats with 'Report Name' & 'Row Count' combinations.
Enhanced CSV export record count to 100,000 records and 'Advanced' option is provided.
Enhanced XLS export record count to 25,000 records and 'Advanced' option is provided.
In 'Inventory' list page, 'Time Period' option moved, so that hiding left section won't affect time period change.
Issues Fixed:
Support ID - 5676695: Fixed VPN log parsing issue for pfSense firewall.
Support ID - 25422: Fixed the rule fetching failure issue for FortiGate VDOM - physical device.
Support ID - 5783874: FortiGate VDOM Device Rule failed for HA pair. Fixed this issue.
Support ID - 5447344: For i-FILTER device, 'Vendor Type' is shown as 'Unknown CLF'. Fixed the issue to show the 'Vendor Type' as 'i-FILTER'.
Support ID - 5672749: Fixed the 'Traffic' log parsing issue in MicroTik firewall.
Support ID - 5694946: FortiGate FGT90E logs are shown under 'Unsupported' logs. Fixed the issue.
Support ID - 5715854: Fixed the 'Security XML' issue, when log is imported with 'Map this log file to existing device' option.
Support ID - 5640654: Fixed the FirePOWER date parsing issue.
Support ID - 5555538: Custom Report schedule failed, when 'Firewall Unused Objects' report selected in 'Report' list. Fixed the issue.
Support ID - 5686648, 5726632: FortiGate log ID 'logid=0000000020' has the aggregated value of Sent bytes, Received bytes and Duration. The populated data is huge and the log is intermittent. Dropped the logs to fix the issue for proper reporting.
Support ID - 5827506: 'Active VPN User' report is not showing for PaloAlto device. Fixed this issue.
Support ID - 5778181: Parsing issue in 'Admin' logs for PaloAlto firewall is fixed.
Support ID - 5785313: Device name changes to Profile name in 'Custom Reports' page. Fixed this issue.
Support ID - 5807625: For PaloAlto device, Change Management alert triggered based on 'Logout' event syslog. Fixed the issue by changing the Change Management alert trigger based on 'Commit' event syslog.
FortiGate VDOM device rule 'On demand' options are not working. This issue is fixed.
'Resolve DNS' not working in 'Snapshot' page when drilled down from traffic statistics widget in the Dashboard. Fixed this issue.
In Snapshot page, 'Alert' and 'Report' profile buttons are not visible. Fixed this issue.
In the 'Inventory' and 'Snapshot' pages, column header and page navigation components were made static for the expand widgets.

New in ManageEngine Firewall Analyzer 12.4 Build 124179 (Jan 22, 2020)

New Feature:
Rule Administration feature supported for below devices:
Check Point
PaloAlto
Enhancements:
Support ID - 5672098: Admin report supported for pfSense firewall.
Support ID - 5657055: For Scheduled PDF report, Time Filter (Custom Time, Working Hour, Non-Working Hour) will be shown in 'Report Criteria' field.
Support ID - 5458268: Enhanced Time Zone value handling for FirePOWER FTD 6.2, 6.3, 6.4 and above versions.
Enhanced report export to PDF, XLS, and CSV formats.
Enhanced the widget selection option for CSV and XLS export in reports.
'All Records' option given for export to CSV and XLS in 'Inventory', 'Reports' and 'Audit Log' pages.
In 'Inventory', 'Reports' and 'Audit Log' pages, enhanced export to PDF option up to 50,000 records in single page.
Report pages enhanced with two more row count options 'Top 50' and 'Top 100'.
Enhanced all reports export to generate PDF, CSV and XLS formats with 'Report Name' & 'Row Count' combinations.
Enhanced CSV export record count to 100,000 records and 'Advanced' option is provided.
Enhanced XLS export record count to 25,000 records and 'Advanced' option is provided.
In 'Inventory' list page, 'Time Period' option moved, so that hiding left section won't affect time period change.
Issues Fixed:
Support ID - 5676695: Fixed VPN log parsing issue for pfSense firewall.
Support ID - 25422: Fixed the rule fetching failure issue for FortiGate VDOM - physical device.
Support ID - 5783874: FortiGate VDOM Device Rule failed for HA pair. Fixed this issue.
Support ID - 5447344: For i-FILTER device, 'Vendor Type' is shown as 'Unknown CLF'. Fixed the issue to show the 'Vendor Type' as 'i-FILTER'.
Support ID - 5672749: Fixed the 'Traffic' log parsing issue in MicroTik firewall.
Support ID - 5694946: FortiGate FGT90E logs are shown under 'Unsupported' logs. Fixed the issue.
Support ID - 5715854: Fixed the 'Security XML' issue, when log is imported with 'Map this log file to existing device' option.
Support ID - 5640654: Fixed the FirePOWER date parsing issue.
Support ID - 5555538: Custom Report schedule failed, when 'Firewall Unused Objects' report selected in 'Report' list. Fixed the issue.
Support ID - 5686648, 5726632: FortiGate log ID 'logid=0000000020' has the aggregated value of Sent bytes, Received bytes and Duration. The populated data is huge and the log is intermittent. Dropped the logs to fix the issue for proper reporting.
Support ID - 5827506: 'Active VPN User' report is not showing for PaloAlto device. Fixed this issue.
Support ID - 5778181: Parsing issue in 'Admin' logs for PaloAlto firewall is fixed.
Support ID - 5785313: Device name changes to Profile name in 'Custom Reports' page. Fixed this issue.
Support ID - 5807625: For PaloAlto device, Change Management alert triggered based on 'Logout' event syslog. Fixed the issue by changing the Change Management alert trigger based on 'Commit' event syslog.
FortiGate VDOM device rule 'On demand' options are not working. This issue is fixed.
'Resolve DNS' not working in 'Snapshot' page when drilled down from traffic statistics widget in the Dashboard. Fixed this issue.
In Snapshot page, 'Alert' and 'Report' profile buttons are not visible. Fixed this issue.
In the 'Inventory' and 'Snapshot' pages, column header and page navigation components were made static for the expand widgets.

New in ManageEngine Firewall Analyzer 12.4 Build 124099 (Oct 30, 2019)

New in ManageEngine Firewall Analyzer 12.4 Build 124096 (Oct 17, 2019)

New in ManageEngine Firewall Analyzer 12.4 Build 124088 (Sep 30, 2019)

New device/log format support :
Support ID: 5447104 - Kerio Control Firewall version 9.2.8
New features and enhancements :
Rule Cleanup Enhancements:
Identify unused source, destination and service objects defined in used rules.
Identify unused any port and protocols defined in the objects of used rules.
Revamped the Rule Management report pages to improve the usability.
Option to assign multiple collectors while creating Operator privilege users in Central server.
A new device audit report for login, logout for devices.
User based 'Commands executed' details for every configuration change.
Log flow parsing rate has been improved to handle more proxy server logs.
Source and Destination countries are now listed in the drop down for selection while creating 'Normal' alerts.
Support ID: 5377251 - SSL VPN report supported for Sophos XG devices.
Support ID: 5377251, 5045675 - Now users can search the source port, destination port and URL category as criteria in the 'Raw Search' report.
Support ID: 5377251 - Rule enable and disable syslogs are parsed to show in 'Commands executed' report for Sophos XG in Admin reports.
Issues Fixed :
Support ID: 5518885 - Device rule addition got failed for VDOM devices, when we assign existing credential profiles. Fixed the issue.
Support ID: 5519348 - Editing of Change Management report schedule was not working after the product restart. Fixed the issue.
Support ID: 5465688 - Hit count mismatch between 'Denied Events' report under Security report and 'Raw Deny' logs in Raw Search for Palo Alto device is fixed.
Support ID: 5485772 - Excluding the user name, if the user name is coming as IP address for proxy. Fixed the issue.
Support ID: 5414153 - Excluding 'Management' syslogs from user name - IP address mapping. Fixed the issue.
Support ID: 5465784 - WatchGuard traffic log parsing issue fixed.
Support ID: 5024679 - Fixed the 'Directory' validation handling issue in 'Imported Logs' page.
Support ID: 5407203 - VPN User transaction report showing different names in Custom report page issue is fixed.
Internally identified SQL Injection, Remote Code Execution and Local File Inclusions vulnerabilities are fixed to make the product more secure.
Support ID: 5547592, 5425257 - Fixed the SRX and Cisco device rule parsing issues.
Support ID: 5539886, 5566735 - Unable to configure SNMP v3 due to community string being mandatory and special character limitation. This issue is fixed.

New in ManageEngine Firewall Analyzer 12.4 Build 124083 (Sep 13, 2019)

New in ManageEngine Firewall Analyzer 12.4 Build 124068 (Aug 13, 2019)

New in ManageEngine Firewall Analyzer 12.4 Build 124053 (Jul 19, 2019)

New in ManageEngine Firewall Analyzer 12.4 Build 124052 (Jul 15, 2019)

New in ManageEngine Firewall Analyzer 12.4 Build 124044 (Jul 15, 2019)

New in ManageEngine Firewall Analyzer 12.4 Build 124037 (Jul 3, 2019)

New in ManageEngine Firewall Analyzer 12.4 Build 124025 (May 20, 2019)

New device/log format support :
Structured log format support for Juniper SRX.
Log Event Extended Format (LEEF) custom log format support for PaloAlto.
pfSense 2.5 version log format supported.
New features and enhancements :
Perform object definition level search in Policy Overview reports for any object/IP across existing rule set.
Rule impact analysis enhancements:
Option to select custom blacklisted IPs (from file) in UI.
Object repetitiveness report for source, destination, and service objects.
Device Rule page enhancements:
Option to add credential profile at the time of device rule configuration.
Unified the device rule configuration in Inventory device list and snapshot pages (Similar to the Settings page)
Device rule credential validation is made mandatory now using 'Validate' button.
Included validation status for rule and configuration commands
Change notification and schedule availability provided in the Change Management page.
In the 'Search' reports page, CSV and XLS export options provided.
In device and interface live traffic drill down pages, CSV and XLS options provided.
Selected widgets can be exported as PDF or trigger an email(on-demand) from report pages.
Search option has been provided for reports and inventory drill down pages. The same is also available in the respective expanded view page.
Top 5 (Graph and Table), Top 10 (Graph and Table), Top 15 (Table only), Top 20 (Table only) options are provided in firewall reports and proxy reports.
For easy navigation, 'Report' pages drill down can be expanded to full page instead of slide and the tabs are moved as left side menu in reports and inventory page.
Selected report type will be retained as default for other selected devices.
Option to show/hide filter section (log flow received, vendor and device-type) in 'Inventory' page.
Issues fixed :
The SQL injection vulnerability in 'SubmitQuery' page has been fixed.
Support ticket ID: 4978071, 5148764 - Firewall Analyzer uses the secondary IP Address to export the configuration from SonicWALL devices. Fixed the issue.
Support ticket ID: 5186465, 5169152 - Fixed Juniper SRX3400 , SRX4100 device rule parsing issue.
Support ticket ID: 5251059 - Fixed PaloAlto (PAN-OS 8.0.16) device rule parsing issue.
Support ticket ID: 5190721 - If the device has VDOM, Device (Physical-Device IP) not listed for SNMP configuration. Fixed the issue.
Support ticket ID: 5160784 - Unable to update interface details if the interface-name contains .(dot) in it. Fixed the issue.
Support ticket ID: 5200605 - No data in dashboard for a few FortiGate devices as the destination field contained junk characters. Fixed the issue.
Support ticket ID: 5234629 - Port details are shown under 'Destination' column in reports, for SonicWALL firewalls. Fixed the issue.
Support ticket ID: 5279308 - FortiGate firewall logs were dropped due to filename length limitation. Fixed the issue.
Support ticket ID: 5339523 : Fixed Cisco object-groups parsing issue

New in ManageEngine Firewall Analyzer 12.4 Build 124024 (May 16, 2019)

New in ManageEngine Firewall Analyzer 12.3 Build 123324 (Mar 22, 2019)

New device/log format support:
Barracuda Next Generation Firewall (F-600 model) support.
Cisco FirePOWER v6.3.0 and above with modified time stamp support.
New features & enhancements:
Rule management and compliance reports support with vendor API.
PaloAlto.
'Rule Impact Analysis' functionality assesses the impact of a new rule, on the existing rules with anomalies, vulnerabilities and security threats analysis.
On demand options available in UI for sending reports via email and exporting reports in CSV, Excel formats:
For individual widgets.
For all report pages and drill down report pages.
New 'Tools' tab to help access the other network devices for availability check and basic monitoring.
Change management configuration difference view has been enhanced to show clear information for PaloAlto and WatchGuard devices for XML format configurations.
'Custom time' option has been provided in 'Custom' report schedule section.
'Report type' and 'Report filter' options are moved from settings tab to reports tab for easy access.
'Resolve DNS' option has been moved from individual widgets into page-level in Firewall, Proxy and Custom report pages.
A new list page is added under 'User-IP Mapping' table which shows the existing IP address or MAC address/User name details in the web UI.
'Edit Interface' now helps to change interface name and interface IP addess and sub-net mask are made optional.
Issues fixed:
For PaloAlto devices, Active VPN Users reports details are not displayed properly.This issue is fixed.
Fixed the NTP configuration parsing issue, for Huawei devices.
Fixed the Sophos UTM device rule parsing issue.
Fixed the log parsing issue, for Sonicwall Blocked URL report.
When any report profile is edited or deleted the assigned report filters got deleted. This issue is fixed.
Main Tabs are not selected properly while redirecting from other reports and some sub-tabs.
Fixed parsing issues for Cisco management, SRX and pfSense logs.
Fixed the vulnerability issue in Alarm Profile page, when 'Run Script' option is selected.
'View Report' is not displayed in the 'Imported Logs' page, for some imported logs in the list. Fixed the issue.
Remote host log file import failed due to missing parameter in security.xml file. Fixed the issue.
When 'Intranet settings' is configured for a device, unable to add two IP networks. Fixed the issue.
'All Reports' in Firewall/Proxy server reports page, instead of displaying only reports of all firewalls in 'Firewall Reports' page and only reports of all proxy servers in 'Proxy Server Reports' page, reports of all the devices. Fixed the issue.

New in ManageEngine Firewall Analyzer 12.3 Build 309 (Feb 21, 2019)

New in ManageEngine Firewall Analyzer 12.3 Build 231 (Dec 3, 2018)

New in ManageEngine Firewall Analyzer 12.3 Build 224 (Nov 14, 2018)

New in ManageEngine Firewall Analyzer 12.3 Build 123208 (Oct 19, 2018)

New in ManageEngine Firewall Analyzer 12.3 Build 123182 (Aug 8, 2018)

When Alarm profile is exported, alarm profile created by other users is not available in the xml file. This issues is fixed to show all profiles.
When syslog is imported, the IP address of the device was updated with link-local IP. Now the device is added with local IP.
Device rule configured firewall is listed as first resource in drop down of configuration related reports. This issue is fixed.
In Policy Overview page, drill down on some of the services showed no data. This issue is fixed.
SMS Setting shows 'Not Configured', even after 'SMPP' or 'SMS Gateway (Clickatell)' is configured. This issue is fixed.
Unknown protocol report drill down showed sent and received as kilobytes (KB), where as it is in bytes. Changed the header to fix this issue.
When the Report Profile is edited, 'Run on Week Days' could not be selected. This issues is fixed.
If schedule for Search Report is created, it did not get added properly. The issue is fixed.
In the Device Detail page, executed report profile details are not displayed. The issue is fixed.
Support ID: 4594278 - Raw Search result page sorting not working. Fixed the issue.
When Working Hour is configured, ranges like 8-12,15-18,19,20,21 were not allowed. The issue is fixed.
Assigning Credential Profile without selecting a profile was not throwing any error. This issue is fixed.
If only Traffic Log is selected, raw search was not allowed. Fixed the issue.
In Standards > Edit Settings page, after editing when Save button is clicked, page refreshes and goes to different device. This is fixed.
In the Inventory snapshot page, device edit slide comes over user settings page.This issues is fixed.
'All device' option for 'operator' user in Snapshot page has been removed.
In the Collector list page, if any action is performed, the page will be refreshed automatically.
In the Inventory > Users list page, 'username' search was not working. This issue is fixed.
In the Alarms page of Operator user, Close icon-title is not shown properly on hover. This issue is fixed.
Free license text is removed from the DE Alert image.
For 'Operator' user, Support page icon was not working. Fixed the issue.

New in ManageEngine Firewall Analyzer 8.1 Build 8100 (Apr 30, 2014)

New in ManageEngine Firewall Analyzer 8.0 Build 8000 (Oct 22, 2013)

New in ManageEngine Firewall Analyzer 7.5 Build 7500 (Jan 31, 2013)

New in ManageEngine Firewall Analyzer 7.4 Build 7400 (Oct 2, 2012)

New in ManageEngine Firewall Analyzer 7.0.1 Build 7001 (Oct 19, 2011)

New in ManageEngine Firewall Analyzer 7.0.0 Build 7000 (Oct 19, 2011)

New Features and Enhancements:
New Device/Log Format supported
Clavister
Juniper SRX devices
Cisco SSL WebVPN or SVC VPN
Cisco IronPort Proxy
ISA Server VPN 2006
Juniper SSLVPN
Fortigate SSLVPN
Astaro 7.4 Version
DLink DFL-2950
WatchGuard XTM V11
Juniper JSERIES Router Series
DP Firewall(DP FW 100-GE)
MSSQL Support.
Cisco ASA Netflow log support.
Security Audit and Configuration analysis of firewall device.
Encryption and Time stamping of archived logs.
Username Vs IP Address mapping based on DHCP/Proxy logs.
Exporting of generated alerts.
Local scheduled import.
Report filter criteria enhancements like wildcard symbols etc.
Raw log based displaying of "unknown" protocols.
Provision to create and apply Credential Profile for fetching rules from firewall device
SMS and SNMP support for Firewall Availability Alert
CSV export option in Advanced Search
Bulk Alert Delete
HTTPS option in Install Shield.
Option to customize the mail subject for Report/Alert Profile
Bug Fixes:
SMS message i18n issue
SNMP query issue because of jars not set in classpath
Zero values in Traffic statistics table when traffic overview graph has data
"Page Number" and "Date" is not shown in the scheduled PDF report
Csv export got garbled in native linux machine
Not able to get a .pdf report attached in mail after changing the System Property 'pdfReport'
If two guest/operator users are having the same device, then one guest/operator can only view the reports.Another user is not permitted to view the reports
Parsing issue in Destination values of Squid Logs
Truncated/wrong raw log report for the Firewalls' logs with junk characters
Fixed the issue in Importing the Report Profile
Import of log failed when FWA server/service is restarted before the import is completed.
No of rows in raw log PDF exporting fixed.
Anomaly exclude of multiple protocols.
Populating hit count in some second level drill down reports.
In https mode, the "On Demand" report export did not work.
URL attribute fixed in Re-branding.
In 64-bit machines, the UpdateManager.bat hangs while calculating free disk space.
Exporting of Report/Alerts Profiles in https mode.
Problem in exporting of Report profiles.
Assigning scheduler to report profiles due to user privilege constraint fixed.
Issue in handling result code for denied proxy logs in ISA .
Problem in populating url relates reports for proxy servers.
Issue is populating Live VPN users when there is no ip address related information in VPN Concentrators' connection log.