Understanding On-Premises Analytics

SonicWall On-Premises Analytics extends security event analysis and reporting by providing real-time visualization, monitoring and alerts based on the correlated security data. You can perform flexible drill-down and gain insight into your network, user access, connectivity, application use, threat profiles and other firewall-related data. Analytics provides the following key features:

• Data collection that includes normalizing, correlating, and contextualizing the data to the environment

• Streaming analytics in real time.

• Analytics including activity trends and connections across the entire network.

• Real-time dynamic visualization of the security data from a single point.

• Real-time detection and remediation.

SonicWall Analytics is flexible and designed to integrate into other SonicWall solutions:

• On-Premises Analytics is designed for customers requiring long term storage of firewall logs and supports designated SonicWall firewalls.

• On-Premises Analytics can also be integrated with Capture Security Center-Management, Reporting, and Analytics (CSC-MA). This integration allows users to manage firewalls from CSC and also view reporting and analytics data in CSC from On-Premises Analytics while storing data locally. When you click on the firewall whose data is stored in Analytics, CSC-MA fetches the data from the On-Premises Analytics and shows it in the CSC. Data is encrypted and compressed so that no data integrity issues are experienced.

Analytics offers either Syslog-based or IPFIX-based analytics and reporting. You can choose one or the other based on your data needs. Using both styles in a dual mode is not offered at this time.