Telemate

Name:

TeleMate.Net for Windows NT

Release Information

Ver 1.10-021 evaluation copy More information at http://www.telemate.net

Functionality

Sophisticated firewall log analyzer

Requirements

• Pentium 100Mhz or faster
• NT (3.5x or 4.0) or Windows 95
• 32MB RAM * 1GB hard disk space (!)
• 16550 UART high-speed serial port (probably not necessary)
• 28.8 BPS modem (probably not necessary)
• Symantec pcAnywhere32 (probably not necessary)
• The last three are, I believe, to get the firewall logs over to the processing machine.

Documentation

• printed manual
• some online help with installation procedure
• online help

Installation Details

• our installation was from 8 1.44MB disks. CD-ROM and Windows 95 versions are available or nearly so.
• routine installation. setup. be sure to keep the manual handy though, for some potentially confusing terms, as well as to read some warnings that are only in the manual and not in the online help!!

Evaluation Notes

• the manual contains important information that is not mentioned anywhere else. At the same time, it is vague on a lot of things: configuring the firewall was never mentioned in the Quick Start section, although there is a separate section on configuring it, and Telemate will not work without this step being performed. It took a customer support call before we realized we were processing the wrong logs.
• spectacularly unintuitive user interface (not industry standard).
• error messages are not explanatory. It does not tell you about incorrect options, bad log files and such (see below as well).
• requires that you put in firewall type. I would presume it should be able to autodetect it. Not particularly nice. unable to run it on the log file we have. It goes through the file, counts records and comes up with 2 obscure errors (documented).
• Telemate has been contacted for support. It is probable that Telemate expects the binary format.
• deletes log files after processing. should give an option to delete or save.
• Firewall-1 configuration needs to be changed to generate the kind of logs that Telemate can process. Step by step procedure provided, however.

Features

• full featured reporting. Can be done on IP addresses, users, departments and much more.
• can be used with different firewall logs. Not sure if that is applicable to us, but perhaps to Omnes.
• says "Firewall logs can take hours to process". This must be tested. If this is the case, do we want it ?
• steepish system requirements. unlike firewatch. but promises commensurate performance.

Recommendation

Recommended

This review was written by Jai Sundar Balasubramaniyan <balasujs@cs.purdue.edu> during the summer of 1997. The opinions expressed are for purposes of critical review, and do not represent any official recommendation or endorsement by COAST or Purdue University.