"I found the real-time operation of your product more useful than log analysis."

"I liked the ability to customize colours for certain ports, I was easily able to isolate Citrix traffic on multiple ports, VOip traffic on multiple ports."

 
Product News
See below for the news on the latest developments and improvements to FirePlotter. If you want to see our future development plans for FirePlotter, please click here: RoadMap


 March 2010 - FirePlotter 2.20 b100304 released.

Improvements:

- Change version to 2.20 as Connections Profiles added and beta is now released.
- Add [Connection] and ;LogLevel=255 to FirePlotter.INI.

Bug Fix

--QuickSave wasn't toggling MonitorHA between FGT and Cisco.

 March 2010 - FirePlotter 2.01 b100226 released.

Improvements:

- New connection Profiles (File -> Manage Profiles) including encrypted passwords.
- New command line profile loading. Use "/Profile: "
- New moving parameters from FirePlotter.INI to the GUI interface (File -> Global Settings)
- Support for FortiGate Clusters/High Availability. Must be enabled in Manage Profiles
- New Download Filter to Connection Profiles:
- ASA filter e.g. 'address 192.168.68.0 netmask 255.255.255.0 port 25' for ASA 7+,
- FortiGate filter e.g.'diagnose system session filter policy 27' for 3.0 MR6+.
- Changes to main screen to show ‘Download Filter’ and more detail for ‘Table Build Progress’ for larger firewalls.
- Update session decoding to handle FortiOS 4.2 new format.
- Number of performance and stability bugs fixed.

- Add Manage Profiles option
- Add password encryption for SSH/Telnet and Enable.
- Add Quick Connect Save option. - Add Global Settings -> Cisco Direct Connects to control which direct connections are displayed in ASA 8+.
- Add Global Settings -> Monitoring Connection to control if FPs own monitor connect is displayed.
- Add Global settings - Do Not Show Messages.
- Add Global Settings -> Misc Automatically check for FirePlotter update.
- Add Monitor HA to profile which defaults to off.
- Add more details to the Table Build Progress with Loading, Filtering, Sorting & Summarising (only actually seen with large amounts of data).
- Add Download filter: to main screen.
- Add support for FortiOS 4.0 MR2 (4.2) as session table changed format.
- Add FGT-310B, FGT-620B, FGT-311B, FGT-1240B, FGT-60C, FGT-200B, Fortigate-3810A.
- When deleting unwanted rolling FPR files delete empty directories too.
- If FPRMaxFileCount=1 user will not be asked about deleting FPR files it will just be done.

Bug Fix

- Front End would scan disk until last file found and then take the next file in the list to be displayed.
- With FPR File Count set to 1 the last file may have already been deleted so couldn't be found.
- Routine now still uses last file name as starting point (date/hour etc) but locates next greater filename.
- If FPR loaded from non FPR directory structure then would get stuck in loop trying to find next file by walk tree that didn't exist.
- If Hostname was used for firewall connection only the first 15 characters were saved.
- Trailing space in Profile name caused problems - now delete leading and trailing spaces before save or rename.
- Starting to rename a Profile and cancelling at the last stage resulted in the new name still being created.
- Summarise by PolicyID wasn't '...' for Source Port.
- Loading another profile with new refresh time still kept old one.
- Password encryption into Registry had flaw
- Setup was insisting on .NET 3.5 changed to 2.0.50727 as VS08 SP1 insist on a version
- File -> Exit didn't offer user options to delete .fpr files.

 September 2009 - FirePlotter 2.01 b090917 released.

Bug Fix:
- Firewall model licensing bug for FGT 80C 80CM & 82C caused licensing error (Class 0) - now fixed.

 August 2009 - FirePlotter 2.01 b090818 released.

Improvements:
- Add FPRMaxFileCount to [Data] section of INI to limit the number of .FPR files stored, and so manage disk space usage. Default setting is 250, Max value is 20,000, 0 means keep all data (and user has to manage disk space themselves).
- When Exit, if FPRMaxFileCount > 0 then we give user option to keep or delete data.
- When FirePlotter first starts, popup window appears after 120 seconds telling user FPRMaxFileCount is active and offer example setting to store data for 1 hour or 24 hours based on sample data, and how much disk space that will take.

Bug Fix:
- Removed 'Use double click to Zoom into session details...' from table to make screen refresh yet more stable.
- Add ExcludeConnectionSession to INI in [Display] section.
- Watch only mode popup firewall class when Auto-reconnect, now has 10 seconds timeout otherwise it stops FirePlotter processing until user cleared window.

 July 2009 - FirePlotter 2.01 b090721 released.

Improvements:
- Fireplotter now records all data to .fpr files (one file per "session list" snapshot - manage your diskspace carefully - this can be a lot of data!).
- Click on graph now permits replay of historical data.
- File, Open Recorded data permits replay of historical data.
- FirePlotter can set replay interval period (0 1,2 seconds).
- FirePlotter.ini [Data] FPRDataLocation= gives option on where to store FirePlotter data.
- FirePlotter when playing historical data now has "Reset to Real-time" button option.
- FirePlotter reports on estimated disk space consumption in 24 hour period, a few minutes after it connects to firewall.
- Basic and Advanced View mode options now on Right Mouse Click.
- Screen flicker no longer occurs on session table refresh.
- FirePlotterLog.txt now called FirePlotterDebug.txt
- Added support for FortiGate models: FGT-51B, FG-111C, FG-80C, FG-80CM, FW-80CM, FG-51B-LENC, FG-30B, FG-50B-HD, FG-82C & FW-30B.

Bug Fix:
- Update wodSSH library to 2.7.4.114 and change some code to fix the "Not enough memory" error and Telnet connection problem to some Cisco Firewalls.


 June 2009 - FirePlotter 1.42 b090630 released.

Improvements:
- Support for FortiGate 111C, 80C,80CM and Wifi 80CM added.

Bug Fix:
- WODSSH.dll fixed "not enough memory" error that affected some Cisco ASA/PIX login sequences.
- Right Mouse Click TraceRT fixed.


 June 2009 - FirePlotter 2.0 featuring historical logging (record & replay) - beta testing started.

Jan 2009 - FirePlotter 1.41 b090105 released.

Improvements:
- Auto-reconnect feature. Upon connection loss, FirePlotter will auto-reconnect to the firewall, incrementing time between attempts until successful (preparation for logging and replay).
- Add "Auto-Reconnect" (true/false) to fireplotter.INI under [Connection]. Default: True.
- New FirePlotter Data Directory (better suited for Vista) - Defaults: Vista: C:\Users\<user>\AppData\Roaming\FirePlotter, XP: C:\Documents and Settings\<user>\Application Data\FirePlotter
- New File Menu option to access this directory (for easy license file placement).
- Change version to 1.41 as change to data location.
- Change PIX configuration query to 'show running' rather than 'show config' to we get uncommitted changes too.
- Add undocumented 'UseShowConfig' to fireplotter.INI under [Connection]. Default: False.
- Now shows "Policy ID" from FortiOS (MR5 onwards). Cisco and previous versions of FortiOS will just have 0 in new column as feature unsupported by Cisco (Column sort, Filter and Summaries is supported).
- In App Help Menu added more links.
- Add slight delay to DNS conversion to keep CPU down.
- Add ports 636 = LDAPs, 993 = IMAPs. 873 = Rsync to INI.

Bug Fix:
- About showing license for Category 1 didn't have \n between it and Concurrent count.
- Add Fortigate-110C, Fortigate-620B, Fortigate-3016B, FortiWiFi-60B.
- If auto-reconnected when unlicensed don't pop-up message just switch modes if necessary.
- On manual n+ connect (to another fw or reconnect) connection routine wasn't fully initialised which could result in connection hang after 'Authenticated' status.
- Double click on ranged column ('...') wasn't using the same summary mode as the column clicked i.e. DblClick on SourceIP got a Direction Summary.
- Fix auto-reconnect when LAN interface disabled.
- Fix Telnet field name when switching from SSH to Telnet for Cisco.

August 2008 - FirePlotter 1.40 b080827 released.

Improvements:
- Save windows resize on exit and restore on load.
- Added Dialog to warn users not to use Telnet as SSH is much more secure and stable.
- Format table counter with comma separated thousands.
- Add additional FP application Help.
- Add Right mouse click (RMC) to query IP address on DNSstuff.com.
- Added new ports to INI - 111=SunRPC, 993=IMAPS, 563=NNTPS, 465=SMTPS, 8080=HTTP Alt, 5190=AOL, 3052=APC, 2049=NFS, 1935=Flash CS, 1023=Reserved, 57=Terminal, 158=PCMail Srv.
- If run into windows resize problem then delete HKEY_CURRENT_USER\Software\GISS-UK.com\FirePlotter\FP-WindowPosition.

Bug Fix:
- Ping counts jump due to negative calculation resulting is large positive value.
- Found n+ updates can have Byte count less than n for same session! Cisco problem seen in 7.2(2).
- Ping duplicate entries with Cisco 7.2(2), changed code to ignore second entry of ANY duplicate.
- Sessions for FWSM Firewall Version 3.1(7) weren't being decoded properly.
- FWSM firmware version wasn't being decoded properly.

July 2008 - FirePlotter 1.40 b080728 released.

Improvements:
- Add exit confirmation if Esc (Cancel) or Close [x] is pressed.

Bug Fix:
- If FTP doesn't have a bandwidth colour then don't bother checking for Fixup sessions.
- Fixed FP (b080630) crashing on start-up in W2K.

June 2008 - FirePlotter 1.40 b080630 released.

Improvements:
- Add checking routine so cope with invalid PIX configuration hostname cross reference.
- If name can't be resolved it is returned as 111.111.111.111.
- Change PIX configuration processing to cope with 8.0 Description in 'name' entry.
- Add Protocol=SSH to ready to use INI fields.
- Add two Dameware ports to INI list.

June 2008 - FirePlotter 1.40 b080610 released.

Improvements:
- Fixed issues with Cisco PIX/ASA 7.2(4) not displaying correctly.
- We can now display ICMP for PIX/ASA.

June 2008 - FirePlotter 1.40 b080603 released.

Improvements:
- Added FirePlotter.ini parameter in [Display] section to control IP address to name resolution: DNS=6 (default) where using BINARY logic: 1=NetBIOS and Internet reverse DNS, 2=Internet reverse DNS only, 4=firewall configuration (Cisco only). e.g. DNS=6 means 2 (Internet reverse DNS) + 4 (firewall configuration).

June 2008 - FirePlotter 1.40 b080602 released.

Bug Fix:
- Update code to interpret new 'dev=' interface direction introduced in FortiOS 3.0 MR6 Patch2 by FortiNet.

May 2008 - FirePlotter 1.40 b080529 released.

Improvements:
- Add Training video link to FP Help.
- Add user message if fp.ini isn't found and abort.
- Add abort option for download loop to allow graceful connect to new firewall.

May 2008 - FirePlotter 1.40 b080519 released.

Improvements:
- Added SSH support.
- Add to Right Mouse Click on table the option to Copy the IP address.
- Add following model: Fortigate-1000AFA2, Fortigate-5001FA2, Fortigate-60M.
- Add to ini Protocol = ssh or telnet. This is not the same as port.
- Add to ini Port = x. Used in conjunction with Protocol i.e. 22, 23 or other.
- Add option to open fireplotterlog.txt from File menu.
- Changing Protocol will revert Port to default.
- Changed INI Firewall= from PIX to ASA/PIX.
- SocketTimeout= in INI in now in seconds rather than 100th of seconds. Default 5 seconds.
- Indicate license type in log file Licensed or Unlicensed and Evaluation or Annual.

Bug Fixes:
- Change the socket timeout detection routines to make more robust.
- Add Sleep to DNS check loop as there can be nothing to do which took utilization high for several milliseconds.
- Cisco authentication if user prompt not found was reporting telnet prompt error now says users prompt error.
- Improved Cisco configuration file hostname processing and lookup threads using semaphores (Mutex) to reduce conflict possibilities.

Feb to May 2008 - SSH integration.

Mar 25th 2008 - FirePlotter Fortiverified.

FirePlotter has completed FortiNet's Fortiverified certification process. FirePlotter has been tested and certified in FortiNet's product development labs for interoperability with the FortiNet product range. It also means GISS (developers of FirePlotter) are now accredited as Technology Partners with FortiNet. More >>

Feb 2008 - FirePlotter 1.3 b080207 released.

Improvements:
- Add following model: Fortigate-3600.
- Added some more debugging information for LogLevel=255 in [Connections]that includes dumping the basic FortiGate session table each time it's processed. Note LogLevel=255 significantly reduces FirePlotter performance, so for debug only.
- Updated status bar when processing offline data to include a count of session processed so when handling large data 130,000 session you can see FP is processing.
- Setup change. Default to Everyone rather than Just me. If 1st copy is installed at Everyone and upgrade as Just me they will get two copies installed. It must always be the same.

Bug Fixes:
- PIX authentication code as expecting Telnet Password to be in first buffer received from PIX if it wasn't then assumption was that the device responding to Telnet
thought wasn't actually a supported firewall i.e. UNIX etc.
- Change code to use Recv timeout to know connection attempt has failed.

Jan 2008 - FirePlotter 1.3 b080121 released.

Improvements:
- Increase the default column width of Service/Destination Port and wasn't wide enough show Basic view friendly names.
- Set TCP default timeout to 5 seconds instead 2 seconds.
- Add following model: Fortigate-800F.

Bug Fixes:
- IP address field while processing PIX connection file was only 16 bytes but host 'name' from connection file can be 63.
Result was that 'name' in table wasn't complete and never showed actual IP address
- FGT interface lookup was failing if last interface in list was actually being used and could cause FP to crash.
- Column width save and restore were not aligned with correct columns.
- PIX connection would hang then crash if system prompt was split across multiple download buffers.

Jan 2008 - FirePlotter 1.3 b080104 released.

Improvements:
- Protect Interface variable overrun when reading from Interface file.
- Improved TCP error reporting.

Bug Fixes:
- FGT interface lookup was assuming interfaces were sequential - now we know they're not so lookup routine was changed.
- FGT 2.80 now reporting correct model, firmware, serial etc.

Nov 2007 - FirePlotter 1.3 b071130 released.

Improvements:
- Move Service/Dest Prt and Session next to Direction to ensure first glance at FP in intuitive.
- Add 'Port=' notes to INI. to allow non-standard telnet port usage. This has been in FP for ages though not documented.
- Change status bar session count to show x/y, so how many sessions in current display against total session.
- In INI move Telnet user field before Telnet password.
- Change main dialog text from 'Connection Port' to 'Connection Type'.
- Change main dialog text for firewall from PIX/ASA to ASA/PIX.
- In FP.ini enhance some of the explanations of parameters.
- Change status bar text from 'Next update in' to 'Refresh in:' and 'Sessions' to 'Sessions:'.

Bug Fixes:
- ProcessPIXSystem changed to cope with format changes on ASA Failover with 8.0(2).
- Enhance ProcessPIXSessions to do some more reliable validation of session data before processing.
- Enhance Cisco and FGT validation of parameters and prevent over run of string lengths.
- Change Class of firewalls to reflect the web site buying model (Move ASA 5510 -> C2, Move ASA 5530 -> C3).

Nov 2007 - Cisco reveals bug in PIX/ASA v7.01 to 7.22 relevant to FirePlotter. More >>

Aug 2007 - FirePlotter 1.2.0 b070822 released.

Improvements:
- Add FGT-50B, FGTWifi-50B, FGT-60B, FGTWifi-60B to C1 list.
- Add Basic and Advanced View Mode. Default Basic. 'BasicViewMode=true' added to FirePlotter.ini.
- Added 'Fortigate-5001' to C3 list.
- Change Watch only mode startup dialog to include 'Advanced View Mode '.
- Change from 'Active Filters' to 'Filters' in status bar.
Bug Fixes:
- PIX 8 wasn't reading in version information correctly as yet again CR LF at end of lines have changed.

July 2007 - FirePlotter 1.2.0 b070721 released.

Improvements:
- Change Default View to sort by Direction then Service/Dest Prt rather than In Bytes/s.
- Change commented out Auto-Connect parameter in INI to true.
Bug Fixes:
- Increase the buffer from 1024 to 4096 in the routine that handles the ASA/PIX login as large disclaimers banners were causing a connection failure.

March 2007 - FirePlotter 1.2.0 b070320 released.

Improvements:
- Add support for Cisco ASA-5505, ASA-5505-K8, ASA-5510, ASA-5510-K8, ASA-5520, ASA-5520-K8, ASA-5530, ASA-5530-K8, ASA-5540, ASA-5540-K8, ASA-5550, ASA-5550-K8.
- Add message if FP switches to Unlicensed mode if fw Class higher than license.
- Add 'Default view' button to main dialog.
- Add Right Mouse Click Options.
- Manage Firewall via HTTP or HTTPS.
- If PIX then allow to view the configuration.
- If on Source or Destination IP and not ... allow Ping, TraceRt and HTTP to IP.
- Move Block and Session % download into 'Next update' status bar panel.
- Force immediate Refresh after connection so Table counter show values ASAP.
Bug Fixes:
- If unlicensed ExternalInterface parameter was still read from fireplotter.ini.
- Fixed problem where Session could would count I extra line if last in list.
- 'Refresh' moved on screen resize.
- Table and graph are now cleared when connecting to another firewall and an error (user etc) occur.

Feb 2007 - New FirePlotter logo design completed

Nov 2006 - FirePlotter website active

 
� 2000-2009 GISS (UK) Ltd
Website currency converter