The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Master Cisco firewall logging

Posted by Xavier Ashe on May 28, 2005

Cisco firewalls and security appliances can be configured to generate an audit trail of messages describing their activities. Firewall logs
can be collected and analyzed to determine what types of traffic have
been permitted or denied, what users have accessed various resources,
and so on. This sample chapter, taken from Cisco Press' Cisco ASA and PIX Firewall Handbook, explains the tasks that are necessary to generate and collect logging messages.The chapter contains the following sections:

  • Managing the Firewall Clock: Discusses ways to set and maintain the firewall's internal clock so that events and messages can have accurate time stamps.
  • Generating Logging Messages: Explains how firewalls generate logging messages and how you can configure them to do that.
  • Fine-Tuning Logging Message Generation:
    Covers the configuration steps that can be used to enable or disable
    specific logging messages or change their severity levels. This section
    also discusses how to configure access list activity logging.
  • Analyzing Firewall Logs: Provides an overview of how you can approach collecting and analyzing the logging messages that firewalls produce.

Get the free download at TechRepublic.  Aslo, take a look at “Cisco PIX Firewall: Lock it down in 10 steps“. 
Or you can email me and I can sell you a Juniper Netscreen
Firewall.  Then you won't need to read a dozen books to become a
Firewall expert.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: