[fw-wiz] NetScreen Logging with NSRP



Hello,

I am looking at doing an audit of the policies installed on a HA
passive/active firewall setup with NSRP. The primary is running at
about 80% CPU or so, the backup is about 5%. As such, I am a bit
hesitant (to say the least) about putting policy logging on as it may
kill the firewall.

Is it possible somehow to have logging on just the redundant firewall?
My other, perhaps long way of doing this is to convert the current
policies and, say, parse into snort rules and observe through a port tap
- the number of 'positive' hits on the IDS.

Does anyone have any other suggestions as to how to achieve what I want
to do?

Many thanks,
Kerry Milestone


--
Kerry Milestone

Senior Systems Engineer - Network Project Team
The Wellcome Trust Sanger Institute
Wellcome Trust Genome Campus Email: km4@xxxxxxxxxxxx
Hinxton, Cambridge CB10 1SD Phone: (+44) 1223 492320
United Kingdom




--
The Wellcome Trust Sanger Institute is operated by Genome Research
Limited, a charity registered in England with number 1021457 and a
company registered in England with number 2742969, whose registered
office is 215 Euston Road, London, NW1 2BE.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • [fw-wiz] Inline 2 port POE Firewall
    ... Two ports, one in and one out - running ... This is to protect single devices, which for whatever reason can't run their own firewall, are 'odd' operating systems, ... The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE. ...
    (Firewall-Wizards)
  • Re: [fw-wiz] 10Gb Firewalls
    ... I am investigating the possibilities of putting a firewall on the end of ... is a scoping project (though it _has_ to happen due to the nature of ... The Wellcome Trust Sanger Institute is operated by Genome Research ... company registered in England with number 2742969, ...
    (Firewall-Wizards)
  • Re: [fw-wiz] 10Gb Firewalls
    ... I am investigating the possibilities of putting a firewall on the end of ... is a scoping project (though it _has_ to happen due to the nature of ... The Wellcome Trust Sanger Institute is operated by Genome Research ... company registered in England with number 2742969, ...
    (Firewall-Wizards)
  • Re: [fw-wiz] 10Gb Firewalls
    ... traffic through a firewall would be a serious negative in my opinion. ... The Wellcome Trust Sanger Institute is operated by Genome Research ... company registered in England with number 2742969, ... "Some things are eternal by nature, ...
    (Firewall-Wizards)
  • Re: Viruses, Trojans, and Malware. Oh My!
    ... Enquire, plan and execute. ... Stourport, England ... > Disable your firewall and wait a few minutes... ...
    (microsoft.public.windowsxp.general)