Re: [fw-wiz] Juniper NSM and secure log forwarding



From a Juniper Systems Engineer:

First, all logs sent to NSM either via SSP or DMI are encrypted.

Second, we don't use postgreSQL to store firewall logs, only profiler data.
We have a proprietary logDb that uses a flat-file, compressed format for the
logs. The logs are not stored in an encrypted format, but the files are
owned by the "nsm" account, so you would need the credentials for "nsm" or
"root" to access them.

Logs forwarded by NSM via the "Action Manager" will be sent in clear-text
though as we use standard syslog or SNMP-Trap formats for this function.

Regards,
Jon
(Disclosure - I work for Juniper)


On Tue, Jan 19, 2010 at 11:33 AM, Trey Darley <trey@xxxxxxxxxxxxxxxxx>wrote:

Hi, y'all -

Looking for suggestions as to how you've integrated NSM into your logging
environment. While it appears not to support ssl-wrapping syslog, it does
store it's logs internally in postgresql. Before I go hammering up a
cockeyed solution I thought I'd ask the hive.

Cheers,
--Trey



_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


Relevant Pages

  • Re: [fw-wiz] Juniper NSM and secure log forwarding
    ... that incoming logs from managed devices enter NSM via the encrypted SSP. ... NSM internals. ... clear-text though as we use standard syslog or SNMP-Trap formats for ...
    (Firewall-Wizards)
  • Re: [fw-wiz] Juniper NSM and secure log forwarding
    ... There is no built-in function in NSM to send encrypted syslog. ... that incoming logs from managed devices enter NSM via the encrypted SSP. ... clear-text though as we use standard syslog or SNMP-Trap formats for ...
    (Firewall-Wizards)
  • Re: [fw-wiz] Juniper NSM and secure log forwarding
    ... There is no built-in function in NSM to send encrypted syslog. ... that incoming logs from managed devices enter NSM via the encrypted SSP. ...
    (Firewall-Wizards)
  • Weekly unexpected system shut-down/crash - IIS/PHP5/Postgres
    ... I have a windows 2003 server running ... PHP5 as a module and postgreSQL. ... I have checked the IIS error logs. ... Windows system log just says "The previous system shutdown at 07:37:34 ...
    (microsoft.public.inetserver.iis)
  • Re: syslog help
    ... turn on logging full bore and have logrotate keep the logs to a ... Postgresql v7.4 will either log to STDOUT, syslog ... Debian GNU/Linux Consultant ...
    (Debian-User)