Scribd Logo
Importer

Bienvenue sur Scribd !

  • Device Integration Cisco ASA PDF

    Transféré par

    Spyman_pc
    44 vues5 pages

    Titre original

    Device Integration Cisco ASA.pdf

    Copyright

    © © All Rights Reserved

    Formats disponibles

    PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    44 vues5 pages

    Device Integration Cisco ASA PDF

    Transféré par

    Spyman_pc

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 5

    AlienVault Unified Security Management Solution

    Complete. Simple. Affordable

    Device Integration: Cisco ASA

    Copyright 2014 AlienVault. All rights reserved.


    AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat Exchange, AlienVault OTX Reputation
    Monitor, AlienVault OTX Reputation Monitor Alert, AlienVault OSSIM and OSSIM are trademarks or service marks of AlienVault.
    AlienVault Unified Security Management Solution
    Device Integration: Cisco ASA

    CONTENTS

    1. INTRODUCTION ..................................................................................................... 4

    2. CISCO ASA DATA INFORMATION ....................................................................... 4

    3. CONFIGURING CISCO ASA TO SEND LOG DATA TO ALIENVAULT ................ 4

    4. HOW TO ENABLE THIS PLUGIN .......................................................................... 5

    DC-00102 Edition 02 Copyright 2014 AlienVault. All rights reserved. Page 3 of 5


    AlienVault Unified Security Management Solution
    Device Integration: Cisco ASA

    1. INTRODUCTION
    The objective of this document is to explain how to configure a Cisco ASA device to send log
    data to AlienVault USM.
    This document is related to the AlienVault document Data Source Plugin Management. The
    explanation about how to enable plugins can be found in that document.

    2. CISCO ASA DATA INFORMATION


    Device Name ASA

    Device Vendor Cisco

    Device Type UTM

    Data Source Name cisco-asa

    Connection Type Syslog

    Data Source ID 1636

    3. CONFIGURING CISCO ASA TO SEND LOG DATA TO ALIENVAULT


    Cisco ASA must be configured to send log data to an AlienVault Sensor over the syslog
    protocol.
    Pre-Requisites:

    IP Address of the AlienVault Sensor or All-in-One

    1. Connect to the ASA box with telnet or SSH, enter enable mode to begin configuration.

    enable

    2. Enter the configure mode by typing the following command:

    config terminal

    3. Type the following lines:

    no logging timestamp

    DC-00102 Edition 02 Copyright 2014 AlienVault. All rights reserved. Page 4 of 5


    AlienVault Unified Security Management Solution
    Device Integration: Cisco ASA

    logging trap notification


    logging host inside <IP_Address_AlienVault_Sensor>

    4. Press Ctrl+Z to exit config mode.

    5. Save the configuration changes:

    copy running-config startup-config

    4. HOW TO ENABLE THIS PLUGIN


    This plugin is already configured, but it is necessary to enable it, through command line
    console or through the web interface. The instructions about how to enable this plugin can be
    found in the AlienVault document Data Source Plugin Management.

    DC-00102 Edition 02 Copyright 2014 AlienVault. All rights reserved. Page 5 of 5

    Vous aimerez peut-être aussi