Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: syslog and network management

From: "Darden, Patrick S." <darden () armc org>
Date: Tue, 19 Feb 2008 13:35:53 -0500

Having a centralized log server is actually definced as best
practice.  It is generally felt that it should only be
the log server though, all other services turned off,
firewall in place, etc. so it can be inviolate for all
auditing, legal procedures, security traces, etc.

The case for centralized logging:
http://ebuzzsaw.com/whitePapers/Case_for_Centralize_Logging.htm



-----Original Message-----
From: firewall-wizards-bounces () listserv icsalabs com
[mailto:firewall-wizards-bounces () listserv icsalabs com]On Behalf Of
shadow floating
Sent: Tuesday, February 19, 2008 10:20 AM
To: Firewall Wizards Security Mailing List
Subject: [fw-wiz] syslog and network management


Hi all,
is it appropriate from security point of view to have one server in
which syslog is installed to colledt logs from all network devices
(firewalls, switches and routers), in addition to installing
management software to like ciscoworks on the same machine, in
addition to using this machine as a network time server to sync all
network devices?, if yes does any one recommed certain specs for this
machine or it can be an ordinary machine with 1 GB of memory and 512
GB hard disk and 3.2 GHz processor.

thanks alot

regards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: