Firewall Wizards mailing list archives

NetScreen Logging with NSRP

From: Kerry Milestone <km4 () sanger ac uk>
Date: Wed, 26 Mar 2008 12:47:04 +0000

Hello,

I am looking at doing an audit of the policies installed on a HA 
passive/active firewall setup with NSRP.  The primary is running at 
about 80% CPU or so, the backup is about 5%.  As such, I am a bit 
hesitant (to say the least) about putting policy logging on as it may 
kill the firewall.

Is it possible somehow to have logging on just the redundant firewall?  
My other, perhaps long way of doing this is to convert the current 
policies and, say, parse into snort rules and observe through a port tap 
- the number of 'positive' hits on the IDS.

Does anyone have any other suggestions as to how to achieve what I want 
to do?

Many thanks,
Kerry Milestone


-- 
Kerry Milestone

Senior Systems Engineer - Network Project Team
The Wellcome Trust Sanger Institute
Wellcome Trust Genome Campus                 Email: km4 () sanger ac uk
Hinxton, Cambridge CB10 1SD                  Phone: (+44) 1223 492320
United Kingdom 




-- 
 The Wellcome Trust Sanger Institute is operated by Genome Research 
 Limited, a charity registered in England with number 1021457 and a 
 company registered in England with number 2742969, whose registered 
 office is 215 Euston Road, London, NW1 2BE. 
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

NetScreen Logging with NSRP Kerry Milestone (Mar 26)
- Re: NetScreen Logging with NSRP Avishai Wool (Mar 26)
- Message not available
  - Re: NetScreen Logging with NSRP Kerry Milestone (Mar 28)
- <Possible follow-ups>
- Re: NetScreen Logging with NSRP Peter Bruderer (Mar 26)