Home
Topics
Network Security
Network Security Best Practices and Products
PIX log reader

PIX log reader

Retired Expert - Luis Medina

I have two PIX's 535 running 4.5. My job is to review the logs on a daily basis. Do you have or know of a PIX log reader something to make it easy to read the log files?

Requires Free Membership to View

Login

By submitting you agree to receive email communications from
TechTarget and its partners. Privacy Policy Terms of Use.

Having managed two PIX firewalls myself (in previous case, configured with fail-over option) - I understand the situation that you are in and empathize with respect to making it "easy to read the log files."

First, from a security standpoint, I noticed that your current PIX software version is outdated. Consider looking into and upgrading to the 6.x generation or, at a minimum version 5.34, which I have found to be a very stable PIX version.

Second, regardless of your Syslog solution, consider the following steps to increase your log security ? I've also included a program (recommended by a Cisco engineer) that I've used, which you can configure in conjunction with the log reader. However, keep in mind that if you plan to use SSH, it has its share of vulnerabilities and syslog software is no exception.

Set up a dedicated Syslog server with no other services running and configure TCP/IP filtering or IPSec to block ports other than the Syslog unique port (you use in #2.) Apply physical security.
Change the default port of the Syslog software/daemon on your server and in your PIX firewalls and routers and add your dedicated Syslog server, I.E. "logging "
If you haven't already done so, read my security articles online on protecting your border routers and PIX firewalls (see link):
http://searchnetworking.techtarget.com/ateExpertBio/0,289623,sid7_cid477197,00.html
Set and test the appropriate level of logging for your company. Avoid hindering your future efforts to track a suspicious event by not logging enough information.
Closely monitor your Syslog server and create a baseline for normal operation. Archive your logs hourly to tape.

Kiwi Enterprises (www.kiwisyslog.com) offers a freeware Syslog Daemon 7.x and Log Viewer 1.x for Windows platforms to display log files in an easy to read manner through "column sorting and re-ordering". In addition, Kiwi offers a Syslog message generator called SyslogGen to emulate PIX messages and help you test the Syslog Daemon setup. Kind regards,
Luis

More News and Tutorials

Articles

Related glossary terms

Terms for Whatis.com - the technology online dictionary

This was first published in February 2003

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

Back to top

More from Related TechTarget Sites

Enterprise WAN
Unified Communications
Mobile Computing
Data Center
Networking Channel

Enterprise WAN
- WAN optimization, management and security: Putting the pieces together
  
  By searching for solutions that put WAN optimization, management and security together, enterprise IT can reduce company bottom lines and complexity.
- Five ways applications benefit from enterprise WAN optimization
  
  These are five ways enterprise WAN optimization technology helps overcome productivity and application issues organizations face in today's workforce.
- Optimizing WAN performance: Industry trends driving demand
  
  As the enterprise workplace is becoming more virtual and mobile, optimizing WAN performance to fit end user demands is more vital than ever.
Unified Communications
- Is there a way to mix different unified communications solutions?
  
  It is possible to mix different unified communications solutions to fit your needs, says UC expert Jon Arnold.
- Communications outsourcing: North American vs. European market
  
  Communications outsourcing is a more popular practice overseas. As IT models change and companies expand globally, U.S. enterprises will see value.
- All You Can Meet video bridge prices meet more users' needs
  
  Blue Jeans Network, which provides hosted video bridges, is delivering All You Can Meet video conference pricing plans to enterprises.
Mobile Computing
- Bringing BYOD to your enterprise
  
  Bring your own device (BYOD) can be a boon for both employees and enterprises, but clear policies and management tools are needed.
- Meeting technical requirements for mobile health care deployments
  
  IT departments deploying mobile health care solutions must ensure that using mobile devices in health care settings doesn't violate federal laws or compromise security.
- Making the call: Distributed antenna systems and in-building wireless
  
  Distributed antenna systems and in-building wireless solutions are two options to improve wireless cellular coverage within an enterprise facility.
Data Center
- Data center technologies evolve to meet tomorrow's computing demands
  
  VMware's upcoming public cloud and AMD's 64-bit ARM servers are technologies for the data center that exemplify the changes in the IT industry.
- New data center cooling strategies to improve efficiency, lower costs
  
  Stagnant strategies for data center cooling will keep energy bills climbing ever higher, but a more modern approach can bring them back down to earth.
- Converged systems usher in data center transformation
  
  The rise of converged systems has brought a new level of manageability to the data center, but these integrated offerings have a few drawbacks.
Networking Channel
- Aruba Networks Partner Program Checklist
  
  Value-added resellers and service providers interested in reselling Aruba networking hardware and software can learn the benefits of becoming an Aruba Networks partner with this standardized checklist. Compare Aruba's reseller partner program with other vendors' offering similar products.
- NetScout Systems Partner Program Checklist
  
  Learn the benefits of becoming a NetScout Systems reseller partner with our Partner Program Checklist.
- Visage Mobile Partner Program Checklist
  
  Learn the benefits of becoming a Visage Mobile reseller partner with our Partner Program Checklist.

All Rights Reserved,Copyright 2000 - 2013, TechTarget