6200networks.com

by Joe Harris, CCIE# 6200

Today is Thursday, August 28th, 2008

About the Author

Joe Harris, CCIE No. 6200 (R&S, Security & SP) is a Systems Engineer with Cisco Systems® specializing in Security. In addition to authoring Cisco Network Security Little Black Book, Joe has also been a technical reviewer for several Cisco Press publications and written articles, white papers, and presentations on various security technologies. He also assists various Certification Partners by beta testing their newest CCIE certification workbooks and has been recognized by Cisco as an SE Wall of Fame award winner.

See All Posts by This Author

ASA 8.0 - Secure Logging

October 4th, 2007 • Related • Filed Under

It has been a few months now since the 8.x Release of the ASA software has shipped and I wanted to shine the spotlight on the Firewall and System Enhancements that has been integrated into the 8.x release of code.

For this entry, let us look look at Secure Logging. In all releases prior to 8.x, the ASA and PIX platforms deliver syslogs to remote syslog servers using the UDP or TCP protocol as the transport mechanism. Syslog messages are transferred in clear text and there is no means of authentication between the appliance and the syslog server. In response to the requests from Cisco customers to protect the syslog messages, the Secure Logging feature of ASA 8.x introduces a SSL/TLS transport layer between the ASA and the remote syslog servers.

With this enhancement of certificate authentication and encrypted data transfer, security threats to the logging service are reduced. The Secure Logging service can only be configured with an SSL/TLS-capable syslog server and in this release only the TCP protocol is supported. A sample configuration is included below:

logging host inside 192.168.100.100 TCP/1500 secure

I wanna see the video below in a larger format!!!!