Re: Logs from Firewall NetScreen

[pkc mls <pkc_mls () yahoo fr>]

Le 05/09/2011 23:03, nbniel () gmail com a écrit :
> Hello,
> I'm wonder if someone knows what are the options of logs that should be activated in the syslogs of firewall netscreen, 
> in my case, we have the next log settings:
> - Emergency    ->  Activated
> - Alert        ->  Activated
> - Critical     ->  Activated
> - Error        ->  Activated
> - Warning      ->  Deactivated
> - Notification ->  Deactivated
> - Information  ->  Deactivated
> - Debugging    ->  Deactivated
>
> But i'do not know if they are the best practices, i would think to keep activated just Emergency, Alert, Critical and 
> Notification but i'm not sure; or the other option is to activate all...
> The problem with the last is that there's too much information that my SIEM received and don't know if every event is 
> important to monitor...
> I hope someone could help me...
Hi,

you'll find all relevant information in the "concept and example guide" 
available at :
http://www.juniper.net/techpubs/software/screenos/screenos6.3.0/630_ce_all.pdf 



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------