Syslog and TLS

Allgemeine Fragen zu Problemen. Keine Fehlerberichte oder Feature-Anfragen

Moderator: Securepoint

Antworten
HardyB
Beiträge: 3
Registriert: Fr 05.11.2021, 11:08

Syslog and TLS

Beitrag von HardyB »

RFC 5424 "the Syslog Protocol" has that

"
5.1.  Minimum Required Transport Mapping

All implementations of this specification MUST support a TLS-based
transport as described in RFC5425

All implementations of this specification SHOULD also support a
UDP-based transport as described in RFC5426.

It is RECOMMENDED that deployments of this specification use the TLS-
based transport.
"

As for TLS: is the securepoint implementation of syslog transport from UTM (as originator) to syslog collectors incorporating TLS?

If so, how is it to be configured?
If not does the product roadmap include a request for TLS for syslog?

HardyB
Beiträge: 3
Registriert: Fr 05.11.2021, 11:08

Beitrag von HardyB »

any ideas/statement?
We have some 60 UTMs in our environment and want to integrate into a SIEM without the need of building and maintaining VPNs all around ...

Benutzeravatar
Mario
Securepoint
Beiträge: 521
Registriert: Mi 04.04.2007, 10:47
Wohnort: Bäckerei

Beitrag von Mario »

As for now i dont see an option for the UTM syslog server to activate TLS. Setting up a VPN-Server and connecting clients to collect the syslog ist maybe the only option to transfer the log through the internet. For now...

You can look into our securepoint wunschbox. Maybe this topic is already mentioned there. Or fill out a request.
Rise from your grave!

Antworten