Securepoint Support Forum

Securepoint Security Solutions Support Forum
https://support.securepoint.de/

Syslog and TLS

https://support.securepoint.de/viewtopic.php?t=10002

Seite 1 von 1

Syslog and TLS

Verfasst: Fr 05.11.2021, 12:26
von HardyB
RFC 5424 "the Syslog Protocol" has that

"
5.1.  Minimum Required Transport Mapping

All implementations of this specification MUST support a TLS-based
transport as described in RFC5425

All implementations of this specification SHOULD also support a
UDP-based transport as described in RFC5426.

It is RECOMMENDED that deployments of this specification use the TLS-
based transport.
"

As for TLS: is the securepoint implementation of syslog transport from UTM (as originator) to syslog collectors incorporating TLS?

If so, how is it to be configured?
If not does the product roadmap include a request for TLS for syslog?

Re: Syslog and TLS

Verfasst: Mo 08.11.2021, 15:46
von HardyB
any ideas/statement?
We have some 60 UTMs in our environment and want to integrate into a SIEM without the need of building and maintaining VPNs all around ...

Re: Syslog and TLS

Verfasst: Mo 08.11.2021, 16:42
von Mario
As for now i dont see an option for the UTM syslog server to activate TLS. Setting up a VPN-Server and connecting clients to collect the syslog ist maybe the only option to transfer the log through the internet. For now...

You can look into our securepoint wunschbox. Maybe this topic is already mentioned there. Or fill out a request.
Alle Zeiten sind UTC+02:00
Seite 1 von 1

Powered by phpBB® Forum Software © phpBB Limited

Deutsche Übersetzung durch phpBB.de