Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Cisco Pix

 

You can integrate Cisco Pix security appliances with JSA.

The Cisco Pix DSM for JSA accepts Cisco Pix events by using syslog. JSA records all relevant Cisco Pix events.

Configuring Cisco Pix to Forward Events

You can configure Cisco Pix to forward events.

  1. Log in to your Cisco PIX appliance by using a console connection, telnet, or SSH.
  2. Type the following command to access Privileged mode:

    enable

  3. Type the following command to access Configuration mode:

    conf t

  4. Enable logging and time stamp the logs:

    logging on

    logging timestamp

  5. Set the log level:

    logging trap warning

  6. Configure logging to JSA:

    logging host <interface> <IP address>

    Where:

    • <interface> is the name of the interface, for example, DMZ, LAN, ethernet0, or ethernet1.

    • <IP address> is the IP address of the JSA host.

    The configuration is complete. The log source is added to JSA as Cisco Pix Firewall events are automatically discovered. Events that are forwarded to JSA by Cisco Pix Firewalls are displayed on the Log Activity tab of JSA.

Configuring a Log Source

JSA automatically discovers and creates a log source for syslog events from Cisco Pix Firewalls.

The following configuration steps are optional.

To manually configure a log source for Cisco Pix, take the following steps:

  1. Log in to JSA.
  2. Click the Admin tab.
  3. On the navigation menu, click Data Sources.

    The Data Sources pane is displayed.

  4. Click the Log Sources icon.

    The Log Sources window is displayed.

  5. Click Add.

    The Add a log source window is displayed.

  6. In the Log Source Name field, type a name for your log source.
  7. In the Log Source Description field, type a description for the log source.
  8. From the Log Source Type list, select Cisco PIX Firewall.
  9. Using the Protocol Configuration list, select Syslog.

    The syslog protocol configuration is displayed.

  10. Configure the following values:

    Table 1: Syslog Parameters

    Parameter

    Description

    Log Source Identifier

    Type the IP address or host name for the log source as an identifier for events from your Cisco Pix Firewall.

  11. Click Save.
  12. On the Admin tab, click Deploy Changes.

    The configuration is complete.