Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring a Syslog Traffic Rule

    If the Stonesoft Management Center and JSA are separated by a firewall in your network, you must modify your firewall or IPS policy to allow traffic between the Stonesoft Management Center and JSA.

    1. From the Stonesoft Management Center, select one of the following methods for modifying a traffic rule:
      • Firewall policies— Select Configuration >Configuration >Firewall.

      • IPS policies— Select Configuration >Configuration >IPS.

    2. Select the type of policy to modify:
      • Firewall - Select Firewall Policies >Edit Firewall Policy.

      • IPS - Select IPS Policies >Edit Firewall Policy.

    3. Add an IPv4 Access rule with the following values to the firewall policy:

      Source— Type the IPv4 address of your Stonesoft Management Center Log Server

    4. Destination— Type the IPv4 address of your JSA console or Event Collector.
    5. Service— Select Syslog (UDP).
    6. Action— Select Allow.
    7. Logging— Select None.

      Note: In most cases, it is suggested to set the logging value to None. Logging syslog connections without configuring a syslog filter can create a loop. For more information, see the StoneGate Management Center Administrator's Guide.

    8. Save your changes and refresh the policy on the firewall or IPS.

      You are now ready to configure the log source in JSA.

    Modified: 2016-09-22