You can integrate Cisco Firewall Service Module (FWSM) with JSA.
The Cisco FWSM DSM for JSA accepts FWSM events by using syslog. JSA records all relevant Cisco FWSM events.
Configuring Cisco FWSM to Forward Syslog Events
To integrate Cisco FWSM with JSA, you must configure your Cisco FWSM appliances to forward syslog events to JSA.
To configure Cisco FWSM:
- Using a console connection, telnet, or SSH, log in to the Cisco FWSM.
- Enable logging:
- Change the logging level:
logging trap <level>
Where <level> is set from levels 1-7. By default, the logging trap level is set to 3 (error).
- Designate JSA as a host to receive the messages:
logging host [interface] ip_address [tcp[/port] | udp[/port]] [format emblem]
logging host dmz1 192.168.1.5
Where 192.168.1.5 is the IP address of your JSA system.
You are now ready to configure the log source in JSA.
Syslog Log Source Parameters for Cisco FWSM
If JSA does not automatically detect the log source, add a Cisco FWSM log source on the JSA Console by using the syslog protocol.
When using the syslog protocol, there are specific parameters that you must use.
The following table describes the parameters that require specific values to collect syslog events from Cisco FWSM:
Table 1: Syslog Parameters for the Cisco FWSM DSM
Log Source type
Cisco Firewall Services Module (FWSM)
Log Source Identifier
Type the IP address or host name for the log source.
The identifier helps you determine which events came from your Cisco FWSM device.