Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Nortel Switched Firewall 5100

A JSA Nortel Switched Firewall 5100 DSM records all relevant firewall events by using either syslog or OPSEC.

Before you configure a Nortel Switched Firewall device in JSA, you must configure your device to send events to JSA.

See information about configuring a Nortel Switched Firewall by using one the following methods:

Integrating Nortel Switched Firewall by Using Syslog

This method ensures the JSA Nortel Switched Firewall 5100 DSM accepts events by using syslog.

To configure your Nortel Switched Firewall 5100:

  1. Log into your Nortel Switched Firewall device command-line interface (CLI).

  2. Type the following command:

    /cfg/sys/log/syslog/add

  3. Type the IP address of your JSA system at the following prompt:

    Enter IP address of syslog server:

    A prompt is displayed to configure the severity level.

  4. Configure info as the severity level.

    For example, Enter minimum logging severity

    (emerg | alert | crit | err | warning | notice | info | debug): info

    A prompt is displayed to configure the facility.

  5. Configure auto as the local facility.

    For example, Enter the local facility (auto | local0-local7): auto

  6. Apply the configuration:

    apply

  7. Repeat for each firewall in your cluster.

    You are now ready to configure the log source in JSA.

  8. To configure JSA to receive events from a Nortel Switched Firewall 5100 device by using syslog: From the Log Source Type list, select the Nortel Switched Firewall 5100 option.

Integrate Nortel Switched Firewall by Using OPSEC

This method ensures the JSA Nortel Switched Firewall 5100 DSM accepts Check Point FireWall-1 events by using OPSEC.

Depending on your Operating System, the procedures for the Check Point SmartCenter Server can vary. The following procedures are based on the Check Point SecurePlatform Operating system.

To enable Nortel Switched Firewall and JSA integration, take the following steps:

  1. Reconfigure Check Point SmartCenter Server.

  2. Configure the log source in JSA.

Configuring a Log Source

Configure the log source in JSA.

  1. To configure JSA to receive events from a Nortel Switched Firewall 5100 device that uses OPSEC, you must select the Nortel Switched Firewall 5100 option from the Log Source Type list.

  2. To configure JSA to receive events from a Check Point SmartCenter Server that uses OPSEC LEA, you must select the LEA option from the Protocol Configuration list when you configure your protocol configuration.