Monitoring Operations

Concept

If we have an external log server, we can point our Security Management Server logs to that server so it's saved there too.

This can be used to research alerts, rejected connections, failed authentication attempts, analyze traffic patterns, and meet compliance requirements (government)

Export

The logs on the Security Gateway can also be exported and then imported into a SIEM or a dedicated log server

Track Options

Alert Options

Per Connection
- Every single conversation / connection
- More logs
Per Session
- Puts a bunch of connections into one object
- Less logs

Log

Queries

The SmartConsole usually displays the first top 50 queries in the default log menu. Predefined queries exist however, custom queries can be made

Practice Questions

PreviousSite-to-Site VPN NextSecurity Management

Last updated 1 year ago

Was this helpful?