I'm a Cisco/IOS beginner. I've managed to configure my ASA5510 to do it's thing for the most part. The ASA5510 will write it's IDS events to my syslog server, butI can't seem to find a way to get the SSM-10 Module to do the same. I can log into ADSM 5.0 to view the events manually, but it's a huge pain. Is this normal behavior, or am I missing something (more likely)?
Sorry to bring the bad news. Right now SSM will only report SDEE, not syslog. Bottom line is that they only way to correlate IPS alerts and syslog is throught CS-MARS. You cannot generate syslog from SSM.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...