Oh yeah, and the other idea that was thrown way way out to me that was interesting was to convert the syslog to SNMP traps and then use SNMPv3 to push it to an NMS server. A bit on the edge but interesting too.
-Hammer- "I was a normal American nerd." -Jack Herer On Tue, Mar 29, 2011 at 11:26 AM, Hammer <[email protected]> wrote: > Another option that was recently presented to me was using GDOI to > authenticate the traffic from the client before it's sent. Then, only the > syslog traffic would be encrypted and passed. I'm still researching this but > it sounds plausable albeit overkill. In the end, we may just policy route > the syslog traffic thru a tunnel. Thanks for all the input. > > > -Hammer- > > "I was a normal American nerd." > -Jack Herer > > > > > > On Fri, Mar 25, 2011 at 3:37 PM, Bruce Pinsky <[email protected]> wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Hammer wrote: >> > Cool. Doesn't apply to IOS but will work for my CheckPoints. If I make >> > some headway I'll post back to this thread. Don't hold your breath. >> > >> >> Well, I was thinking of rsyslogd on the server side, not the client. Then >> if the IOS TLS transport works for syslog, you'd be good to go. >> >> - -- >> ========= >> bep >> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.9 (MingW32) >> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ >> >> iEYEARECAAYFAk2M/QoACgkQE1XcgMgrtyZAigCfT8tW61b/4/OJupm7R+x4PFLO >> bRsAoOsRN/NrwOAgzTGA+OPsW3FCDBGF >> =oOAL >> -----END PGP SIGNATURE----- >> > > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
