I haven't looked at it in depth, but I'm supposing that NDES/SCEP from an internal CA, for network equipment which supports it, would be useful for encrypting syslog. Of course, if that's the case, then you'd also need to have a syslog server that supports that.
Kurt On Thu, Jan 26, 2012 at 06:43, Michael B. Smith <[email protected]>wrote: > I would be remiss to not point out System Center Operations Manager. And > yes, it has the capability of encrypting data in-transit and at rest for > Windows clients/servers and for various Linux/UNIX distributions. No clue > how you would do that with routers/switches/etc.**** > > ** ** > > Regards,**** > > ** ** > > Michael B. Smith**** > > Consultant and Exchange MVP**** > > http://TheEssentialExchange.com**** > > ** ** > > *From:* [email protected] [mailto:[email protected]] > *Sent:* Thursday, January 26, 2012 9:13 AM > *To:* NT System Admin Issues > *Subject:* RE: FW: SIEM**** > > ** ** > > I do that with my Kiwi Syslog software, Routers, Switches, Firewalls, > Windows NT events, Printer events, and IP camera logs but that wasn't good > enough because it doesn't encrypt the logs as well.**** > > #1 I hadn't heard that term before. I was called it Log monitoring and > management. #2 They are keying of the RSA log hacking to enforce the > encryption of the logs while in transit and at rest.**** > > Blah Blah Blah.**** > > Thanks. Anyone have a good SIEM product or appliance they use? I am > looking at LogRythm or SPLUNK???**** > > ** ** > > *From:* Erik Goldoff [mailto:[email protected]] > *Posted At:* Wednesday, January 25, 2012 3:42 PM > *Posted To:* [email protected] > *Conversation:* FW: SIEM > *Subject:* Re: FW: SIEM**** > > ** ** > > Security Event Information Management ... security event log/alerting ?*** > * > > On Wed, Jan 25, 2012 at 2:14 PM, [email protected] <[email protected]> > wrote:**** > > **** > > **** > > This is new to me. What is SIEM and what do I do with it?**** > > **** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin**** > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin**** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin**** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
