Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Table of Contents

Overview

We are providing you with the steps to integrate your Akamai with Seceon SIEM so One can have Comprehensive visibility and Proactive Threat Detection in your Environment. There will be a log transfer between your firewall to APE(Analytics and Policy Engine) via CCE (Collection and Control Engine ).

Steps Of Configuration

Step 1. Navigate to Provisioning by clicking on the Provisioning tab located in the top menu bar of the application.

...

Step 2. Drop down Add on devices by clicking on the downward-facing arrow next to the 'Add on devices' option in the menu.

...

Pre-requisite

Akamai SIEM setting Configuration: https://techdocs.akamai.com/siem-integration/docs/akamai-siem-integration-for-splunk-and-cef-syslog

Create Authorization Creds: https://techdocs.akamai.com/developer/docs/set-up-authentication-credentials

...

To add the Akamai support, follow the steps that are mentioned below.

  • Device: Select the name of the device 'Akamai' in this section.

  • Name: We can take anything here according to our interest (mini. 3 character).

  • CCE Host: Enter the CCE IP

  • Access ID/Username: Enter Client Token

  • Password/Secret Key: Enter Client Secret

  • Config: Now in valid JSON Format in the last field enter your Host in host (without https://), Access token in access_token and security configuration ID in config_id.

{"host": "<host>", "access_token": "<access_token>" ,"config_id": "<config _d>id>"}

  • Click on the Save button.

Verification

STEP 1:Log in to UI >> SYSTEM

...

STEP 2: >> Logs and flows collection status

...

STEP 3: >>To verify the source device IP from the UI:

  • Log in to the user interface

  • Navigate to the "SYSTEM" section

  • Look for the "SOURCE DEVICE IP"

  • Check the IP address that is displayed

  • Compare the IP address displayed against the expected source device IP

This will allow you to ensure that the system is properly identifying the source device IP and that it matches the expected IP address..

...