Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Overview

We take syslog using Zyxel Firewall on the port 514.

So, port 514 needs to be allowed from the firewall.

This document will guide steps to integrate the zyxel firewall to Seceon CCE.

Steps of Configuration

Step1. Login to the firewall as administrator role.

Step 2. Click on Site Wide as shown in the screenshot below.

Step 3. Click on General setting (as shown in the Screenshot below.

Step 4. After navigating to general setting, you will be redirected to a page.

>>Scroll down the page till Reporting (Highlighted in bold rectangular box)

>>After that click on add (Highlighted in bold rectangular box) and fill the Server IP (Highlighted in bold rectangular box) and select the Types of log (Security Application Traffic Log and Security Appliance log)

The configuration is done.

Verification

Through UI

STEP1: Login to UI >> SYSTEM>> LOGS AND FLOWS COLLECTION STATUS .

STEP 2: >> LOGS AND FLOWS COLLECTION STATUS .

STEP 3: >>Inside SOURCE DEVICE IP, IP will reflect.

Through CCE server

Run the below command on CCE server

sudo tcpdump -i any portv 514 and host <IP of firewall and enter>

  • No labels

Seceon Inc. All rights reserved. https://www.seceon.com