Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CONFIGURING DSMS REV 1 Manual page 143

60
Integrating Nortel
Switched Firewall
Using Syslog
Step 1
Step 2
Step 3
Step 4
N S
ORTEL
A STRM Nortel Switched Firewall 5100 DSM accepts Check Point FireWall-1
events from a Check Point SmartCenter Server, which is managed by the Nortel
Switched Firewall. STRM records all relevant events. Before configuring a Nortel
Switched Firewall device in STRM, you must configure your Check Point
SmartCenter Server to send events to STRM.
You can configure STRM to integrate with a Nortel Switched Firewall 5100 using
one of the following methods:
Integrating Nortel Switched Firewall Using Syslog
•
Integrating Nortel Switched Firewall Using OPSEC
•
Note: Depending on your Operating System, the procedures for the Check Point
SmartCenter Server may vary. The following procedures are based on the Check
Point SecurePlatform Operating system.
This method ensures the STRM Nortel Switched Firewall 5100 DSM accepts
Check Point FireWall-1 events using syslog. Before you configure STRM to
integrate with a Check Point FireWall-1 SmartCenter Server, you must:
Note: If Check Point SmartCenter Server is installed on Microsoft Windows, you
must use the OPSEC method.
Enter the following command to access the Check Point SmartCenter Server
console as an expert user:
expert
A password prompt appears.
Enter your expert console password. Press Enter.
Open the following file:
/etc/rc.d/rc3.d/S99local
Add the following lines:
$FWDIR/bin/fw log -ftn | /usr/bin/logger -p
<facility>.<priority> > /dev/null 2>&1 &
Where:
Configuring DSMs Guide
F
WITCHED
5100
IREWALL