15
Step 1
Step 2
Step 3
Step 4
C
FWSM
ISCO
You can integrate Cisco Firewall Service Module (FWSM) version 2.2 with STRM.
A STRM FWSM DSM accepts FWSM events using syslog. STRM records all
relevant Cisco FWSM events.
Before you configure STRM to integrate with Cisco FWSM, you must configure
Cisco FWSM to forward logs to STRM:
Using a Console connection, telnet, or SSH, log in to the Cisco FWSM.
Enable logging:
logging on
Change the logging level:
logging trap level (1-7)
By default, the logging level is set to 3 (error).
Designate STRM as a host to receive the messages:
logging host [interface] ip_address [tcp[/port] | udp[/port]]
[format emblem]
For example:
logging host dmz1 192.168.1.5
Where 192.168.1.5 is the IP address of your STRM system.
You are now ready to configure the sensor device within the STRM interface. To
configure STRM to receive events from a Cisco IDS device, choose one of the
following options:
If you are using STRM 6.0, select Cisco FWSM from the Sensor Device Type
•
drop-down list box.
•
If you are using STRM 6.0.1 and above, select Cisco Firewall Services
Module (FWSM) from the Sensor Device drop-down list box.
For more information on configuring sensor devices, see the Managing Sensor
Devices Guide. For more information regarding Cisco FWSM devices, see your
Cisco documentation.
Configuring DSMs Guide