[nsp] Possibly OT: Securing Syslog and SNMP.
James Kilton
kilton9@yahoo.com
Tue, 19 Nov 2002 07:01:43 -0800 (PST)
I'm wondering if there are any standard practices to
securing the monitoring of Cisco devices via Syslog
and SNMP.
The primary issue I'm having trouble with is the
following: ideally you want your Management segment to
be as secure as possible, perhaps the most secure
segment on your network. How then to you allow
traffic (Syslog, SNMP traps) from non-firewalled Cisco
devices such as border routers and backbone switches
to this Management network?
It seems that the Management network should be in the
far "backend" of the network for security reasons, yet
somehow we need to allow traffic initiated from
devices in the very front of the network. Seems like
a catch-22. If anyone can share their thoughts and
experience with this, I'd appreciate it.
Thanks.
__________________________________________________
Do you Yahoo!?
Yahoo! Web Hosting - Let the expert host your site
http://webhosting.yahoo.com