[c-nsp] Can I encrypt syslog traffic in IOS

Hammer bhmccie at gmail.com
Tue Mar 29 12:26:18 EDT 2011


Another option that was recently presented to me was using GDOI to
authenticate the traffic from the client before it's sent. Then, only the
syslog traffic would be encrypted and passed. I'm still researching this but
it sounds plausable albeit overkill. In the end, we may just policy route
the syslog traffic thru a tunnel. Thanks for all the input.


 -Hammer-

"I was a normal American nerd."
-Jack Herer





On Fri, Mar 25, 2011 at 3:37 PM, Bruce Pinsky <bep at whack.org> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hammer wrote:
> > Cool. Doesn't apply to IOS but will work for my CheckPoints. If I make
> > some headway I'll post back to this thread. Don't hold your breath.
> >
>
> Well, I was thinking of rsyslogd on the server side, not the client.  Then
> if the IOS TLS transport works for syslog, you'd be good to go.
>
> - --
> =========
> bep
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk2M/QoACgkQE1XcgMgrtyZAigCfT8tW61b/4/OJupm7R+x4PFLO
> bRsAoOsRN/NrwOAgzTGA+OPsW3FCDBGF
> =oOAL
> -----END PGP SIGNATURE-----
>


More information about the cisco-nsp mailing list