NetIQ Module: Log Manager for Secure Computing Sidewinder

Supported Products

Secure Computing Sidewinder version 5.2.x
Secure Computing Sidewinder version G2 6.0

Date Published

March 24, 2006

Description

Log Manager collects events from logs and stores them in secure repositories so you can archive this data, create reports for management or auditing purposes, and analyze critical events to research issues. For Secure Computing Sidewinder, Log Manager collects attack messages, Access Control List (ACL) change events, and login failure events.

Why Install This Version?

Log Manager for Firewalls provides an important new capability.

This version includes new technology for dynamically updating Security Manager modules. The AutoSync Server allows you to download and install updated modules between Security Manager releases.

Improvements are made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure our products meet all your needs.

Installation Requirements

The following table lists additional requirements for a Windows agent acting as the proxy agent for Secure Computing Sidewinder. For more information about agent requirements, see the Installation Guide for NetIQ Security Manager.

Category Requirement

Processor 1.5GHz Intel Pentium III or equivalent.

Memory 40MB minimum. The amount of memory usage varies and depends on the environment, including event rate and other factors. Memory use for a Windows agent monitoring Secure Computing Sidewinder could reach 256MB or higher.

Operating System Windows 2000 with Service Pack 2 or later.

Software

A Windows agent can monitor one or more Secure Computing Sidewinder devices. For more information about the number of devices one agent can support, see the NetIQ Security Manager Knowledge Base Article NETIQKB51404 at www.netiq.com/support/sm. The Windows agent computer acts as a proxy agent for the devices.
Install each Windows agent on a computer inside the firewall and on a subnet as physically close to the device as possible. Fewer network hops provide better performance.
Use a unique proxy agent for each platform sending syslog events. For example, use separate Windows agents to monitor NetScreen and Snort.
Install the Windows agent on a separate computer from the database server or central computer to avoid performance issues.

Category	Requirement
Processor	1.5GHz Intel Pentium III or equivalent.
Memory	40MB minimum. The amount of memory usage varies and depends on the environment, including event rate and other factors. Memory use for a Windows agent monitoring Secure Computing Sidewinder could reach 256MB or higher.
Operating System	Windows 2000 with Service Pack 2 or later.
Software	A Windows agent can monitor one or more Secure Computing Sidewinder devices. For more information about the number of devices one agent can support, see the NetIQ Security Manager Knowledge Base Article NETIQKB51404 at www.netiq.com/support/sm. The Windows agent computer acts as a proxy agent for the devices. Install each Windows agent on a computer inside the firewall and on a subnet as physically close to the device as possible. Fewer network hops provide better performance. Use a unique proxy agent for each platform sending syslog events. For example, use separate Windows agents to monitor NetScreen and Snort. Install the Windows agent on a separate computer from the database server or central computer to avoid performance issues.

Installation and Configuration Considerations

You can install this module using the Module Installer. After you install the module, run the Configuration Wizard to configure the module. For more information about installing and configuring this module, see the NetIQ Security Manager for Secure Computing Sidewinder Monitoring Guide in the following folder on the user interface computer:

installation folder\NetIQ Security Manager\OnePoint\Documentation\Monitoring Guides

Where installation folder is the location where you installed Security Manager user interfaces.