Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3660
Views
0
Helpful
0
Replies

Cisco Meraki MX Series IPS/IDS Pen Testing

pro_engineering
Level 1
Level 1

‎10-31-2016 09:58 AM - edited ‎03-10-2019 06:42 AM

I have been piloting a Cisco Meraki MX64 device for quite sometime and we have been looking at it specifically to see what data can get out of it for SIEM integration. Per the documentation that I've found and working with Cisco  we should be able to get IDS/IPS logs via syslog.

We've ran Qualys, Agressive NMAP, MetaSploit, and Nessus and have only been able to generate a handful of events either scanning through the firewall to a host outside or inside the Meraki, or scanning the WAN or LAN interface on the firewall itself.

When I say handful, I mean no more than 5 at a time and NMAP produces nothing.

Just wondering what others are seeing in terms of events being sent to syslog from these devices.

Not much to configure in terms of syslog settings so you really can't get it wrong.

https://documentation.meraki.com/zGeneral_Administration/Monitoring_and_Reporting/Syslog_Server_Overview_and_Configuration

Thanks for your time.

Dana

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card