Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We have two Cisco IronPort ESA C190s on OS 10.0.1-087.
Our Security team has a requirement that we begin pushing syslogs to our SIEM device (Logrythm). Our team currently pushes syslogs to our infrastructure management collector (Loginsight).
...
For those of you utilizing the ESA's Advanced Malware Protection feature keys and sending documents to the cloud for file analysis, what are the average turnaround times you see? I'm needing to provide the average time it will take for a document to...
My company has a need to block all incoming emails from a country with an exception for a few people in our Executive and compliance staff.I am trying to use content filters to do this, but want to make sure that I have them set up correctly.Anyone e...
My company would like to add an additional disclaimer text during Holidays where the company is closed. It will say something like: "In observance of the 'XYZ' holiday, our offices will be closing at 3:00 PM on Friday, December........ and will reop...
I am implementing two new C170's this weekend (OS 7.5.1-102) to replace our existing C150's (OS 7.1.5-017). The only trouble I'm having is setting up the Spam quarantine settings to match the current config. The settings are different on the two ma...
Just to clarify, I can add a second subscription to a log type I already have listed and set it to go to a different syslog location?
Will it create the new log file or do I have to manually give it a different file name?
Sorry, that didn't answer my question. I need to know how to configure MULTIPLE syslog collectors.
I am well aware of how to configure it to push syslogs in general via the GUI.
Thank you Libin. I am aware of the average turnaround time based on an answer I received from support. I was hoping to find out from other organizations what their experience was.
So far, my testing does seem to indicate approximate turnaround av...
I think that's your problem too. Although, I'm not sure how you fix it without either setting up an alternative Admin account. Either in AD or on the IronPort.Good luck!
