You need to understand that there are actually many parts to
the management console:
1. policy management
interacting with the policy GUI;
2. logging interacting with the
firewalls and the log viewer GUI;
3. OPSEC interacting with 3rd
party products like RealSecure;
4. CP MAD interacting with the
logs and the firewalls;
etc., etc., etc.
Anyway, when the logging piece is deactivated via shutdown,
the log viewer would not
be able to connect to the management console nor would the
management console
receive any updates from the remote firewall modules.
However, when the management
console is reactivated, it should reconnect to the firewalls
and the firewalls should update
the console with the logs it saved locally on the remote
firewall modules.
The rule of thumb is to NOT shutdown the management console since it
receives the logs
as well. It is possible, however, to push to logs to another
server, called the master
console, which only receives and processes logs. It performs no other
function such as
firewall management or OPSEC accounting, just logging.
David C. Diemer, CCSE Enterprise Security Firewall Engineer Georgia
Department of Administrative Services (DOAS) 200 Piedmont Ave. SE Suite
1420, West Tower Atlanta, GA 30334 [email protected](V) (F) >>> Verónica Fernández
< [email protected]> 03/21/01 06:58AM >>>
Hi everybody!!
Last week the pc where is isntalled the management
console of FW-I (windows 2000 professional) , shutdown and it was 7 days power
off.
Yesterday I turns it on and when I open the log
viewer it only shows the messages from the 10 of March, the day that the pc was
shutdown, but not the newer.
I installed the policy from the console management
and it runs good.
I shutdown and turn on the FW-I (NOKIA IP650), and
it was good, but the logs goes on not updated.
Do you know where is the problem?? And, how can I
solve it??
Thanks.
Regards.
Verónica.
|