[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

labeled ipsec auditing



I am auditing when an ipsec policy is added and removed from the 
Security Policy Database. Should I also add audit when an SA is 
added and removed? SAs can quickly fill up log since there can be many of them
and they also have a lifetime associated with them that can result in 
continuous renewal. I looked at how Paul implemented netlabel auditing, 
but was wondering is there any specific info I should audit for 
labeled ipsec?

Regards,
Joy   


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]