Imperva SecureSphere
  • 2 Minutes to read
  • Contributors
  • Dark
    Light
  • PDF

Imperva SecureSphere

  • Dark
    Light
  • PDF

Imperva SecureSphere appliances provide superior performance and resiliency for demanding data centre environments. With fail open interfaces, SecureSphere platforms offer fast and cost-effective fail over.

Integration of Imperva WAF with DNIF

Imperva SecureSphere offers four different events, each requiring slightly different configuration such as:

  • Security Event
  • Custom Security Event
  • Firewall Security Event
  • System Event

Configuring Security Events

To set SecureSphere to send syslog messages based on the CEF standard when a security event occurs:

  • Define a new Action Set and configure the parameters as follows:
Parameters Description
Name Enter an action set name, for example, security_syslog.
Syslog Host Enter the IP of DNIF Adapter
Syslog Log Level Enter the Syslog log level
Message Enter the CEF message for a security event (alert).
Facility Enter a facility name
  • Set the security policies followed action that you want to send to Syslog when a violation occurs.
  • Use the action set defined for security events.

Configuring a Custom Policy Security Events

To set SecureSphere to send syslog messages based on the CEF standard when a custom policy event occurs:

  • Define a new Action Set and configure the parameters as follows:
Parameters Description
Name Enter an action set name, for example, custom_security_syslog.
Syslog Host Enter the IP of DNIF Adapter
Syslog Log Level Enter the Syslog log level
Message Enter the CEF message for a custom policy security event (alert).
Facility Enter a facility name
  • Set the custom security policies followed action that you want to send to Syslog when a violation occurs.
  • Use the action set defined for security events.

Configuring a Firewall Security Events

To set SecureSphere to send syslog messages based on the CEF standard when a firewall security event occurs:

Define a new Action Set and configure the parameters as follows:

Parameters Description
Name Enter an action set name, for example, custom_security_syslog.
Syslog Host Enter the IP of DNIF Adapter
Syslog Log Level Enter the Syslog log level
Message Enter the CEF message for a custom policy security event (alert).
Facility Enter a facility name
  • Set the firewall security policies followed action that you want to send to Syslog when a violation occurs.
  • Use the action set defined for security events.
    ## Configuring System Events

To set SecureSphere to send syslog messages based on the CEF standard when a system event occurs:

Parameters Description
Name Enter an action set name, for example, custom_security_syslog.
Syslog Host Enter the IP of DNIF Adapter
Syslog Log Level Enter the Syslog log level
Message Enter the CEF message for a custom policy security event (alert).
Facility Enter a facility name
  • Create the system event policy and set the followed action to send a Syslog message when the event occurs.
  • Use the action set defined for system events.

Imperva SecureSphere logs are now streamed to DNIF.


Was this article helpful?

What's Next