...
Source | Destination | Port | Description |
Siteminder | LCP | UDP/514 or TCP/601 or TLS/6514 | Default port |
Configuring Siteminder
...
Property | Default Value | Description |
|---|---|---|
Protocol | UDP | The default protocol for syslog. The collector can also accept logs in TCP and Syslog TLS is also supported. Note: While TCP offers guaranteed delivery of log packets, it places a larger overhead on the LCP. To balance TCP for reliability over UDP for speed/simplicity, contact the Accenture Security MDR onboarding team. |
Host Names/IP Addresses | Siteminder IP | Logging device IP address mentioned in the Pre-Installation Questionnaire (PIQ). Note: If the device sends logs using multiple interfaces, contact the Accenture Security MSS onboarding team. |
Signatures | Broadcom-Siteminder | MDR recommended signatures processed by the Broadcom Symantec Siteminder event collector. |
Port Number | 514 | The default port number for syslog. For TCP, the default port is 601. For syslog TLS, port is 6514 Note: The LCP can be configured to listen on a non-standard port, please advise the Accenture MDR onboarding team if this is a requirement. |