This quick start guide will help Accenture Security customers configure Illumio Adaptive Security platform to send log collection from the Log Collection Platform (LCP).
...
Source | Destination | Port | Description |
Illumio ASP | LCP | UDP / 514 or TCP / 601 | Default port and protocol |
Configuring Illumio Adaptive Security (ASP)
In the Policy Console Engine (PCE) web console menu, navigate to Settings > Event Settings.
Click Add.
Event Settings – Add Event Forwarding page opens.
Click Add Repository.
In the Add Repository dialog:
Enter name of the syslog server in Description field.
Enter the IP address of the syslog server in Address field.
Select UCP or TCP as a Protocol.
Enter port number for the syslog server in Port field. (514 for UDP and 601 for TCP)
Disabled the TLS now.
Note: Currently TLS is not supported for this onboarding and it may support in future.
...
6. Edit the event forwarding repository you have created.
7. Enable all in Auditable Events and Traffic Events like shown in below screenshot.
8. Click Save.
...
LCP Configuration parameters
...