Manualshelf

User guide

ManualsBrandsWatchguard ManualsComputer equipmentFirebox X1000
191192193194195196197198199200
Chapter 13: Setting Up Logging and Notification
178 WatchGuard Firebox System
The Firebox sets its clock to the current log host. If the Firebox and the log
host times are different, the Firebox time drifts toward the new time,
which often results in a brief interruption in the log file. Rebooting the
Firebox resets the Firebox time to that of the primary log host. Therefore,
you should set all log hosts’ clocks to a single source. In a local installation
where all log hosts are on the same domain, set each log host to the
common domain controller.
For Windows NT log hosts
1 Go to each log host. Open an MS-DOS Command Prompt window.
Type the following command:
net time /domain:domainName /set
where domainName is the domain in which the log hosts operate.
The system returns a message naming the domain controller.
2 Type Y.
The time of the local host is set to that of the domain controller.
Another method to set the log host (and domain controller) clocks is to
use an independent source such as the atomic clock—based servers
available on the Internet. One place to access this service is:
http://www.bldrdoc.gov/timefreq
Setting up the WatchGuard Security Event Processor
The WatchGuard Security Event Processor application is available both as
a command-line utility and, on a Windows NT or Windows 2000 host, as
a service. It is, by default, installed on the Management Station when you
install the WatchGuard Firebox System. However, you must manually
install the WSEP on all log hosts.
Running the WSEP application on Windows NT, Windows
2000, or Windows XP
If the WSEP application is to run on a Windows NT, 2000, or XP operating
system, you can choose between two methods: interactive mode from a
DOS window or as a Windows service. The default method is for the
WSEP application to run as a Windows service.