It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Barracuda XDR

Overview Documentation Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-5)

Setting up Cisco Adaptive Security Appliance (ASA) Collector

Last updated on 2024-09-30 13:56:07

This setup is for the XDR Collector only. If you are using a physical or virtual sensor, refer to Integrating a Cisco Adaptive Security Appliance.

Enable Cisco Adaptive Security Appliance (ASA) Collector
Install the XDR Collector
Configure the Firewall
Open the Port on the XDR Collector Host

Enable the Cisco Adaptive Security Appliance (ASA) Collector

In Barracuda XDR Dashboard, navigate to Administration > Integrations.
On the Cisco Adaptive Security Appliance card, click Setup.
Select the Enable check box.
Click Save.

Install the XDR Collector

When collecting logs from one or more integrated data sources, always set up the XDR Collector on a dedicated host server. Don't use an existing server because the amount of data produced by logs can impact critical infrastructure.

If you haven't already set up the XDR Collector, do one of the following:
- Setting up the XDR Collector for Windows
- Setting up the XDR Collector for Linux

Configure the Firewall

Syslog servers can be defined in the Cisco Adaptive Security Appliance (ASA) Collector. Choose Configuration > Device Management > Logging > Syslog Servers.

Click Add a syslog server and enter the following:
- Specify the interface that the server is associated with.
- IP Address: The static IP address of the system hosting the XDR Collector.
- Specify the protocol: UDP
- UDP port: 9220
Click OK.

You can find more documentation at the following:

Open the Port on the XDR Collector Host

Ensure incoming traffic is allowed on UDP port 9220.

Linux

sudo ufw allow 9220/udp

Windows

netsh advfirewall firewall add rule name="Cisco ASA Firewall Events" dir=in action=allow protocol=UDP localport=9220