- Enable Cisco Adaptive Security Appliance (ASA) Collector
- Install the XDR Collector
- Configure the Firewall
- Open the Port on the XDR Collector Host
Enable the Cisco Adaptive Security Appliance (ASA) Collector
- In Barracuda XDR Dashboard, navigate to Administration > Integrations.
- On the Cisco Adaptive Security Appliance card, click Setup.
- Select the Enable check box.
- Click Save.
Install the XDR Collector
- If you haven't already set up the XDR Collector, do one of the following:
Configure the Firewall
Syslog servers can be defined in the Cisco Adaptive Security Appliance (ASA) Collector. Choose Configuration > Device Management > Logging > Syslog Servers.
- Click Add a syslog server and enter the following:
- Specify the interface that the server is associated with.
- IP Address: The static IP address of the system hosting the XDR Collector.
- Specify the protocol: UDP
- UDP port: 9220
- Click OK.
You can find more documentation at the following:
Open the Port on the XDR Collector Host
Ensure incoming traffic is allowed on UDP port 9220.
Linux
sudo ufw allow 9220/udp
Windows
netsh advfirewall firewall add rule name="Cisco ASA Firewall Events" dir=in action=allow protocol=UDP localport=9220