This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
saitoh
Advisor
‎2025-10-05 10:44 PM
Jump to solution

What System TLS Configuration do?

Hi all,

 

I found presumably newly-added setting, which is System TLS Configuration under  System Management > System Logging.

What kind of behaviour can be configured here? I cannot find a detailed document.

 

Thanks!

Saitoh

sliver bullet: casting repero or tossing it into the harbor
0 Kudos
2 Solutions

Accepted Solutions
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2025-10-06 12:37 AM
Jump to solution

These are the Syslog over TLS settings, please refer: Configuring System Logging in Gaia Portal

CCSM R77/R80/ELITE

View solution in original post

(1)
the_rock
MVP Platinum
MVP Platinum
‎2025-10-06 08:14 AM
Jump to solution

There you go, my friend...greetings for Japan : - )

Andy

************************************

 

The System TLS Configuration setting you're referring to—found under System Management > System Logging—likely relates to how Transport Layer Security (TLS) is used to secure system log transmissions, especially when logs are sent to remote servers (e.g., syslog over TLS). While the exact behavior can vary depending on the platform (e.g., Windows Server, Cisco NX-OS, Juniper OS), here's a general overview of what can be configured under such a setting:

🔐 What System TLS Configuration Typically Does

  1. Enable Secure Log Transmission:

    • TLS encrypts log messages sent from the system to a remote syslog server, ensuring confidentiality and integrity.

  2. Configure Authentication Modes:

    • Server Authentication: The client verifies the identity of the server.
    • Mutual Authentication: Both client and server verify each other using certificates.

  3. Certificate Management:

    • You can specify which X.509 certificates are used for authentication.
    • Configure trusted Certificate Authorities (CAs).
    • Set up certificate mapping (e.g., one-to-one or many-to-one user mappings).

  4. TLS Protocol and Cipher Suite Settings:

    • Define which versions of TLS are allowed (e.g., TLS 1.2, TLS 1.3).
    • Control cipher suite order and availability for secure communication.

  5. Session Caching and Timeout Settings:

    • Configure how long TLS sessions are cached to improve performance.
    • Adjust cache size and timeout intervals.

  6. OCSP Stapling and Trusted Issuer Lists:

    • Enable or disable OCSP stapling for certificate revocation checks.
    • Decide whether to send a list of trusted certificate authorities to clients.

🧩 Example Use Case

If you're using Windows Server, these settings are managed via the Schannel Security Support Provider (SSP). You can configure them using:

  • Registry keys (e.g., HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL)
  • Group Policy
  • PowerShell

For example, enabling mutual TLS for syslog might involve:

  • Installing certificates on both client and server.
  • Configuring the syslog daemon to use TLS.
  • Setting registry keys or configuration files to enforce TLS-only connections.
Best,
Andy

View solution in original post

(1)
4 Replies
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2025-10-06 12:37 AM
Jump to solution

These are the Syslog over TLS settings, please refer: Configuring System Logging in Gaia Portal

CCSM R77/R80/ELITE
(1)
the_rock
MVP Platinum
MVP Platinum
‎2025-10-06 08:14 AM
Jump to solution

There you go, my friend...greetings for Japan : - )

Andy

************************************

 

The System TLS Configuration setting you're referring to—found under System Management > System Logging—likely relates to how Transport Layer Security (TLS) is used to secure system log transmissions, especially when logs are sent to remote servers (e.g., syslog over TLS). While the exact behavior can vary depending on the platform (e.g., Windows Server, Cisco NX-OS, Juniper OS), here's a general overview of what can be configured under such a setting:

🔐 What System TLS Configuration Typically Does

  1. Enable Secure Log Transmission:

    • TLS encrypts log messages sent from the system to a remote syslog server, ensuring confidentiality and integrity.

  2. Configure Authentication Modes:

    • Server Authentication: The client verifies the identity of the server.
    • Mutual Authentication: Both client and server verify each other using certificates.

  3. Certificate Management:

    • You can specify which X.509 certificates are used for authentication.
    • Configure trusted Certificate Authorities (CAs).
    • Set up certificate mapping (e.g., one-to-one or many-to-one user mappings).

  4. TLS Protocol and Cipher Suite Settings:

    • Define which versions of TLS are allowed (e.g., TLS 1.2, TLS 1.3).
    • Control cipher suite order and availability for secure communication.

  5. Session Caching and Timeout Settings:

    • Configure how long TLS sessions are cached to improve performance.
    • Adjust cache size and timeout intervals.

  6. OCSP Stapling and Trusted Issuer Lists:

    • Enable or disable OCSP stapling for certificate revocation checks.
    • Decide whether to send a list of trusted certificate authorities to clients.

🧩 Example Use Case

If you're using Windows Server, these settings are managed via the Schannel Security Support Provider (SSP). You can configure them using:

  • Registry keys (e.g., HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL)
  • Group Policy
  • PowerShell

For example, enabling mutual TLS for syslog might involve:

  • Installing certificates on both client and server.
  • Configuring the syslog daemon to use TLS.
  • Setting registry keys or configuration files to enforce TLS-only connections.
Best,
Andy
(1)
saitoh
Advisor
‎2025-10-10 04:01 AM
Jump to solution

Dear @Chris_Atkinson , and @the_rock ,

 

Thanks for sharing the document, and unbelievably detailed explanation!!

Much appreciated, and big respect for you and the time which it took you to acquire this level of knowledge.

 

Saitoh

sliver bullet: casting repero or tossing it into the harbor
the_rock
MVP Platinum
MVP Platinum
‎2025-10-10 04:03 AM
In response to saitoh
Jump to solution

 

Greetings to you and Japan, brother! 

Best,

Andy

Best,
Andy
(1)

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events