Firewall log retention

Firewall log retention

Our basic firewall (without Advanced Security enabled or HIPAA BAA compliance) we do maintain basic inbound logging and reporting, and limited recording of LAN device activity (e.g., devices present on the LAN and traffic records). The duration of time before the logs wrap is dependent on the level of activity, but is generally in the range of weeks to 2 months.

Detailed records of probes and attack sources are held for 2-3 weeks, while consolidated records of such activity is condensed into round-robin databases that hold the info at different levels of granularity for up to 1 year.

Enabling Advanced Security increases the detail of information held in the logs (e.g., malicious threats detected and thwarted in our Threat Analysis offering). Adding HIPAA compliance further increases the level of detail for both inbound and outbound logging, connection statistics, etc.

    • Related Articles

    • HIPAA Compliance

      Introduction This document summarizes the relevant and applicable aspects of the Uplevel system that pertain to complying with the requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), specifically the HIPAA ...

    • Log Retention

      The retention period varies depending on the type of logs. The audit logs that determine logins, changes, client arrivals/departures, etc (e.g., what we'd normally use for HIPAA compliance) are normally maintained for months. It depends on how much ...

    • Domain Filtering Configuration Guide

      Domain Filtering Configuration Guide Enabling Domain Filtering will increase your monthly invoice. The Domain Filtering feature is part of our Advanced Firewall which includes Threat Analysis, Country Blocking, and Domain Filtering for a single ...

    • Domain Controller (Active Directory) Setup

      Introduction There aren't any guidelines or instructions on the functioning of the Uplevel Domain Controller because it acts essentially identically to a conventional Microsoft Domain Controller from the standpoint of workstations. Microsoft offers a ...

    • CIS Level 1 and 2

      Introduction The Center for Internet Security (CIS) benchmarks are a method of specifying a secure baseline configuration for assets. This includes assets of all kinds: servers, workstations, network devices, firewalls, phone systems, etc. ...