Firewall log retention

Firewall log retention

Our basic firewall (without Advanced Security enabled or HIPAA BAA compliance) we do maintain basic inbound logging and reporting, and limited recording of LAN device activity (e.g., devices present on the LAN and traffic records). The duration of time before the logs wrap is dependent on the level of activity, but is generally in the range of weeks to 2 months.

Detailed records of probes and attack sources are held for 2-3 weeks, while consolidated records of such activity is condensed into round-robin databases that hold the info at different levels of granularity for up to 1 year.

Enabling Advanced Security increases the detail of information held in the logs (e.g., malicious threats detected and thwarted in our Threat Analysis offering). Adding HIPAA compliance further increases the level of detail for both inbound and outbound logging, connection statistics, etc.

    • Related Articles

    • HIPAA Compliance

      Introduction This document summarizes the relevant and applicable aspects of the Uplevel system that pertain to complying with the requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), specifically the HIPAA ...

    • Log Retention

      The retention period varies depending on the type of logs. The audit logs that determine logins, changes, client arrivals/departures, etc (e.g., what we'd normally use for HIPAA compliance) are normally maintained for months. It depends on how much ...

    • Domain Controller (Active Directory) Setup

      Introduction There aren't any guidelines or instructions on the functioning of the Uplevel Domain Controller because it acts essentially identically to a conventional Microsoft Domain Controller from the standpoint of workstations. Microsoft offers a ...

    • CIS Level 1 and 2

      Introduction The Center for Internet Security (CIS) benchmarks are a method of specifying a secure baseline configuration for assets. This includes assets of all kinds: servers, workstations, network devices, firewalls, phone systems, etc. ...

    • Active Directory GPO - Folder Redirection

      Microsoft Documentation https://learn.microsoft.com/en-us/windows-server/storage/folder-redirection/folder-redirection-rup-overview If you deploy roaming user profiles with folder redirection in an environment with existing local user profiles, ...