When configuring the Log to a Syslog Server response rule and selecting TCP with TLS, you can secure communications to the syslog server by selecting Enable TLS Client Authentication.

This may create confusion regarding:

• Whether a client certificate is required

• Where the client certificate is stored

16.0

When TLS is enabled in the SYSLOG response rule:

• DLP establishes a TLS session to the configured SYSLOG server.

• SYSLOG traffic is encrypted during transmission.

• No client certificate is required.

• No certificate configuration or management is required on the DLP server.

Beginning with DLP version 16.1, the console option previously labeled “TLS Client Authentication” is updated to “Enable TLS.”

An enhancement request has been raised to evaluate adding certificate validation capability to the SYSLOG TLS connection in a future release. Please contact Broadcom support for more details.