information to the Event Processor. The Event Collector also bundles all virtually
identical events to conserve system usage.
•
Event Processor
—Processes event and flow data from the Event Collector. The events
are bundled to conserve network usage. When received, the Event Processor correlates
the information from JSA and distributes to the appropriate area, depending on the
type of event. The Event Processor also includes information gathered by JSA to indicate
any behavioral changes or policy violations for that event. Rules are then applied to
the events that allow the Event Processor to process according to the configured rules.
When complete, the Event Processor sends the events to the Magistrate.
A non-Console Event Processor can be connected to the Event Processor on the
Console or connected to another Event Processor in your deployment. The Accumulator
is responsible for gathering flow and event information from the Event Processor.
The Event Processor on the Console is always connected to the magistrate. This
connection cannot be deleted.
•
Off-site Source
—Indicates an off-site event or flow data source that forwards normalized
data to an Event Collector. You can configure an off-site source to receive flows or
events and allows the data to be encrypted before forwarding.
•
Off-site Target
—Indicates an off-site device that receives event or flow data. An off-site
target can only receive data from an Event Collector.
•
Magistrate
—The Magistrate component provides the core processing components of
the security information and event management (SIEM) system. You can add one
Magistrate component for each deployment. The Magistrate provides views, reports,
alerts, and analysis of network traffic and security events.
The Magistrate processes the events or flows against the defined custom rules to
create an offense. If no custom rules exist, the Magistrate uses the default rule set to
process the offending event or flow. An offense is an event or flow that has been
processed through JSA using multiple inputs, individual events or flows, and combined
events or flows with analyzed behavior and vulnerabilities. The Magistrate prioritizes
the offenses and assigns a magnitude value based on several factors, including the
amount of offenses, severity, relevance, and credibility.
Related
Documentation
Preparing the Network Hierarchy on page 93
•
•
Identifying Network Settings on page 113
•
Identifying Security Monitoring Devices and Flow Data Sources on page 114
•
Identifying Network Assets on page 114
Browser Support
To access the Juniper Secure Analytics (JSA) interface, you must have a Web browser
installed on your client system. JSA supports the following browsers:
•
Microsoft
®
Windows Internet Explorer, with Compatibility View Enabled - 8.0 and 9.0
Copyright © 2018, Juniper Networks, Inc.
92
Juniper Secure Analytics Hardware Guide
Содержание JSA3500
Страница 1: ...Juniper Secure Analytics Hardware Guide Modified 2018 09 05 Copyright 2018 Juniper Networks Inc...
Страница 16: ...Copyright 2018 Juniper Networks Inc xvi Juniper Secure Analytics Hardware Guide...
Страница 17: ...PART 1 Overview Introduction on page 3 1 Copyright 2018 Juniper Networks Inc...
Страница 18: ...Copyright 2018 Juniper Networks Inc 2 Juniper Secure Analytics Hardware Guide...
Страница 22: ...Copyright 2018 Juniper Networks Inc 6 Juniper Secure Analytics Hardware Guide...
Страница 30: ...Copyright 2018 Juniper Networks Inc 14 Juniper Secure Analytics Hardware Guide...
Страница 36: ...Copyright 2018 Juniper Networks Inc 20 Juniper Secure Analytics Hardware Guide...
Страница 40: ...Copyright 2018 Juniper Networks Inc 24 Juniper Secure Analytics Hardware Guide...
Страница 46: ...Copyright 2018 Juniper Networks Inc 30 Juniper Secure Analytics Hardware Guide...
Страница 50: ...Copyright 2018 Juniper Networks Inc 34 Juniper Secure Analytics Hardware Guide...
Страница 51: ...PART 3 Planning Site Preparation on page 37 35 Copyright 2018 Juniper Networks Inc...
Страница 52: ...Copyright 2018 Juniper Networks Inc 36 Juniper Secure Analytics Hardware Guide...
Страница 56: ...Copyright 2018 Juniper Networks Inc 40 Juniper Secure Analytics Hardware Guide...
Страница 58: ...Copyright 2018 Juniper Networks Inc 42 Juniper Secure Analytics Hardware Guide...
Страница 66: ...Copyright 2018 Juniper Networks Inc 50 Juniper Secure Analytics Hardware Guide...
Страница 84: ...Copyright 2018 Juniper Networks Inc 68 Juniper Secure Analytics Hardware Guide...
Страница 104: ...Copyright 2018 Juniper Networks Inc 88 Juniper Secure Analytics Hardware Guide...
Страница 112: ...Copyright 2018 Juniper Networks Inc 96 Juniper Secure Analytics Hardware Guide...
Страница 118: ...Copyright 2018 Juniper Networks Inc 102 Juniper Secure Analytics Hardware Guide...
Страница 128: ...Copyright 2018 Juniper Networks Inc 112 Juniper Secure Analytics Hardware Guide...
Страница 132: ...Copyright 2018 Juniper Networks Inc 116 Juniper Secure Analytics Hardware Guide...
Страница 137: ...PART 6 Maintenance Maintaining the Hardware on page 123 121 Copyright 2018 Juniper Networks Inc...
Страница 138: ...Copyright 2018 Juniper Networks Inc 122 Juniper Secure Analytics Hardware Guide...
Страница 148: ...Copyright 2018 Juniper Networks Inc 132 Juniper Secure Analytics Hardware Guide...
Страница 154: ...Copyright 2018 Juniper Networks Inc 138 Juniper Secure Analytics Hardware Guide...