Juniper SECURITY THREAT RESPONSE MANAGER - SOFTWARE INSTALLATION REV 1 Скачать руководство пользователя страница 11 | Manualshive

Страница: 11 / 32

background image

STRM Installation Guide

Identifying Security Monitoring Devices and Flow Data Sources

9

Identifying Security
Monitoring Devices
and Flow Data
Sources

STRM can collect and correlate events received from external sources such as
security equipment (for example, firewalls, VPNs, or IDSs) and host or application
security logs, such as, window logs. Device Support Modules (DSMs) and Flow
Collectors allows you to integrate STRM with this external data.

STRM automatically discovers sensor devices that are sending syslog messages
to an Event Collector. Any sensor devices that are automatically discovered by
STRM appear in the Sensor Devices window within the STRM Administration
Console. Once auto discovery is complete, you should disable the Auto Detection
Enabled option in the Event Collector configuration. For more information, see
Chapter 4 Using the Deployment Editor of the

STRM Administration Guide

.

Non-syslog based information sources must be added to your deployment
manually. For more information, see the

Managing Sensor Devices Guide

. For

each device you wish to add to your deployment, record the device in

Table 1-2

.

Where:

•

Link Speed & Type

indicates the maximum network link (in Kbps) for firewall,

router, and VPN devices. Record the primary application of the host system, for
example, e-mail, anit-virus, domain controller, or a workstation.

•

Msg Level

indicates the message level you wish to log. For example, critical,

informational, debug.

•

No. of Users

indicates the maximum number of hosts/users using or being

served by tis device.

•

Network Location

indicates whether this device is located on the Internet

DMZ, Intranet, or Extranet DMZ.

•

Geographic Location

indicates if the devices is located on the same LAN as

STRM or sending logs over the WAN identified in the Link Speed & Type
column.

•

Credibility

indicates the integrity of an event or offense as determined by the

credibility rating from source devices. Credibility increases as the multiple
sources report the same event.

Table 1-2

Devices

Device
Type

QTY

Product
Name/
Version

Link
Speed
& Type

Msg
Level

Avg Log
Rate
(Event/Sec)

No. of
Users

Network
Location

Geographic
Location

Credibility
(0 to 10)

«
...
9
10
11
12
13
...
»

Содержание SECURITY THREAT RESPONSE MANAGER - SOFTWARE INSTALLATION REV 1

Страница 1: ...etworks Inc 1194 North Mathilda Avenue Sunnyvale CA 94089 USA 408 745 2000 www juniper net Part Number 530 025619 01 Revision 1 Security Threat Response Manager STRM Software Installation Guide Releas...

Страница 2: ...ay radiate radio frequency energy If it is not installed in accordance with NetScreen s installation instructions it may cause interference with radio and television reception This equipment has been...

Страница 3: ...ing Network Settings 8 Identifying Security Monitoring Devices and Flow Data Sources 9 Identifying Network Assets 10 2 INSTALLING STRM Setting Up Appliances 13 Installing STRM Using Red Hat Enterprise...

Страница 4: ......

Страница 5: ...feedback comments and suggestions so that we can improve the documentation Send your comments to techpubs comments juniper net or fill out the documentation feedback form at http www juniper net tech...

Страница 6: ...ide 4 ABOUT THIS GUIDE Requesting Support Open a support case using the Case Management link at http www juniper net support or call 1 888 314 JTAC from the United States Canada or Mexico or 1 408 745...

Страница 7: ...ettings Identifying Security Monitoring Devices and Flow Data Sources Identifying Network Assets Your STRM deployment may consist of STRM installed on one or multiple systems You can use the STRM thre...

Страница 8: ...objects Console Provides the interface for STRM The Console provides real time views reports alerts and in depth flow views of network traffic and security threats This Console is also used to manage...

Страница 9: ...nal Hardware Requirements Before installing your STRM systems make sure you have access to the additional hardware components Monitor and keyboard or a serial console To make sure that your STRM data...

Страница 10: ...P address space for example 0 0 0 0 8 Proxy servers Network Address Translation NAT IP address range Server Network subnets Voice over IP VoIP subnets For more information see the STRM Administration...

Страница 11: ...anually For more information see the Managing Sensor Devices Guide For each device you wish to add to your deployment record the device in Table 1 2 Where Link Speed Type indicates the maximum network...

Страница 12: ...tuning results Table 1 3 provides a list of possible servers When identified see the STRM Users Guide for information on defining severs within STRM If your network includes a large number of servers...

Страница 13: ...STRM Installation Guide Identifying Network Assets 11...

Страница 14: ......

Страница 15: ...n rack mounting your STRM appliance see the Hardware Installation Guide Step 2 Choose one of the following options a Connect a laptop to the serial port on the rear of the appliance Note When using a...

Страница 16: ...with the packing slip all appliances are listed along with their associated keys Step 6 Enter your activation key If you are setting up a STRM appliance such as a STRM 2100 the Tuning Template window...

Страница 17: ...he Next option Press Enter The Enter Time Server window appears Go to Step 10 Step 9 To manually enter the time and date a Enter the current date and time b Using the left right arrow keys select Next...

Страница 18: ...elds enter values for the following parameters Hostname Specify a fully qualified domain name as the system hostname IP Address Specify the IP address of the system Network Mask Specify the network ma...

Страница 19: ...w appears Step 13 To configure the STRM root password a Enter your password b Use the TAB key to move to the Next option Press Enter The Confirm New Root Password window appears c Re enter your new pa...

Страница 20: ...urity Threat Response Manager Link to download the software Step 4 Place the STRM CD in the CD drive Step 5 Login as root Step 6 Mount the CD drive and change the CD content location mount media cdrom...

Страница 21: ...ning Template window appears Go to Step 11 No Select this option only if this system is not a Console If you select this option the Time Zone Continent window appears Go to Step 16 Note To select the...

Страница 22: ...Next option Press Enter The Current Date and Time window appears Go to Step 14 Server Allows you to specify your time server Use the Tab key to select the Next option Press Enter The Enter Time Server...

Страница 23: ...selected c Using the up down arrow keys or the page up page down keys select your time zone region d Using the left right arrow keys select Next Press Enter The Configure STRM window appears Step 16 T...

Страница 24: ...ss in one network to a different IP address in another network Email Server Specify the email server If you do not have an email server specify localhost in this field b Use the TAB key to move to the...

Страница 25: ...n provides information on installing the plug in for your STRM system including Installing Plug In on an Appliance Installing Plug In on a System Running Red Hat Enterprise Installing Plug In on an Ap...

Страница 26: ...ress is the IP address of the STRM system The default values are Username admin Password root password Where root password is the password assigned to STRM during the installation process Step 3 Click...

Страница 27: ...ng You must use the 32 bit version of Red Hat Enterprise 4 Update 6 Using another version causes the installation process to fail When installing Red Hat Enterprise you must use the Minimal install op...

Страница 28: ...ing partitions Note Make sure all EXT3 file systems are mounted as noatime boot System boot files should typically be 100 MB Select a file system type of EXT3 and the forced to be primary option swap...

Страница 29: ...liance with a disk larger than 2 TB see Installing Red Hat Enterprise 4 Update 6 You are now ready to install STRM Installing Red Hat Enterprise 4 Update 6 Red Hat Enterprise 4 Update 6 is not compati...

Страница 30: ...Hat Upgrades STRM installs both a customized version of boost and modules to support the Endace cards that are tied to a particular version of the kernel If you upgrade Red Hat Enterprise the wrong v...

Страница 31: ...ources identifying 9 Flow Processor definition 6 Flow Writer definition 6 I installing Japanese support 23 preparing 5 Red Hat Enterprise 4 update 6 27 J Japanese support 23 M Magistrate definition 7...

Страница 32: ...customizing 28 Update Daemon definition 6...

Отзывы:

Нет отзывов

Похожие инструкции для SECURITY THREAT RESPONSE MANAGER - SOFTWARE INSTALLATION REV 1

and Vantage Pro

Бренд: DAVIS Страницы: 16

Бренд: M-Audio Страницы: 32

Бренд: McAfee Страницы: 205

DEEP FREEZE - INTEGRATING WITH ALTIRIS...

Бренд: FARONICS Страницы: 22

PRIVILEGED USER MANAGER 2.2

Бренд: Novell Страницы: 37

Бренд: Billion Страницы: 42

Бренд: Spectrel Страницы: 74

Бренд: Philips Страницы: 18

Veritas CommandCentral 5.1

Бренд: Symantec Страницы: 52

Бренд: Seagate Страницы: 2

Бренд: DigiDesign Страницы: 39

Бренд: Universal Audio Страницы: 585

Бренд: FieldServer Страницы: 23

ARCHITECTURE 2010

Бренд: Autodesk Страницы: 4

Ellisimo Gold II

Бренд: Baby Lock Страницы: 50

SECURITY - FOR PDA 4.5

Бренд: KAPERSKY Страницы: 137

OpenLane SLM 5.5

Бренд: Paradyne Страницы: 112

Бренд: ADS Technologies Страницы: 12

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды