Table of Contents
Advertisement
Juniper Secure Analytics 3800 Hardware Guide
Related
Documentation
6
A non-console Event Processor can be connected to the Event Processor on the console
or connected to another Event Processor in your deployment. The Accumulator is
responsible for gathering flow and event information from the Event Processor.
The Event Processor on the console is always connected to the Magistrate. This
connection cannot be deleted.
Off-site Source
—Indicates an offsite event or flow data source that forwards normalized
data to an Event Collector. You can configure an offsite source to receive flows or
events and allow the data to be encrypted before forwarding.
—Indicates an offsite device that receives event or flow data. An offsite
Off-site Target
target can only receive data from an Event Collector.
—The Magistrate component provides the core processing components of
Magistrate
the security information and event management (SIEM) system. You can add one
Magistrate component for each deployment. The Magistrate provides views, reports,
alerts, and analysis of network traffic and security events. The Magistrate processes
the events or flows against the defined custom rules to create an offense. If no custom
rules exist, the Magistrate uses the default rule set to process the offending event or
flow. An offense is an event or a flow that has been processed through JSA using
multiple inputs, individual events or flows, and combined events or flows with analyzed
behavior and vulnerabilities. The Magistrate prioritizes the offenses and assigns a
magnitude value based on several factors, including the amount of offenses, severity,
relevance, and credibility.
Preparing the Network Hierarchy on page 39
JSA3800 Appliance Description on page 3
General Safety Guidelines and Warnings on page 63
Copyright © 2015, Juniper Networks, Inc.
Advertisement
Table of Contents
Troubleshooting
