1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Server
  5. JSA1500
  6. Hardware manual

Software Installation Overview; Jsa Components - Juniper JSA1500 Hardware Manual

Secure analytics hardware guide
Hide thumbs
Table of Contents

Advertisement

CHAPTER 15

Software Installation Overview

JSA Components

Copyright © 2018, Juniper Networks, Inc.
JSA Components on page 91
Browser Support on page 92
Preparing the Network Hierarchy on page 93
Juniper Secure Analytics (JSA) includes the following deployment components:
NOTE:
When deploying a Juniper Secure Analytics (JSA) appliance with
image 2013.2.r3.607582, you must reimage the appliance to the common
image 2013.2.r3.615469 or above. For more information, see Installing JSA
Using a Bootable USB Flash-Drive Technical Note.
Flow Processor
—Collects data from devices, and various live and recorded feeds, such
as network taps, span/mirror ports, NetFlow, and JSA flow logs. When the data is
collected, the Flow Processor groups related individual packets into a flow. JSA defines
these flows as a communication session between two pairs of unique IP address and
ports that use the same protocol.
A flow starts when the Flow Processor detects the first packet with a unique source
IP address, destination IP address, source port, destination port, and other specific
protocol options that determine the start of a communication. Each additional packet
is evaluated. Counts of bytes and packets are added to the statistical counters in the
flow record. At the end of an interval, a status record of the flow is sent to an Event
Collector and statistical counters for the flow are reset. A flow ends when no activity
for the flow is detected within the configured period of time.
Flow reporting generates records of all active or expired flows during a specified period
of time. If the protocol does not support port-based connections, JSA combines all
packets between the two hosts into a single flow record. However, a Flow Processor
does not record flows until a connection is made to another JSA component and data
is retrieved.
Event Collector
—Collects security events from various types of security devices, known
as log sources, in your network. The Event Collector gathers events from local and
remote log sources. The Event Collector then normalizes the events and sends the
91

Advertisement

Table of Contents
loading

Related Manuals for Juniper JSA1500

Related Content for Juniper JSA1500

This manual is also suitable for:

Jsa3500Jsa3800Jsa5500Jsa5800Jsa7500Jsa7800

Table of Contents