Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER - LOG MANAGEMENT INSTALLATION REV 1
Summary of Contents for Juniper SECURITY THREAT RESPONSE MANAGER - LOG MANAGEMENT INSTALLATION REV 1
- Page 1 Security Threat Response Manager STRM Log Management Installation Guide Release 2008.2 R2 Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 408-745-2000 www.juniper.net Part Number:530-027302-01, Revision 1...
- Page 2 Juniper Networks or their respective owners. All specifications are subject to change without notice. Juniper Networks assumes no responsibility for any inaccuracies in this document or for any obligation to update information in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.
-
Page 3: Table Of Contents
ONTENTS BOUT UIDE Conventions Technical Documentation Contacting Customer Support REPARING NSTALLATION Deploying STRM-LM Additional Hardware Requirements Additional Software Requirements Browser Support Preparing Your Network Hierarchy Identifying Network Settings Identifying Security Monitoring Devices STRM-LM NSTALLING Setting Up Appliances Installing Japanese Support Accessing STRM-LM HANGING ETWORK... -
Page 5: Bout His Uide
Qmmunity web site, locate the product and software release for which you require documentation. Your comments are important to us. Please send your e-mail comments about this guide or any of the Juniper Networks documentation to: documentation@juniper.net. Include the following information with your comments: Document title •... -
Page 6: Contacting Customer Support
BOUT UIDE Contacting To help you resolve any issues that you may encounter when installing or Customer Support maintaining STRM-LM, you can contact Customer Support as follows: Log a support request 24/7: https://support@juniper.net • For access to the Qmmunity web site, please contact Customer Support. Access Qmmunity and Self-Service support using e-mail: support@juniper.net •... -
Page 7: Preparing For Your Installation
REPARING NSTALLATION This chapter provides information for when planning your STRM-LM deployment including: • Deploying STRM-LM Additional Hardware Requirements • Additional Software Requirements • Browser Support • Preparing Your Network Hierarchy • Identifying Network Settings • Identifying Security Monitoring Devices •... -
Page 8: Additional Hardware Requirements
REPARING NSTALLATION • Event Collector - The Event Collector gathers events from local and remote device sources. The Event Collector normalizes events and sends the information to the Event Processor. Before being sent to the Event Processor, the Event Collector bundles identical events to conserve system usage. Event Processor - Processes events collected from one or more Event •... -
Page 9: Preparing Your Network Hierarchy
Identifying Network Settings At a minimum, we recommend that you define objects in the network hierarchy for: Internal/external Demilitarized zone (DMZ) • • All internal IP address space (for example, 0.0.0.0/8) • Proxy servers • • Network Address Translation (NAT) IP address range Server Network subnets •... - Page 10 REPARING NSTALLATION STRM-LM automatically discovers sensor devices that are sending syslog messages to an Event Collector. Any sensor devices that are automatically discovered by STRM-LM appear in the Sensor Devices window within the STRM-LM Administration Console. For more information, see Chapter 4 Using the Deployment Editor of the STRM-LM Administration Guide.
-
Page 11: Identifying Security Monitoring Devices
Identifying Security Monitoring Devices STRM-LM Installation Guide... -
Page 13: Installing Strm-Lm
STRM-LM NSTALLING This chapter provides information on installing your STRM-LM system using one of the following options: • Setting Up Appliances Installing Japanese Support • Accessing STRM-LM • Setting Up A STRM-LM appliance includes STRM-LM software and a CentOS-4 operating Appliances system. - Page 14 STRM-LM NSTALLING Read the information in the window. Press the Spacebar to advance each window Step 5 until you have reached the end of the document. Type yes to accept the agreement, then press Enter. The activation key window appears. The activation key is a 24-digit four-part (separated by hyphens) alphanumeric string that you receive from Juniper Networks.
- Page 15 Setting Up Appliances Using the up/down arrow keys, highlight the method you wish to use to set the date Step 8 and time, then use the spacebar to select that option: Manual - Allows you to manually input the time and date. Use the Tab key to •...
- Page 16 STRM-LM NSTALLING The Time Zone Region window appears. Note: The options that appear in this window are regions that are associated with the continent or area previously selected. Using the up/down arrow keys, or the page up/page down keys, select your time zone region.
- Page 17 Setting Up Appliances To configure the STRM-LM root password: Step 13 Enter your password. Use the TAB key to move to the Next option. Press Enter. The Confirm New Root Password window appears. Re-enter your new password to confirm. Use the TAB key to move to the Finish option. Press Enter. A series of messages appear as STRM-LM continues with the installation.
-
Page 18: Installing Japanese Support
STRM-LM NSTALLING Installing Japanese You can install a separate plug-in to provide Japanese character support in the Support STRM-LM Reports interface. Once you install the plug-in located on the Qmmunity web site, your Report templates will be replaced to ensure that the appropriate font and characters appear in the Reports interface. -
Page 19: Accessing Strm-Lm
Accessing STRM-LM ccessing To access the STRM-LM interface: STRM-LM Open your web browser. Step 1 Log in to STRM-LM: Step 2 https://<IP Address> Where < > is the IP address of the STRM-LM system. The default IP Address values are: Username: admin Password: <root password>... - Page 20 STRM-LM NSTALLING STRM-LM Installation Guide...
-
Page 21: Hanging Etwork Ettings
HANGING ETWORK ETTINGS This appendix provides information on changing network settings for the Console and non-Console systems including: • Changing Network Settings in an All-in-One Console Changing the Network Settings of a Console in a Multi-System Deployment • Changing the Network Settings of a Non-Console in a Multi-System •... - Page 22 HANGING ETWORK ETTINGS Public IP address is often configured using Network Address Translation (NAT) services on your network or firewall settings on your network. NAT translates an IP address in one network to a different IP address in another network. Email Server - Specify the email server.
- Page 23 Changing the Network Settings of a Console in a Multi-System Deployment From the Administrative Console menu, select Configurations > Deploy Step 7 Configuration Changes. Exit from the Administration Console. Step 8 Note: If the Administration Console is still active on your system tray, use the right-mouse button (right-click) to access the menu and select Exit.
- Page 24 HANGING ETWORK ETTINGS Re-Adding Managed To re-add the managed host(s) and re-assign component(s), you must: Host(s) and Re-Assigning the Components Log in to STRM-LM and access the System View in the Deployment Editor, as Step 1 defined in Step 1, Removing Non-Console Managed Hosts.
-
Page 25: Changing The Network Settings Of A Non-Console In A Multi-System Deployment
Changing the Network Settings of a Non-Console in a Multi-System Deployment Changing the To change the network settings of a non-Console in a multi-system deployment, Network Settings of you must remove all non-Console managed host from the deployment, change the a Non-Console in a network settings, re-add the managed host, and then re-assign the component(s). - Page 26 HANGING ETWORK ETTINGS Changing the To change the network settings, you must: Network Settings Log in to the non-Console as root. Step 1 Enter the following command: Step 2 qchange_netsetup The Network Settings window appears. Using the up/down arrow keys to navigate the fields, make the necessary changes Step 3 to the following parameters: Hostname —...
- Page 27 Changing the Network Settings of a Non-Console in a Multi-System Deployment Enter the IP of the server or appliance to add — Specify the IP address of • the host you wish to add to your System View. Enter the root password of the host — Specify the root password for the •...
- Page 29 NDEX about this guide 1 security monitoring devices appliances identifying 6 setting-up 9 software requirements 4 browser support 4 Console definition 3 conventions 1 customer support contacting 2 Event Collector definition 4 Event Processor definition 4 installing Japanese support 14 preparing 3 Japanese support 14 network hierarchy...