Table of Contents
Advertisement
Since it is possible for a flow to be associated with multiple mappings, a flow is
•
mapped to an application ID based on the order of the file. The first mapping
that applies in the file is assigned to the flow.
When adding new application identification numbers, we recommend that you
•
apply numbers ranging between 15,000 to 20,000. Contact Juniper Networks
Customer Support for further information.
The format of the entry must resemble the following:
<New ID> <Old ID> <Source IP Address>:<Source Port> <Dest IP
Address>:<Dest Port> <Name>
Where:
•
<New ID>
1 indicates an unknown application. If the ID you wish to assign does not exist,
you must create the ID using the Application View in the STRM interface. For
more information, see the STRM Administration Guide.
•
<Old ID>
STRM. A value of * indicates a wildcard. For more information on the default
values, see
•
<Source IP Address>
may contain either a comma separated list of addresses or CIDR values. A
value of * indicates a wildcard, which means that this field applies to all flows.
•
<Source Port>
separated list of values or ranges specifies in the format: <lower port
number>-<upper port number>. A value of * indicates a wildcard, which means
that this field applies to all flows.
•
<Dest IP Address>
may contain either a comma separated list of addresses or CIDR values. A
value of * indicates a wildcard, which means that this field applies to all flows.
•
<Dest Port>
contain a comma separated list of values or ranges specifies in the format:
<lower port number>-<upper port number>. A value of * indicates a wildcard,
which means that this field applies to all flows.
specifies a name you wish to assign to this mapping. This field is
•
<Name>
optional.
For example, the below example maps all flows that match the IP addresses and
ports for which the Flow Collector has assigned to the Old ID of 1010 and assign
the new ID of 15000:
15000 1010 10.100.100/24,10.100.50.10:* 172.14.33.33:80,443
Save and exit the file.
Step 4
Log-in to STRM.
Step 5
Click Config to access the Administration Console.
Step 6
If necessary, edit your Application View.
Step 7
STRM Default Application Configuration Guide
specifies the application ID you wish to assign to the flow. A value of
specifies the default application ID of the flow, as assigned by
Chapter 2 Default
Applications.
specifies the source IP address of the flow. This field
specifies the associated port. This field may contain a comma
specifies the destination IP address of the flow. This field
specifies the associated destination source port. This field may
Defining Application Mappings
3
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER - APPLICATION CONFIGURATION GUIDE REV 1
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER - APPLICATION CONFIGURATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER - LOG MANAGEMENT INSTALLATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - ADAPTIVE LOG EXPORTER REV1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - MANAGING VULNERABILITY ASSESSMENT V1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - INSTALLATION REV1
- Juniper SECURITY THREAT RESPONSE MANAGER - SOFTWARE INSTALLATION REV 1
- Juniper Security Threat Response Manager
- Juniper TePM Agent
- Juniper T320
Need help?
Do you have a question about the SECURITY THREAT RESPONSE MANAGER - APPLICATION CONFIGURATION GUIDE REV 1 and is the answer not in the manual?
Questions and answers