Table of Contents
Advertisement
Table 2-3 Correlation Group 1 Tests (continued)
Traffic Type
Correlation Rules (Tests)
Local-to-Remote
Correlation Group 1 performs the following tests for
Local-to-Remote traffic:
•
•
•
•
•
•
•
•
•
•
•
•
Note: For test details, see
Remote-to-Local
Correlation Group 1 performs the following tests for
Remote-to-Local traffic:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Note: For test details, see
STRM Event Category Correlation Reference
About Event Category Correlation
Relevance of the day of the week
Device credibility
Event rate
Attacker
Source port
Target port
Attacker age
Attacker network
Attacker risk
Remote Target
Geographic Location
Time of the attack
Relevance of the day of the week
Device credibility
Event rate
Target
Source port
Target age
Attacker port
Remote attacker
Attacker IP address
Geographic location
Time of the attack
Target network
Target risk
Open target port
Vulnerable targeted port
Vulnerable port
Table 2-2
.
Table 2-2
.
7
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REFERENCE GUIDE REV 1
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REFERENCE GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING J SERIES SERVICES ROUTERS AND SRX SERIES SERVICES GATEWAYS GUIDE REV
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - M-SERIES AND MX-SERIES DEVICES GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3
Need help?
Do you have a question about the SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REFERENCE GUIDE REV 1 and is the answer not in the manual?
Questions and answers