Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CONFIGURING DSMS REV 1 Manual page 9

1 O
You can configure STRM or STRM Log Management to log and correlate events
received from external sources such as security equipment (for example,
firewalls), and network equipment (for example, switches and routers). Device
Support Modules (DSMs) allows you to integrate STRM or STRM Log
Management with these external devices. Unless otherwise noted, all references
to STRM refer to both STRM and STRM Log Management.
You can configure the Event Collector to collect security events from various types
of security devices in your network. The Event Collector gathers events from local
and remote devices. The Event Collector then normalizes and bundles the events
and sends the events to the Event Processor.
All events are correlated and security and policy offenses are created based on
correlation rules. These offenses are displayed is the Offense Manager. For more
information on the Offense Manager interface, see the STRM Users Guide.
Note: Before you configure STRM to collect security information from devices, you
must set-up your deployment, including off-site sources or targets, using the
deployment editor. For more information on the deployment editor, see the STRM
Administration Guide.
To configure STRM to receive events from devices, you must:
Configure the device to send events to STRM.
Step 1
Configure STRM to receive events from specific devices. For more information,
Step 2
see the Managing Sensor Devices Guide.
VERVIEW
Configuring DSMs Guide