Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 Administration Manual page 202
Strm administration guide
Hide thumbs
Also See for SECURITY THREAT RESPONSE MANAGER 2008.2:
- Manual (228 pages) ,
- Getting started (14 pages) ,
- Release note (11 pages)
Table of Contents
Advertisement
194
C
R
ONFIGURING
ULES
Event Rule Tests
Table 9-5 Network Property Tests
Test
Description
Network
Valid when the source or
Vulnerability
destination Vulnerability
Risk
Assessment risk is greater
than, less than, or equal the
configured value.
Network
This test is valid when the
Threat Posing
amount of threat a network is
posing to local and remote
networks is greater than, less
than, or equal to the
configured value.
Network
Threat under is the value
Exposure
applied to the threat a
network is under over time.
This is calculated based on
the average weighted value
of the threat under over time.
This test is valid when the
amount of threat a network is
under to local and remote
networks is greater than, less
than, or equal to the
configured value.
This section provides information on the tests you can apply to the rules including:
•
Network Property Tests
Event Property Tests
•
IP/Port Tests
•
Host Profile Tests
•
Date/Time Tests
•
•
Device Tests
Network Property Tests
The network property test group includes:
Default Test Name
when the overall source
network VA risk is
greater than this value
when the amount of
threat the network is
posing is greater than
this value
when the amount of
threat the network is
under is greater than
this value
Event Property Tests
The event property test group includes:
STRM Administration Guide
Parameters
Configure the following parameters:
source - Specify whether the test
•
considers a source or destination of
the event.
greater than - Specify whether the
•
risk is greater than, less than, or
equal to the configured value.
this value - Specify the Vulnerability
•
Assessment risk value, which is a
value from 0 to 10.
Configure the following parameters:
greater than - Specify whether the
•
risk is greater than, less than, or
equal to the configured value.
this value - Specify the amount of
•
risk you wish this test to consider.
The range is from 0 to 10.
Configure the following parameters:
greater than - Specify whether the
•
risk is greater than, less than, or
equal to the configured value.
this value - Specify the amount of
•
risk you wish this test to consider.
The range is from 0 to 10.
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper 200 Series