Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 Administration Manual page 208
Strm administration guide
Hide thumbs
Also See for SECURITY THREAT RESPONSE MANAGER 2008.2:
- Manual (228 pages) ,
- Getting started (14 pages) ,
- Release note (11 pages)
Table of Contents
Advertisement
200
C
R
ONFIGURING
ULES
Table 9-8 Host Profile Tests (continued)
Test
Description
Host
Valid when the local source or
Vulnerability
destination host vulnerability risk
Assessment
level is greater than or less than
Risk Level
the configured value.
Host
Valid when the local source or
Vulnerability
destination host port vulnerability
Assessment
risk level is greater than or less
Port Risk Level
than a configured amount of
time.
Attacker Threat
Threat Posing is the calculated
Level
value for this attacker over time,
that indicates how severe the
attacker is compared to all other
attackers in your network.
Valid when the amount of threat
posed to the network by an
attacker is greater than or less
than the configured value.
Attacker Threat STRM calculates the long and
short-term threat of an attacker
and then calculates the
difference between the two to
provide information on changes
in the attacker's behavior.
Valid when the threat delta
posed by an attacker is greater
than or less than the configured
value.
Default Test Name
when the local
destination host
vulnerability risk level
is greater than 5
{default}
when the local
destination host port
vulnerability risk level
is greater than this
value
when the amount of
threat the attacker is
posing is greater than
this value
when the threat delta
of the attacker is
greater than this
value
STRM Administration Guide
Parameters
Configure the following parameters:
destination - Specify if you wish
•
this test to apply to the source or
destination port.
greater than - Specify if you wish
•
this test to be greater than or less
than the vulnerability risk.
5 - Specify the value you wish this
•
test to consider.
Configure the following parameters:
destination - Specify if you wish
•
this test to apply to the source or
destination port.
greater than - Specify if you wish
•
this test to consider greater than
or less than the vulnerability risk.
this value - Specify the value you
•
wish this test to consider.
Configure the following parameters:
greater than - Specify if you wish
•
the threat level to greater than or
less than the configured value.
this value - Specify the value you
•
wish this test to consider.
Configure the following parameters:
greater than - Specify if you wish
•
the threat data to be greater than
or less than the configured value.
this value - Specify the value you
•
wish this test to consider.
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper 200 Series