Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 Administration Manual page 275
Strm administration guide
Hide thumbs
Also See for SECURITY THREAT RESPONSE MANAGER 2008.2:
- Manual (228 pages) ,
- Getting started (14 pages) ,
- Release note (11 pages)
Table of Contents
Advertisement
Table B-10 Default Building Blocks (continued)
Building Block
Default-BB-Category
Definition: Firewall
System Errors
Default-BB-Category
Definition: Flow Events
Default-BB-Category
Definition: High
Magnitude Events
Default-BB-Category
Definitions: KeyLoggers
Default-BB-Category
Definition: Mail Policy
Violation
Default-BB-Category
Definition: Malware
Annoyances
Default-BB-Category
Definition: Network DoS
Attack
Default-BB-Category
Definition: Policy Events,
Compliance
Default-BB-Category
Definition: Post Exploit
Account Activity
Block
Group
Type
Category
Event Edit this BB to include all events
Definitions
Category
Event Edit this BB to include all events
Definitions
Category
Event Edit this BB to the severity,
Definitions
Category
Event Edit this BB to include all events
Definitions
Category
Event Edit this BB to define mail policy
Definitions,
Compliance
Category
Event Edit this BB to include event
Definitions
Category
Event Edit this BB to include all event
Definitions
Category
Event Edit this BB to include all event
Definitions
Category
Event Edit this BB to include all event
Definitions
STRM Administration Guide
Description
that may indicate a firewall system
error. By default, this BB applies
when an event is detected by one
or more of the following devices:
• CheckPoint
• Generic Firewall
• Iptables
• NetScreen Firewall
• Cisco Pix
that indicate flow events within
your network. By default, this BB
applies to events detected by the
Classification Engine.
credibility, and relevance levels
you wish to generate an event.
The defaults are:
• Severity = 6
• Credibility = 7
• Relevance = 7
that are typically exploits,
backdoor, or trojans.
violations.
categories that are typically
associated with spyware
infections.
categories that you wish to
categorize as a network DoS
attack.
categories that may indicate a
violation to network policy.
categories that may indicate
exploits to accounts.
Default Building Blocks
Associated Building
Blocks, if applicable
267
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper 200 Series