Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 Administration Manual page 283
Strm administration guide
Hide thumbs
Also See for SECURITY THREAT RESPONSE MANAGER 2008.2:
- Manual (228 pages) ,
- Getting started (14 pages) ,
- Release note (11 pages)
Table of Contents
Advertisement
Table B-10 Default Building Blocks (continued)
Building Block
Default-BB-Host
Definition: SNMP Sender
or Receiver
Default-BB-Host
Definition: SSH Servers
Default-BB-Host
Definition: Syslog Servers
and Senders
Default-BB-Host
Definition: VA Scanner
Source IP
Default-BB-Host
Definition: Virus Definition
and Other Update Servers
Default-BB-Host
Definition: VoIP IP PBX
Server
Default-BB-Host
Definition: Web Servers
Default-BB-Host
Definition: Windows
Servers
Default-BB-Network
Definition: Broadcast
Address Space
Block
Group
Type
Host
Event Edit this BB to define SNMP
Definitions
Host
Event Edit this BB to define typical SSH
Definitions
Host
Event Edit this BB to define typical host
Definitions
Host
Event Edit this BB to include the source
Definitions
Host
Event Edit this BB to include all servers
Definitions
Host
Event Edit this BB to define typical VoIP
Definitions
Host
Event Edit this BB to define typical web
Definitions
Host
Event Edit this BB to define typical
Definitions
Network
Event Edit this BB to include the
Definition
STRM Administration Guide
Description
senders or receivers.
servers.
that send or receive syslog traffic.
IP address of your VA scanner. By
default, this BB applies when the
source IP address is 127.0.0.2.
that include virus protection and
update functions.
IP PBX servers.
servers.
Windows servers, such as domain
controllers or exchange servers.
broadcast address space of your
network. This is used to remove
false positive events that may be
caused by the use of broadcast
messages.
Default Building Blocks
Associated Building
Blocks, if applicable
Default-BB-PortDefinition:
SNMP Ports
Default-BB-False Positive:
SSH Server False
Positives Categories
Default-BB-FalsePositve:
SSH Server False Positive
Events
Default-BB-FalsePositive:
Syslog Server False
Positive Categories
Default-BB-FalsePositive:
Syslog Server False
Positive Events
Default-BB-False Positive:
Web Server False
Positives Categories
Default-BB-FalsePositve:
Web Server False Positive
Events
Default-BB-False Positive:
Windows Server False
Positives Categories
Default-BB-FalsePositve:
Windows Server False
Positive Events
275
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper 200 Series