Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 Administration Manual page 359
Strm administration guide
Hide thumbs
Also See for SECURITY THREAT RESPONSE MANAGER 2008.2:
- Manual (228 pages) ,
- Getting started (14 pages) ,
- Release note (11 pages)
Table of Contents
Advertisement
Table D-10 Default Building Blocks (continued)
Building Block
Default-BB-FalsePositive:
Remote Attacker to
Internal Target False
Positives
Default-BB-FalsePositive:
RPC Server False
Positive Categories
Default-BB-FalsePositive:
RPC Server False
Positive Events
Default-BB-FalsePositive:
SNMP Sender or
Receiver False Positive
Categories
Default-BB-FalsePositive:
SNMP Sender or
Receiver False Positive
Events
Default-BB-FalsePositive:
Source IP and Specific
Event
Default-BB-FalsePositive:
SSH Server False
Positive Categories
Default-BB-FalsePositive:
SSH Server False
Positive Events
Default-BB-FalsePositive:
Syslog Sender False
Positive Categories
Default-BB-FalsePositive:
Syslog Sender False
Positive Events
Block
Type
Description
Event Edit this BB to define all the false positive
QIDs that occur to or from Remote-to-Local
(R2L) based servers.
Event Edit this BB to define all the false positive
categories that occur to or from RPC
servers that are defined in the
Default-BB-HostDefinition: RPC Servers
building block.
Event Edit this BB to define all the false positive
QIDs that occur to or from RPC servers that
are defined in the
Default-BB-HostDefinition: RPC Servers
building block.
Event Edit this BB to define all the false positive
categories that occur to or from SNMP
servers that are defined in the
Default-BB-HostDefinition: SNMP Servers
building block.
Event Edit this BB to define all the false positive
QIDs that occur to or from SNMP servers
that are defined in the
Default-BB-HostDefinition: SNMP Servers
building block.
Event Edit this BB to include source IP addresses
or specific events that you wish to remove.
Event Edit this BB to define all the false positive
categories that occur to or from SSH
servers that are defined in the
Default-BB-HostDefinition: SSH Servers
building block.
Event Edit this BB to define all the false positive
QIDs that occur to or from SSH servers that
are defined in the
Default-BB-HostDefinition: SSH Servers
building block.
Event Edit this BB to define all false positive
categories that occur to or from syslog
sources.
Event Edit this BB to define all false positive
events that occur to or from syslog sources
or destinations.
STRM Administration Guide
Default Building Blocks
Associated Building Blocks,
if applicable
Default-BB-HostDefinition: RPC
Servers
Default-BB-HostDefinition: RPC
Servers
Default-BB-HostDefinition:
SNMP Servers
Default-BB-HostDefinition: SSH
Servers
Default-BB-HostDefinition: SSH
Servers
Default-BB-HostDefinition:
Syslog Servers and Senders
Default-BB-HostDefinition:
Syslog Servers and Senders
351
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper 200 Series