Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 Administration Manual page 78
Strm administration guide
Hide thumbs
Also See for SECURITY THREAT RESPONSE MANAGER 2008.2:
- Manual (228 pages) ,
- Getting started (14 pages) ,
- Release note (11 pages)
Table of Contents
Advertisement
70
U
D
SING THE
EPLOYMENT
Connecting
Deployments
E
DITOR
You can connect deployments in your network to allow deployments to share flow
data. To connect your deployments, you must configure an off-site Flow Processor
(target) in your current deployment and the associated off-site Flow Processor in
the receiving deployment (source). You can add the following components to your
Flow View:
Off-site Source - Indicates an off-site Flow Processor from which you wish to
•
receive data. The source must be configured with appropriate permissions to
send flows to the off-site target.
Off-site Target - Indicates an off-site Flow Processor to which you wish to send
•
data.
Note: The procedures in the section provide information on adding flow sources
using the Flow View. You can also add sources using the System View. For
information on the System View, see
Figure 5-1
shows an example of connecting two deployments, A and B. In this
example, deployment B wishes to receive flows from deployment A. To connect
these deployments, you must configure deployment A with an off-site target to
provide the IP address of the managed host that includes Flow Processor B. You
must then connect Flow Processor A to the off-site target. In deployment B, you
must configure an off-site source with the IP address of the managed host that
includes Flow Processor A and the port to which Flow Processor A is monitoring.
If you wish to disconnect the off-site source, you must remove the connections
from both deployments. From deployment A, you must remove the off-site target
and in deployment B, you must remove the off-site source.
If you wish to enable encryption between deployments, you must enable
encryption on both off-site source and target. Also, you must ensure both the
off-site source and target include the public keys to ensure appropriate access. For
example, in the example below, if you wish to enable encryption between the
off-site source and Flow Processor B, you must copy the public key (located at
/root/.ssh/id_rsa.pub) from the Flow Processor to the off-site source (copy the file
to /root/.ssh/authorized_keys).
Note: To enable encryption between two managed hosts, each managed host
must be running at least STRM 5.1.
STRM Administration Guide
Managing Your System
View.
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper 200 Series