Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1 Manual page 116
Strm log management users guide
Hide thumbs
Also See for SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1:
- Manual (36 pages) ,
- Administration manual (92 pages) ,
- Manual (246 pages)
Table of Contents
Advertisement
110
D
R
EFAULT
ULES AND
Table B-7 Default Building Blocks (continued)
Building Block
Default-BB-Host
Definition: SSH Servers
Default-BB-Host
Definition: Syslog Servers
and Senders
Default-BB-Host
Definition: VA Scanner
Source IP
Default-BB-Host
Definition: Virus Definition
and Other Update Servers
Default-BB-Host
Definition: VoIP IP PBX
Server
Default-BB-Host
Definition: Web Servers
Default-BB-Host
Definition: Windows
Servers
Default-BB-Network
Definition: Broadcast
Address Space
Default-BB-Network
Definition: Client
Networks
B
B
UILDING
LOCKS
Block
Group
Type
Host
Event Edit this BB to define typical SSH
Definitions
Host
Event Edit this BB to define typical host
Definitions
Host
Event Edit this BB to include the source
Definitions
Host
Event Edit this BB to include all servers
Definitions
Host
Event Edit this BB to define typical VoIP
Definitions
Host
Event Edit this BB to define typical web
Definitions
Host
Event Edit this BB to define typical
Definitions
Network
Event Edit this BB to include the
Definition
Network
Event Edit this BB to include all networks
Definition
STRM Log Management Users Guide
Description
servers.
that send or receive syslog traffic.
IP address of your VA scanner. By
default, this BB applies when the
source IP address is 127.0.0.2.
that include virus protection and
update functions.
IP PBX servers.
servers.
Windows servers, such as domain
controllers or exchange servers.
broadcast address space of your
network. This is used to remove
false positive events that may be
caused by the use of broadcast
messages.
that include client hosts.
Associated Building
Blocks, if applicable
Default-BB-False Positive:
SSH Server False
Positives Categories
Default-BB-FalsePositve:
SSH Server False Positive
Events
Default-BB-FalsePositive:
Syslog Server False
Positive Categories
Default-BB-FalsePositive:
Syslog Server False
Positive Events
Default-BB-False Positive:
Web Server False
Positives Categories
Default-BB-FalsePositve:
Web Server False Positive
Events
Default-BB-False Positive:
Windows Server False
Positives Categories
Default-BB-FalsePositve:
Windows Server False
Positive Events
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper 200 Series