Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT REV 1 Manual page 122

116 G
LOSSARY
Console
credibility
database leaf objects
datapoint
DHCP
DNS
Domain Name
System (DNS)
Dynamic Host
Configuration
Protocol (DHCP)
Encryption
external data views
event
Event Collector
the coalesced event is released to the Event Processor and the next interval
begins for matching events. If no matching events arrive during this interval, the
process restarts. Otherwise, the coalescing continues with all events counted and
released in 10 second intervals.
Web interface for STRM. STRM is accessed from a standard web browser
(preferably Internet Explorer 6.0 /7.0 or Mozilla Firefox 2.0). When you access the
system, a prompt appears for a user name and password, which must be
configured in advance by the STRM administrator.
Indicates the integrity of an event as determined by the credibility rating from
source devices. Credibility increases as the multiple sources report the same
event.
The end point objects in a hierarchy. At each point in the hierarchy above this point
there would be a parent object that contains the aggregate values of all of the leaf
objects below.
Any point on the STRM graphs where data is extracted.
See Dynamic Host Configuration Protocol.
See Domain Name System.
An on-line, distributed database used to map human-readable machine names
into IP address for resolving machine names to IP addresses.
A protocol that allows dynamic assignment of IP addresses to customer premise
equipment.
Encryption provides greater security for all STRM traffic between managed hosts.
When encryption is enabled for a managed host, encryption tunnels are created
for all client applications on a managed host to provide protected access to the
respective servers.
Require input from external products, such as an IDS engine (for example,
SNORT) or firewalls (for example, Cisco PIX or Checkpoint Firewall). These
external products provide information to STRM on specified IP addresses that are
correlated to the flows responsible. STRM monitors flows between these systems
and tags traffic between the hosts for a configured period of time.
Record from a device that describes an action on a network or host.
Collects security events from various types of security devices in your network.
The Event Collector gathers events from local, remote, and device sources. The
Event Collector then normalizes the events and sends the information to the Event
Processor.
STRM Log Management Users Guide