Table of Contents
Advertisement
Update values for the parameters, as necessary:
Step 4
If you are editing a Security/Policy sentry:
a
Table 4-20 Edit Security/Policy Sentry
Parameter
Name
Description
Minimum number
of flows before
emitting events
Delay between
emitting events
Maximum emitted
events per IP
Is Enabled
Options
Permissions
Package
QRL
If you are editing a Behavior, Anomaly, or Threshold sentry:
b
Table 4-21 Edit Behavior, Anomaly, or Threshold Sentry
Parameter
Name
Description
Minimum number
of flows before
alert
Delay between
alerts
Description
Specify a name for this sentry.
Specify a description for this sentry. This description appears as
an annotation in the Offense Manager if this sentry causes an
offense to generate.
Specify the minimum number of times, in flows, this activity must
occur before an event generates.
Specify the number of seconds, after the first occurrence of this
event, before the next occurrence of this event. For example, if
you set the value to 3, an event generates after three seconds of
the first instance of the event.
Specify the maximum number of times you wish this event to
generate per IP address. For example, if you set the maximum
alerts to 2, only two alerts generate per event.
Select the check box to enable this sentry. Clear the check box to
disable the sentry.
Select the check box if you wish this event to be included with
other events to create an offense. Use the Address to mark as
the target drop-down list box to identify if you wish the destination
or source IP address to be used as the target.
Note: This option only appears for a Security/Policy sentry.
Specify the users you wish to allow access to edit this sentry.
Using the drop-down list box, select the sentry package you wish
to apply to this sentry. To edit an existing package, click Edit or
to create a new package, click Create New.
Specifies the details of the current view for this sentry.
Description
Specify a name for this sentry.
Specify a description for this sentry. This description appears as
an annotation in the Offense Manager if this sentry causes an
offense to generate.
Specify the minimum number intervals this activity must occur
before an alert generates.
Specify the number of intervals after the first occurrence of this
event, before the next occurrence of this event.
STRM Users Guide
Editing a Sentry
73
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - REV1
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - REV1
- Juniper NETWORKS STRM - TECHNICAL NOTE REV 6-2008
- Juniper JUNOS - NETWORK OPERATION GUIDE REV1
- Juniper JUNOSE 11.1.0 - REV 4-29-2010
- Juniper MEDIA FLOW CONTROLLER 2.0.5 - S REV 15-11-2010
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - INSTALLATION REV1
- Juniper E SERIES BROADBAND SERVICES ROUTERS 11.3.X - E120 AND E320 MODULE GUIDE REV 01-10-2010
- Juniper E SERIES BROADBAND SERVICES ROUTERS 11.3.X - E120 AND E320 HARDWARE GUIDE REV 9-29-2010
- Juniper E SERIES BROADBAND SERVICES ROUTERS 11.3.X - ERX MODULE GUIDE REV 27-9-2010