Juniper 3800 Hardware Manual

Juniper Secure Analytics 3800 Hardware Guide

Published: 2015-03-16

Juniper Networks, Inc. 1133 Innovation Way Sunnyvale, California 94089 USA 408-745-2000 www.juniper.net

Juniper Networks, Junos, Steel-Belted Radius, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. The Juniper Networks Logo, the Junos logo, and JunosE are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.

Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.

Juniper Secure Analytics 3800 Hardware Guide

The information in this document is current as of the date on the title page.

YEAR 2000 NOTICE

Juniper Networks hardware and software products are Year 2000 compliant. Junos OS has no known time-related limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036.

END USER LICENSE AGREEMENT

The Juniper Networks product that is the subject of this technical documentation consists of (or is intended for use with) Juniper Networks software. Use of such software is subject to the terms and conditions of the End User License Agreement (“EULA”) posted at

http://www.juniper.net/support/eula.html. By downloading, installing or using such software, you agree to the terms and conditions of

that EULA.

Table of Contents

About the Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi

Documentation and Release Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi

Documentation Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi

Documentation Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii

Requesting Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv

Self-Help Online Tools and Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv

Opening a Case with JTAC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv

Part 1 Overview

Chapter 1 System Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

JSA3800 Appliance Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

JSA3800 Appliance Hardware Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Chapter 2 Hardware Component Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

JSA3800 Appliance Components Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Chapter 3 Chassis Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

JSA3800 Appliance Front Panel Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

JSA3800 Appliance Back Panel Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Part 2 Site Planning and Specifications

Chapter 4 Planning and Preparing the Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

General Site Installation Guidelines for the JSA3800 Appliance . . . . . . . . . . . . . . 15

JSA3800 Appliance Physical Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

JSA3800 Appliance Rack Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Additional Hardware Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Chapter 5 Network Transceiver Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

JSA3800 Appliance Transceiver Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Part 3 Initial Installation and Configuration

Chapter 6 Installation Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Overview of Installing the JSA3800 Appliance in a Rack . . . . . . . . . . . . . . . . . . . . 23

Tools and Parts Required for Installing the JSA3800 Appliance . . . . . . . . . . . . . . 23

Chapter 7 Installing the JSA3800 Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Installing the JSA3800 Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Installing the JSA3800 Appliance Using Front-and-Rear-Mounting Flush in a

Four-Post Rack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Mid-Mounting the JSA3800 Appliance in a Two-Post Rack . . . . . . . . . . . . . . . . . 29

Juniper Secure Analytics 3800 Hardware Guide

Chapter 8 Grounding the JSA3800 Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Grounding the JSA3800 Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Chapter 9 Connecting the JSA3800 Appliance to External Devices . . . . . . . . . . . . . . . 35

Connecting the JSA3800 Appliance to a Management Device . . . . . . . . . . . . . . . 35

Chapter 10 Providing Power to the JSA3800 Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Connecting the JSA3800 Appliance to a DC Power Source . . . . . . . . . . . . . . . . . . 37

Chapter 11 Performing the Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Preparing the Network Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Identifying Network Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Identifying Security Monitoring Devices and Flow Data Sources . . . . . . . . . . 40

Identifying Network Assets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Configuring the Basic Settings on the JSA3800 Appliance . . . . . . . . . . . . . . . . . . 42

Accessing the JSA Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Part 4 Maintaining and Troubleshooting Components

Chapter 12 Maintaining Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Maintaining the JSA3800 RAID Array . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Maintaining the JSA3800 Power Supply . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

Chapter 13 Troubleshooting Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Contacting Juniper Networks Technical Assistance Center . . . . . . . . . . . . . . . . . . 49

Part 5 Replacing Components

Chapter 14 Overview of Replacing Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

Field-Replaceable Units on the JSA3800 Appliance . . . . . . . . . . . . . . . . . . . . . . . 53

Chapter 15 Replacing Power System Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Replacing an AC Power Supply on the JSA3800 Appliance . . . . . . . . . . . . . . . . . 55

Replacing AC Power Supply Cables on the JSA3800 Appliance . . . . . . . . . . . . . . 56

Replacing a DC Power Supply on the JSA3800 Appliance . . . . . . . . . . . . . . . . . . 56

Replacing DC Power Supply Cables on the JSA3800 Appliance . . . . . . . . . . . . . . 57

Part 6 Safety and Regulatory Compliance Information

Chapter 16 General Safety Guidelines and Warnings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

Definitions of Safety Warning Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

General Safety Guidelines and Warnings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Qualified Personnel Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

Warning Statement for Norway and Sweden . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

Prevention of Electrostatic Discharge Damage . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

Chapter 17 Fire Safety Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

Fire Safety Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

Chapter 18 Installation Safety Guidelines and Warnings . . . . . . . . . . . . . . . . . . . . . . . . . 69

Installation Instructions Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

Chassis Lifting Guidelines for the JSA3800 Appliance . . . . . . . . . . . . . . . . . . . . . . 70

Table of Contents

Ramp Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

Rack-Mounting Warnings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

Grounded Equipment Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

Chapter 19 Laser and LED Safety Guidelines and Warnings . . . . . . . . . . . . . . . . . . . . . . . 77

Laser and LED Safety Guidelines and Warnings for JSA . . . . . . . . . . . . . . . . . . . . . 77

General Laser Safety Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

Class 1 Laser Product Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

Class 1 LED Product Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

Laser Beam Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Radiation from Open Port Apertures Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

Chapter 20 Maintenance and Operational Safety Guidelines and Warnings . . . . . . . . . 83

Maintenance and Operational Safety Guidelines and Warnings . . . . . . . . . . . . . . 83

Battery Handling Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83

Jewelry Removal Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

Lightning Activity Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

Operating Temperature Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86

Product Disposal Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

Chapter 21 Electrical Safety Guidelines and Warnings . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

Action to Take After an Electrical Accident . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

General Electrical Safety Guidelines and Warnings . . . . . . . . . . . . . . . . . . . . . . . . 90

AC Power Electrical Safety Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

AC Power Disconnection Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

DC Power Electrical Safety Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

DC Power Disconnection Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

DC Power Grounding Requirements and Warning . . . . . . . . . . . . . . . . . . . . . . . . . 96

DC Power Wiring Sequence Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

DC Power Wiring Terminations Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

Multiple Power Supplies Disconnection Warning . . . . . . . . . . . . . . . . . . . . . . . . . 100

TN Power Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100

Chapter 22 Agency Approvals and Regulatory Compliance Information . . . . . . . . . . . 103

Agency Approvals for the JSA3800 Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

Compliance Statements for EMC Requirements for the JSA3800 Appliance . . . 104

Canada . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104

European Community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

Japan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

Korea . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

United States . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

FCC Part 15 Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

Compliance Statements for Acoustic Noise for the JSA3800 Appliance . . . . . . 106

Part 7 Index

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

Juniper Secure Analytics 3800 Hardware Guide

List of Figures

Part 1 Overview

Chapter 3 Chassis Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Figure 1: JSA3800 Front Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Figure 2: JSA3800 Front Panel LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Figure 3: JSA3800 Back Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Figure 4: JSA3800 Ethernet Port LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Part 3 Initial Installation and Configuration

Chapter 7 Installing the JSA3800 Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Figure 5: Connecting the AC Power Cord . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Figure 6: JSA3800 Front Panel LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Figure 7: Attaching the Inner Rail Extension . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Figure 8: Installing the Outer Rails in a Rack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Figure 9: Aligning the Chassis in a Rack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Figure 10: Installing the JSA3800 Appliance Front-Rear Mounting Flush in a

Four-Post Rack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

Figure 11: Securing the Brackets to the Rack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Figure 12: Mounting the Outer Rails to the Rack . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Figure 13: Securing Brackets to the Outer Rail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Figure 14: Attaching the Inner Rail Extension . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Figure 15: Aligning and Installing the Chassis in a Two-Post Rack . . . . . . . . . . . . . 32

Chapter 9 Connecting the JSA3800 Appliance to External Devices . . . . . . . . . . . . . . . 35

Figure 16: Connecting the Management Device . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Part 6 Safety and Regulatory Compliance Information

Chapter 16 General Safety Guidelines and Warnings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

Figure 17: Placing a Component into an Antistatic Bag . . . . . . . . . . . . . . . . . . . . . 66

Juniper Secure Analytics 3800 Hardware Guide

List of Tables

About the Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi

Table 1: Notice Icons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xii

Table 2: Text and Syntax Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xii

Part 1 Overview

Chapter 3 Chassis Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Table 3: JSA3800 Front Panel Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Table 4: JSA3800 Front Panel LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Table 5: JSA3800 Back Panel Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Table 6: JSA3800 Ethernet Port LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Part 2 Site Planning and Specifications

Chapter 4 Planning and Preparing the Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Table 7: JSA3800 Appliance Physical Specifications . . . . . . . . . . . . . . . . . . . . . . . 16

Table 8: Rack Requirements for JSA3800 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Table 9: Required JSA Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Chapter 5 Network Transceiver Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Table 10: JSA3800 Appliance Transceiver Interface Types . . . . . . . . . . . . . . . . . . . 19

Part 3 Initial Installation and Configuration

Chapter 6 Installation Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Table 11: Required Tools and Parts for Installing the JSA3800 Appliance . . . . . . . 23

Chapter 7 Installing the JSA3800 Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Table 12: DB-9 Console Connector Pinouts for the JSA3800 Appliance . . . . . . . . 26

Chapter 11 Performing the Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Table 13: Network Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Table 14: Asset Identification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Juniper Secure Analytics 3800 Hardware Guide

About the Documentation

•

Documentation and Release Notes on page xi

•

Documentation Conventions on page xi

•

Documentation Feedback on page xiii

•

Requesting Technical Support on page xiv

Documentation and Release Notes

To obtain the most current version of all Juniper Networks®technical documentation, see the product documentation page on the Juniper Networks website at

http://www.juniper.net/techpubs/.

If the information in the latest release notes differs from the information in the documentation, follow the product Release Notes.

Juniper Networks Books publishes books by Juniper Networks engineers and subject matter experts. These books go beyond the technical documentation to explore the nuances of network architecture, deployment, and administration. The current list can be viewed at http://www.juniper.net/books.

Documentation Conventions

Table 1 on page xii defines notice icons used in this guide.

Juniper Secure Analytics 3800 Hardware Guide

Table 1: Notice Icons

DescriptionMeaningIcon

Indicates important features or instructions.Informational note

Indicates a situation that might result in loss of data or hardware damage.Caution

Alerts you to the risk of personal injury or death.Warning

Alerts you to the risk of personal injury from a laser.Laser warning

Indicates helpful information.Tip

Table 2 on page xii defines the text and syntax conventions used in this guide.

Table 2: Text and Syntax Conventions

Represents text that you type.Bold text like this

Fixed-width text like this

Italic text like this

Represents output that appears on the terminal screen.

•

Introduces or emphasizes important new terms.

•

Identifies guide names.

•

Identifies RFC and Internet draft titles.

Represents variables (options for which you substitute a value) in commands or configuration statements.

Alerts you to a recommended use or implementation.Best practice

ExamplesDescriptionConvention

To enter configuration mode, type the configure command:

user@host> configure

user@host> show chassis alarms

No alarms currently active

•

A policy term is a named structure that defines match conditions and actions.

•

Junos OS CLI User Guide

•

RFC 1997, BGP CommunitiesAttribute

Configure the machine’s domain name:

[edit] root@# set system domain-name

domain-name

Table 2: Text and Syntax Conventions (continued)

Text like this

Represents names of configuration statements, commands, files, and directories;configurationhierarchylevels; or labels on routing platform components.

About the Documentation

ExamplesDescriptionConvention

•

To configure a stub area, include the

stub statement at the [edit protocols ospf area area-id] hierarchy level.

•

The console port islabeledCONSOLE.

stub <default-metric metric>;Encloses optionalkeywords orvariables.< > (angle brackets)

| (pipe symbol)

# (pound sign)

[ ] (square brackets)

Indention and braces ( { } )

; (semicolon)

GUI Conventions

Bold text like this

Indicatesa choice betweenthe mutually exclusivekeywordsor variables oneither side of the symbol. The set of choices is often enclosed in parentheses forclarity.

same lineas theconfiguration statement to which it applies.

Encloses a variable for which you can substitute one or more values.

Identifies a level in the configuration hierarchy.

Identifies a leaf statement at a configuration hierarchy level.

Representsgraphicaluser interface (GUI) items you click or select.

broadcast | multicast

(string1 | string2 | string3)

rsvp { # Required for dynamic MPLS onlyIndicates a comment specified on the

community name members [ community-ids ]

[edit] routing-options {

static {

route default{

nexthop address; retain;

}

•

In the Logical Interfaces box, select

All Interfaces.

•

To cancel the configuration, click

Cancel.

> (bold right angle bracket)

Documentation Feedback

We encourage you to provide feedback, comments, and suggestions so that we can improve the documentation. You can provide feedback by using either of the following methods:

•

Online feedback rating system—On any page at the Juniper Networks Technical Documentation site at http://www.juniper.net/techpubs/index.html, simply click the stars to rate the content, and usethe pop-upform toprovide uswith information about your experience. Alternately, you can use the online feedback form at

https://www.juniper.net/cgi-bin/docbugreport/.

Separates levels in a hierarchy of menu selections.

In the configuration editor hierarchy, select Protocols>Ospf.

Juniper Secure Analytics 3800 Hardware Guide

•

E-mail—Sendyour comments totechpubs-comments@juniper.net.Includethe document or topic name, URL or page number, and software version (if applicable).

Requesting Technical Support

Technical productsupport isavailablethrough theJuniper Networks Technical Assistance Center (JTAC). If you are a customer with an active J-Care or JNASC support contract, or are covered under warranty, and need post-sales technical support, you can access our tools and resources online or open a case with JTAC.

•

JTAC policies—For a complete understanding of our JTAC procedures and policies, review the JTAC User Guide located at

http://www.juniper.net/us/en/local/pdf/resource-guides/7100059-en.pdf.

•

Product warranties—For product warranty information, visit

http://www.juniper.net/support/warranty/.

•

JTAC hours of operation—The JTAC centers have resources available 24 hours a day, 7 days a week, 365 days a year.

Self-Help Online Tools and Resources

For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called the Customer SupportCenter (CSC)that provides you with the following features:

•

Find CSC offerings: http://www.juniper.net/customers/support/

•

Search for known bugs: http://www2.juniper.net/kb/

•

Find product documentation: http://www.juniper.net/techpubs/

•

Find solutions and answer questions using our Knowledge Base: http://kb.juniper.net/

•

Download the latest versions of software and review release notes:

http://www.juniper.net/customers/csc/software/

•

Search technical bulletins for relevant hardware and software notifications:

http://kb.juniper.net/InfoCenter/

•

Join and participate in the Juniper Networks Community Forum:

http://www.juniper.net/company/communities/

•

Open a case online in the CSC Case Management tool: http://www.juniper.net/cm/

To verifyservice entitlement byproduct serial number,use our SerialNumber Entitlement (SNE) Tool: https://tools.juniper.net/SerialNumberEntitlementSearch/

Opening a Case with JTAC

You can open a case with JTAC on the Web or by telephone.

•

Use the Case Management tool in the CSC at http://www.juniper.net/cm/.

•

Call 1-888-314-JTAC (1-888-314-5822 toll-free in the USA, Canada, and Mexico).

About the Documentation

For international or direct-dial options in countries without toll-free numbers, see

http://www.juniper.net/support/requesting-support.html.

Juniper Secure Analytics 3800 Hardware Guide

PART 1

Overview

•

System Overview on page 3

•

Hardware Component Overview on page 5

•

Chassis Description on page 7

Juniper Secure Analytics 3800 Hardware Guide

CHAPTER 1

System Overview

•

JSA3800 Appliance Description on page 3

•

JSA3800 Appliance Hardware Overview on page 4

JSA3800 Appliance Description

The Juniper Secure Analytics 3800 (JSA3800) is an enterprise-class appliance that providesa scalable networksecuritymanagement solution for medium-sizedcompanies up to large global organizations.

The JSA3800 appliance is a 1-U, rack-mountable chassis with AC power supplies (or optional DC power supplies), six hot-swappable hard drives, 64 GBmemory, and two10 Gigabit and four Gigabit Ethernet interfaces.

The JSA3800 appliance:

•

Responds to the right threats at the right time through effective analysis of networks, events, and audit log files.

Documentation

•

Identifies environmental anomalies in the network, an attack path, and the source of a threat.

•

Provides network remediation for threat responses across all security products.

The JSA appliances use the following drivers for security analysis of external and internal threats:

•

Security Information Management (SIM)—SIMprovides reportingand analysis ofdata from host systems, applications, and security devices to support security policy compliance management, internal threat management, and regulatory compliance initiatives.

•

Security Event Management (SEM)—SEM improves security incident response capabilities by processing data from security devices and network devices. It helps network administrators to provide effective responses toexternal and internal threats.

JSA3800 Appliance Hardware Overview on page 4•

• JSA3800 Appliance Front Panel Description on page 7

• JSA3800 Appliance Back Panel Description on page 9

Juniper Secure Analytics 3800 Hardware Guide

JSA3800 Appliance Hardware Overview

The JSA3800 appliance provides the following features:

•

Monitor utility for power supply unit (PSU) and fans

•

Add setup logs automatically

•

Support high availability (HA)

•

Hot-swappable hard disk supporting RAID

•

Automatic RAID rebuild on HDD swap

•

Support hot-swappabledual-AC (or optional dual-DCpowersupplies) witha redundant configuration in the chassis

Documentation

• JSA3800 Appliance Description on page 3

• JSA3800 Appliance Front Panel Description on page 7

• JSA3800 Appliance Back Panel Description on page 9

• General Safety Guidelines and Warnings on page 63

CHAPTER 2

Hardware Component Overview

•

JSA3800 Appliance Components Overview on page 5

JSA3800 Appliance Components Overview

Juniper Secure Analytics (JSA) includes the following deployment components:

•

Flow Processor—Collects data from devices, and various live and recorded feeds, such

as network taps, span/mirror ports, NetFlow, and JSA flow logs. When the data is collected, theFlow Processor groups related individual packets into a flow. JSAdefines these flows as a communication session between two pairs of unique IP addresses and ports that use the same protocol. A flow starts when the Flow Processor detects the first packet with a unique source IP address, destination IP address, source port, destination port, and other specific protocol options that determine the start of a communication. Each additional packet is evaluated. Counts of bytes and packets are added to the statistical counters in the flow record. At the end of an interval, a status record of the flow is sent to an Event Collector, and statistical counters for the flow are reset. A flow ends when no activity for the flow is detected within the configured period of time.

Flow reporting generates records of all active or expired flows during a specified period of time. If the protocol does not support port-based connections, JSA combines all packets between the two hosts into a single flow record. However, a Flow Processor does not record flows until a connection is made to another JSA component and data is retrieved.

•

Event Collector—Collects security events from varioustypes of security devices, known

as log sources, in your network. The Event Collector gathers events from local and remote log sources. The Event Collector then normalizes the events and sends the information to the Event Processor. The Event Collector also bundles all virtually identical events to conserve system usage.

•

Event Processor—An Event Processor processes event and flow data from the Event

Collector. The events are bundled to conserve network usage. When received, the EventProcessor correlates the informationfrom JSA anddistributes itto theappropriate area, depending on the type of event. The Event Processor also includes information gathered by JSA to indicate any behavioral changes or policy violations for that event. Rulesare thenapplied tothe eventsthat allow the Event Processor to processaccording to the configured rules. When complete, the Event Processor sends the events to the Magistrate.

Juniper Secure Analytics 3800 Hardware Guide

A non-consoleEvent Processorcan beconnected to the Event Processor on theconsole or connected to another Event Processor in your deployment. The Accumulator is responsible for gathering flow and event information from the Event Processor.

The Event Processor on the console is always connected to the Magistrate. This connection cannot be deleted.

•

Off-site Source—Indicatesan offsite event or flow data source thatforwardsnormalized

data to an Event Collector. You can configure an offsite source to receive flows or events and allow the data to be encrypted before forwarding.

•

Off-site Target—Indicates an offsite device that receives event or flow data. An offsite

target can only receive data from an Event Collector.

•

Magistrate—The Magistrate component provides the core processing components of

the security information and event management (SIEM) system. You can add one Magistrate component for each deployment. The Magistrate provides views, reports, alerts, and analysis of network traffic and security events. The Magistrate processes the eventsor flows against the defined custom rules to createan offense. If no custom rules exist, the Magistrate uses the default rule set to process the offending event or flow. An offense is an event or a flow that has been processed through JSA using multipleinputs, individualevents orflows,and combinedevents or flowswith analyzed behavior and vulnerabilities. The Magistrate prioritizes the offenses and assigns a magnitude value based on several factors, including the amount of offenses, severity, relevance, and credibility.

Documentation

• Preparing the Network Hierarchy on page 39

• JSA3800 Appliance Description on page 3

• General Safety Guidelines and Warnings on page 63

CHAPTER 3

Chassis Description

•

JSA3800 Appliance Front Panel Description on page 7

•

JSA3800 Appliance Back Panel Description on page 9

JSA3800 Appliance Front Panel Description

Figure 1 on page 7 shows the front panel components of the JSA3800 appliance.

Figure 1: JSA3800 Front Panel

Table 3 on page 7 provides information about the front panel components of the

JSA3800 appliance.

Table 3: JSA3800 Front Panel Components

DescriptionComponentCallout

Protects the appliance.Front bezel1

Locks the appliance.Lock2

Juniper Secure Analytics 3800 Hardware Guide

Table 3: JSA3800 Front Panel Components (continued)

DescriptionComponentCallout

Hard drive3

USB ports4

Chassis LEDs7

UID button8

Six 900 GB hard disk drives (Drive0 Derive 5).

•

Drive1 (top left) and Drive0 (bottom left)

•

Drive3 (top middle) and Drive2 (bottom middle)

•

Drive5 (top right) andDrive4 (bottom right)

2 USB ports that accept a USB storage device.

Reboots the appliance.RESET button5

Powers on or powers off the appliance.Power button6

Provides the colors and states, and the status they indicate.

Turns on or off the blue light function of the U-LED when used with a UID-compatiblemotherboard. Oncethe blue light is activated, you can easily locate the appliance in very large racks and server banks.

Empty hard drive slots.Empty slots9

Figure 2 on page 8 shows the front panel LEDs of the JSA3800 appliance.

Figure 2: JSA3800 Front Panel LEDs

Table 4 on page 9 lists the JSA3800 front panel LEDs.

Table 4: JSA3800 Front Panel LEDs

Information1

Chapter 3: Chassis Description

DescriptionLEDsCallout

•

Red(blinking)—Indicatesa fanfailure.

•

Solid red—Indicates an overheat condition, which might be caused by cables obstructing the airflow in the system or the ambient room temperature being too warm.

•

Red (slowly blinking)—Indicates a power failure.

•

Solid Blue—Indicates that the local UID button is depressed.

•

Blue (blinking)—Indicates IPMI-activated UID.

LAN22

LAN13

Power5

Documentation

JSA3800 Appliance Description on page 3•

• JSA3800 Appliance Hardware Overview on page 4

• JSA3800 Appliance Back Panel Description on page 9

JSA3800 Appliance Back Panel Description

Figure 3 on page 9 shows the back panel components of the JSA3800 appliance.

Figure 3: JSA3800 Back Panel

When blinking, it indicates DataShare interface activity.

When blinking,it indicatesManagement interface activity.

Unused.Hard drive4

Solid green—Indicatesthat the appliance is receiving power.

Table 5 on page 10 provides information about the back panel components of the

JSA3800 appliance.

Juniper Secure Analytics 3800 Hardware Guide

Table 5: JSA3800 Back Panel Components

DescriptionComponentsCallout

Provides power to all components.Power supply1

1 dedicated IPMI LAN port.Dedicated IPMI LAN port2

GB ports3

VGA port5

GB ports6

2 RJ-45 Gigabit Ethernet LAN ports. The left Ethernet port is Eth0 and the right Ethernet port is Eth1.

NOTE: You can choose any GB ports as the

management port.

2 SFP+ 10GbE LAN ports.10 GB+SFP ports4

1 VGA port.

NOTE: This port is not supported.

2 RJ-45 Gigabit Ethernet LAN ports.

NOTE: You can choose any GB ports as the

management port.

4 USB ports.USB ports7

1 DB-9 COM port.COM port8

Figure 4 on page 10 shows the back panel Ethernet port LEDs of theJSA3800 appliance.

Figure 4: JSA3800 Ethernet Port LEDs

Table 6 on page 10 lists the JSA3800 Ethernet port LEDs.

Table 6: JSA3800 Ethernet Port LEDs

DescriptionLEDsCallout

•

Link1

Off—Indicates no connection or the speed of the connection is 10 Mbps.

•

Green—Indicates that the speed of the connection is 100 Mbps.

•

Amber—Indicates that the speed of the connection is 1 Gbps.

Indicates link activity.Activity2

Chapter 3: Chassis Description

Documentation

• JSA3800 Appliance Description on page 3

• JSA3800 Appliance Hardware Overview on page 4

• JSA3800 Appliance Front Panel Description on page 7

Juniper Secure Analytics 3800 Hardware Guide

PART 2

Site Planning and Specifications

•

Planning and Preparing the Site on page 15

•

Network Transceiver Specifications on page 19

Juniper Secure Analytics 3800 Hardware Guide

+ 98 hidden pages

Juniper 3800 Hardware Manual

Specifications and Main Features

Frequently Asked Questions

User Manual