Juniper STRM LOG MANAGEMENT 2008.2 - RELEASE NOTES 6-2008, STRM LOG MANAGEMENT 2008.2 Release Note
STRM Log Management Overview 1
STRM LOG MANAGEMENT
R
ELEASE NOTES
RELEASE 2008.2
JUNE 2008
Juniper Networks is pleased to introduce STRM Log Management 2008.2. This
release provides you with several resolved issues and eclonhanced functionality.
This document includes:
• STRM Log Management Overview
• New and Updated Functionality
• Related Documentation
• Contacting Customer Support
• Supported Devices and OS Versions
• Supported Java and Browser Software
STRM Log
Management
Overview
• Resolved Issues
• Known Issues and Limitations
Note: If your current deployment includes ISS SiteProtector, contact Juniper
Networks Customer Support before you install STRM Log Management.
Juniper Networks Security Threat Response Manager Log Management Only
(STRM LM) provides a comprehensive log management solution for organizations
that want to implement a distributed log management solution to collect, archive,
and analyze network and security event logs. Log management has emerged as a
required part of an organization’s ability to deliver security best practices and meet
specific auditing and reporting requirements of government regulations, including
PCI, Sarbanes-Oxley, HIPAA, and FISMA.
STRM LM provides numerous advantages over other log management solutions
including:
• Easy-to-deploy turnkey log management solution—Architecture provides a
simple and easy-to-use solution for secure and efficient log management.
• Scalable distributed log collection and archival—Appliance architecture scales
to support any size enterprise network.
• Simple policy-driven event correlation—Hundreds of useful out-of-the box
correlation rules provide im me diate value.
530-025628-01
2 STRM Log Management Release Notes
• Effective reporting and compliance auditing—Compliance-driven report
templates meet specific regulatory rep orting and auditing requirements.
• Reliable and tamper-proof log storage—Support of extensive log file integrity
checks, including NIST Log Management Standard SHA-x (1-256) hashing for
tamper-proof log archives.
• Simple upgrade to full STRM—Provides investment protection for organizations
with expanding requirements in the areas of threat and compliance
management.
New and Updated
Functionality
STRM Log Management 2008.2 provides you with the following new and updated
functionality:
• Activation and License Key Enhancement - STRM Log Management 2008.2
includes several enhancements to activation and license keys including:
- Activation Keys - During installation of STRM Log Management, you must
now enter an activation key to complete the installation. This activation key
is available on the license CD. See the instructions that came with the
license CD to install the activation key.
- License Keys - The License key functionality is now enhanced in the STRM
Log Management interface to include individual license keys for each
system in your deployment.
• New Device Extensions Functionality - You can now modify how a DSM
parses logs. For example, you can use a device extension to detect an event
that has missing or incorrect fields. A device extension can also parse an event
when the DSM to which it is attached fails to produce a result.
• Universal DSM Enhancement - With STRM Log Management 2008.2, the
Universal DSM includes the following enhancements:
- Device Extensions - Allows you to use the new device extensions
functionality to enhance the DSM parsing of your logs.
- Multiple Universal DSMs - Allows you to support multiple Universal DSMs.
- Integration with Asset Profiles - Using STRM Log Management 2008.2,
the Universal DSM is associated wi t h an asset profile allowing you to track
user identity data and associate that information to an asset profile.
• User Roles Enhancement - Administrative users can now be assigned
additional controls including:
- Administrator Management - Allows Administrative users to create and
edit other administrative accounts.
- System Administrator - Allows Administrative users to access all areas of
STRM Log Management. Also, users with this access are not able to edit
other administrator accounts.
• User Account Enhancement - You can now disable a user account without
deleting the account. A user with a disabled account is no longer able to access
the STRM Log Management interface.
530-025628-01
Related Documentation 3
Related
Documentation
For more information on Release 2008.2, refer to the on-line documentation:
• STRM Log Management Installation Guide
• STRM Log Management Administration Guide
• STRM Log Management Users Guide
• STRM Log Management Sensor Devices
• Getting Started with STRM Log Management Appliances
530-025628-01
4 STRM Log Management Release Notes
Contacting
Customer Support
Supported Devices
and OS Versions
To help you resolve any issues that you may encounter when installing or
maintaining STRM Log Management, you can contact Customer Support as
follows:
• Open a support case using the Case Management link at
http://www.juniper.net/support
• Call 1-888-314-JTAC (from the United States, Canada, or Mexico)
or1-408-745-9500 (from elsewhere)
STRM Log Management 2008.2 supports platforms from multiple vendors.
Tabl e 1- 1 lists Juniper Networks device families and operating systems that
support NSM. The table shows whether a device requires STRM to forward logs
through NSM.
Table 1-1 Supported Juniper Networks Devices and OS Versions
Logs Sent
Logs Sent Directly to
Device Family OS
ISG with IDP 6.0, 6.1.0r1b No Yes
Firewall/VPN 6.0, 6.1.0r1 Yes Yes
Standalone IDP 4.1 Yes Yes
J-series 8.5, 9.0, 9.1 Yes No
Secure Access (SA) 6.1 Yes No
Infranet Controller
(IC)
2.1 Yes No
STRM from Device
Through NSM to
STRM
Supported Java
and Browser
Software
530-025628-01
Note: For STRM to correctly process logs from SA and IC, the logs should be sent
from the devices in WELF format. To enable WELF format on the device: Under
System > Logs > Events > Settings, select the WELF filter for the syslog (STRM)
server entry in this table.
STRM Log Management supports the following versions of Java and browsers:
• Java version 1.5 and later
• Internet Explorer version 7
• Firefox version 2.0
Loading...