Juniper JSA SIEM
Is a complex solution which collects logs about activities from your devices and network applications. It proceeds and correlates the data in real-time.
Its main advantage is ability to detect attempted attacks in a very short time, mostly even before they really happen. Thus, IT teams can react suitably and avoid the attack.
Another advantage is that the tool prioritizes particular security incidents, so it is possible to focus on the most important problems and increase effectivity of security.
ARE YOU INTERESTED IN NON-BINDING CONSULTATION?
What brings us SIEM?
Improve protection against threats by using the integrated analytic reporting system.
Focus and prioritization
It reduces thousands of security issues to the important ones. It detects sophisticated threats, which other security solutions often miss.
Centralized user interface
Integration of log administration and network protection technology into a common database with uniform control panel.
Internal security
It identifies internal threats by using advanced functions. It enables to monitor fulfillment of regulations and requirements.
Key benefits
To have all information on-site saves time during incident investigation. Maximal automation of implementation process. Ability to connect seemingly non-related events and avoid security incident. Continuous check of network segment configuration to meet security policy. Management of detected vulnerability in the context of its potential impact.
Other Juniper JSA functions
- Vulnerability Manager detects vulnerability with an own scanner and is also able to integrate third parties’ solutions to work with them too.
- Risk Manager provides attack prevention by identification of wrongly adjusted rules for active elements of network infrastructure such as firewalls, routers, switches or IPS.
- Data Nodes increases storage and processing of JSA SIEM incidents.
- X-Force Threat Intelligence identifies activities associated to suspicious IP addresses e.g. those with suspected malware hosting.
Juniper Secure Analytics Components
- Console – it correlates data from administrated processors, generates reports/alerts and provides all functions for total system administration. It supports proceeding of unlimited amount of data sources.
- Event Processor – it collects, processes and store adopted logs. It applies the EPS limit. Its implementation is possible only in a distributed solution.
- Flow Processor – it collects, processes and store adopted flow data. It applies the FPM limit. Its implementation is possible only in a distributed solution.
- Event Collector – optional, it collects logs and forwards them into Event Processors. It is used if it is desired to use advanced collection possibilities such as log collection and its postponed processing. No EPS/FPM limit. E.g. good usage in a branch with a low range of connection. The collector can be connected in both AIO and distributed environment. It stores logs temporarily and sends them only in set time, it compresses and encrypts the data too. The collector does not include any processor functions, so it does not proceed the data. Typical implementation is as VM.
Cyber security law fulfillment
Act No. 181/2014 Coll. on cyber security determines important information systems and their determining criteria for a critical infrastructure element identification. There are many new actions needed:
- § 11 – Access Management and safe users´ behavior
- § 21 – Tool for monitoring of critical information infrastructure activities and important information systems, their users and administrators
- § 22 – Tool for detection of cyber security events
- § 23 – Tool for collection and evaluation of cyber security events
Juniper Software Advantage
Cooperation with us pays off as we…
Offer technical support 24/7
in English and Czech
We work for many Czech and international companies
Our technical experts have long-term experience in this area
Are you interested how does our external service work? Arrange a free consultation and find out how to save your time and money thanks to regular service or outsourcing.
ARE YOU INTERESTED IN NON-BINDING CONSULTATION?
Reference
