Configuring Security Threat Response Manager (CSTRM)

Configuring Security Threat Response Manager (CSTRM)
  • Configuring Security Threat Response Manager (CSTRM)

    3 dager
    Network Security
    1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)


    Course Details


    This three-day course discusses the configuration of Juniper Networks JSA Series Secure Analytics (formerly known as Security Threat Response Manager [STRM]) in a typical network environment. Key topics include deploying an STRM device in the network, configuring flows, running reports, and troubleshooting. Through demonstrations and hands-on labs, students will gain experience in configuring, testing, and troubleshooting the STRM device. This course uses the STRMV virtual appliance for the hands-on component. This course is based on STRM software 2012.1R1.


    After successfully completing this course, you should be able to:

    • Describe the STRM system and its basic functionality;
    • Describe the hardware used with the STRM system;
    • Identify the technology behind the STRM system;
    • Identify the STRM system’s primary design divisions: display versus detection, and events versus traffic;
    • Plan and prepare for a new installation;
    • Access the administration console;
    • Configure the network hierarchy;
    • Configure the automatic update process;
    • Access the Deployment Editor;
    • Describe the STRM system’s internal processes;
    • Describe event and flow source configuration;
    • List key features of the STRM architecture;
    • Describe the STRM system’s processing logic;
    • Interpret the correlation of flow and event data;
    • List the architectural component that provides each key function;
    • Describe Events and explain where they come from;
    • Access the Log Activity interface;
    • Execute Event searches;
    • Describe flows and their origin;
    • Configure the Network Activity interface;
    • Execute Flow searches;
    • Specify the STRM system’s Asset Management and Vulnerability Assessment functionality;
    • Access the Assets interface;
    • View Asset Profile data;
    • View Server Discovery;
    • Access the Vulnerability Assessment Scan Manager to produce vulnerability assessments (VAs);
    • Access vulnerability scanner configuration;
    • View vulnerability profiles;
    • Describe rules;
    • Configure rules;
    • Configure Building Blocks (BBs);
    • Explain how rules and flows work together;
    • Access the Offense Manager interface;
    • Understand Offense types;
    • Configure Offense actions;
    • Navigate the Offense interface;
    • Explain the Offense summary screen;
    • Search Offenses;
    • Use the STRM system’s Reporting functionality to produce graphs and reports;
    • Navigate the Reporting interface;
    • Configure Report Groups;
    • Demonstrate Report Branding;
    • View Report formats;
    • Indentify the basic information on maintaining and troubleshooting the STRM system;
    • Navigate the STRM dashboard;
    • List flow and event troubleshooting steps;
    • Access the Event Mapping tool;
    • Configure Event Collection for Junos devices;
    • Configure Flow Collection for Junos devices; and
    • Explain High Availability (HA) functionality on an STRM device.


    Day 1

    Chapter 1: Course Introduction

    Chapter 2: Product Overview

    • Overview of the STRM Series Device
    • Hardware
    • Collection
    • Operational Flow

    Chapter 3: Initial Configuration

    • A New Installation
    • Administration Console
    • Platform Configuration
    • Deployment Editor
    • Lab 1: Initial Configuration

    Chapter 4: Architecture

    • Processing Log Activity
    • Processing Network Activity
    • STRM Deployment Options

    Chapter 5: Log Activity

    • Log Activity Overview
    • Configuring Log Activity
    • Lab 2: Log Activity

    Day 2

    Chapter 6: Network Activity

    • Network Activity Overview
    • Configuring Network Activity
    • Lab 3: Network Activity

    Chapter 7: Assets and Vulnerability Assessment

    • Asset Interface
    • Vulnerability Assessment
    • Vulnerability Scanners
    • Lab 4: Assets and Vulnerability Assessment

    Chapter 8: Rules

    • Rules
    • Configure Rules and Building Blocks
    • Lab 5: Rules

    Chapter 9: Offense Manager

    • Offense Manager
    • Offense Manager Configuration
    • Offense Investigation
    • Lab 6: Configure the Offense Manager

    Day 3

    Chapter 10: Reporting

    • Reporting Functionality
    • Reporting Interface
    • Lab 7: Reports

    Chapter 11: Basic Tuning and Troubleshooting

    • Basic Tuning
    • Troubleshooting

    Chapter 12: Configuring Junos Devices for Use with STRM

    • Collecting Junos Events
    • Collecting Junos Flows
    • Lab 8: Configuring Junos Devices for STRM

    Appendix A: High Availability

    • High Availability
    • Configuring High Availability


    This course is intended for network engineers, support personnel, reseller support, and anyone responsible for implementing the STRM system.


      May 23 - May 25, 2018
      Aug 20 - Aug 22, 2018
      Nov 21 - Nov 23, 2018