Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[JSA/STRM] How to activate SSH tunnels between managed hosts and the console

0

0

Article ID: KB24042 KB Last Updated: 27 Mar 2017Version: 2.0
Summary:

This article provides information on how to activate the SSH tunnels between managed hosts and the console.

Symptoms:

To encrypt the data flow between JSA/STRM managed hosts (EC/EP and FC/FP) and the console, encryption must be enabled when adding managed hosts in the deployment editor.

Solution:

The SSH tunnels are activated when adding a managed host. When you enter the address of the new system during the add process, the following checkboxes are present at the bottom:

  • Host is NATed
  • Enable encryption

  • Enable compression

When you enable encryption, the communication from the host, which is marked as encrypted, is sent through the SSH tunnels on port 22. If you want to have both directions encrypted, you will also need to enable this for the QRadar console.

  1. To do this, go to the Deployment Editor and click the System View tab.
  2. Right click each IP address that you want to encrypt, select Edit Managed Host and click the Next button.

  3. On the subsequent screen, you can enable encryption.
    Note: This does not encrypt any data, which is coming into JSA/STRM from other sources, such as syslog messages coming in on port 514 or external flow traffic such as netflow on port 2055.
  4. Save and deploy the changes.
The Encrypted channel between Managed hosts and Console is represented by a blue line in the Deployment Editor. The unencrypted channel is represented by a black line in the Deployment Editor.

Note: Enabling encryption can impact system performance.

For more information, refer to the Juniper Secure Analytics (formally known as STRM) Administration Guide (for Release 2014.7, the information can found in Chapter 10: Deployment Editor). To download and view the admin guide for your installed version of STRM, refer to the following link:

http://www.juniper.net/techpubs/en_US/jsa2014.7/information-products/topic-collections/jsa-administration-guide.pdf

 
Modification History:
2017-03-24: Added references to JSA and linked to technical documentation.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search