- play_arrow What's New for Administrators
- play_arrow Overview of JSA Administration
- play_arrow User Management
- play_arrow License Management
- play_arrow System Management
- System Management
- System Health Information
- JSA Component Types
- Data Nodes
- Network Interface Management
- JSA System Time
- NAT-Enabled Networks
- Off-site Hosts Management
- Managed Hosts
- Configuration Changes in your JSA Environment
- Deploying Changes
- Restarting the Event Collection Service
- Shutting Down a System
- Restarting a System
- Collecting Log Files
- Changing the Root Password on Your JSA Console
- Resetting SIM
- play_arrow JSA Set Up Tasks
- JSA Set Up Tasks
- Network Hierarchy
- Automatic Updates
- Manual Updates
- Configuring System settings
- IF-MAP Server Certificates
- SSL Certificates
- IPv6 Addressing in JSA Deployments
- Advanced Iptables Rules Examples
- Data Retention
- System Notifications
- Custom Offense Close Reasons
- Configuring a Custom Asset Property
- Index Management
- Restrictions to Prevent Resource-intensive Searches
- App Hosts
- Checking the Integrity Of Event and Flow Logs
- Adding Custom Actions
- Managing Aggregated Data Views
- Accessing a GLOBALVIEW Database
- play_arrow Event Data Processing in JSA
- Event Data Processing in JSA
- DSM Editor Overview
- Properties in the DSM Editor
- Property Configuration in the DSM Editor
- Opening the DSM Editor
- Configuring a Log Source Type
- Configuring Property Autodetection for Log Source Types
- Configuring Log Source Autodetection for Log Source Types
- Configuring DSM Parameters for Log Source Types
- Custom Log Source Types
- Custom Property Definitions in the DSM Editor
- Event Mapping
- Exporting Contents from the DSM Editor
- play_arrow Using Reference Data in JSA
- play_arrow User Information Source Configuration
- play_arrow Managing Authorized Services
- play_arrow Backup and Recovery
- play_arrow Flow Sources Management
- play_arrow Remote Networks and Services Configuration
- play_arrow Server Discovery
- play_arrow Domain Segmentation
- play_arrow Multitenant Management
- Multitenant Management
- User Roles in a Multitenant Environment
- Domains and Log Sources in Multitenant Environments
- Provisioning a New Tenant
- Monitoring License Usage in Multitenant Deployments
- Rules Management in Multitenant Deployments
- Network Hierarchy Updates in a Multitenant Deployment
- Retention Policies for Tenants
- play_arrow Asset Management
- play_arrow Configuring JSA to Forward Data to Other Systems
- Forward Data to Other Systems
- Adding Forwarding Destinations
- Configuring Forwarding Profiles
- Configuring Routing Rules to Forward Data
- Using Custom Rules and Rule Responses to Forward Data
- Configuring Routing Rules to Use the JSA Data Store
- Viewing Forwarding Destinations
- Viewing and Managing Forwarding Destinations
- Viewing and Managing Routing Rules
- play_arrow Event Store and Forward
- play_arrow Security Content
- play_arrow SNMP Trap Configuration
- play_arrow Protect Sensitive Data
- play_arrow Log Files
- play_arrow Event Categories
- play_arrow Common Ports and Servers Used by JSA
- play_arrow RESTful API
Juniper X-Force Exchange Plug-in for JSA
The Juniper X-Force Exchange (XFE) is a sharing platform for threat intelligence that is used by security analysts, network security specialists, and security operations center teams.
The X-Force Exchange (XFE) plug-in provides the option to search the information on the X-Force Exchange website for IP addresses, URLs, CVEs, and web applications that are found in JSA.
For example, you can right-click a URL from a JSA event to see what data the X-Force Exchange contains about the URL.
You can also use the right-click lookup option to submit IP addresses or URL data from JSA searches, offenses, and rules to a public or private collection. The collection stores the information in one place as you use the data for more research.
Collections also contain a section that serves as a wiki-style notepad, where you can add comments or any free text that is relevant. You can use the collection to save X-Force reports, text comments, or any other content. An X-Force report has both a version of the report from the time that it was saved and a link to the current version of the report.
Juniper X-Force Exchange Right-click Plug-in Installation
Install the X-Force Exchange plug-in on your JSA Console so that you have right-click functionality to access data in X-Force Exchange.
This procedure requires a web server restart from the Admin tab to load the plug-in after the RPM is installed. Restarting the web server logs out all JSA users, so it is advised that you install this plug-in during scheduled maintenance.
If your JSA system is version 2014.4 or later, the plug-in is already installed. Administrators can verify that the plug-in is installed by right-clicking on any IP address in JSA, and selecting More Options >Plugin options. If the Juniper X-Force Exchange lookup is displayed, then the plug-in is installed.
Download the X-Force Exchange right-click plug-in from https://ibm.biz/BdX4BW.
Copy the RPM file to the JSA console.
Type the following command to install the plug-in: rpm -Uvh RightClick-XFE-7.2.<version>.x86_64.rpm
Log in to the JSA console as an admin user.
On the navigation menu (
), click Admin.Select Advanced >Restart Web Server.
After the web server restarts, the X-Force right-click plug-in is enabled for IP addresses in JSA for URL fields in the Log Activity tab.
Log in to the pop-up window for the X-Force Exchange website by using your IBM id, or continue as a guest.
Guest users are not able to use all features on the X-Force Exchange website.
Close the browser window after the initial login to the Juniper X-Force Exchange website.
