Nortel Threat Protection System (TPS)
The JSA Nortel Threat Protection System (TPS) DSM records all relevant threat and system events by using syslog.
Before you configure a Nortel TPS device in JSA, take the following steps:
- Log in to the Nortel TPS user interface.
- Select Policy & Response >Intrusion Sensor >Detection
The Detection & Prevention window is displayed.
- Click Edit next to the intrusion policy you
want to configure alerting option.
The Edit Policy window is displayed.
- Click Alerting.
The Alerting window is displayed.
- Under Syslog Configuration, select on next to State to enable syslog alerting.
- From the list, select the facility and priority levels.
- In the Logging Host field, type the IP address of your JSA system. This configures your JSA system to be your logging host. Separate multiple hosts with commas.
- Click Save.
The syslog alerting configuration is saved.
- Apply the policy to your appropriate detection engines.
You can now configure the log source in JSA.
- To configure JSA to receive events from a Nortel TPS device: From the Log Source Type list, select the Nortel Threat Protection System (TPS) Intrusion Sensor option.