Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Blue Coat Web Security Service

The JSA DSM for Blue Coat Web Security Service collects events from the Blue Coat Web Security Service.

The following table describes the specifications for the Blue Coat Web Security Service DSM:

Table 1: Blue Coat Web Security Service DSM Specifications

Specification

Value

Manufacturer

Blue Coat

DSM name

Blue Coat Web Security Service

RPM file name

DSM-BlueCoatWebSecurityService- JSA_version-build_number.noarch.rpm

Event format

Blue Coat ELFF

Recorded event types

Access

Automatically discovered?

No

Includes identity?

No

Includes custom properties?

No

More information

 Blue Coat website

To integrate Blue Coat Web Security Service with JSA, complete the following steps:

  1. If automatic updates are not enabled, download and install the most recent version of the following RPMs from the Juniper Downloads onto your JSA console:

    • Protocol Common

    • Blue Coat Web Security Service REST API Protocol RPM

    • Blue Coat Web Security Service DSM RPM

  2. Configure Blue Coat Web Security Service to allow JSA access to the Sync API.

  3. Add a Blue Coat Web Security Service log source on the JSA console. The following table describes the parameters that require specific values for Blue Coat Web Security Service event collection:

    Table 2: Blue Coat Web Security Service Log Source Parameters

    Parameter

    Description

    Protocol Configuration

    The protocol that is used to receive events from the Blue Coat Web Security Service. You can specify the following protocol configuration options:

    Blue Coat Web Security Service REST API (recommended)

    Forwarded

    API Username

    The API user name that is used for authenticating with the Blue Coat Web Security Service. The API user name is configured through the Blue Coat Threat Pulse Portal.

    Password

    The password that is used for authenticating with the Blue Coat Web Security Service.

    Confirm Password

    Confirmation of the Password field.

    Use Proxy

    When you configure a proxy, all traffic for the log source travels through the proxy for JSA to access the Blue Coat Web Security Service.

    Configure the Proxy IP or Hostname, Proxy Port, Proxy Username, and Proxy Password fields. If the proxy does not require authentication, you can leave the Proxy Username and Proxy Password fields blank.

    Automatically Acquire Server Certificate(s)

    If you select Yes from the list, JSA downloads the certificate and begins trusting the target server.

    Recurrence

    You can specify when the log collects data. The format is M/H/D for Months/Hours/Days. The default is 5 M.

    EPS Throttle

    The upper limit for the maximum number of events per second (EPS). The default is 5000.