Juniper Networks Security Threat Response Manager (STRM) family of appliances offer a single, integrated, end-to-end network security management solution. An IT staff can quickly, easily analyze data from a multitude of sources to understand the threats they are facing and determine what actions to take.

The STRM family includes the STRM 500 for small, medium and large enterprises or departments that won't need to upgrade to higher events-per-second or flows-per-minute capacities.

The STRM 2500 is an enterprise-class appliance delivering scalable network security management for medium-sized companies up to large, globally deployed organizations that will need additional flow and event monitoring capacity in the future.

STRM 5000 is a large enterprise and carrier-class appliance that provides a scalable and distributed network security management solution for medium-sized companies up to large, globally-deployed organizations.

STRM Architecture

Overview

Today's networks are complex, with vast arrays of hardware and software handling millions of events daily in many networks. Juniper Networks Security Threat Response Manager (STRM) family effectively analyzes threats in the midst of this avalanche of information. STRM offers simple deployment, fast implementation, and improved security.

Juniper Networks STRM family enables:

  • Threat Detection – Detection of events that would otherwise be missed by product or operational silos.
  • Log Management – Enables response to the right threats at the right time through the effective management of millions of log files.
  • Compliance – Implementation of a compliance and policy safety net with comprehensive event storage and reporting.
  • IT Efficiency – Extracts IT value that is latent but lost from existing network and security investments.

The STRM family includes solutions to fit different network security needs. Products include:

STRM 500

This all-in-one security solution plugs into a network, offering fast, easy deployment. An intuitive, Web-based user interface helps the STRM 500 get up and running in minutes. With its optimized hardware, the STRM 500 doesn't require expensive external storage, third-party databases, or ongoing database administration.

It's ideal for small, medium and large enterprises or departments that do not foresee the need to upgrade to higher events-per-second or flows-per-minute capacities. STRM 500 can also be deployed as a dedicated QFlow collector for collection of network flows which provides Layer 7 traffic analysis.

STRM 2500

This enterprise-class appliance delivers scalable network security management and is optimal for growing companies. The STRM 2500 includes onboard event collection, correlation, and extensive reporting capabilities.

The STRM 2500 is aimed at companies that are medium- to large-sized companies all the way on up to large, globally deployed organizations. It's designed for companies that will need additional flow and event monitoring capacity in the future.

STRM 5000

An enterprise and carrier-class appliance which provides a scalable network security management solution for medium-sized companies up to large, globally-deployed organizations. STRM 5000 appliances are the ideal solution for growing companies that anticipate the need for additional flow and event monitoring capacity in the future.

It is also the base platform for large companies that are geographically dispersed and looking for a distributed enterprise/carrier-class scalable solution. The STRM 5000 appliance utilizes on-board event/flow collection and correlation capabilities, and is expandable with additional STRM 5000 appliances acting as event and flow collectors.

Features

Juniper Networks Security Threat Response Manager (STRM) appliances deliver the following main features and benefits:

  • Centralized command and control console – Integrated log management, security information and event management (SIEM), and network behavior analysis in a single console reduces security management solution acquisition costs and improves IT efficiency.
  • Network, security, application & identity awareness – Converged management of network events, security events, network and application flow data, vulnerability data and identity information greatly improve the ability to meet IT security objectives.
  • Advanced threat and security incident detection – STRM's unique "offense" management significantly reduces false positives and detects threats that other security solutions miss.
  • Compliance-driven reporting capabilities – STRM provides compliance-centric reporting that enables the delivery of IT best practices that support compliance initiatives.
  • Scalable distributed log collection and archival – STRM's distributed appliance architecture scales to provide event and flow log management in any enterprise network
Hardware Specifications STRM 500 STRM 2500 STRM 5000
Hard Drives 2 x 500GB, RAID 1 6 x 250GB, RAID 5 6 x 500GB, RAID 10
Memory 8GB 8GB 8GB
Events per Second Up to 500 Up to 2500 Up to 5000 +
Flows per Minute Max. up to 15,000 Max. up to 100,000 Max. up to 400,000
Processor 1x Intel Core 2 Duo 1x Intel Core 2 Quad 1x Intel Core 2 Quad