🌙
 

Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

Juniper Pulse Secure Integration Guide

integrations network juniper


Juniper Pulse Secure should be configured to send logs via syslog to the Taegis™ XDR Collector. Please follow the instructions provided by Juniper in this article.

Firewall Requirements

Source Destination Port/Protocol
Juniper Management Interface Taegis™ XDR Collector (mgmt IP) UDP/514

Data Provided from Integrations

  Auth DNS HTTP Netflow NIDS Process Thirdparty
PulseSecure VPN D            

Y = Normalized | D = Out-of-the-Box Detections | V = Vendor-Specific Detections

Note

Taegis™ XDR detectors are not guaranteed to be triggered, even if a data source's logs are normalized to a schema associated with a given detector. However, you can create Custom Alert Rules to generate alerts based on normalized data from a data source.

Logging Configuration Instructions

Configure syslog for events, user access, administrator access and client logs on your Pulse Secure device by following the instructions provided by Juniper in this article.

Consider the following requirements when completing the configuration steps:

Note

Juniper Pulse Secure events are normalized as Secureworks® Taegis™ XDR Sensor Type PulseSecure_SA.

 

On this page: