It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda XDR

Setting up Juniper SRX Firewall Collector

  • Last updated on

This setup is for the XDR Collector only. If you are using a physical or virtual sensor, contact your administrator.

To set up the Juniper SRX Firewall Collector, do the following procedures, below:

  1. Enable the Juniper SRX Collector integration

  2. Install the XDR Collector

  3. Configure the Firewall

  4. Open port on the XDR Collector Host

Enable Juniper SRX Collector

  1. In Barracuda XDR Dashboard, navigate to Administration Integrations.

  2. On the Juniper SRX Collector card, click Setup.

    JuniperSRXCollectorCard.png

  3. Select the Enable check box.

    JuniperSRXCollectorEdit.png

  4. Click Save.

Install the XDR Collector

When collecting logs from one or more integrated data sources, always set up the XDR Collector on a dedicated host server. Don't use an existing server because the amount of data produced by logs can impact critical infrastructure.

Configuring the Firewall

  1. To add a Syslog server to the Juniper SRX Firewall, follow the steps in Juniper Firewall Documentation

  2. When entering the necessary information for each syslog server that is added, make sure that the port is pointing to 9206, not to the default port as can be seen in the sample picture below:
    juniper-syslog-server-config.png

Open the Port on the XDR Collector Host

Ensure incoming traffic is allowed on UDP port 9206.

Linux 


sudo ufw allow 9206/udp

Windows

netsh advfirewall firewall add rule name="Juniper SRX Collector Firewall Events" dir=in action=allow protocol=UDP localport=9206