![]() In the Device Name text box, type a name.From the Select the Type of Device You Want to Install list, select McAfee Event Receiver.To add a McAfee Event Receiver, click.Log in to the McAfee Enterprise Security Manager App with your user name and password.In the pop-up window, click Open McAfee ESM Administrator App.Run the installer and install the program on your local computer.To begin to configure ESM, click Download.exe (Windows).Click to expand the left navigation bar.For more information, see the McAfee Enterprise Security Manager documentation. In this guide, when the enable FIPS dialog box shows, we select No to remain in non-FIPS mode. Configure any other initialization settings that you must set before you can add an Event Receiver.Log in to McAfee Enterprise Security Manager Web UI with the default user name NGCP and the default password security.4u.Use these steps to set up McAfee Enterprise Security Manager, add a McAfee Event Receiver, and add a data source. Set Up McAfee Enterprise Security Manager and Event Receiver The newly added server shows in the Syslog Server tab in Fireware Web UI. Keep other settings as the default values.From the Log Format drop-down list, select Syslog.In the Port text box, type the port configured on McAfee Event Receiver to receive syslog data.In the IP Address text box, type the IP address of the computer with the McAfee Event Receiver install.Select the Send Log Messages to These Syslog Servers check box.Select System > Logging > Syslog Server.Use these steps to set up a Firebox with a syslog server. You can use either a Trusted or Optional interface. This diagram shows the test topology for this integration. McAfee Enterprise Security Manager v11.5.4 (Web Login).Firebox or WatchGuard XTM device installed with Fireware v12.8.1.The hardware and software used to complete the steps outlined in this document include: This document describes the steps to integrate Enterprise Security Manager and Event Receiver with your Firebox to enable log analysis on the SIEM system. You can use it to collect log data from WatchGuard Fireboxes and provide the data to Enterprise Security Manager. McAfee Event Receiver is an add-on to Enterprise Security Manager. McAfee Enterprise Security Manager, at the core of McAfee's SIEM solution, delivers actionable intelligence and the real-time situational awareness required to identify, understand, and respond to threats, while the embedded compliance framework simplifies compliance. The McAfee® security information and event management (SIEM) solution brings event, threat, and risk data together to provide security intelligence, incident response, log management, and compliance reports. McAfee Enterprise Security Manager Integration Guide ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |