McAfee Security Connected Integrating epo and MFECC

Similar documents
Firewall Enterprise epolicy Orchestrator

McAfee Firewall Enterprise epolicy Orchestrator Extension

McAfee Security Connected Integrating epo and MVM

Tenable for McAfee epolicy Orchestrator

McAfee Security Connected Integrating EPO and MAM

How-to Guide: Tenable for McAfee epolicy Orchestrator. Last Updated: April 03, 2018

McAfee Security-as-a-Service

Tenable for McAfee epolicy Orchestrator

Deploying the hybrid solution

McAfee Client Proxy Product Guide. (McAfee epolicy Orchestrator)

Product Guide Revision A. McAfee Client Proxy 2.3.2

McAfee Firewall Enterprise and 8.3.x

Configuring Windows 7 VPN (Agile) Client for authentication to McAfee Firewall Enterprise v8. David LePage - Enterprise Solutions Architect, Firewalls

Workspace ONE UEM Certificate Authentication for Cisco IPSec VPN. VMware Workspace ONE UEM 1810

McAfee Red and Greyscale

McAfee Content Security Reporter Installation Guide. (McAfee epolicy Orchestrator)

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

McAfee Client Proxy Product Guide. (McAfee epolicy Orchestrator)

McAfee Firewall Enterprise

McAfee Application Control and McAfee Change Control Linux Product Guide Linux

McAfee Application Control Linux Product Guide. (McAfee epolicy Orchestrator)

McAfee Change Control Linux Product Guide. (McAfee epolicy Orchestrator)

OpenManage Management Pack for vrealize Operations Manager Version 1.1. Installation Guide

Interface Reference. McAfee Application Control Windows Interface Reference Guide. Add Installer page. (McAfee epolicy Orchestrator)

Installing Client Proxy software

McAfee Network Security Platform 8.3

This document provides instructions for the following products.

VMware AirWatch Certificate Authentication for EAS with NDES-MSCEP. For VMware AirWatch

Click anywhere to continue

McAfee Change Control Using Change Reconciliation and Ticket-based Enforcement

1 Page Compass Investors, LLC P.O. Box 94 Kenilworth, IL

McAfee Management for Optimized Virtual Environments AntiVirus 4.5.0

McAfee Boot Attestation Service 3.5.0

Product overview. McAfee Web Protection Hybrid Integration Guide. Overview

Boot Attestation Service 3.0.0

POC Installation Guide for McAfee EEFF v4.2.x using McAfee epo 4.6 and epo New Deployments Only Windows Deployment

Integrate Palo Alto Traps. EventTracker v8.x and above

McAfee Client Proxy Product Guide

Forcepoint Sidewinder

McAfee MVISION Endpoint 1811 Installation Guide

Dealing with Event Viewer

McAfee Network Security Platform 8.1

Product Guide Revision A. Endpoint Intelligence Agent 2.2.0

McAfee MVISION Endpoint 1808 Installation Guide

CDP Data Center Console User Guide CDP Data Center Console User Guide Version

McAfee Endpoint Security

VMware AirWatch Certificate Authentication for EAS with NDES-MSCEP

McAfee Endpoint Security Migration Guide. (McAfee epolicy Orchestrator)

McAfee Cloud Workload Security Suite Amazon Machine Image Installation Guide

McAfee Enterprise Security Manager 9.5.2

SafeNet Authentication Client

Client Proxy interface reference

Internet Access: Wireless WVU.Encrypted Network Connecting a Windows 7 Device

Integrate Sophos Enterprise Console. EventTracker v8.x and above

Integrate Trend Micro Control Manager. EventTracker v8.x and above

Managing Client Proxy

Workspace ONE UEM Certificate Authentication for EAS with ADCS. VMware Workspace ONE UEM 1902

vrealize Automation Management Pack 2.0 Guide

VMware AirWatch Certificate Authentication for EAS with ADCS

McAfee MVISION Mobile epo Extension Product Guide

McAfee Client Proxy Installation Guide

DaDaDocs for Microsoft Dynamics 365 Administrator Guide

Intel Security/McAfee Endpoint Encryption

McAfee Endpoint Encryption

Revision A. McAfee Data Loss Prevention Endpoint 11.1.x Installation Guide

TSM Studio Server Installing Version 3

ForeScout Extended Module for Carbon Black

MOVE AntiVirus page-level reference

WMI log collection using a non-admin domain user

Comodo IT and Security Manager Software Version 6.6

Archiving Service. Exchange server setup (2010) Secure Gateway (SEG) Service Administrative Guides

McAfee Performance Optimizer 2.1.0

Installation Guide Revision B. McAfee Cloud Workload Security 5.0.0

Integrate Microsoft Office 365. EventTracker v8.x and above

McAfee epolicy Orchestrator 5.x

McAfee File and Removable Media Protection Product Guide

OKTA users provisioning for Vable platform

Integrate Check Point Firewall. EventTracker v8.x and above

Integrate Cisco IronPort Security Appliance (ESA)

Comodo IT and Security Manager Software Version 6.9

ForeScout Extended Module for ArcSight

McAfee Application Control/ McAfee Change Control Administration

HPE IMC APM IIS Server Application Monitor Configuration Examples

IQSweb Reference G. ROSS Migration/Registration

Pure Storage FlashArray Management Pack for VMware vrealize Operations Manager User Guide. (Version with Purity 4.9.

McAfee VirusScan and McAfee epolicy Orchestrator Administration Course

Configure Wireless for Windows 7

McAfee Cloud Identity Manager

Remote VPN Remote access for personal devices

Privileged Access Access Console User Guide 17.1

Quick Reference Guide Updating Anti-Virus to Microsoft Security Essentials. Check for McAfee EPO Agent

Privileged Identity App Launcher and Session Recording

ForeScout Extended Module for Splunk

Click anywhere to continue

Installation Guide. 3CX CRM Plugin for ConnectWise. Single Tenant Version

Installing the Sentry Power Manager (SPM) Management Pack for the Microsoft System Center Operations Manager (SCOM)

VMware Identity Manager Administration

Installation Guide. Mobile Print for Business version 1.0. July 2014 Issue 1.0

Comodo IT and Security Manager Software Version 6.4

Using the vrealize Orchestrator Operations Client. vrealize Orchestrator 7.5

Transcription:

McAfee Security Connected Integrating epo and MFECC

Table of Contents Overview 3 User Accounts & Privileges 3 Prerequisites 3 Configuration Steps 3 Value Add 12 FOR INTERNAL AND CHANNEL USE ONLY Rev 1 March 5, 2014 2

Overview The integration between epolicy Orchestrator 4.6.6 (epo) and McAfee Firewall Enterprise Control Center 5.3.1 (MFECC) creates a trusted communication channel allowing MFECC to send top-level data from multiple firewalls to epo. It is possible to view or drill down for detailed data on a firewall or the Control Center that monitors it. Added visibility includes: 1. Firewall alerts 2. Firewall health statistics 3. Historical performance trends 4. Tracking of version and patch levels 5. Hosts and endpoints used in policies 6. Host profile information directly from analytical tools Alternatively MFECC admins can query epo for host data on any network object or IP address. This integration leverages McAfee Firewall Enterprise epo extension 5.3.0. Note: McAfee Firewall Enterprise epo extension 5.3.0 is not compatible with epolicy Orchestrator 5.x, only epolicy Orchestrator 4.6.6. User Accounts & Privileges Integration will require: Firewall Enterprise Control Center Administrator account. epo Global Admin account. The steps below cover adding an optional Control Center admin user in epo with the necessary permission sets. Prerequisites The McAfee Firewall Enterprise epo extension 5.3.0 can be downloaded from the McAfee Product Download page. Log in with your Grant number to access this extension in the Firewall Related Software. No changes are required prior to setting up integration between epo and MFE. Configuration Steps Install the McAfee Firewall Enterprise epo extension. FOR INTERNAL AND CHANNEL USE ONLY Rev 1 March 5, 2014 3

1. Log on to epolicy Orchestrator. 2. In the epolicy Orchestrator console, select Menu Software Extensions. 3. At the bottom of the Extensions pane on the left side of the Extensions page, click Install Extension. FOR INTERNAL AND CHANNEL USE ONLY Rev 1 March 5, 2014 4

4. Browse to the Firewall Enterprise epolicy Orchestrator Extension.zip file you downloaded from the McAfee downloads page. Click Open to select the file, then click OK to proceed with the selection. Click OK to install the extension. 5. In the epo console select Menu User Management Permission Sets. FOR INTERNAL AND CHANNEL USE ONLY Rev 1 March 5, 2014 5

6. Create a permission set that allows data transmission. Select New from the bottom of the page. 7. Name the Permission Set and click save. 8. Edit the permission set to have full rights for McAfee Firewall Enterprise. 9. [Optional] Consider adding the following permissions as well if the user created will need to log into epo and view/create dashboards and queries. a. Audit log View and purge audit log files. b. Dashboards Use public dashboards, and edit and create personal dashboards. c. Extensions Install and remove extensions. d. McAfee Firewall Enterprise View and manage firewalls. e. Queries Use and edit public queries, and edit and create personal queries. f. Registered servers Use, create, and edit registered servers. FOR INTERNAL AND CHANNEL USE ONLY Rev 1 March 5, 2014 6

10. Create a new user with that permission set. In the epo Console select Menu User Management Users. 11. Click New User at the bottom left. Give the user a name and assign a password. Authentication type can be epo authentication. Set up Firewall Enterprise Control Center to transmit data to epolicy Orchestrator. 1. Log on to the Control Center Client application. FOR INTERNAL AND CHANNEL USE ONLY Rev 1 March 5, 2014 7

2. In the Client application navigation bar, select Control Center. 3. In the Control Center tree, expand the Settings node. 4. Double click epolicy Orchestrator. The epolicy Orchestrator Settings window appears. Make sure that the epo Reports tab is selected. FOR INTERNAL AND CHANNEL USE ONLY Rev 1 March 5, 2014 8

5. Complete the fields on the epo Reports tab. a. Allow Control Center to retrieve reports from the epo server Select this checkbox. This checkbox determines whether the Control Center will be able to retrieve reports from the epolicy Orchestrator server. This checkbox is deselected by default. b. epo Server Information Use the fields in this area to configure the settings that are required to access the epolicy Orchestrator server. All of the fields in this area are required if the Allow Control Center to retrieve reports from the epo server checkbox is selected. Hostname Type the IP address or host name of the epolicy Orchestrator server you want the Control Center to communicate with. Port Specify the port that will be used to communicate with the epolicy Orchestrator server. The default value is port 8443. Username Type the user name that is required to access the epolicy Orchestrator server. Password Type the password for the epolicy Orchestrator user name. Confirm password Type the password again to confirm it. 6. Click the Control Center User tab. 7. Click Create User. The Control Center User Manager window appears. FOR INTERNAL AND CHANNEL USE ONLY Rev 1 March 5, 2014 9

8. Create a new user with the epolicy Orchestrator role. a. Select the Account Enabled checkbox to enable the epolicy Orchestrator user. b. Type a user name and password for the epolicy Orchestrator user. Make note of this user name and password, because you will need to specify both values when you register this Control Center Management Server with the epolicy Orchestrator server. c. On the Roles tab, select the epolicy Orchestrator checkbox. d. Click OK. The epolicy Orchestrator user appears on the Control Center User tab. Register Control Center with epo 1. In the epolicy Orchestrator console, select Menu Configuration Registered Servers. The Registered Servers page appears. 2. In the lower left corner, click New Server. The Registered Server Builder page appears. FOR INTERNAL AND CHANNEL USE ONLY Rev 1 March 5, 2014 10

3. In the Server type field, select McAfee Firewall Enterprise Control Center. 4. Specify a unique name and add any notes. Click Next. The Details page appears. 5. Specify the IP address or the name of the Control Center Management Server. 6. In the Control Center user name field, type the user name you set on the Control Center User tab of the epolicy Orchestrator Settings window on the Control Center. 7. In the Control Center password fields, type the password you set on the Control Center. 8. In the Server web service port field, enter the port the Control Center Management Server uses for web traffic. The default is port 9005. FOR INTERNAL AND CHANNEL USE ONLY Rev 1 March 5, 2014 11

9. For the Certificate field, you can create a new, server-signed, client certificate. a. Make sure that the Control Center Management Server is running and that the Control Center user has been configured on it (in the epolicy Orchestrator Settings window). b. Click Create New Certificate. The certificate from the Control Center Management Server appears. c. Confirm that the certificate identifies the registered Control Center Management Server. 10. Click Save. Value Add epolicy Orchestrator and Control Center share data about hosts, firewalls, and the Control Center Management Server. Control Center displays information about hosts, whereas epolicy Orchestrator displays health and status information about firewalls and the Control Center Management Server. This integration is particularly beneficial regarding troubleshooting. It s common for help desk staff to have access to epo, but no firewall administrative access. When an outage occurs, the help desk staff can use the McAfee epo server to troubleshoot the situation and determine if the firewall is the cause before contacting firewall administrators. FOR INTERNAL AND CHANNEL USE ONLY Rev 1 March 5, 2014 12

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback