McAfee SIEM Supported Devices



Similar documents
McAfee SIEM Supported Devices

RSA envision. Supported Event Sources. Vendor Device Collection Method. Vendor Device Collection Method. Vendor Device Collection Method

McAfee SIEM Device Support

Symantec Security Information Manager Version 4.7

Supported Devices (Event Log Sources)

List of Supported Systems & Devices

TECHNOLOGY INTEGRATION GUIDE

TECHNOLOGY INTEGRATION GUIDE

HawkEye AP Log Adapter List Updated January 2014

INTEGRATION GUIDE TECHNOLOGY INTRODUCTION NETWORK DEVICES AND INFRASTRUCTURE

Plugin Name. X N/A sudo X Antivirus Avast avast X GFI Security gfi X McAfee mcafee X mcafee-epo

LogLogic Release Notes for Security Event Viewer and Security Event Manager, v3.5.0

ArcSight Supports a Wide Range of Security Relevant Products

HawkEye AP Log Adapter List Updated January 2016

CiscoWorks SIMS(Netforensics)

How To Use Logrhythm For A Log On A Computer Or Network Device (For A Network) For A Network (For An Uniden Network) (For Log On Device) ( For Awn) (On A Network Or Network) Or

Reference Guide. Skybox View Revision: 11

Connectors Overview APPLICATION SECURITY ANTI-VIRUS/ANTI-SPAM CLOUD CONTENT SECURITY APPLICATIONS DATABASE ACTIVITY MONITORING (DAM)/ DB SECURITY

Release Notes ArcSight SmartConnector

Tripwire Log Center PRODUCT BRIEF HIGH PERFORMANCE LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE

REQUEST FOR PROPOSAL ACQUISITION & IMPLEMENTATION OF CENTRALIZED LOG MANAGEMENT SYSTEM

TIBCO LogLogic. SOX and COBIT Compliance Suite Quick Start Guide. Software Release: December Two-Second Advantage

TIBCO LogLogic. HIPAA Compliance Suite Quick Start Guide. Software Release: December Two-Second Advantage

Supported Data & Log Sources

TRIPWIRE LOG CENTER HIGH PERFORMANCE LOG AND SECURITY EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE

LOG CENTER SECURITY INTELLIGENCE MADE SIMPLE

JUNIPER NETWORKS STRM TECHNICAL NOTE

Detecting a Hacking Attempt

Secure Your Operations through NOC/SOC Integration

Vendor/Product Log Format Analyzer Standard. Analyzer Premium & Analyzer Giga

Supported Log File Formats

Restorepoint Plug-in Guide. Version 4.0

Total Protection for Enterprise-Advanced

M A R K E T A N A L Y S I S

Select the right security information and event management solution to automate security and compliance operations.

Next-Generation Firewalls: CEO, Miercom

Title of Document Here

Full version is >>> HERE <<<

IBM InfoSphere Guardium

og 4 NET A SureL 201

Log Correlation Engine 4.2 Architecture Guide. October 3, 2013 (Revision 2)

PCI DSS. Get Compliant, Stay Compliant Seminar

Enforcive /Cross-Platform Audit

YOUR NETWORK SECURITY WITH PROACTIVE SECURITY INTELLIGENCE

TIBCO LogLogic Unity Quick Reference Guide Concepts

CimTrak Technical Summary. DETECT All changes across your IT environment. NOTIFY Receive instant notification that a change has occurred

IBM Security QRadar SIEM Version MR1. Log Sources User Guide

Virtualization Journey Stages

ACL Compliance Director FAQ

SourceFireNext-Generation IPS

Installation Guide. Sentinel Log Manager July 2014

Novell Sentinel Log Manager

Measurably reducing risk through collaboration, consensus & practical security management CIS Security Benchmarks 1

Net LineDancer Update Notice

Juniper Security Threat Response Manager (STRM) Mikko Kuljukka COMPUTERLINKS Oy

Device Adapter Capabilities Report

Continuous Monitoring for the New IT Landscape. July 14, 2014 (Revision 1)

The Cyber Threat Landscape

McAfee Data Loss Prevention Endpoint 9.4.0

Oracle Business Intelligence Publisher. 1 Oracle Business Intelligence Publisher Certification. Certification Information 10g Release 3 (

ManageEngine Password Manager Pro Vs Thycotic Secret Server

McAfee Security Architectures for the Public Sector

IBM Security QRadar SIEM Version MR1. Vulnerability Assessment Configuration Guide

McAfee Public Cloud Server Security Suite

Measurably reducing risk through collaboration, consensus & practical security management CIS Security Benchmarks 1

World-class security solutions for your business. Kaspersky. OpenSpaceSecurity

TCS Managed Security Services

IBM Security QRadar Version Vulnerability Assessment Configuration Guide IBM

MANAGED SERVICES. Remote Monitoring. Contact US: millenniuminc.com

McAfee Data Loss Prevention Endpoint

Secospace elog. Secospace elog

Configuration Audit & Control

SANS Top 20 Critical Controls for Effective Cyber Defense

Assuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices

Security Information & Event Management (SIEM)

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

Privileged - Super Users out of Control

RSA ACCESS MANAGER. Web Access Management Solution ESSENTIALS SECURE ACCESS TO WEB APPLICATIONS WEB SINGLE SIGN-ON CONTEXTUAL AUTHORIZATION

Automate your IT Security Services

Access Management Analysis of some available solutions

Enterprise Computing Solutions United Kingdom

Required Software Product List

SNOW LICENSE MANAGER (7.X)... 3

Move over, TMG! Replacing TMG with Sophos UTM

SENTINEL MANAGEMENT & MONITORING

Continuous Network Monitoring for the New IT Landscape. March 16, 2015 (Revision 4)

How To Protect Your Virtual Infrastructure From Attack From A Cyber Threat

Unified Threat Management, Managed Security, and the Cloud Services Model

APPENDIX C AMENDMENT # 3 PRICING INDEX DIR CONTRACT NO. DIR-SDD Solid Border, Inc.

VULNERABILITY & COMPLIANCE MANAGEMENT SYSTEM

Peter Dulay, CISSP Senior Architect, Security BU

XenServer Virtual Machine metrics

Transcription:

Last Updated 7/30/15 Vendor Name Device Type A10 Networks Load Balancer Load Balancer All Syslog AX Series Accellion Secure File Transfer Application All Syslog Access Layers Portnox NAC 2.x Syslog Adtran Bluesocket Wireless Access Point All Syslog 9.1.1 and greater NetVanta Network Switches & All Syslog AirTight Networks SpectraGuard Application All Syslog NGN Switch Switch All Syslog 9.2 and greater Alcatel-Lucent VitalQIP All Syslog American Power Conversion Uninterruptible Power Supply Power Supplies All Syslog Apache Software Foundation Apple Inc. Apache HTTP Server Apache Web Server Mac OS X 1.x, 2.x Code Based Syslog 9.1 to 9.3.2 1.x, 2.x Syslog All Syslog Peakflow SP Network Switches & 2.x and greater Syslog 9.2 and greater Arbor Networks Peakflow X Network Switches & 2.x Code Based Syslog 9.1 to 9.3.2 Peakflow X Network Switches & All Syslog Pravail IDS / IPS All Syslog ArcSight Common Event Event All Syslog 9.2 and greater Aruba Aruba OS Wireless Access Point N/A Code Based Syslog ClearPass Wireless Access Point 5.x Syslog Avecto Privilege Guard (epo) IAM / IDM 3.x epo - SQL 9.2 and greater Axway Barracuda Networks BeyondTrust Bit9 Blue Coat SecureTransport All Syslog Spam Firewall Security Appliances / UTMs 3.x, 4.x Syslog Web Application Firewall Security Appliances / UTMs All Syslog Web Filter Security Appliances / UTMs All Syslog BeyondTrust REM Vulnerability Systems All N/A N/A BeyondTrust Retina Vulnerability Systems All N/A N/A Bit9 Security Platform / Parity Suite - CEF Application All Syslog 9.2 and greater Bit9 Security Platform / Parity Suite Application All Syslog Carbon Black IDS / IPS All Syslog 9.2 and greater Director Web Content / All Syslog 9.2 and greater ProxySG Web Content / 4.x-6.x Syslog Access Log Blue Lance, Inc. LT Auditor+ for Novell NetWare Application 9.x Code Based SQL 9.1 to 9.3.2 Blue Ridge Networks BorderGuard Firewall 5000, 6000 Syslog BlueCat Networks BlueCat DNS/DHCP Server Application All Syslog Bradford Networks Campus Manager NAC / Network Switches & All Syslog Bro Network Security Monitor Bro Network Security Monitor Network Security All Syslog 9.4 and greater BigIron, FastIron and NetIron Network Switches & 7.5 and greater Syslog Brocade IronView Network Manager NAC / Network Switches & All Syslog VDX Switch Network Switches & All Syslog 9.2 and greater CA Technologies DataMinder - CEF DLP All Syslog CEF SiteMinder Web Access All Syslog Cerner Cerner P2 Sentinel Healthcare Auditing All Code Based Firewall 1, Edge, Enterprise, Express, NG, Check Point Firewall All OPSEC 9.3 and greater Check Point NGX, SmartEvent and VPN Check Point via Splunk Firewall All Syslog 9.2 and greater Using Splunk app Cimcor CimTrak Management Console Configuration Management All Code Based ASA NSEL Firewall / Flow All Netflow Netflow Cisco CATOS v7xxx Network Switches & 6.x, 7.x Syslog Content Services Switches Other All Syslog CSA Console IDS / IPS 5.x, 6.x Code Based SQL Guard DDoS Mitigator IDS / IPS All Syslog Identity Services Engine Other All Syslog IDS (4.x+ RDEP protocol) IDS / IPS 4.x and greater SDEE IOS 12.x and greater Syslog IOS ACL Network Switches & 12.x and greater IOS EAP McAfee SIEM Devices 12.x and greater IOS Firewall Firewall / Network Switches & 12.x and greater IOS IDS 12.x and greater IOS IPS (SDEE protocol) Application Protocol All SDEE HTTP IronPort Email Security Email Security 6.x, 7.x Syslog IronPort Web Security Appliance Web Content / 6.x, 7.x Syslog Meraki Wireless All Syslog 9.4.1 and greater MDS Network Switches & All Syslog ACL, IOS FW, IOS IDS and DSP Use Cisco IOS data Use Cisco IOS data Use Cisco IOS data Use Cisco IOS data

Cisco Vendor Name Device Type NAC Appliance NAC / Network Switches & All Syslog Formerly Clean Access NAC Appliance (Clean Access) NAC / Network Switches & 4.x Code Based HTTP 9.1 to 9.3.2 NX-OS 4.x, 5.x Syslog Open TACACS+ Authentication All Syslog PIX IDS 12.x and greater PIX/ASA/FWSM Firewall / IDS / IPS 5.x and greater Syslog Secure ACS IDS / IPS 3.x, 4.x Syslog Unified Communications Applications All Syslog 9.2 and greater Unified Computing System All Syslog VSM/VPN Concentrator Virtual Private Network 2.x - 4.x Code Based Syslog 9.1 to 9.3.2 WAAS All Syslog Use Cisco PIX/ASA/FWSM data WAP200 Wireless Access Point All Syslog Wireless Control System Network Switches & All Syslog Wireless Lan Controller Network Switches & All Syslog NetScaler (AppFlow) Flow All IPFix IPFix 9.2 and greater Citrix NetScaler Web Content / All Syslog Secure Gateway & NetScaler Web also supported Secure Gateway Web Content / All Syslog 9.2 and greater Cluster Labs Pacemaker Application 1.x Syslog Code Green Data Loss Prevention DLP 8.x Syslog Cooper Power Systems Cybectec RTU Network Switches & 5.x, 6.x Syslog Yukon IED Manager Suite Application All Syslog Corero Corero IPS IDS / IPS All Syslog Critical Watch Critical Watch FusionVM Vulnerability Systems All N/A N/A Enterprise Password Vault Application 5.x Syslog CyberArk Privileged Identity Management Suite - CEF Application All Syslog CyberGuard CyberGuard Firewall 5.x Code Based Syslog 9.1 to 9.3.2 Includes FS, SG, SL Cyberoam Cyberoam UTM and NGFW UTM / Firewall 10.0 and greater Syslog 9.2 and greater Cyrus Cyrus IMAP & SASL Messaging 2.x Syslog D-Link NetDefend UTM Firewall UTM All Syslog 9.2 and greater Damballa Failsafe Anti-Malware All Syslog 9.1.1 and greater SonicWALL Aventail Virtual Private Network 10.x Syslog Dell SonicWALL SonicOS Firewall All Syslog PowerConnect Switches Network Switches & All Syslog DenyAll rweb Firewall / DoS rweb 4.1, 4.1.1.1, 4.1.3.2 Syslog 9.4.1 and greater DG Technology - InfoSec Mainframe Event Acquisition System MainFrame 5.x, 6.x Syslog DG Technology MEAS agent, DB2/IMS/Datacom/IDMS, CICS, FTP, MasterConsole, RACF/Top Secret/ACF2, Telnet, VSAM/BDAM/PDS, TCP/IP, SMP/E, Authorized Load Libraries, RMF Performance Data, Batch Job and Started, Tasks Start/Stop, Top Secret, Type 80 Digital Defense Digital Defense Frontline Vulnerability Systems All N/A N/A 9.1.4 and greater Econet Sentinel IPS IDS / IPS All Syslog 9.2 and greater EdgeWave iprism Web Security Web Content / All Syslog Enforcive System z SMF DB2 MainFrame All Syslog Dragon IPS IDS / IPS 1.x-7.x Syslog 9.4 and greater Dragon Sensor IDS / IPS 1.x-7.x Code Based SQL 9.1 to 9.3.2 Enterasys Networks Dragon Squire IDS / IPS 1.x-7.x Code Based SQL 9.1 to 9.3.2 Enterasys N and S Switches Network Switches & 7.x Syslog Enterasys Network Access Control Network Switches & 7.x Syslog Entrust IdentityGuard Application All Syslog Formerly Bsafe, AS/400, DB2/IMS/Datacom/IDMS, FTP, RACF/Top Secret/ACF2, Telnet, VSAM/BDAM/PDS Epic Clarity - SQL Pull Healthcare Application 2010, 2012, 2014 SQL 9.4.0 and greater Auditing specific events Extreme Networks ExtremeWare XOS Network Switches & 7.x, 8.x Syslog BIG-IP Access Policy Manager Network Switches & All Syslog BIG-IP Application Security Manager - CEF F5 Networks Web Content / All Syslog 9.2 and greater Firepass SSL VPN Virtual Private Network All Syslog Local Traffic Manager - LTM Web Content / All Syslog FairWarning Patient Privacy Monitoring Application Security 2.9.x Code Based Fidelis Fidelis XPS Network Security Applicance All Syslog FireEye FireEye Malware Protection System - CEF Antivirus/Malware 5.x and greater Syslog Fluke Networks AirMagnet Enterprise Network Switches & 8.x Syslog Force10 Networks FTOS Network Switches & All Syslog ForeScout CounterACT Network Switches & 5.x and 6.x Syslog CounterACT CEF Network Switches & 7.x and greater Syslog FortiAuthenticator Authentication 3.x Syslog 9.2 and greater FortiGate Antivirus Antivirus All Code Based Syslog 9.1 to 9.3.2 FortiGate Firewall Firewall 3.x Code Based Syslog 9.1 to 9.3.2 FortiGate IDS IDS / IPS All Code Based Syslog 9.1 to 9.3.2 Fortinet FortiGate UTM - Comma Delimited - Firewall All Syslog FortiGate UTM - Space Delimited - Firewall All Syslog FortiMail FortiManager Firewall All Syslog FortiWeb Web Application Firewall Firewall All Syslog FreeRADIUS FreeRADIUS Authentication All Syslog Alpine, BlackDiamond and Summit

Fujitsu IPCOM Firewall / IDS / IPS All Syslog 9.4 and greater Advanced Syslog Other All Syslog CIFS/SMB File Source Other N/A Code Based File pull 9.2 and greater ELM only FTP/FTPS File Source Other N/A Code Based File pull 9.2 and greater ELM only HTTP/HTTPS File Source Other N/A Code Based File pull 9.2 and greater ELM only Generic Other N/A Code Based 9.2 and greater NFS File Source Other N/A Code Based File pull 9.2 and greater ELM only SCP File Source Other N/A Code Based File pull 9.2 and greater ELM only SFTP File Source Other N/A Code Based File pull 9.2 and greater ELM only GFI GFI LanGuard VA Scanner All Code Based File pull Gigamon GigaVUE Switches & All Syslog 9.1.1 and greater Global Technology Associates GNAT Box Firewall 5.3.x Syslog Good Technology Good Mobile Control Application All Syslog 9.2 and greater Google Search Appliance Application All Syslog 9.2 and greater HBGary Active Defense UTM All Syslog 3Com Switches Switches & All Syslog LaserJet Printers Printers All Syslog OpenVMS 1.x Syslog Hewlett-Packard ProCurve Network Switches & All Syslog Vertica 5.1.1-0 Virtual Connect Applicaton Devices 4.4x Syslog 9.4.1 and greater Hitachi ID Systems Identity and Access Management Suite Authentication Syslog 9.2 and greater HyTrust HyTrust CloudControl NAC 3.x, 4.x Syslog 9.2 and greater DB2 8.x, 9.x, 10.x Guardium ing 6.x, 7.x Syslog 9.2 and greater Informix 11.5 ISS Real Secure Server Sensor Host / Server / 5.5-7.x Code Based SQL 9.1 to 9.3.2 ISS SiteProtector Security Management All Code Based SQL Use DG Technoloty MEAS MainFrame MainFrame All IBM Proventia GX Other All Syslog System Z DB2 All Use DG Technoloty MEAS Tivoli Endpoint Manager - BigFix Other All Syslog Linux Agent Required Tivoli Identity Manager - SQL Pull IAM / IDM All SQL 9.2 and greater WebSphere Application Server Application 7.0 and greater File pull 9.4.1 and greater WebSphere DataPower SOA Appliances Application 4.x Syslog 9.4.0 and greater z/os, z/vm MainFrame Use DG Technoloty MEAS Imperva WAF/DAM - CEF All Syslog 9.2 and greater Infoblox NIOS Application All Syslog InfoExpress CyberGatekeeper LAN Network Switches & All Code Based Syslog 9.1 to 9.3.1 Snare for AIX Other All Syslog InterSect Alliance Snare for Solaris Other All Syslog Snare for Windows Other All Syslog InterSystems InterSystems Cache 2011.1.x Invincea Enterprise - CEF Other All Syslog IPFIX IPFIX Network Flow All IPFix IPFix Ipswitch WS_FTP Application All Syslog iscan Online iscan Online Vulnerability Systems All N/A N/A 9.4 and greater Itron Itron Enterprise Edition Smart Grid Application All Syslog Jflow Jflow (Generic) Network Flow 5, 7, 9 Netflow Juniper Secure Access/MAG VPN All Syslog JUNOS - Structured-Data Network Switches & All Syslog JUNOS Router Network Switches & All Syslog NetScreen / IDP Network Switches & All Syslog NetScreen Firewall Firewall 4.x, 5.x, 6.x Code Based Syslog 9.1 to 9.3.2 Juniper Networks NetScreen IDP IDS / IPS 3.x, 4.x Code Based Syslog 9.1 to 9.3.2 NetScreen SSL VPN Secure Access VPN 5.x - 7.x Code Based Syslog 9.1 to 9.3.2 Network and Security Manager - NSM All Syslog Secure Access version 7 VPN 5.x-7.x Syslog Steel Belted Radius Radius Server 5.x and greater Syslog Kaspersky Administration Kit - SQL Pull Antivirus All SQL 9.2.1 and greater KEMP Technologies LoadMaster Network Switches & 4.x, 5.x Syslog Kerio Technologies Kerio Control Firewall All Syslog 9.3.2 and greater Lancope StealthWatch 4.x-5.6 Code Based Syslog 9.1 to 9.3.2 StealthWatch 6.x and greater Syslog LANDESK LANDESK Vulnerability Systems All N/A N/A 9.4 and greater Legacy Event Center Other All Syslog Informant IDS / IPS All Syslog 9.3 and greater Lieberman Enterprise Random Password Manager Application All Syslog 9.1.1 and greater XML Locum RealTime Monitor Application All Syslog LOGbinder LOGbinder Application All Syslog 9.2 and greater Device Control - Endpoint Manager Security DLP Suite (L.E.M.S.S.) 8 Syslog 9.2.0 and greater Lumension Bouncer - CEF Application 5.x and greater Syslog 9.2 and greater Bouncer Application 4.x Syslog Lumension Vulnerability Systems All N/A N/A MailGate, Ltd. MailGate Server Host / Server / 3.5 Syslog Advanced Threat Defense Anti-Malware 3.2.2.4x and greater Syslog / DXL 9.4.1 and greater AntiSpyware (epo) Antivirus All epo - SQL 9.2 and greater Application and Change Control (epo) Web Content / All epo - SQL 9.2 and greater Asset Manager Sensor Asset Management All Syslog 9.1.1 and greater Correlation Engine Other All Correlation

Security - CEF All Syslog 9.2 and greater Security (epo) All epo - SQL 9.2 and greater Deep Defender (epo) Other All epo - SQL 9.2 and greater Email Gateway - CEF Web Content / 6.x and greater Syslog 9.2 and greater EWS v5 / Email Gateway Original - Legacy - Web Content / 5.x Syslog IronMail - Legacy- Web Content / All Syslog Endpoint Encryption (epo) Application All epo - SQL 9.3.2 and greater Endpoint Protection for Mac Antivirus 2.0 and greater Syslog 9.2.0 and greater McAfee epo Audit Log (epo) Other All epo - SQL 9.2 and greater epolicy Orchestrator Other All epo - SQL 9.2 and greater epolicy Orchestrator Agent (epo) Host / Server / 3.x and greater epo - SQL 9.2 and greater Firewall Enterprise Firewall / IDS / IPS 8.x Syslog 9.2 and greater Host Data Loss Prevention (epo) DLP All epo - SQL 9.2 and greater Host Intrusion Prevention (epo) IDS / IPS 6.x and greater epo - SQL 9.2 and greater Informant IDS / IPS All Syslog 9.3 and greater McAfee Advanced Correlation Engine Correlation All McAfee Application Data Monitor Application All Code Based Event Monitor for SIEM All Code Based McAfee Enterprise Log Manager McAfee Enterprise Security Manager Receiver Receiver/ELM McAfee Security for Domino Windows (epo) Web Content / All epo - SQL 9.2 and greater McAfee Security for Microsoft Exchange (epo) Web Content / All epo - SQL 9.2 and greater McAfee Vulnerability Manager Vulnerability Systems All N/A N/A 9.1.2 and greater MOVE AntiVirus (epo) Antivirus All epo - SQL 9.3.2 and greater Network Access Control (epo) Other All epo - SQL 9.2 and greater Network DLP Monitor DLP All Syslog Network Security Manager - SQL Pull IDS / IPS 6.x and greater SQL 9.1.2 and greater Formerly IntruShield Network Security Manager IDS / IPS 6.x and greater Syslog Formerly IntruShield Network Threat Response IDS / IPS 4.0.0.5, 4.1 Code Based API 9.3-9.4, 9.4.1and greater Next Generation Firewall - Stonesoft IDS / IPS All Syslog Nitro IPS IDS / IPS All Syslog One Time Password Server Authentication 3.1 Syslog 9.2 and greater Policy Auditor (epo) Policy Server All epo - SQL 9.2 and greater SaaS Email Protection Email Security All File Pull 9.4.1 and greater SaaS Web Protection Web Content / All Syslog SiteAdvisor (epo) Other All epo - SQL 9.2 and greater Threat Intelligence Exchange Reputation Server 1.0.0 epo - DXL 9.4.1 and greater UTM Firewall Firewall All Syslog VirusScan (epo) Antivirus All epo - SQL 9.2 and greater Web Gateway Web Content / All Syslog WebShield Web Content / All Syslog MEDITECH Caretaker HealthCare Application All Syslog ACS - SQL Pull All SQL 9.1.3 and greater Adiscon Windows Events All Code Based Syslog Assets via Active Directory Asset All Event Forwarding MEF - McAfee 2008 WMI Exchange 2007, 2010, 2013 Forefront Client Security HIPS 2010 SQL 9.1.1 and greater NTR 4.0.0.5 is supported on ESM 9.3.x - 9.4.0. NTR 4.1 is supported on ESM 9.4.1 and greater. Supports csv formatted reports Message Tracking Logs Microsoft Forefront Endpoint Protection - SQL Pull HIPS 2010, 2012 SQL Forefront Threat Management Gateway / Internet Security and Acceleration - W3C Firewall / Host / Server / Operating Systems / Web Content / Filtering / All File pull Proxies / Virtual Private Networks Forefront Threat Management Gateway - SQL Pull IDS / IPS 2010 SQL 9.3 and greater Forefront Unified Access Gateway IDS / IPS 2010 Syslog 9.1.1 and greater Internet Authentication Service - ted Web Content/Filtering/Proxies 2003, 2008 Syslog Internet Authentication Service - XML Web Content/Filtering/Proxies 2003, 2008 Syslog Internet Information Services Web Content / All Code Based Syslog 9.1 to 9.3.2 Internet Information Services - FTP All Web Content / Internet Information Services - SMTP All Web Content / 9.2 and greater Internet Information Services All Web Content / Microsoft Active Directory Other All WMI WMI Microsoft Exchange Server Other 2007, 2010 WMI WMI Microsoft SQL Server All WMI WMI MSSQL 7, 2000, 2005, 2008, 2012 MSSQL Error Log All Syslog 9.2 and greater MSSQL Server C2 Audit 2000, 2005, 2008 Code Based MEF - McAfee Network Policy Server Policy Server All Syslog Operations Manager Host / Server / All Code Based SQL 9.1 to 9.3.2 PhoneFactor Application All Syslog SharePoint Host / Server / File Management 2007, 2010 Syslog System Center Operations Manager Security Management 2007 Code Based Windows DHCP Debug DHCP Logs 2003, 2008 MEF - McAfee

Windows DNS Debug DNS Logs 2003, 2008 Windows Event Log - CEF Windows Event Log - WMI All Syslog 9.2 and greater XP, Server 2003, Server 2008, Server 2012, Windows 7 and Windows 8 WMI WMI Mirage Networks CounterPoint NAC / Network Switches & 2.3.1 Code Based Syslog 9.1 to 9.3.2 Motorola AirDefense Wireless Switch All Syslog AirDefense Enterprise Wireless Switch All Code Based Syslog 9.1 to 9.3.2 Data ONTAP Storage 7.x Syslog NetApp DataFort Storage Switch All Syslog FAS Storage All NetFlow Generic NetFlow Flow 5, 7, 9 NetFlow NetFlow Windows 8 is supported in ESM version 9.3.2 and greater Use NetApp Data OnTap data NetFort Technologies LANGuardian Host / Server / All Syslog NetIQ Security Manager Sentinel Log Manager Network Switches & / Security Management Network Switches & / Security Management 5.1 Syslog All Syslog NetWitness Informer - CEF Application All Syslog Spectrum - CEF Malware All Syslog 9.2 and greater URL Integration NGS NGS SQuirreL Vulnerability Systems All N/A N/A Niksun NetDetector Other All Syslog Nokia IPSO Firewall All Code Based Syslog 9.1 to 9.3.2 Contivity VPN Network Switches & 7.x Code Based Syslog 9.1 to 9.3.2 Nortel Networks Contivity VPN Network Switches & 7.x Syslog 9.4 and greater Passport 8000 Series Switches Network Switches & 7.x Syslog VPN Gateway 3050 Virtual Private Network 8.x Syslog Novell edirectory Host / Server / All Syslog 9.2 and greater Identity and Access Management - IAM IAM / IDM All Syslog npulse CPX Flow & Packet Capture Packet Capture All N/A N/A URL Integration OpenVAS OpenVAS Vulnerability Systems All N/A N/A OpenVPN OpenVPN VPN 2.1 and greater Syslog Directory Server Enterprise Edition Authentication 11 Syslog 9.4.0 and greater Also covers: Sun ONE Server and Sun Java Directory Server Enterprise Edition Identity Manager - SQL Pull IAM / IDM SQL 9.3.2 and greater Internet Directory Authentication 11 9.4.1 and greater Oracle MySQL Oracle (32 bit, Windows) 4.x, 5.x, 6.x 8.x, 9.x, 10g, 11g, 11g R2 Oracle Audit - SQL Pull 10g, 11g SQL 9.2.1 and greater Oracle Audit All Syslog 9.2.1 and greater Support grain and fine grain logs Osiris Audit Vault and Firewall / Firewall 12.x Syslog 9.3.0 and greater Real Application Clusters - RAC 11g File Pull 9.4.0 and greater Solaris Basic Security Module - BSM Host / Server / 9.x, 10.x Syslog WebLogic Other 8.1.x Syslog Host Integrity Monitor IDS / IPS Syslog Palo Alto Networks Palo Alto Firewalls Firewall All Syslog Pivotal Greenplum 8.2.15 Postfix Postfix Application All Syslog PostgreSQL PostgreSQL 7.4.x, 8.4.x, 9.0.x, 9.1.x PostgreSQL All Syslog PowerTech Interact - CEF Host All Syslog 9.2 and greater Proofpoint Messaging Security Gateway Application All Syslog Qualys Qualys QualysGuard Vulnerability Systems All N/A N/A Quest ChangeAuditor for Active Directory Applications All WMI WMI AppDirector Network Switches & All Syslog AppWall Firewall All Syslog 9.2 and greater Parses the Event Manager Log (evmd.log) ISAKMP, RADIUS, SECURITY, Accounting, RIP, VR messages only Radware DefensePro IDS / IPS 2.4.3 and greater Code Based Syslog 9.1 to 9.3.2 DefensePro IDS / IPS 2.4.3 and greater Syslog LinkProof/FireProof Network Switches & All Syslog Rapid7 Rapid7 Metasploit Pro Vulnerability Systems 3.x and greater N/A N/A Rapid7 Nexpose Vulnerability Systems All N/A N/A Raytheon SureView Application All Syslog Raz-Lee Security isecurity Suite Application All Syslog 9.2 and greater RedSeal Networks RedSeal 6 Risk Complianace All Syslog RioRey DDoS Protection Firewall / DoS RIOS 5.0, 5.1, 5.2 Syslog 9.2.0 and greater Riverbed Steelhead Security Appliances / UTMs 5.x Syslog RSA Authentication Manager Authentication 7.x Syslog SafeNet Hardware Security Modules Application Security All Syslog Saint Saint Vulnerability Systems All N/A N/A SAP SAP Version 5 Host / Server / 5.x and 6.x ABAP Module & Syslog Sybase 11.x, 12.x, 15.x

Savant Protection Savant - CEF Anti-Malware 3.x Syslog 9.2 and greater Secure Crossing Zenwall Host / Server / All Syslog SecureAuth IEP - Single Sign On Authentication 5.x Syslog Securonix Risk and Threat Intelligence Application Code Based SendMail Sentrion Messaging All Sentrigo Hedgehog - CEF All Syslog 9.2 and greater sflow Generic sflow Network Flow All sflow sflow Silver Spring Networks Network Infrastructure Smart Grid All Skycure Skycure Enterprise Mobile Security All Syslog 9.4.1 and greater SnapLogic SnapLogic Cloud Integration All Syslog 9.2 and greater Software Product Research DB2 Access Recording Services DBARS All Syslog SonicWALL SonicWall Firewall/VPN Firewall All Code Based Syslog 9.1 to 9.3.2 SonicWall IPS IDS / IPS All Code Based Syslog 9.1 to 9.3.2 Sonus GSX VOIP All Syslog Email Security and Data Protection Email Security All Syslog Sophos Sophos Antivirus Antivirus All Code Based SQL UTM & Next-Gen Firewall UTM / Firewall 9.1 Syslog 9.4.0 and greater Web Security and Control Web Content / All Syslog SourceFire Squid 3D Defense Center IDS / IPS 4.10 Snort NIDS IDS / IPS All FireSIGHT Management Console - estreamer IDS / IPS 5.x.x Code Based estreamer 9.1.1 and greater Use Unix - Linux data Use FireSIGHT Management Console - estreamer Use SourceFire NS/RNA data SourceFire NS/RNA IDS / IPS All Syslog Includes Snort IDS Squid Web Content / 1.x Code Based Syslog 9.1 to 9.3.2 Squid Web Content / 2.5 Syslog STEALTHbits StealthINTERCEPT HIDS 3.1.262.1 Syslog 9.4 and greater StillSecure Strata Guard Firewall / Security Management / IDS / IPS / Virtual Private Networks Stonesoft Corporation Next Generation Firewall IDS / IPS All 5.x, 6.x Syslog Sun iplanet Web Server All Code Based Syslog 9.1 to 9.3.2 Altiris Management Console Asset 7.x and greater 9.2 and greater Antivirus Corporate Edition Server Antivirus 8.x, 9.x Code Based SQL Critical System Protection IDS / IPS 5.2 Code Based SQL 9.1 to 9.3.2 Critical System Protection IDS / IPS 5.2 SQL 9.4 and greater Symantec Endpoint Protection Antivirus 11.x Code Based Syslog 9.1 to 9.3.2 Endpoint Protection Antivirus 11.x, 12.x Syslog PGP Universal Server Host / Server / All Syslog Symantec Data Loss Prevention DLP All Syslog Symantec Messaging Gateway Messaging 2.x and greater Syslog Symantec Web Gateway Web Content / All Syslog Synology DiskStation Manager Application All Syslog 9.2 and greater Tenable Tenable Nessus Vulnerability Systems 3.x, 4.x, 5.x, 6.x N/A N/A Teradata Teradata 12.x, 13.x, 14.x Thycotic Secret Server Authentication 8 Syslog 9.2 and greater SMS Security Management 2.x and greater Syslog TippingPoint TippingPoint Security Management 1.x, 2.x Code Based Syslog 9.1 to 9.3.2 UnityOne IDS / IPS All Syslog TITUS Message Classification Application All WMI WMI 9.2.1 and greater Tofino Security Tofino Firewall LSM Firewall All Syslog Topia Technology Skoot Application All Syslog 9.2 and greater Townsend Security AS/400 - CEF Host / Server / All Syslog 9.2 and greater Trapezoid Trust Control Suite Application All Syslog 9.2 and greater Control Manager Antivirus / Vulnerability Systems 3.x, 5.x, 6.x Code Based SQL 9.1 to 9.3.2 Use McAfee Next Generation Firewall - Stonesoft Microsoft Windows Event Log Trend Micro Control Manager - SQL Pull Antivirus / Vulnerability Systems 5.x SQL 9.1.3 and greater Deep Discovery - CEF Antivirus / Vulnerability Systems All Syslog 9.2 and greater Deep Security - CEF HIDS 6.x and greater Syslog Deep Security Manager - CEF HIDS 6.x and greater Syslog InterScan Web Security Suite Web Content / All Syslog OfficeScan Antivirus / Vulnerability Systems All Syslog 9.2 and greater OSSEC FIM / HIDS 1.x, 2.x Syslog Tripwire / ncircle IP360 Vulnerability Systems All N/A N/A Tripwire Tripwire Enterprise / Security Management 4.x Syslog Tripwire For Server / Security Management 4.x Code Based Syslog 9.1 to 9.3.2 Tripwire For Server / Security Management 4.x Syslog 9.4 and greater Data Loss Prevention DLP 8.x Syslog 9.2 and greater Trustwave Network Access Control NAC 3.x Syslog WebDefend Web Content / 4.x Syslog Tufin SecureTrack Firewall / Auditing All Syslog 9.2 and greater Type80 Security Software SMA_RT Host / Server / All Code Based Syslog 9.1 to 9.3.2 SMA_RT Host / Server / All Syslog 9.4 and greater Linux Host / Server / All Syslog UNIX Solaris, Red Hat UNIX OS Host / Server / Linux, HP-UX, IBM Code Based Syslog 9.1 to 9.3.2 AIX and SUSE VanDyke Software VShell Application 2.x, 3.x Syslog Vericept Content 360 DLP 8.x Syslog 9.2 and greater Verdasys Digital Guardian DLP All Syslog 9.2 and greater VMware vcenter Server Application All Code Based API 9.3.2 and greater VMware Application 1.x-5.x Syslog Voltage Security SecureData Enterprise DLP 5.7 Syslog 9.4.1 and greater Vormetric Data Security Application 4.x Syslog WatchGuard Technologies Firebox and X Series Firewall 8.x-11.x Syslog Wave Systems Corp Safend Protector DLP All Syslog 9.2 and greater Cloud Web Security HIDS All 9.3.2 and greater Websense Websense - CEF, Key Value Pair Web Content / 7.7 and greater Syslog 9.2 and greater Trustwave DLP

Websense Vendor Name Device Type Websense Enterprise - SQL Pull Web Content / 6.x, 7.x SQL 9.2.2 and greater Xirrus 802.11abgn Wi-Fi Arrays Switches & All Syslog Zenprise Secure Mobile Gateway Security Mobile Gateway 5.x and greater Syslog ZeroFOX ZeroFOX Application All Syslog 9.2 and greater Zscaler Nanolog Streaming Service (NSS) Web Content / All Syslog 9.4.0 and greater McAfee. Part of Intel Security. 2821 Mission College Boulevard Santa Clara, CA 95054 888 847 8766 www.intelsecurity.com Intel and the Intel logo and McAfee logos are registered trademarks of Intel Corporation or McAfee, Inc. in the US and/or other countries. Other marks and brands may be claimed as the property of others. Copyright 2015 McAfee, Inc.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information