McAfee M3050 Installation Guide - Page 13

McAfee® Network Security Platform 6.0 About Network Security Platform  Configure. The Configure page provides all system configuration options, and facilitates the configuration of your devices - Sensors and NTBA Appliances, failover pairs of Sensors, administrative domains, users, roles, Network Access Control (NAC), attack policies and responses, user-created signatures, and system reports. Access to various activities, such as user management, system configuration, or policy management is based on the current user's role(s) and privileges.  Threat Analyzer. The Threat Analyzer page displays the hosts detected on your network as well as the detected security events that violate your configured security policies. The Threat Analyzer provides powerful drill-down capabilities to enable you to see all of the details on a particular alert, including its type, source and destination addresses, and packet logs where applicable.  Reports. You can generate reports for the security events detected by the system and reports on system configuration. Reports can be generated manually or automatically, saved for later viewing, and/or e-mailed to specific individuals. Other key features of Manager include:  The Incident Generator: The Incident Generator enables creation of attack incident conditions, which, when met, provide real-time correlative analysis of attacks. Once incidents are generated, view them using the Incident Viewer, which is within the Threat Analyzer. For more information on Manager components, see Manager Server Configuration Guide.  Integration with other McAfee products: You can integrate Network Security Platform with other McAfee products to provide you with a comprehensive network security solution.  McAfee ePolicy Orchestrator: McAfee ePolicy Orchestrator (ePO) is a scalable platform for centralized policy management and enforcement of your system security products such as, anti-virus, desktop firewall, and anti-spyware applications. You can integrate McAfee Network Security Platform with ePO 4.0. The integration enables you to query the ePO server from the Manager for viewing details of a network host.  McAfee Host Intrusion Prevention: McAfee Host Intrusion Prevention (HIP) is a hostbased intrusion prevention system that prevents external and internal attacks on the hosts in the network, thus protecting services and applications running on them. Network Security Platform integrates with McAfee Host Intrusion Prevention version 7.0.  McAfee Network Access Control: Using Network Security Sensors, you can enforce network access control (NAC) based on system health, user identity, or both. For system-health-based NAC, the Sensors depend on McAfee Network Access Control (McAfee NAC) for posture assessment. You need to configure ePO configuration details at the admin domain level and then install the trust between a Sensor and the ePO Server on which McAfee NAC is installed. This enables the Sensor to communicate with McAfee NAC to get host details and also to notify McAfee NAC about hosts sending unwanted traffic on the network.  McAfee Vulnerability Manager: Vulnerability assessment is an automated process of pro-actively identifying vulnerabilities of computing systems in a network to determine security threats in the network. Network Security Platform integrates with McAfee Vulnerability Manager to enable import of the Vulnerability Manager scan data into the Manager, to provide automated updating of IPS-event data relevancy. You can also initiate a Vulnerability Manager on-demand scan of a single or group of IP addresses directly from the Threat Analyzer console. This provides a simple way for security administrators to access near real-time updates of host vulnerability details, and improved focus on critical events. 5