McAfee M3050 Installation Guide - Page 14
Manager database, McAfee Update Server, McAfee Artemis, McAfee, Global Threat Intelligence
View all McAfee M3050 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 14 highlights
McAfee® Network Security Platform 6.0 About Network Security Platform McAfee Artemis: Network Security Platform integrates with McAfee Artemis technology, which is an Internet-based service that provides active malware detection in an Internet cloud. Network Security Sensors use McAfee Artemis to provide real-time malware detection and protection for users during file downloads from the Internet. Network Security Platform also provides users the option to upload Custom Fingerprints that can be used for malware detection. McAfee Global Threat Intelligence: McAfee Global Threat Intelligence (GTI) is a global threat correlation engine and intelligence base of global messaging and communication behavior; including reputation, volume, trends, email, web traffic and malware. By having McAfee Global Threat Intelligence integration, you can report, filter, and sort hosts involved in attacks based on their network reputation and the country of the attack origin. For more information on all the above mentioned integration options, see Integration Guide. Integration with third-party products: Network Security Platform enables the use of multiple third-party products for analyzing faults, alerts, and generated packet logs. Fault/Alert forwarding and viewing: You have the option to forward all fault management events and actions, as well as IPS alerts to a third-party application. This enables you to integrate with third-party products that provide trouble ticketing, messaging, or any other response tools you may wish to incorporate. Fault and/or alert forwarding can be sent to the following ways: - Syslog Server: forward IPS alerts and system faults - SNMP Server (NMS): forward IPS alerts and system faults - Java API: forward IPS alerts - Crystal Reports: view alert data from database via email, pager, or script Packet log viewing: view logged packets/flows using third-party software, such as Ethereal. Manager database The Manager server operates with an RDBMS (relational database management system) for storing persistent configuration information and event data. The compatible database is MySQL (current version 5.1.47). The Manager server for Windows (only) includes a MySQL database that can be installed (embedded) on the target Windows server during Manager software installation. Your MySQL database can be tuned on-demand or by a set schedule via Manager user interface configuration. Tuning promotes optimum performance by defragmenting split tables, re-sorting and updating indexes, computing query optimizer statistics, and checking and repairing tables. To graphically administrate and view your MySQL database, you can download the MySQL administrator from the MySQL Web site http://dev.mysql.com/downloads/gui-tools. McAfee Update Server For your Network Security Platform to properly detect and protect against malicious activity, the Manager and Sensors must be frequently updated with the latest signatures and software patches available. Thus, the Network Security Platform team constantly researches and develops performance-enhancing software and attack-detecting 6