Applies To: McAfee Firewall Enterprise (Sidewinder) with VPN 7.X and later.

Overview

With McAfee Firewall Enterprise ( Sidewinder) and its related products, administrators can immediately begin to put firewall rules in the proper business context and take advantage of centralized firewall management, reporting, and user-friendly rule creation capabilities. Additionally, Firewall offers unprecedented levels of threat protection.

EventTracker’s built-in knowledge pack enables you to gather business intelligence providing increased security, performance, availability, and reliability of your systems.Through alerts, knowledge base solutions, and reports, EventTracker helps you to correct the problems long before a disastrous failure occurs.

EventTracker supports McAfee Firewall Enterprise (Sidewinder) with VPN and it can be configured to send syslog to EventTracker Enterprise.

McAfee Firewall Enterprise ( Sidewinder) with VPN Logging

EventTracker Knowledge Pack for McAfee Sidewinder VPN allows you to monitor the following:-

• Operations - Syslog messages for different services, account operations (addition, deletion and modification of user and group) and shutdown/restarting of system.
• Security - Suspicious network activities, if there is any changes in privileges on user logon/authentication activities (logon, logoff).
• Compliance - Changes in policy configuration (addition and deletion). 

Once McAfee Sidewinder VPN is configured to deliver events to EventTracker Manager; Knowledge object, dashboards and reports can be configured into EventTracker.

Some of the Knowledge Packs available in EventTracker are listed below. For more information please refer Integration Guide.

Scope

The configurations detailed in this guide are consistent with EventTracker Enterprise version 7.X and later,McAfee Firewall Enterprise (Sidewinder) with VPN 7.X and later.

Documentation:

For more information please refer the Integration guide