Applies To: McAfee Firewall Enterprise (Sidewinder) with VPN 7.X and later.
Overview
With McAfee Firewall Enterprise ( Sidewinder) and its related products, administrators can immediately begin to put firewall rules in the proper business context and take advantage of centralized firewall management, reporting, and user-friendly rule creation capabilities. Additionally, Firewall offers unprecedented levels of threat protection.
EventTracker’s built-in knowledge pack enables you to gather business intelligence providing increased security, performance, availability, and reliability of your systems.Through alerts, knowledge base solutions, and reports, EventTracker helps you to correct the problems long before a disastrous failure occurs.
EventTracker supports McAfee Firewall Enterprise (Sidewinder) with VPN and it can be configured to send syslog to EventTracker Enterprise.
McAfee Firewall Enterprise ( Sidewinder) with VPN Logging
EventTracker Knowledge Pack for McAfee Sidewinder VPN allows you to monitor the following:-
- Operations - Syslog messages for different services, account operations (addition, deletion and modification of user and group) and shutdown/restarting of system.
- Security - Suspicious network activities, if there is any changes in privileges on user logon/authentication activities (logon, logoff).
- Compliance - Changes in policy configuration (addition and deletion).