Table of Contents
Advertisement
McAfee® Network Security Platform 6.0
Manager database
The Manager server operates with an RDBMS (relational database management system)
for storing persistent configuration information and event data. The compatible database is
MySQL (current version 5.1.47).
The Manager server for Windows (only) includes a MySQL database that can be installed
(embedded) on the target Windows server during Manager software installation.
Your MySQL database can be tuned on-demand or by a set schedule via Manager user
interface configuration. Tuning promotes optimum performance by defragmenting split
tables, re-sorting and updating indexes, computing query optimizer statistics, and checking
and repairing tables.
To graphically administrate and view your MySQL database, you can download the
MySQL administrator from the MySQL Web site http://dev.mysql.com/downloads/gui-tools.
McAfee Update Server
For your Network Security Platform to properly detect and protect against malicious
activity, the Manager and Sensors must be frequently updated with the latest signatures
and software patches available. Thus, the Network Security Platform team constantly
researches and develops performance-enhancing software and attack-detecting
McAfee Artemis
: Network Security Platform integrates with McAfee Artemis
technology, which is an Internet-based service that provides active malware
detection in an Internet cloud. Network Security Sensors use McAfee Artemis to
provide real-time malware detection and protection for users during file downloads
from the Internet. Network Security Platform also provides users the option to
upload Custom Fingerprints that can be used for malware detection.
McAfee Global Threat Intelligence
threat correlation engine and intelligence base of global messaging and
communication behavior; including reputation, volume, trends, email, web traffic
and malware. By having McAfee Global Threat Intelligence integration, you can
report, filter, and sort hosts involved in attacks based on their network reputation
and the country of the attack origin.
For more information on all the above mentioned integration options, see
Integration Guide.
Integration with third-party products: Network Security Platform enables the use of
multiple third-party products for analyzing faults, alerts, and generated packet logs.
Fault/Alert forwarding and viewing: You have the option to forward all fault
management events and actions, as well as IPS alerts to a third-party application.
This enables you to integrate with third-party products that provide trouble ticketing,
messaging, or any other response tools you may wish to incorporate. Fault and/or
alert forwarding can be sent to the following ways:
- Syslog Server: forward IPS alerts and system faults
- SNMP Server (NMS): forward IPS alerts and system faults
- Java API: forward IPS alerts
- Crystal Reports: view alert data from database via email, pager, or script
Packet log viewing: view logged packets/flows using third-party software, such as
Ethereal.
About Network Security Platform
: McAfee Global Threat Intelligence (GTI) is a global
6
Advertisement
Table of Contents
