Table of Contents
Advertisement
Advanced configuration
283
Integrating third-party events
Integrating via Smart Agents
Symantec Network Security Smart Agent technology enables enterprise-wide
multi-source event collection, helping you to expand the security umbrella and
enhance the threat detection value of your existing security assets. Aggregation
of third-party security events into a centralized location leverages the power of
the Symantec Network Security analysis framework. Automated incident
response enables the rapid identification of threats in real time to mitigate
potential damage to mission critical enterprise assets. Symantec Network
Security supports holistic security awareness through real-time third-party
event correlation and analysis.
Smart Agents enable Symantec Network Security to receive event data from
external sensors and correlate that data with all other Network Security events.
Symantec Network Security performs some internal Smart Agent configuration
for integrating Symantec Decoy Server events. To integrate events from any
other external sensor, you must install a separate Smart Agent for the external
sensor as well.
To integrate event data from third-party sensors, you must first purchase and
install the corresponding Smart Agent. Detailed configuration and installation
instructions are provided in the installation guide for the Smart Agent,
including how to create an external sensor object. The Network Security console
must be aware of the external sensor for you to be able to set response rules for
events from it.
See also
"About Smart Agents"
on page 104 for more about Smart Agents.
To purchase Smart Agent software, see the following web site:
http://www.symantec.com/techsupp/enterprise/select_product_manuals.html,
and click Intrusion Detection > Symantec Decoy Server.
Advertisement
Table of Contents
