McAfee Firewall Enterprise (Sidewinder)

Version: McAfee Firewall Enterprise (Sidewinder) 7.X and later.

McAfee Firewall Sidewinder and its related products, administrators can immediately begin to put firewall rules in the proper business context and take advantage of centralized firewall management, reporting, and user-friendly rule creation capabilities. Additionally, Firewall offers unprecedented levels of threat protection. Advanced capabilities such as reputation-based global threat intelligence, configurable application-level protection, encrypted traffic inspection, anti-virus, content filtering, and intrusion prevention systems (IPS) block attacks before they occur.

Netsurion Open XDR enables you to gather business intelligence, providing increased security, performance and reliability of your systems. Through alerts, knowledge base solutions, and reports, Netsurion Open XDR helps you correct problems long before a disastrous failure occurs.

Netsurion Open XDR supports McAfee Firewall Enterprise (Sidewinder) and it can be configured to send syslog to Netsurion Open XDR.

Netsurion Data Source Integration for McAfee Sidewinder allows you to monitor following:-

• Operations – Syslog messages for different services, account operations (addition, deletion and modification of user and group) and shutdown/restarting of system.
• Security – Suspicious network activities, if there is any changes in privileges on user logon/authentication activities (logon, logoff).
• Compliance – Changes in policy configuration (addition and deletion).

Once McAfee Firewall Enterprise (Sidewinder) is configured to deliver events to Netsurion Open XDR; alerts, dashboards and reports can be configured into Netsurion Open XDR.

To take advantage of this data source integration and to learn more about alerts, reports, and dashboards, contact your Technical Account Manager (TAM). If you are not currently a Netsurion customer or partner, contact us to learn more.