Integrate McAfee ePO with Forcepoint NGFW
You need to integrate McAfee ePO if you use McAfee TIE for file reputation checking.
McAfee ePO is a centralized management tool for endpoint solutions deployed on multiple hosts. Integrating a McAfee ePO server allows you to query information about client computers in the protected network.
For more details about the product and how to configure features, click Help or
press F1.
Steps
-
Create an ePO Server element.
-
Select
Configuration, then browse to Network Elements.
- Browse to Servers.
- Right-click Servers and select .
- In the Name field, enter a unique name for the element.
-
Select
Result
ePO Server Properties dialog box
Use this dialog box to define McAfee ePO Server properties.
| Option | Definition |
|---|---|
| General tab | |
| Name | The name of the element. |
| IPv4 Address | The IPv4 address of the McAfee ePO server. |
|
IPv6 Address
(Optional) |
The IPv6 address of the McAfee ePO server. Tip: You can enter both an IPv4 and an IPv6 address.
|
| Port | The port that the ePO Server uses. The default is 8444. |
| Credentials |
|
| Category (Optional) |
Includes the element in predefined categories. Click Select to select a category. |
| Tools Profile | Adds custom commands to the server right-click menu. |
| Select | Opens the Select Element dialog box. |
| Comment (Optional) |
A comment for your own reference. |
| Option | Definition |
|---|---|
| Monitoring tab | |
| Log Server | The Log Server that monitors the status of the element. |
| Status Monitoring | When selected, activates status monitoring for the device. You must also select the Probing Profile that contains the definitions for the monitoring. When you select Status Monitoring, the element is added to the tree in the Home view. |
| Probing Profile | Shows the name of the selected Probing Profile. Click Select to select a Probing Profile element. |
| Log Reception | Activates syslog reception from this device. You must select the Logging Profile that contains the definitions for converting the syslog entries to SMC log entries. You must also select the Time Zone in which the device is located. By default, the local time zone of the computer you are using is selected. |
| Logging Profile | Shows the name of the selected Logging Profile. Click Select to select a Logging Profile element. |
| Time Zone | Selects the time zone for the logs. |
| Encoding | Selects the character set for log files. |
| SNMP Trap Reception | Enables the reception of SNMP traps from the third-party device. |
| NetFlow Reception | Enables the reception of NetFlow data from the third-party device. The supported versions are NetFlow v5, NetFlow v9, and IPFIX (NetFlow v10). |
| Option | Definition |
|---|---|
| NAT tab (All optional settings) |
|
| Firewall | Shows the selected firewall. |
| NAT Type | Shows the NAT translation type: Static or Dynamic. |
| Private IP Address | Shows the Private IP Address. |
| Public IP Address | Shows the defined Public IP Address. |
| Port Filter | Shows the selected Port Filters. |
| Comment | An optional comment for your own reference. |
| Add NAT Definition | Opens the NAT Definition Properties dialog box. |
| Edit NAT Definition | Opens the NAT Definition Properties dialog box for the selected definition. |
| Remove NAT Definition | Removes the selected NAT definition from the list. |
| Option | Definition |
|---|---|
| EIA Certificate tab Note: McAfee Endpoint Intelligence Agent (McAfee EIA) is no longer supported in NGFW version 6.3.0 and later. We recommend
that you use Forcepoint Endpoint Context Agent instead.
|
|
| Current Certificate | Shows the currently valid certificate. |
| Signature Algorithm | The signature algorithm that was used to sign the certificate. |
| Valid From | The start date of certificate validity. |
| Valid To | The end date of certificate validity. |
| Generate | Generates a new certificate. |
| Export | Opens the Export dialog box from where you can export the certificate. |