New features

Java 1.8.0_131 Support

McAfee Enterprise Security Manager supports the latest Oracle Java runtime environment.

SMB2 support

In response to the WannaCry threat, Microsoft advised disabling the SMB1 protocol. When SMB1 is disabled, some data sources are unable to communicate with McAfee devices.

This SIEM release supports SMB2, which re-enables communication with these data sources. Two Content Packs have been updated to help identify potential WannaCry activity – Exploit Content Pack and Suspicious Activity Content Pack. Search the Knowledge Center for KB85403 and KB88776.

Note: Following Microsoft's recommendation results in communication with some data sources being lost. Upgrading to the 10.0.3 release re-establishes communication with the lost data sources.

  1. Follow Microsoft recommendations for disabling SMB1 and enabling SMB2 (see Microsoft for details).
  2. Upgrade to ESM 10.0.3.
  3. Verify data source connectivity.