Configuring ESM Initial configuration ESM server information page To set up the connection between ESM and your network, you must enter the ESM server information. Initial configuration proxy server settings page If your ESM communicates through a proxy server, you must add the proxy settings. Initial configuration static route settings page A static route is a specified set of instructions regarding how to reach a host or network not available through the default gateway. If your ESM needs static routes to communicate with the network, manage them here. Initial configuration set up NTP servers page Set up NTP servers to use them for time synchronization on the ESM and devices. Initial configuration rule updates page Define the settings to retrieve rule signatures from the McAfee server. Multi-Device Management page Start, stop, restart, or update the software on multiple devices at one time. Device health status reportsWhite (informational), yellow (inactivity or device status), or red (critical) health status flags appear next to system, group, or device nodes on the system navigation tree when a health status report is available. When you click the flag, the Device Status Alerts page provides you with options to view the information and resolve any issues. Upload custom data source definitions page Add custom data source definitions to your system by uploading a file, and view the list of installed definitions. Spreadsheet fields for importing data sources The spreadsheet you use to import data sources has several columns; some are required and some are used only for specific data source types. User-defined data source types This table lists the user-defined types and their corresponding name or entry, which is displayed in the data source editor. McAfee rulesets This table lists the McAfee rulesets along with the external data source IDs. SNMP and the McAfee MIB Several aspects of the McAfee product line can be accessed through SNMP. The McAfee MIB defines the object identifiers (OIDs) for each object or characteristic of interest. Types of events These are the event log types generated on the ESM. Manage Global Blacklists page Select the network devices that support global blacklist.
Configuring ESM Initial configuration ESM server information page To set up the connection between ESM and your network, you must enter the ESM server information. Initial configuration proxy server settings page If your ESM communicates through a proxy server, you must add the proxy settings. Initial configuration static route settings page A static route is a specified set of instructions regarding how to reach a host or network not available through the default gateway. If your ESM needs static routes to communicate with the network, manage them here. Initial configuration set up NTP servers page Set up NTP servers to use them for time synchronization on the ESM and devices. Initial configuration rule updates page Define the settings to retrieve rule signatures from the McAfee server. Multi-Device Management page Start, stop, restart, or update the software on multiple devices at one time. Device health status reportsWhite (informational), yellow (inactivity or device status), or red (critical) health status flags appear next to system, group, or device nodes on the system navigation tree when a health status report is available. When you click the flag, the Device Status Alerts page provides you with options to view the information and resolve any issues. Upload custom data source definitions page Add custom data source definitions to your system by uploading a file, and view the list of installed definitions. Spreadsheet fields for importing data sources The spreadsheet you use to import data sources has several columns; some are required and some are used only for specific data source types. User-defined data source types This table lists the user-defined types and their corresponding name or entry, which is displayed in the data source editor. McAfee rulesets This table lists the McAfee rulesets along with the external data source IDs. SNMP and the McAfee MIB Several aspects of the McAfee product line can be accessed through SNMP. The McAfee MIB defines the object identifiers (OIDs) for each object or characteristic of interest. Types of events These are the event log types generated on the ESM. Manage Global Blacklists page Select the network devices that support global blacklist.