Flow Views Content Pack

Overview

McAfee Enterprise Security Manager can collect flow information from hundreds of third-party devices, including firewalls, intrusion prevention system (IPS) devices, unified threat management (UTM) solutions, switches, routers, applications, servers and workstations, identity and authentication systems, vulnerability assessment scanners, and more. Use this content pack to quickly set up summary and customized views to monitor network flows for identifying patterns indicative of potential threats.

Content Pack Components

Views
  • Flow - ADM Application Protocol Summary
  • Flow - Bytes by Destination & Source
  • Flow - Bytes by Source & Destination
  • Flow - Destination IP Summary
  • Flow - Destination MAC Summary
  • Flow - Destination Port Summary
  • Flow - Duration by Destination & Source
  • Flow - Duration by Source & Destination
  • Flow - Flow Count by Device
  • Flow - Flow Distribution
  • Flow - Hostscan
  • Flow - Packets by Destination & Source
  • Flow - Packets by Source & Destination
  • Flow - Portscan
  • Flow - Protocol Summary
  • Flow - Source IP Summary
  • Flow - Source MAC Summary
  • Flow - Source Port Summary
  • Flow Source IPs to Event Summary
  • Network Destination Flow Summary
  • Network Source Flow Summary

Required Products

  • McAfee Enterprise Security Manager (ESM) 10.0.x
  • McAfee Advanced Correlation Engine (ACE) 10.0.x
  • Some rules require McAfee Application Data Monitor (ADM) in order to function properly.

Download Content Pack

Registered ServicePortal users can log in to access the Knowledge Center for further documentation or to download the content pack file manually.

Read Article

Explore

Find other content packs and partner integrations.

See All

Free Trial

Interested in McAfee Enterprise Security Manager?

Register for Free Trial