Transcription
Integration GuideMcAfee Firewall EnterpriseePolicy Orchestrator Extension version 5.2.1
COPYRIGHTCopyright 2011 McAfee, Inc. All Rights Reserved.No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any languagein any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies.TRADEMARK ATTRIBUTIONSMcAfee , the McAfee logo, Avert, ePO, ePolicy Orchestrator, Foundstone, GroupShield, IntruShield, LinuxShield, MAX (McAfeeSecurityAlliance Exchange), NetShield, PortalShield, Preventsys, SecureOS, SecurityAlliance, SiteAdvisor, SmartFilter, TotalProtection, TrustedSource, Type Enforcement, VirusScan, and WebShield are registered trademarks or trademarks of McAfee, Inc. orits subsidiaries in the United States and other countries. LICENSE INFORMATIONLicense AgreementNOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOUPURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DONOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANTORPURCHASE ORDER DOCUMENTS THAT ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY ASPART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOUDOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOTINSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULLREFUND.2McAfee Firewall Enterprise ePolicy Orchestrator Extension 5.2.1 Integration Guide
ContentsAbout this guide5Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5Find product information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61Introduction7About McAfee Firewall Enterprise ePolicy Orchestrator Extension . . . . .Managed products . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Firewall Enterprise overview . . . . . . . . . . . . . . . . . . . . . . . . . . .Control Center overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Firewall Profiler overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .How the Firewall Enterprise ePolicy Orchestrator Extension works . . . .23.Setup overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Download and install the Firewall Enterprise ePolicy Orchestrator Extension . . . . . . . . . . . . . .Download the Firewall Enterprise ePolicy Orchestrator Extension . . . . . . . . . . . . . . . . . . .Install the Firewall Enterprise ePolicy Orchestrator Extension . . . . . . . . . . . . . . . . . . . . . .Needed permission sets and users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Create a permission set for Firewall Enterprise or Control Center access to ePolicy OrchestratorCreate a user account for access to ePolicy Orchestrator . . . . . . . . . . . . . . . . . . . . . . . . . . .Create a permission set that allows users to view firewall data . . . . . . . . . . . . . . . . . . . . . . .Create a user that can view firewall data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9. .9. .9. 10. 10. 10. 11. 12. 14Firewall Enterprise ePolicy Orchestrator Extension setup.7.7.7.7.8.89Firewall Enterprise setup15Configure Firewall Enterprise appliances for ePolicy Orchestrator reporting . . . . . . . . . . . . . . . . . . . . 15Configure managed firewalls for ePolicy Orchestrator reporting . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Troubleshooting Firewall Enterprise to ePolicy Orchestrator communication . . . . . . . . . . . . . . . . . . . 164Control Center setup19Setup overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Configure Control Center for ePolicy Orchestrator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Register Control Center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Control Center Management Servers, High Availability (HA), and the ePolicy OrchestratorAdd a Control Center Management Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Delete a Control Center Management Server from the ePolicy Orchestrator server . . . . .5. . . . . . . 19. . . . . . . 19. . . . . . . 21platform 21. . . . . . . 21. . . . . . . 22Firewall Profiler setup23Setup overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Create a user account on Firewall Profiler . . . . . . . . . . . . . . . . . . . . . . . . . . . .Register Firewall Profiler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Add a Firewall Profiler server to the ePolicy Orchestrator server . . . . . . . . . .Delete a Firewall Profiler server from the ePolicy Orchestrator server . . . . . .Configure Firewall Profiler to retrieve host information from ePolicy Orchestrator McAfee Firewall Enterprise ePolicy Orchestrator Extension 5.2.1 Integration Guide. 23. 23. 24. 24. 24. 253
Contents6Firewall data27View Firewall Enterprise and Control Center data in the ePolicy Orchestrator console . .View internal host activity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .View firewall resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .View firewall statuses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .View Firewall Profiler events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .View all firewalls managed by a Control Center Management Server . . . . . . . . . . .View all firewalls monitored by a Firewall Profiler server . . . . . . . . . . . . . . . . . . .Change how ePolicy Orchestrator displays firewall data . . . . . . . . . . . . . . . . . . . . . .Change Firewall Profiler event sources and destinations . . . . . . . . . . . . . . . . . . .Change data refresh settings and host retention . . . . . . . . . . . . . . . . . . . . . . . .View ePolicy Orchestrator Host Data reports from the Control Center Client applicationView ePolicy Orchestrator Host Data reports from Firewall Profiler . . . . . . . . . . . . . . .7. 27. 27. 28. 29. 29. 30. 31. 32. 32. 32. 33. 3335. 35. 35. 36. 36. 38. 38. 3941. 41. 41. 41. 42. 42. 42Firewall Profiler event responses . . . . . . . . . . . . . . . . .Create an automatic response for Firewall Profiler eventsDescribe the rule . . . . . . . . . . . . . . . . . . . . . . . . .Set filters for the rule . . . . . . . . . . . . . . . . . . . . . .Set thresholds for the rule . . . . . . . . . . . . . . . . . . .Configure the actions for the rule . . . . . . . . . . . . . .Review and save the rule . . . . . . . . . . . . . . . . . . . 43. 43. 43. 44. 45. 45. 46Automatic responses43Index4.Issues and ticketsCreate Firewall Profiler issues . . . .Create a change event issue . .Create a risk event issue . . . . .Use Profiler Firewall tickets . . . . . .Create an event ticket . . . . . . .Associate a ticket with an issue9.QueriesFirewall Enterprise ePolicy Orchestrator Extension queries . .Firewall Enterprise Report queries . . . . . . . . . . . . . . . . . . .Generate a Firewall Enterprise Report query . . . . . . . . . . . .Firewall Profiler Report queries . . . . . . . . . . . . . . . . . . . . .Generate a Firewall Profiler Report query . . . . . . . . . . . . . .Control Center queries . . . . . . . . . . . . . . . . . . . . . . . . . . .Generate a Control Center query . . . . . . . . . . . . . . . . . . . .8.47McAfee Firewall Enterprise ePolicy Orchestrator Extension 5.2.1 Integration Guide
About this guideThe McAfee Firewall Enterprise ePolicy Orchestrator Extension Integration Guide describes the features and capabilities of McAfee Firewall Enterprise ePolicy Orchestrator Extension (hereinafter Firewall Enterprise ePolicy Orchestrator Extension) version 5.2.1 for McAfee ePolicy Orchestrator (hereinafterePolicy Orchestrator). For information about additional ePolicy Orchestrator software functionality thatis not covered in this guide, see the ePolicy Orchestrator product documentation or click ? in the ePolicyOrchestrator console.AudienceThis guide is intended for network and security administrators. It assumes familiarity with ePolicyOrchestrator and additionally with UNIX and Windows operating systems, system administration, theInternet, networks, and related terminology.ConventionsThe following table lists the text conventions used in this guide.Table i-1 ConventionsConventionDescriptionCourier boldIdentifies commands and key words you type at a system promptNote: A backslash (\) signals a command that does not fit on the same line. Typethe command as shown, ignoring the backslash.Courier italicIndicates a placeholder for text you type Courier italic When enclosed in angle brackets ( ), identifies optional textnnn.nnn.nnn.nnnIndicates a placeholder for an IP address you typeCourier plainUsed to show text that appears on a computer screenPlain text italicsIdentifies the names of files and directoriesUsed for emphasis (for example, when introducing a new term)Plain text boldIdentifies buttons, field names, and tabs that require user interaction[ ]Signals conditional or optional text and instructions (for example, instructions that pertainonly to a specific configuration)Caution:Signals be careful—in this situation, you might do something that could result in the lossof data or an unpredictable outcome.Note:Used for a helpful suggestion or a reference to material not covered elsewhere in the guideSecurity Alert:Identifies information that is critical for maintaining product integrity or securityTip:Indicates time-saving actions; may help you solve a problemNote: The IP addresses, screen captures, and graphics used within this document are for illustration purposesonly. They are not intended to represent a complete or appropriate configuration for your specific needs.Features may be enabled in screen captures to make them clear; however, not all features are appropriate ordesirable for your setup. McAfee Firewall Enterprise ePolicy Orchestrator Extension 5.2.1 Integration Guide5
Find product informationFind product informationYou can find additional information at the following locations:Table i-2 Locations of product informationInformationUser documentationLocation1 Go to the McAfee Technical Support ServicePortal at mysupport.mcafee.com.2 Under Self Service, click Product Documentation.3 Select a Product, then select a Version.4 Select a product document.KnowledgeBaseGo to the McAfee Technical Support ServicePortal at mysupport.mcafee.com. Click Search the KnowledgeBase for answers to your product questions. Click Browse the KnowledgeBase for articles listed by product and version.HelpHelp is built into ePolicy Orchestrator. Click ? in the ePolicy Orchestrator console.Product updatesGo to the McAfee Downloads page at www.mcafee.com/us/downloads to download thelatest extensions.Known issues1 Visit mysupport.mcafee.com.2 Log on with your user ID and password. The ServicePortal homepage appears with awelcome message at the top. If you do not have an account but have received a grant number: In the User Login section, click New User. Complete the information and follow the prompts to set up your account.If you do not have an account or grant number, contact Customer Service.3 In the Self Service section, click Search the KnowledgeBase. The KnowledgeBasewelcome page appears.4 In the Ask a Question section, type KB73549, then click Ask. The KnowledgeBasearticle appears with any known issues.6McAfee Firewall Enterprise ePolicy Orchestrator Extension 5.2.1 Integration Guide
1IntroductionContentsAbout McAfee Firewall Enterprise ePolicy Orchestrator ExtensionManaged productsHow the Firewall Enterprise ePolicy Orchestrator Extension worksAbout McAfee Firewall Enterprise ePolicy Orchestrator ExtensionMcAfee Firewall Enterprise ePolicy Orchestrator Extension (hereinafter Firewall Enterprise ePolicy Orchestrator Extension) version 5.2.1 provides communication between McAfee ePolicy Orchestrator (hereinafter ePolicy Orchestrator) and McAfee Firewall Enterprise (hereinafter Firewall Enterprise), McAfee Firewall Enterprise Control Center (hereinafter Control Center), or McAfee Firewall Profiler(hereinafter Firewall Profiler). In ePolicy Orchestrator, you can view top-level data about multiple firewalls, or you can drill down toview data about an individual firewall, the Control Center that manages it, or the Firewall Profiler thatmonitors it. You can also view resource and statistical dashboards across multiple firewalls. Thesedashboards are presented in a graphical format, which allows you to click within the graph to displaymore specific information.Control Center or Firewall Profiler can display information retrieved from the ePolicy Orchestrator serverabout hosts that are referenced in a policy, or hosts that are passing traffic through Firewall Enterpriseappliances.Managed productsThe Firewall Enterprise ePolicy Orchestrator Extension supports Firewall Enterprise, Control Center, andFirewall Profiler. To find the latest information on the McAfee firewall products and versions thatFirewall Enterprise ePolicy Orchestrator Extension supports, refer to KnowledgeBase article KB67462.Firewall Enterprise overviewFirewall Enterprise appliances are designed to protect organization information technologyinfrastructure by keeping out unauthorized users, code, and applications, both internally andexternally.ePolicy Orchestrator and Firewall Enterprise appliances share information about protected hosts andfirewall versions.Control Center overviewControl Center is an enterprise-class management tool for creating and applying security policies acrossmultiple firewalls. Use Control Center to remotely manage, maintain, and monitor firewalls for one ormore domains. McAfee Firewall Enterprise ePolicy Orchestrator Extension 5.2.1 Integration Guide7
1IntroductionHow the Firewall Enterprise ePolicy Orchestrator Extension worksePolicy Orchestrator and Control Center share data about hosts, firewalls, and the Control CenterManagement Server. Control Center displays information about hosts, whereas ePolicy Orchestratordisplays health and status information about firewalls and the Control Center Management Server.See the McAfee Firewall Enterprise Control Center Product Guide for more information.Firewall Profiler overviewFirewall Profiler is a network appliance that takes feeds from Firewall Enterprise appliances andinstantly analyzes this information to provide true visibility into the impact of firewall rules on thenetwork. Firewall Profiler complements Control Center for management and dramatically reducestroubleshooting efforts related to firewalls.ePolicy Orchestrator and Firewall Profiler share data about hosts, firewalls, and the Profiler server.See the McAfee Firewall Profiler Product Guide for more information.How the Firewall Enterprise ePolicy Orchestrator Extension worksUse ePolicy Orchestrator to poll and monitor firewall data from one or more Firewall Enterpriseappliances, Firewall Profiler servers, or Control Center Management Servers. View host data fromePolicy Orchestrator from the Control Center Client application or the Firewall Profiler web interface.Firewall Enterprise appliances at version 8.2.1 or later can be configured to send information directly tothe ePolicy Orchestrator server. Information on registered firewalls can be viewed on ePolicyOrchestrator dashboards.On the Control Center, an ePolicy Orchestrator user is created and communication parameters arespecified so that the Control Center Management Server can communicate information to the ePolicyOrchestrator server. After each Control Center Management Server is registered in ePolicyOrchestrator, administrators can view data about managed firewalls.ePolicy Orchestrator communication parameters are specified on the Firewall Profiler server, allowingthe two servers to pass information back and forth. After a Firewall Profiler server is registered inePolicy Orchestrator, administrators can view data about Firewall Profiler events occurring onmonitored firewalls.8McAfee Firewall Enterprise ePolicy Orchestrator Extension 5.2.1 Integration Guide
2Firewall Enterprise ePolicy OrchestratorExtension setupContentsSetup overviewDownload and install the Firewall Enterprise ePolicy Orchestrator ExtensionNeeded permission sets and usersCreate a permission set for Firewall Enterprise or Control Center access to ePolicy OrchestratorCreate a user account for access to ePolicy OrchestratorCreate a permission set that allows users to view firewall dataCreate a user that can view firewall dataSetup overviewTo complete the configuration of ePolicy Orchestrator so that you can view firewall data from withinePolicy Orchestrator, you must perform the following tasks:1 Download and install the Firewall Enterprise ePolicy Orchestrator Extension.2 Configure permission sets and users to allow Firewall Enterprise appliances, Control CenterManagement Servers, or Firewall Profiler servers to communicate with ePolicy Orchestrator.3 Configure a permission set that allows access to Firewall Enterprise Extension functionality, andassign this permission set to one or more ePolicy Orchestrator users.Download and install the Firewall Enterprise ePolicy OrchestratorExtensionUse the tasks in this section to download and install the Firewall Enterprise ePolicy OrchestratorExtension onto your ePolicy Orchestrator server.Download the Firewall Enterprise ePolicy Orchestrator ExtensionUse this task to download the Firewall Enterprise ePolicy Orchestrator Extension to the ePolicyOrchestrator server.Before you beginKnow your grant number.Task1 In a web browser, navigate to www.mcafee.com/us/downloads.2 Provide your grant number, then navigate to the appropriate product and version.3 Download the McAfee Firewall Enterprise ePolicy Orchestrator Extension (.zip) file. McAfee Firewall Enterprise ePolicy Orchestrator Extension 5.2.1 Integration Guide9
2Firewall Enterprise ePolicy Orchestrator Extension setupNeeded permission sets and usersInstall the Firewall Enterprise ePolicy Orchestrator ExtensionUse this task to install the Firewall Enterprise ePolicy Orchestrator Extension from your downloadlocation onto your ePolicy Orchestrator server.Before you begin Make sure the ePolicy Orchestrator server that you intend to use to monitor your firewalls is at version4.6 or later.Note: You must uninstall Firewall Enterprise ePolicy Orchestrator Extension version 5.0.0 before upgradingePolicy Orchestrator from version 4.5 to version 4.6. Make sure you have downloaded the Firewall Enterprise ePolicy Orchestrator Extension from theMcAfee downloads website and have saved it to a location that is accessible by the ePolicyOrchestrator server.TaskFor option definitions, click ? in the ePolicy Orchestrator console.1 Log on to ePolicy Orchestrator.2 In the ePolicy Orchestrator console, select Menu Software Extensions.3 At the bottom of the Extensions pane on the left side of the Extensions page, click Install Extension.The Install Extension window appears.4 Browse to the Firewall Enterprise ePolicy Orchestrator Extension .zip file you downloaded from theMcAfee downloads page.5 Click Open to select the file, then click OK to proceed with the selection.6 Click OK to install the extension.Needed permission sets and usersFirewall Enterprise appliances, Control Center Management Servers, and Firewall Profiler serversrequire user credentials to authenticate with ePolicy Orchestrator.For Firewall Enterprise and Control Center, creating user credentials is a two-part process:1 Create a permission set that allows data transmission.2 Create a new user with that permission set.For Firewall Profiler, no special permission set is required.In addition to the appliance or server user credentials, you must create a permission set that allowsePolicy Orchestrator users to view firewall data and assign this permission set to one or more users.See alsoCreate a permission set for Firewall Enterprise or Control Center access to ePolicy OrchestratorCreate a user account for access to ePolicy OrchestratorCreate a permission set that allows users to view firewall dataCreate a user that can view firewall dataCreate a permission set for Firewall Enterprise or Control Centeraccess to ePolicy OrchestratorUse this procedure to create a permission set for these user accounts.10McAfee Firewall Enterprise ePolicy Orchestrator Extension 5.2.1 Integration Guide
Firewall Enterprise ePolicy Orchestrator Extension setupCreate a user account for access to ePolicy Orchestrator2Before you begin Make sure that you have downloaded and installed the Firewall Enterprise ePolicy OrchestratorExtension on your ePolicy Orchestrator server. You must be an ePolicy Orchestrator global administrator to perform this task.TaskFor option definitions, click ? in the ePolicy Orchestrator console.1 In the ePolicy Orchestrator console, select Menu User Management Permission Sets.2 At the bottom of the Permission Sets page, click New. The New Permission Set page appears.3 Enter a name for the permission set, then click Save.4 Make sure that this permission set name is selected in the left pane of the Permission Sets page.5 Scroll down to the McAfee Firewall Enterprise setting and click Edit. The Edit Permission Set pageappears.6 Enable communication. For Control Center Management Server user accounts, select Provide host information to aremote Firewall Enterprise Control Center. For Firewall Enterprise appliance user accounts, select Permit data exchange with FirewallEnterprise systems.7 Click Save.Create a user account for access to ePolicy OrchestratorCreate a user account to enable communication with ePolicy Orchestrator.Before you begin Make sure that you have downloaded and installed the Firewall Enterprise ePolicy OrchestratorExtension on your ePolicy Orchestrator server. You must be an ePolicy Orchestrator global administrator to perform this task.TaskFor option definitions, click ? in the ePolicy Orchestrator console.1 In the ePolicy Orchestrator console, select Menu User management Users.2 Do one of the following: To edit an existing user, select the user name on the left and click Edit at the bottom of the Userspage. The Edit User user name page appears. Skip to Step 4. To add a new user, in the lower left corner of the Users page, click New User. The New User pageappears. Go to the next step.3 Type a unique name for this user in the User name field.4 Select the checkbox for the permission set you created in the Permission sets field.5 Specify values in the other fields as needed.6 Click Save. If you added a new user, this user is added to the list of users on the Users page. If youedited an existing user, your changes are saved and you are returned to the Users page.McAfee Firewall Enterprise ePolicy Orchestrator Extension 5.2.1 Integration Guide 11
2Firewall Enterprise ePolicy Orchestrator Extension setupCreate a permission set that allows users to view firewall dataCreate a permission set that allows users to view firewall dataYou can edit existing permission sets or add new sets to provide access to the information provided bythe Firewall Enterprise ePolicy Orchestrator Extension. McAfee recommends creating at least onegeneral permission set for use by any user that needs to view Firewall Enterprise ePolicy OrchestratorExtension data.The following permissions can be added to existing permission sets to provide Firewall EnterpriseePolicy Orchestrator Extension functionality to ePolicy Orchestrator users: Audit log — View and purge audit log files. Dashboards — Use public dashboards, and edit and create personal dashboards. Extensions — Install and remove extensions. McAfee Firewall Enterprise — View and manage firewalls. Queries — Use and edit public queries, and edit and create personal queries. Registered servers — Use, create, and edit registered servers.Before you begin Make sure that you have downloaded and installed the Firewall Enterprise ePolicy OrchestratorExtension on your ePolicy Orchestrator server. You must be an ePolicy Orchestrator global administrator to perform this task.TaskFor option definitions, click ? in the ePolicy Orchestrator console.1 In the ePolicy Orchestrator console, select Menu User Management Permission Sets.2 Do one of the following: To edit an existing permission set, select the permission set in the list on the left. Skip to Step 6. To create a new permission set, in the lower left corner of the Permission Sets page, click NewPermission Set. The New Permission Set page appears. Go to the next step.3 Specify a name for the permission set and select the users the set is assigned to.4 Click Save.5 In the Permission Sets page, select the new permission set from the Permission Sets list. The detailsfor the selected permission set are displayed on the right.6 To view all of the information that the Firewall Enterprise ePolicy Orchestrator Extension providesabout the Firewall Enterprise appliances, Control Center Management Servers, and Firewall Profilerservers, configure the following settings. For most settings, higher levels of access are optional.a For each setting that is listed, scroll to the setting and click Edit. The Edit Permission Set page forthat setting appears.b When you have finished editing the setting, click Save.Note: You can also add these settings to an existing permission set to provide access to theFirewall Enterprise ePolicy Orchestrator Extension information. Audit log — No permissions is the default setting. To change the setting, select one of thefollowing options: View audit log View and purge audit log12McAfee Firewall Enterprise ePolicy Orchestrator Extension 5.2.1 Integration Guide
Firewall Enterprise ePolicy Orchestrator Extension setupCreate a permission set that allows users to view firewall data2 Dashboards — No permissions is the default setting. To change the setting, select one of thefollowing options:Note: To work with the Firewall Enterprise ePolicy Orchestrator Extension, you must select at least theUse public dashboards setting, although higher settings are also allowed. Use public dashboards Use public dashboards; create and edit personal dashboards Use public dashboards; create and edit personal dashboards; make personaldashboards public Extensions — Select the Install and remove extensions checkbox to install and removeextensions. This checkbox is deselected by default.Note: You must have this setting selected in order to install and remove extensions. However, thissetting is optional for viewing Firewall Enterprise ePolicy Orchestrator Extension data in the ePolicyOrchestrator console. McAfee Firewall Enterprise — No permissions is the default setting. To change the setting,select one of the following options:Note: To work with the Firewall Enterprise ePolicy Orchestrator Extension, you must select at least theView McAfee Firewall Enterprise Control Center managed firewalls or the Permit dataexchange with Firewall Enterprise systems setting, although higher settings are also allowed. View McAfee Firewall Enterprise Control Center managed firewalls Manage and view McAfee Firewall Enterprise Control Center servers and firewalls Provide host information to a remote Firewall Enterprise Control Center — McAfeerecommends selecting this checkbox only for the unique permission set that is assigned toControl Center Management Server user accounts. You should not select this checkbox for otherpermission sets. Permit data exchange with Firewall Enterprise systems — Select this checkbox for theunique permission set that is assigned to Firewall Enterprise appliance user accounts.Note: Do not select this checkbox for other permission sets. Queries — No permissions is the default setting. To change the setting, select one of thefollowing options:Note: To work with the Firewall Enterprise ePolicy Orchestrator Extension, you must select at least theUse public queries setting, although higher settings are also allowed. Use public queries Use public queries; create and edit personal queries Use public queries; c
8 McAfee Firewall Enterprise ePolicy Orchestrator Extension 5.2.1 Integration Guide Introduction 1 How the Firewall Enterprise ePolicy Orchestrator Extension works ePolicy Orchestrator and Control Center share data about hosts, firewalls, and the Control Center Management Server. Control Center displays information about hosts, whereas ePolicy Orchestrator
