![McAfee SIEM Vendor Device Support[1]](/img/8/ds-siem-device-support-matrix.jpg)
Transcription
McAfee SIEM Device SupportBy VendorVendorDevice NameA10 NetworksLoad Balancer (AX Series) Load BalancerAdtranNetVantaAirdefenseAirdefenseAirtight Interactive Airtight r LANApache SoftwareFoundationArborArubaBarracudaBit9Blue CoatBlue LanceDevice TypeNetwork Switches & RoutersNetwork Switches & RoutersApplicationsSupported LogsAllAllWIPS AlertsN/AALLOW, DENY, EXIT,Authentication / Network Switches & RoutersCGATE type onlyApplications / Host / Server / OperatingVitalQIPAllSystems / Web Content / Filtering / ProxiesApplications / Host / Server / OperatingApacheAccess Logs onlySystems / Web Content / Filtering / ProxiesApplications / Host / Server / OperatingAccess, Error andApacheSystems / Web Content / Filtering / Proxies ModSecurity LogsAccess, Error andArbor Peakflow DoS/SP Network Switches & RoutersModSecurity LogsArbor Peakflow XNetwork Switches & RoutersNetwork Behavior AlertsArbor Peakflow XNetwork Switches & RoutersNetwork Behavior AlertsArubaWireless Access PointsN/ABarracuda SPAM FilterBarracuda SPAM Filter Security Appliances / UTMsMessagesBarracuda WebBarracuda Web FilterSecurity Appliances / UTMsSecurity GatewaysMessagesBit9 Parity SuiteApplicationsAllBlue Coat SG SeriesWeb Content / Filtering / ProxiesProxy and System LogBlue Coat SG SeriesWeb Content / Filtering / ProxiesAccess LogBlueLance LT Auditor ApplicationsNetware Auditingfor Novell NetwareParserMethod of CollectionASP – SyslogASP – SyslogJava Parser - SyslogASP – SyslogJava Parser - Syslog UDPASPJava Parser - Local files;syslog UDPASP - SyslogJava Parser - Syslog UDPJava Parser - Syslog UDPASP - Syslog UDPCustom Aruba ParserASP - Syslog UDPASP - Syslog UDPCEFJava Parser - Syslog TCPASP – Syslog UDPJava Parser - SQL Serverdatabase (TCP port 1433)
VendorBlue MartiniBlue RidgeBradfordBrocadeCACheck PointParserDevice NameDevice TypeSupported LogsBlue MartiniApplicationAllCode BasedAllASP - Syslog UDPAllASP – SyslogFoundary SyslogMessagesASP - Syslog UDPAllASP – SyslogBoarderGuard 5000 &6000 SeriesBradford CampusNAC / Network Switches & RoutersManagerFoundry BigIron, FastIronNetwork Switches & Routersand NetIronIronView NetworkNAC / Network Switches & RoutersManagerCA DatacomMainframeIdentity & AccessIAM / IDMManagementCheck Point Edge W32 &FirewallWUCheck Point Enterprise &FirewallEnterprise ProCheck Point ExpressFirewallCheck Point FW-1FirewallLimitedCheck Point FW1, NG,FirewallNGX StandardCheck Point SmartFirewallCenter Enterprise ProCheck Point IPS-1Sensory (formerlyIDS / IPSNetwork Flight Recorder)Check Point HA VPN-1 Virtual Private NetworksCheck Point VPN ProVirtual Private NetworksCheck Point VPN-1 Edge Virtual Private NetworksCheck Point VPN-1Virtual Private NetworksExpressSmartEventFirewallMethod of CollectionNitro Plugin ProtocolAllNitro Plugin AOPSECNFR AlertsNitro Plugin ProtocolN/AN/AN/AOPSECOPSECOPSECN/AOPSECAllOPSEC
VendorCiscoDevice NameCisco CSS (ContentServices Switches)Cisco SDEETACACS TACPlusCisco ASACisco ASACisco EAPCisco Firewall & ServiceModuleCisco PIXCisco PIX IDSCisco PIX and PIX IDSCisco IOS ACL, IOS FW,IOS IDSCisco IOS FirewallCisco CSAParserDevice TypeSupported LogsOtherN/AASP - Syslog UDPApplication llN/AN/ATacplus messages%ASA messagesASA messagesN/AASP - SDEEASP – SyslogJava Parser – Syslog UDPJava Parser - Syslog UDPASP – Syslog UDPJava Parser - Syslog UDPFirewallFWSM messagesJava Parser - Syslog UDPFirewallFirewall / IDS / IPSFirewall / IDS / IPSFirewall / IDS / IPS / NetworkSwitches & RoutersFirewall / Network Switches &RoutersHost / Server / Operating System /IDS / IPSPIX messagesIDS messages onlyPIX and IDS messages%SEC, %FW only, %IDSonlyJava Parser - Syslog UDPJava Parser - Syslog UDPASP – Syslog UDP%FW onlyJava Parser - Syslog UDPCSA EventsSQL/Text ParserCATOSHost / Server / Operating Systems /Network Switches & RoutersCATOSHost / Server / Operating Systems /Network Switches & RoutersCisco ACSIDS / IPSCisco GuardCisco IDSCisco IDSMCisco IPSCisco IOS IDSIDS / IPSIDS / IPSIDS / IPSIDS / IPSIDS / IPS / Network Switches & RoutersCisco IOS IPSIDS / IPS / Network Switches & RoutersMethod of CollectionASP - Syslog UDP%(CONTROLLER LINK OSPF LINEPROTO DVLAN FILESYS IP MGMT SECJava Parser - Syslog UDPURITY SYS SEC NTT Login FW Parser) Messages%(CONTROLLER LINK OSPF LINEPROTO DVLAN FILESYS IP MGMT SECASP - Syslog UDPURITY SYS SEC NTT Login FW Parser) nting & AdministrationN/AIDS messages onlyN/AN/A%IDS onlyIPS Alerts, DUAL, PFINITSP, HSRPASP –Syslog UDPASP – Syslog UDPSDEESDEESDEEASP - Syslog UDPASP - Syslog UDP
VendorCiscoDevice NameSupported LogsNAC / Network Switches & RoutersAllASP – SyslogNAC / Network Switches & RoutersNAC OnlyJava Parser - HTTP based requestsNetwork Flow CollectionN/AASP - Nitro Netflow CollectorIDS / IPS / Network Switches &RoutersAaa, Arp, Auth, Authpriv, cert-enroll,dhcp snoop, fs-daemon, Fspf, ftp,Fwm, Im, interface-vlan, Ip, Ipconf,Ipqos, Kernel, m2rib, Mail, Mfdm, Mfwd,Ntp, Port, port-channel, port-resources, ASP – SyslogProvision, Radius, Security, Snmpd,Sifmgr, spanning-tree, Syslog, Sysmgr,TACACS, TACACS , Track, User,Uucp, vlan mgr and zoneCisco IOS ACLCisco Wireless LANControllersCisco MARSCisco VPN ConcentratorCisco VSM (VPN SwitchBlade)Network Switches & Routers%SEC onlyJava Parser - Syslog UDPNetwork Switches & RoutersN/AASP – SyslogSecurity ManagementVirtual Private NetworksIncident Notification XMLsVPN messagesJava Parser - Email (SMTP)Java Parser - Syslog UDPVirtual Private NetworksVPN messagesJava Parser - Syslog UDPCisco Content EngineWeb Content / Filtering / ProxiesProxy LogsJava Parser - FTP Server onReceiverCisco IronPortWeb Content / Filtering / ProxiesIronPort Syslog and AccessMessagesASP - SyslogApplicationsN/AASP – SyslogWeb Content / Filtering / ProxiesWeb Content / Filtering / ProxiesApplicationsAllAllAllASP – SyslogASP – SyslogASP-SyslogCybectecNetwork Switches & RoutersAllASP – SyslogYukon IMSCoreTraceCyberGuard (includesFS, SG, SL)Enterprise PasswordVaultApplicationsApplicationsAllBouncer MessagesASP-SyslogASP – SyslogFirewallFW messagesJava Parser - Syslog UDPApplicationsAllASP – SyslogCisco NAC Appliance(Clean Access)Cisco NAC Appliance(Clean Access)NetFlow (Generic)NX-OS (Nexus)CitrixCluster LabsCooper ce TypeCitrix Secure AccessGatewayCitrix NetScalerCitrix NetScaler WebPacemaker CRMDMethod of Collection
VendorDevice NameDevice TypeSupported LogsDellEdgeWavePowerConnectiPrism Web SecurityNetwork Switches & RoutersWeb Content / Filtering / ProxieseEyeeEye RetinaVulnerability SystemsAllAllVulnerability Assessmentdata supportVulnerability Assessmentdata supportEnterasysExtremeNetworkseEye Retina EnterpriseManagerEnterasys DragonSensor/SquireN Series SwitchesNACS Series SwitchesExtremeWare XOSAccess Policy Manager(APM)Application SecurityManager (ASM)FirePass SSL VPNLocal Traffic ManagerFairwarning PrivacyFairwarningMonitoringFireEye MalwareFireEyeProtectionFluke Networks y SystemsParserMethod of CollectionASP – SyslogASP – SyslogN/AN/AIDS / IPSNIDS and HIDS MessagesNetwork Switches & RoutersNAC/Network Switches & RoutersNetwork Switches & RoutersAllAllAllJava Parser - MySQL database (TCPconnection)ASP – SyslogASP – SyslogASP – SyslogNAC/Network Switches & RoutersAllASP – SyslogNAC/Network Switches & RoutersAllASP – SyslogWeb Content / Filtering / ProxiesN/ANitro Plugin ProtocolVirtual Private NetworkWeb Content / Filtering / ProxiesAllAllASP – SyslogASP - Syslog UDPApplication SecurityN/ANitro Plugin ProtocolAntivirus/MalwareN/ACEF ParserNetwork Switches & RoutersAllASP – SyslogNetwork Routers & SwitchesAllASP – SyslogNAC/Network & SwitchesAllIPS , webfilter, spamfilter,event, traffic type messagesIPS , webfilter, spamfilter,event, traffic type messagesAllAUTHIPS AlertsAllASP – SyslogFortinet FortigateFirewallFortinet FortigateFirewallFortinet WAFFreeRadiusPacketAlarm IPSGNATFirewallAuthenticationIDS / IPSFirewallJava Parser - SyslogASP - SyslogASP – SyslogASP – SyslogJava Parser - Syslog UDPASP – Syslog
VendorDevice NameHPHP-UX (Hewlett-Packard) Host / Server / Operating SystemsInfobloxIBMILaserJetOpenVMSHP ProCurveNIOSGuardiumSystem Z DB2System Z DB2Device TypePrintersOperating SystemsNetwork Switches & RoutersApplicationsDatabase Activity MonitoringDatabaseDatabaseISS Real Secure ServerHost / Server / Operating SystemsSensorIBM AIX OSHost / Server / Operating SystemsISS Desktop ProtectorHost / Server / Operating Systems /OtherISS Real Secure NetworkOtherSensorISS Site ProtectorSecurity Managementz/OS, z/vmMainframeTivoli Access Managerfor Operating SystemsTivoli Identity & AccessManagerz/OS, z/VMParserMethod of Collectionssh/telnet/ftp/rsh/inetd/sendmJava Parser - Syslog UDPail/syslogd/suAllASP – SyslogN/AASP - SyslogProcurve Syslog Messages ASP - Syslog UDPAllASP – SyslogAllASP – Syslog UDPN/ADBM Agent - 7.1.x, 8.x, 9.xAll VersionsBSafe AgentRealSecure Network /ServerJava Parser - SQL Server databaseSensor, Proventia A/G/M(TCP port 1433)Series Applicancesssh/telnet/ftp/rsh/inetd/sendmJava Parser - Syslog UDPail/syslogd/suBlackICE and DesktopJava Parser - SQL Server databaseProtection System(TCP port 1433)RealSecure Network /ServerJava Parser - SQL Server databaseSensor, Proventia A/G/M(TCP port 1433)Series ApplicancesRealSecure Network /ServerSensor, Proventia A/G/MCustom Text ParserSeries ApplicancesSMF (System ManagementFacilities) Types 30, 14, 15, Nitro Plugin Protocol17, 18, 56, 62, 64, 80AuthenticationAllNitro Plugin ProtocolIAM / IDMAllNitro Plugin ProtocolMainframeImpervaInformixDatabaseDatabase Activity Monitor DatabaseWeb Application Firewall FirewallIntersectAllianceSNARESupported LogsOtherRACF (Resource AccessNitro Plugin ProtocolControl FacilityN/AAllCode BasedAllCode BasedSnare for Windows, Snare forASP - Syslog UDPAIX
Device NameDevice TypeIP FixiTronIP FixiTron EnterJuniper NetscreenFirewallNetwork Flow CollectionSmart Grid ApplicationJuniper Netscreen IDPIDS / IPS4.x via NSMJuniper NetscreenSecurity ManagerNetwork Switches & RoutersIDP, FWJava Parser - Syslog UDPAllASPJunOS MessagesASP - Syslog UDPLog/Monitoring EventsASP- Syslog UDPJuniperFirewallApplications / Host / Server /Operating SystemsJuniper Routers (JunOS) Network Switches & RoutersJuniper Secure AccessVirtual Private NetworksSSL VPNSRXFirewall/VPNNSMKasperskyAdmin ConsoleAntivirusKEMPTechnologiesLoadMasterNetwork Switches & RoutersLancopeLancope Stealth WatchLancope Stealth WatchIDS / IPS / Network Switches &RoutersIDS / IPS / Network Switches &RoutersSupported LogsParserVendorAllSystem and Trafficnotification messagesMethod of CollectionCustomASP – SyslogJava Parser - Syslog UDP OR ASP SyslogJava Parser - Syslog UDP OR ASP SyslogJunOs MessagesASP –Syslog UDPAll anti-virus events throughWindows Agentthe consoleAllASP – SyslogStealth Watch messages only Java Parser - Syslog UDPAllASP - SyslogAuditD, BIND, Netfilter,ProFTPD, Samba, OpenASP – SyslogSSH, Pure FTPD, cron, exinitVulnerability AssessmentN/Adata supportLINUXLINUXHost / Server / Operating SystemsLumensionPatchLink ScanVulnerability SystemsMacintoshOS-X Server &WorkstationMailGate, Ltd.MailGate eMainframeDB2IMSSMF DB2SMF RACFSMF FTP & TelnetSMF VSAMApplications / Security Management /Server and WorkstationHost / Server / Operating SystemsApplications / Security Management /AllHost / Server / Operating SystemsHost / Server / Operating SystemsAllHost / Server / Operating SystemsAllHost / Server / Operating SystemsAllHost / Server / Operating SystemsAllHost / Server / Operating SystemsAllHost / Server / Operating SystemsAllASP - SyslogASP – SyslogBsafe AgentBsafe AgentBsafe AgentBsafe AgentBsafe AgentBsafe Agent
VendorMainframeMcAfeeDevice NameTop Secret, Type 80SMA RTMcAfee AntivirusMcAfee ePolicyOrchestrator (EPO)ParserDevice TypeSupported LogsHost / Server / Operating SystemsICH/IEF/SMF/TSS messages Java Parser – Syslog UDPAntiVirusN/AMethod of CollectionWMI Parser – WMIJava Parser - SQL Server databaseAV/HIPS/Host FW messages(TCP port 1433)Applications / Security Management / Host /Server / Operating SystemsMcAfee AntiSpyware (ASE), Data Loss Prevention (DLP), ePolicy Orchestrator Agent [Common McAfee Framework Agent] (CMA), GroupShield for Domino (GSD), GroupShieldfor Exchange (GSE), McAfee Host Intrusion Prevention (HIPS), McAfee Network Access Control (MNAC), McAfee Policy Auditor (PAE), McAfee SiteAdvisor (SAE), McAfeeVirusScan (VSE), SolidCore (SCOR)Firewall EnterpriseFirewall EnterpriseEmail and Web SecurityEmail and Web SecurityFirewall / IDS / IPSFirewall / IDS / IPSWeb Content / Filtering / ProxiesWeb Content / Filtering / ProxiesMcAfee HIPSIDS / IPSNetwork Security(formerly IntruShield)Network Security(formerly IntruShield)MicrosoftAllFW Logs OnlyAllAllHIPS data through ePO forHIPS 6.0 and aboveASP – SyslogJava Parser - Syslog UDPCEFASP - SyslogJava Parser - Entercept API till 5.xePO SQL Server database for 6.0IDS / IPSIPS AlertsJava Parser - Syslog UDPIDS / IPSIPS AlertsASP - SyslogVulnerability AssessmentN/Adata supportWeb GatewayWeb Content / Filtering / ProxiesAllASP – SyslogMcAfee WebShield SMTP Web Content / Filtering / ProxiesWebshield Syslog Messages ASP - Syslog UDPApplications / Host / Server / Operating Systems Message Tracking LogsExchangeASP - Windows AgentForefront ThreatIDS/IPSAllCode BasedManagement GatewayApplications / Host / Server /System, Security, Application, DNS,Microsoft WindowsWMI Parser – WMIOperating SystemsDHCP and File Replication.Microsoft WindowsServerDebug DNS Logs (file)ASP – Windows AgentMicrosoft WindowsServerDebug DHCP Logs (file)ASP – Windows AgentMicrosoft SQL ServerDatabaseN/AWMI Parser – WMIDBM Agent - MSSQL 2000 (SP4),Microsoft SQL ServerDatabaseN/A2005, 2008Vulnerability ManagerVulnerability SystemsMicrosoft ISA ServerFirewall / Host / Server / Operating Systems /Web Content / Filtering / Proxies / Virtual Private N/ANetworksWMI Parser – WMIMicrosoft OperationsManagerHost / Server / Operating SystemsJava Parser - SQL Server database(TCP port 1433)MOM Messages
VendorDevice NameMicrosoftMicrosoft IISMicrosoft IISSupported LogsHost / Server / Operating Systems /Web Content / Filtering / ProxiesHost / Server / Operating Systems /Web Content / Filtering / ProxiesIIS web traffic logs in W3CformatIIS web traffic logs in W3CformatJava Parsing Agent - Local Files;syslog using SnareN/AWMI Parser – WMIN/A2007Threat and ResponseMessagesVulnerability Assessmentdata supportVulnerability AssessmentData SupportAllOnTap Logs – audit,message, sis and snapmirrorlogs.evt filesWMI Parser – WMINitro Plugin ParserMicrosoft ExchangeOtherServerMicrosoft Active Directory OtherMicrosoft SCOMSecurity ManagementMirageNetworksMirage CounterpointNAC / Network Switches & RoutersnCircleIP360 ScannerVulnerability SystemsNessusNessusVulnerability SystemsNetAppDataFortStorage SwitchData OnTapStorageFASStorageApplications / Security Management /AllHost / Server / Operating SystemsNetwork Switches & Routers /netIQ AlertsSecurity ManagementApplication ProtocolN/AMalwareAllDatabaseN/AFirewall / IDS / IPS / NetworkN/ASwitches & RoutersOtherN/AOtherN/AFirewallIPSO OS logsNetwork Switches & RoutersAllVirtual Private ogiesNetfort LANGuardiannetIQnetIQ Security ManagerNetWitnessNextGenSpectrumNitroView DBMNitroSecurityNitroSecurity IPSNokiaNortelOracleNitro Plug-in ProtocolNitroSecurity SNMPNokia IPSOPassport 8000VPN Gateway 3050MySQLOracle Common AuditOracle Fine-GrainedAuditParserDevice TypeDatabaseFine Grained AuditsMethod of CollectionWindows AgentJava Parser - Syslog UDPN/AN/AASP – SyslogASP – Windows AgentWindows AgentASP – SyslogJava Parser - SQL Server database(TCP port 1433)CEF ParserURL IntegrationASP - SyslogASP - SyslogNitro Plugin ProtocolSNMPJava Parser - Syslog UDPASP – SyslogASPYes, 4.1.22.x, 5.0.3xJava Parser Agent - Local FilesJava Parser - DB Audit Tablesthrough JDBC
ParserVendorDevice NameDevice TypeSupported LogsOracleOracleDatabaseN/ADBM Agent - Oracle 8.0.3 , 9.x, 10.x,11.xIdentity & AccessManagerIAM / IDMAllNitro Plugin ProtocolOsirisHost Integrity MonitoringHost / Server / Operating System /IDS / IPSPalo rtechPA-2000, 4000, 500FirewallISAKMP, RADIUS,SECURITY, Accounting, RIP, ASP – SyslogVR messages onlyALLASP - SyslogAS-400HostAllCEF ParserPeoplesoftPostFixPostgreSQLAS-400Messaging tN/AAllAllAllNitro Plugin ProtocolASP-SyslogASPCEF ParserApplicationsAllASPQualysGuardVulnerability SystemsVulnerability AssessmentData SupportN/AApplicationsAllASP – WMIIDS / IPSNetwork Switches & RoutersPenetration TestingSecurity Appliances / UTMsDefensePro AlertsJava Parser - Syslog UDPAllASP – SyslogAllCustomVulnerability AssessmentN/AData u/pamJava Parser - Syslog UDPunix/rhosts/xinetdAllASP – SyslogAuthenticationN/AWMI Parser – WMIAuthenticationACE Server Logs OnlyJava Parser - Unix SyslogAuthenticationAllASP – SyslogProofPointQualysQuestRadwareRapid 7ChangeAuditor for ActiveDirectoryDefenseProFireProof and LinkProofMetaSploit ProNexpose VA ScannerVulnerability SystemsRed HatRed Hat Linux OS Events Host / Server / Operating SystemsRiverbedSteelheadRSA AuthenticationManager (windows)RSA AuthenticationManager (UNIX)RSA AuthenticaitonManager (Windows &UNIX)RSAMethod of Collection
VendorDevice NameDevice TypeSupported LogsSafeNetSafenet HSMSaint VulnerabilityScannerSavant ProtectionSecureAuth IEPApplication SecurityN/AVulnerability Assessmentdata supportAllAllSaintSavantSecureAuthVulnerability SystemsParserMethod of CollectionASP – SyslogN/AAnti-MalwareCEFAuthenticationASP – SyslogApplications / Security Management /Secure Crossing Secure Crossing ZenWallAllASP – SyslogHost / Server / Operating SystemssFlowsFlow (Generic)Network Flow CollectionN/ANitro sFlow CollectorSilver SpringAccess and EndpontsSmart GridAllASP – SyslogNetworksSonicWALLAventailVirtual Private NetworksVPN messagesASPSonicWALL FWFirewallFW/IPS/VPNASP - SyslogSophos Email Security &SophosWeb Content / Filtering / ProxiesAllASPData ProtectionSophos EnterpriseAll AV and endpoint eventsAntivirus/HIDSNitro Plugin ProtocolConsolefrom the consoleWeb Security & Control Web Content / Filtering / ProxiesAllASP - SyslogSourcefireSnort NIDSIDS / IPSIDS messages onlyJava Parser - Syslog UDPSourcefire IntrusionIDS messagesJava Parser - Estreamer API usingIDS / IPSSensoronly(eStreamer)TCP port 8302IDS messagesSourcefire NS/RNAIDS/IPSASP - Syslog UDPonly(eStreamer)SquidSquid Web ProxyWeb Content / Filtering / ProxiesWeb Proxy LogsJava Parser – N/ASquid Web ProxyWeb Content / Filtering / ProxiesWeb Proxy LogsASP – SyslogFirewall / Security Management / IDSStillSecureStrata GuardFirewall EventsASP – Sylosg/ IPS / Virtual Private NetworksStonesoft StonegateFirewall / Security Management / IDSStonesoftIPS/FW/VPNJava Parser – Syslog UDPManagement Center/ IPS / Virtual Private NetworksStonesoft StonegateFirewall / Virtual Private NetworksFW/VPN activitiesJava Parser – Syslog UDPFirewall /VPNStonesoft Stonegate IPS IDS / IPSIPS AlertsJava Parser – Syslog UDPSunSolaris BSMHost / Server / Operating SystemsBSM Audit LogsJava Parser - Syslog UDPssh/telnet/ftp/rsh/inetd/sendmSolaris OS EventsHost / Server / Operating SystemsJava Parser - Syslog UDPail/syslogd/su/xinetdJava Parser - Syslog UDPiPlanetWeb Content / Filtering / ProxiesN/ASybaseSybaseDatabaseN/ADBM Agent - 11.x, 12.x, 15.x
VendorDevice NameSymantecType 80VMWare/EMCVormetricWatchGuardSymantec Anti VirusAntiVirusSymantec AV CE Server AntivirusSymantec EndpointAntiVirusProtectionSymantec EndpointAntiVirusProtectionSymantec Intruder Alert Host / Server / Operating S
McAfee SIEM Device Support By Vendor ! Vendor Device Name Device Type Supported Logs . Network Flow Collection N/A ASP - Nitro Netflow Collector NX-OS (Nexus) IDS / IPS / Network Switches & Routers Aaa, Arp, Auth, Authpriv, cert-enroll, dhcp_snoop, fs-daemon, Fspf, ftp, . McAfee McAfee Antivirus A
