Read Supported_Devices text version

RSA enVision

Supported Event Sources

A

Vendor

Actividentity

C

Device

4TRESS AAA Server version 6.4.1 AirMagnet Enterprise version 7.5.0

Collection Method

ODBC CA

Vendor

Device

Integrated Threat Management version r8 Provider-1 - version 4.1 Firewall-1/VPN-1/SmartDefense versions R54 - R65

Collection Method

SNMP

Airmagnet

Syslog

Alcatel-Lucent OmniSwitch OmniSwitch - versions 6850 Syslog, & 9700 SNMP Apache HTTP Server - versions 2.1, Log File FTP 2.2 Mac OS X Syslog

Check Point

Check Point LEA API

Apple Arbor Networks Arbor Networks Aruba Networks

CipherTrust Cisco

CipherTrust IronMail - version 5.5 SNMP Access Control Server - versions Log File FTP 3.3, 4.0, 4.2 (software only) Access Control Server - versions 4.0, 4.1, 4.2 (appliance)

Peakflow SP5 - version 5.0 Syslog Peakflow X - version 4.1 Aruba Networks Mobility Controller - version ArubaOS 2.5.4.0, 3.4 Syslog Syslog

Cisco

Secure Access Control Server Express - version 5.0

Syslog

Aventail

Aventail SSL VPN - version Log File FTP 8.8 Avocent IP KVM - version SNMP Dell PowerEdge 2161DS-2 parser trap handler

Cisco

Cisco Adaptive Security Appliance Syslog Software - versions 8.2, 7.1(2), 7.2 (to generate syslog events) Cisco ASA Security Services Module Software - version 5.1(1p1) (to generate IDS events)

Avocent

B

Vendor Device Collection Method

Cisco

Aironet AP (Wireless Access Point) - version IOS 12.2 Catalyst Switch 6500 CATOS , Cisco IOS 12.4- version 8.3 (alerting only)

Syslog

Cisco

Barracuda Networks Spam Firewall - version 3.4 & 3.5 Syslog Blue Coat Systems CacheOS (CacheFlow Appliance) - Log File FTP versions 4.1, 4.2, 5.1, 5.2, 5.3, 5.4, 5.4.1.12 ProxySG SGOS (Security Gateway Log File FTP Appliance) - versions 4.1, 4.2, 5.1, 5.2, 5.3, 5.4, 5.4.2 Cisco Cisco

Syslog (CATOS & Cisco IOS), SNMP (Cisco IOS)

CiscoWorks Network Compliance ODBC Manager - version 1.4 SP2 Content Engine - versions 5.0, 5.4 Content Services Switch versions 5.10, 8.10 Log File FTP, Syslog Syslog

Blue Coat Systems

Cisco

Cisco

IronPort Email Security Appliance Log File FTP - version 5.7.0

Event Source Update

© 2009 RSA Security Inc. All rights reserved

Page 1 of 5

Vendor

Cisco Cisco Cisco

Device

Collection Method

EMC

Vendor

Device

Celerra - version 5.5, 5.6 (branded as: EMC Control Station, Blades, DataMover)

Collection Method

SNMP

IronPort Web Security Appliance- Log File FTP version 5.7.0 Monitoring, Analysis, and Response System - version 6.3 Mobility Services Engine version 5.2.91.0 PIX Firewall - version 8.2, 7.0 Router - version IOS, 12.4 Syslog

EMC Syslog EMC Syslog Syslog, SNMP SDEE, RDEP (prior to enVision 4.0) EMC

Clariion - version Navisphere 6.28 SNMP Fabric OS - version 6.1, 6.2 Ionix SCM (Server Configuration Manager) Symmetrix Solutions Enabler version 6.4, 6.5.3, and 7.0 Syslog Agentless Windows Syslog, NIC Windows Service SNMP ODBC SNMP Syslog

Cisco Cisco

EMC

Cisco

Secure IDS - versions 4.x, 5.0, 5.1, 6.0, 6.1, 6.2, 7.0

EMC EMC

Voyence - version 4.0.1 Documentum version 6.5

Cisco

Security Agent - versions 4.0, 5.1, SNMP 6.0 Security Manager (also branded Generic as CiscoWorks Common Services) Filereader, - version 2.3, 3.0, 3.3 Syslog Filereader Unified Computing System Manager - version 1.0 (2d) VPN 3000 Concentrator versions 3.6.7 , 4.0, 4.1, 4.7 Wireless LAN Controller (WLC) version 5.2.157.0 Syslog Syslog

Enterasys Networks Dragon - version 5.x, 6.x, 7.2 Extreme Networks ExtremeWare Switch - version 6.2, 7.2, 7.7

Cisco

Cisco Cisco

F

Vendor

F5 F5 Fortinet

Cisco

Syslog

Device

BigIP - version 9.4

Collection Method

Syslog

Crossbeam Systems C-Series - versions 4.X, 5.X, 6.X Syslog CyberGuard Firewall TSP Family Series version 6.4.1 Syslog

F5 Firepass - version 5.5-20051019 Syslog FortiGate Antivirus Firewall, running Syslog FortiOS - version 2.8, 3.0 Syslog Syslog

CyberGuard

Cyberguard Classic - version 5.2 Syslog P4

Foundry Networks Switch - version 07 FreeBSD FreeBSD - version 5.4

D G

Vendor

Debian Dell Dell

Device

Debian GNU/Linux 3.1 & 4.0 DRAC (Dell Remote Access Controller) version 6.0 PowerConnect 5324 Switch - version 1.0.0.47

Collection Method

Syslog SNMP Guardium SQL Guard Syslog Syslog

Vendor

Device Collection Method

E

Vendor Device Collection Method

H

Vendor Device Collection Method

Event Source Update

© 2009 RSA Security Inc. All rights reserved

Page 2 of 5

Vendor

HP HP HP

Device

Collection Method

Vendor

Device

Collection Method

Syslog Syslog

ProCurve Switch series 2600/2800/5300 Syslog Open VMS - all versions UX - version 11.X, C2 v 11.X Log file FTP Syslog

Juniper Networks JUNOS Router - version 6.1 Juniper Networks NetScreen Firewall Screen OS versions 5.1, 5.3, 5.4, 6.0 Juniper Networks NetScreen-Security Manager versions 2004, 2006, 2007

Syslog

I

Vendor

IBM

Juniper Networks SSL VPN - versions 5.4, 5.5, 6.0 Juniper Networks Steel-Belted Radius - version 5.4

Syslog Log File FTP

Device

AIX 5L (Security and Authentication messages only) iSeries (AS400 V5R2 and above) Additional files: ftpscript, auditpgm

Collection Method

Syslog, Syslog NG Log File FTP

L

Vendor

Lancope

IBM

Device

Collection Method

IBM (Lotus) Lotus Domino IBM IBM Mainframe ACF2 ZOS - version 1.4

SNMP Log File FTP

StealthWatch - versions 5.x Syslog (StealthWatch Xe for NetFlow, StealthWatch Xe for sFlow, StealthWatch NC)

Mainframe DB2 UDB - versions 7, 8/ ZOS Log File FTP v1.4 Mainframe IDMS - versions (all) Mainframe IMS - versions (all) Log File FTP Log File FTP

IBM IBM IBM

M

Vendor Device Collection Method

Mainframe SMA_RT OS390/ZOS - version Syslog 2.0.6 Mainframe RACF ZOS - version 1.4 Log File FTP

Mazu Networks Mazu Profiler - versions 5.5.2, 6.0, 7.0 SNMP IBM IBM McAfee ISS Product suite: Proventia Appliance, ODBC SiteProtector, Internet Scanner, RealSecure - Site Protector v2.0 SP6.1, SP7.0, SP8.0 Mainframe Top Secret ZOX - version 1.4 IBM Websphere - version 6.0.0.1/Microsoft Windows 2003 SecureSphere Web Application Firewall NetStructure VPN - version 6.9 Log File FTP Filereader ODBC Syslog McAfee McAfee McAfee ePolicy Orchestrator - versions 3.5, 3.6.0, 3.6.1, 4.0, and 4.5 Note: enVision 3.7 & higher required for version 4.0 and 4.5 Foundscan Professional/Enterprise versions 5.0, 6.5.1 ODBC ODBC

IBM IBM

Host Data Loss Prevention - versions ODBC 2.2, 3.0 Host Intrusion Prevention (also branded ODBC as Entercept): · version 6.0.1 supported on McAfee ePolicy Orchestrator version 3.6 version 7.0 supported on McAfee ePolicy Orchestrator version 4.0

Imperva Intel

J

Vendor Device Collection Method

McAfee McAfee McAfee McAfee

·

Intrushield - versions 2.1, 3.1, 4.1, 5.1 Syslog Network Access Control - version 3.1.1 ODBC Policy Auditor ODBC VirusScan Enterprise - version 8.0i, 8.5i, 8.7i Windows Event Logs, ODBC Log File

Juniper Networks DX Application Accelerator - version Syslog 5.1.5 Juniper Networks IDP - versions 3.0, 3.1, 3.2, 4.0, 4.1, Syslog 5.0 Juniper Networks Infranet Controller 4500 - version 2.2 Syslog

Microsoft

DHCP Server, Windows 2000,

Event Source Update

© 2009 RSA Security Inc. All rights reserved

Page 3 of 5

Vendor

Device

Windows 2003, Windows 2008 SFTP Configuration, Windows 2000 SFTP Configuration, Windows 2003

Collection Method

SFTP

Vendor

Open Source NFR Nokia NFDump

Device

Collection Method

Log File SFTP Syslog Syslog, SNMP

NIDS - version 3.x, 4.x, 5.x IP Series version 3.5 and earlier, 3.6, and 3.8

Microsoft

Exchange Server - versions 2003 and Log File FTP 2007 and Windows Event Logs Forefront version Beta File Reader, SFTP Agent

Nortel Nortel Nortel

Alteon Switch Firewall - version 8.x Syslog Contivity VPN Switch Passport 8600 Routing Switch version 3.7.5.2 (rebranded to Ethernet Routing Switch 8600) Syslog Syslog

Microsoft

Microsoft

Internet Authentication Service version Log File FTP 2003 and Windows Event Logs IIS (Internet Information Services) versions 5.x, 6.x, 7.x ISA Server - versions 2000, 2004, 2006 Log File FTP

Microsoft

Novell Log File FTP and Windows Event Logs Agentless Windows Novell

eDirectory - version 8.8 SuSE Linux - version 9, 10, 10.2

SNMP Syslog

Microsoft

Microsoft

Microsoft Operations Manager version 2005, 2007- SP1 (Windows 2003 R2)

O

Vendor Device Collection Method

Log File SFTP Syslog

Microsoft Microsoft

Microsoft System Center Configuration Agentless Manager - version 2007 Windows SQL Server - version 2000, 2005 ODBC and Log File FTP and Windows Event Logs Microsoft Event Logging API

Open Source NFDump - netflow v5, v7, and v9

Microsoft

Windows (agentless)

Open Source SNORT - version 2.8 (signature level 1.41.2.14) See: SNORT Alternative Branding Oracle Oracle - versions 8i, 9i, 10g, 11g

Microsoft

Windows (via third party collection Syslog via agent) - Adiscon Event Reporter & DNS Agent Server Windows (via third party collection agent) - InterSect-Alliance BackLog Windows (via third party collection agent) - InterSect Alliance SNARE Windows Server Update Service Syslog via Agent Syslog via Agent ODBC

ODBC Log File FTP

Microsoft Microsoft Microsoft Motorola

R

Vendor

Red Hat

Device

Collection Method

AirDefense Enterprise Server - version Syslog 7.2, 7.3

Red Hat Enterprise Linux 3.x, 4.x, and 5.x Syslog Log File SFTP Syslog

RSA Security Access Manager - version 6.0 on Solaris, Windows, and Linux

N

Vendor

NetContinuum

RSA Security Adaptive Authentication (OnPrem) version 7.3 RSA Security Authentication Manager- versions 5.2, 6.0, 6.1, 7.1 RSA Security Data Loss Prevention - version 7.0.0 RSA Security Key Manager - version 2.1.3 Syslog

Device

NetContinuum Web Application Firewall - version NC OS 5.x

Collection Method

Syslog

Log File FTP Syslog Syslog

Network Appliance Data ONTAP - version 6.x

Network Appliance NetCache - version 5.5R3, 5.6.2R1, Log File FTP 6.03, 6.1

Event Source Update

© 2009 RSA Security Inc. All rights reserved

Page 4 of 5

S

Vendor

SAP

T

Device

R3 Enterprise - version 4.7

Collection Method

File Reader

Vendor

Device

Collection Method

Syslog Syslog Syslog

TippingPoint SMS - versions 2.1, 2.5, 2.6, 2.7, 3.0 Top Layer Top Layer Attack Mitigator - version 2.1 Secure Edge Controller - version 2.01

Secure Computing Sidewinder G2 Security Appliance - Syslog versions 6.1.1.x, 6.1.2.x, 7.0.0.x Solsoft SonicWALL Sophos Sun Sun NP - version 5.2.4 Firewall (alerting only) Enterprise Console - version 3.0 Solaris - versions 2.8, 2.9, 2.10 Syslog Syslog SNMP Syslog

Trend Micro OfficeScan Corporate Edition - version 7.0 SNMP and Syslog Control Manager - version 3.5, 5.0 Trend Micro ScanMail- ScanMail 8.0 Service Pack 1 for SNMP Microsoft Exchange 2000/2003/2007 Tripwire Tripwire Enterprise - versions 5.4, 5.5, 7.5 Log File FTP

Solaris Basic Security Module (BSM) Log File FTP - versions 8, 9, 10, 11 Sourcefire - versions 4.6 and 4.8 Syslog

V

Vendor

VMware

Sourcefire Sybase

Sybase Adaptive Server Enterprise - ODBC version 15 AntiVirus Corporate Edition SNMP versions 9.0, 10.0, 10.1, 10.2, and 11 Enterprise Firewall - versions 6.x, SNMP 7.x, 8.x Intruder Alert - version 3.6 Network Security - version 4.0 SNMP Syslog

Device

Symantec

Collection Method

Symantec

VMware VirtualCenter server- versions 2.0.2 Syslog and 2.5 VMware ESX - versions 3.0.3, 3.5, 4.0 VMware ESXi - version 3.5 VMware Embedded ESXi - version 3.5 VMware View - versions 3.1 and 4.0 SFTP Agent / File Reader

Symantec Symantec

VMware

W

Vendor Device Collection Method

WebSense Web Security Suite - versions 5.5, 6.3, 7.0 SNMP

This is an indicative list created on January 5th 2010, contact RSA support to find the latest status and details of the integration.

Event Source Update

© 2009 RSA Security Inc. All rights reserved

Page 5 of 5

Information

Supported_Devices

5 pages

Find more like this

Report File (DMCA)

Our content is added by our users. We aim to remove reported files within 1 working day. Please use this link to notify us:

Report this file as copyright or inappropriate

906337


You might also be interested in

BETA
Supported_Devices
Supported_Devices
Guide to Snare for Windows