Posts by mcafee

    mcafee added a new solution:

    mcafee added a new solution:

    Quote

    Prerequisites

    • The OpenDXL and McAfee ePolicy Orchestrator (ePO) DXL modules have been added to the Node-RED palette.
    • A DXL client has been configured in Node-RED (see Client Configuration).
    • An ePO DXL service is running and available on the DXL fabric. If version 5.0 or later of the DXL ePO extensions are installed on your ePO server, an ePO DXL service should already be running on the fabric. If you are using an earlier version of the DXL ePO extensions, you can use the ePO DXL Python Service.
    • The Node-RED DXL client is authorized to invoke the ePO DXL service, and the user that is connecting to the ePO server (within the ePO DXL service) has permission to execute the "system.find" remote command (see Client Authorization).



    Here is the Node-RED flow content for this solution:


    mcafee added a new solution:

    Quote

    Prerequisites

    • The OpenDXL and McAfee ePolicy Orchestrator (ePO) DXL modules have been added to the Node-RED palette.
    • A DXL client has been configured in Node-RED (see Client Configuration).
    • An ePO DXL service is running and available on the DXL fabric. If version 5.0 or later of the DXL ePO extensions are installed on your ePO server, an ePO DXL service should already be running on the fabric. If you are using an earlier version of the DXL ePO extensions, you can use the ePO DXL Python Service.
    • The Node-RED DXL client is authorized to invoke the ePO DXL service, and the user that is connecting to the ePO server (within the ePO DXL service) has permission to execute the "DxlBrokerMgmt.createEpoThreatEvent" remote command (see Client Authorization).



    Here is the Node-RED flow content for this solution:


    mcafee added a new solution:

    Quote

    Prerequisites




    Here is the Node-RED flow content for this solution:

    mcafee added a new solution:

    Quote

    Prerequisites



    Here is the Node-RED flow content for this solution:

    mcafee added a new solution:

    Quote

    Prerequisites

    • The OpenDXL and McAfee ePolicy Orchestrator (ePO) DXL modules have been added to the Node-RED palette.
    • A DXL client has been configured in Node-RED (see Client Configuration).
    • An ePO DXL service is running and available on the DXL fabric. If version 5.0 or later of the DXL ePO extensions are installed on your ePO server, an ePO DXL service should already be running on the fabric. If you are using an earlier version of the DXL ePO extensions, you can use the ePO DXL Python Service.
    • The Node-RED DXL client is authorized to invoke the ePO DXL service, and the user that is connecting to the ePO server (within the ePO DXL service) has permission to execute the "system.clearTag" remote command (see Client Authorization).



    Here is the Node-RED flow content for this solution:


    mcafee added a new solution:

    Quote

    Prerequisites

    • The OpenDXL and McAfee ePolicy Orchestrator (ePO) DXL modules have been added to the Node-RED palette.
    • A DXL client has been configured in Node-RED (see Client Configuration).
    • An ePO DXL service is running and available on the DXL fabric. If version 5.0 or later of the DXL ePO extensions are installed on your ePO server, an ePO DXL service should already be running on the fabric. If you are using an earlier version of the DXL ePO extensions, you can use the ePO DXL Python Service.
    • The Node-RED DXL client is authorized to invoke the ePO DXL service, and the user that is connecting to the ePO server (within the ePO DXL service) has permission to execute the "system.applyTag" remote command (see Client Authorization).



    Here is the Node-RED flow content for this solution:


    mcafee added a new solution:

    Quote

    Prerequisites

    • The OpenDXL and McAfee ePolicy Orchestrator (ePO) DXL modules have been added to the Node-RED palette.
    • A DXL client has been configured in Node-RED (see Client Configuration).
    • An ePO DXL service is running and available on the DXL fabric. If version 5.0 or later of the DXL ePO extensions are installed on your ePO server, an ePO DXL service should already be running on the fabric. If you are using an earlier version of the DXL ePO extensions, you can use the ePO DXL Python Service.
    • The Node-RED DXL client is authorized to receive "ePO Threat Event Automatic Response Events" (see Client Authorization).
    • Under the "Automatic Responses" page on the ePO server, ensure that a "Send Threat Event via DXL" response is set to "Enabled".




    Here is the Node-RED flow content for this solution:

    mcafee added a new solution:

    Quote

    Prerequisites



    Here is the Node-RED flow content for this solution:


    mcafee added a new solution:

    mcafee added a new solution:

    Quote

    Overview

    The McAfee Active Response (MAR) DXL Node-RED client package enables the development of flows in Node-RED which perform MAR searches via the Data Exchange Layer (DXL) fabric.

    Documentation

    See the Wiki for an overview of the McAfee Active Response (MAR) DXL Node-RED client package and examples.


    See the McAfee Active Response (MAR) DXL Node-RED Client Documentation for installation instructions, API documentation, and examples.

    mcafee added a new solution:

    mcafee added a new solution:

    Quote

    Overview

    The McAfee Threat Intelligence Exchange (TIE) DXL Node-RED client package enables the development of flows in Node-REDwhich use TIE features (manage reputations, determine where a file has executed, etc.) via the Data Exchange Layer (DXL) fabric.

    Documentation

    See the Wiki for an overview of the McAfee Threat Intelligence Exchange (TIE) DXL Node-RED client package and examples.


    See the McAfee Threat Intelligence Exchange (TIE) DXL Node-RED Client Documentation for installation instructions, API documentation, and examples.

    mcafee added a new solution:

    mcafee added a new solution: