Data Exchange Layer 1.1.0 Product Guide

Data Exchange Layer 1.1.0 Product Guide
Product Guide
McAfee Data Exchange Layer 1.1.0
For use with McAfee ePolicy Orchestrator
COPYRIGHT
Copyright © 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766, www.intelsecurity.com
TRADEMARK ATTRIBUTIONS
Intel and the Intel logo are registered trademarks of the Intel Corporation in the US and/or other countries. McAfee and the McAfee logo, McAfee Active
Protection, McAfee DeepSAFE, ePolicy Orchestrator, McAfee ePO, McAfee EMM, McAfee Evader, Foundscore, Foundstone, Global Threat Intelligence,
McAfee LiveSafe, Policy Lab, McAfee QuickClean, Safe Eyes, McAfee SECURE, McAfee Shredder, SiteAdvisor, McAfee Stinger, McAfee TechMaster, McAfee
Total Protection, TrustedSource, VirusScan are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the US and other countries.
Other marks and brands may be claimed as the property of others.
LICENSE INFORMATION
License Agreement
NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS
FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU
HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR
SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A
FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET
FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF
PURCHASE FOR A FULL REFUND.
2
McAfee Data Exchange Layer 1.1.0
Product Guide
Contents
1
2
Preface
5
About this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Find product documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
5
5
5
6
Introduction
7
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
Installing Data Exchange Layer
9
System requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Data Exchange Layer network overview . . . . . . . . . . . . . . . . . . . . . . . . .
Install the DXL brokers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Download the DXL software . . . . . . . . . . . . . . . . . . . . . . . . . .
Install the DXL appliance . . . . . . . . . . . . . . . . . . . . . . . . . . .
Verify the installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Troubleshooting the installation . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3
Managing Data Exchange Layer
19
Working with brokers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configure brokers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Add brokers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Adding brokers to a DMZ . . . . . . . . . . . . . . . . . . . . . . . . . . .
The DXL fabric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
View the DXL fabric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Bridging Data Exchange Layer fabrics . . . . . . . . . . . . . . . . . . . . . . . . .
Create an outgoing bridge to another hub . . . . . . . . . . . . . . . . . . . . .
Create an incoming bridge from another hub . . . . . . . . . . . . . . . . . . .
Index
McAfee Data Exchange Layer 1.1.0
9
10
10
10
11
16
17
19
19
20
20
21
21
22
23
23
25
Product Guide
3
Contents
4
McAfee Data Exchange Layer 1.1.0
Product Guide
Preface
This guide provides the information you need to work with your McAfee product.
Contents
About this guide
Find product documentation
About this guide
This information describes the guide's target audience, the typographical conventions and icons used
in this guide, and how the guide is organized.
Audience
McAfee documentation is carefully researched and written for the target audience.
The information in this guide is intended primarily for:
•
Administrators — People who implement and enforce the company's security program.
Conventions
This guide uses these typographical conventions and icons.
Book title, term,
emphasis
Title of a book, chapter, or topic; a new term; emphasis.
Bold
Text that is strongly emphasized.
User input, code,
message
Commands and other text that the user types; a code sample; a displayed
message.
Interface text
Words from the product interface like options, menus, buttons, and dialog
boxes.
Hypertext blue
A link to a topic or to an external website.
Note: Additional information, like an alternate method of accessing an
option.
Tip: Suggestions and recommendations.
Important/Caution: Valuable advice to protect your computer system,
software installation, network, business, or data.
Warning: Critical advice to prevent bodily harm when using a hardware
product.
McAfee Data Exchange Layer 1.1.0
Product Guide
5
Preface
Find product documentation
Find product documentation
After a product is released, information about the product is entered into the McAfee online Knowledge
Center.
Task
6
1
Go to the Knowledge Center tab of the McAfee ServicePortal at http://support.mcafee.com.
2
In the Knowledge Base pane, click a content source:
•
Product Documentation to find user documentation
•
Technical Articles to find KnowledgeBase articles
3
Select Do not clear my filters.
4
Enter a product, select a version, then click Search to display a list of documents.
McAfee Data Exchange Layer 1.1.0
Product Guide
1
Introduction
®
The McAfee Data Exchange Layer (DXL) (DXL) framework includes client software and brokers that
allow bidirectional communication between endpoints on a network. It receives and sends encrypted
messages throughout your environment to track activity, risks, and threats in real time.
Overview
DXL works in the background, communicating with services, databases, endpoints, and applications.
The DXL client is installed on each managed endpoint, so that threat information can be shared
immediately with all other services and devices.
A blocked threat attempt that reveals malware on an endpoint can be shared immediately to the
gateway and other security components, isolating and stopping the threat before it spreads. You can
view threat events that were discovered and stopped, so that you get a picture of your environment's
security and possible areas of vulnerabilities.
DXL has these components:
•
Brokers — Installed on managed systems and routes messages between connected clients. An
example of a connected client is the Threat Intelligence Exchange for VirusScan Enterprise module.
The network of brokers tracks active consumers and dynamically adjusts the message routing as
needed. Brokers can be organized into hubs.
DXL clients maintain a persistent connection to their brokers regardless of their location. Even if a
managed endpoint running the DXL client is behind a NAT (network address translation) boundary,
it can receive updated threat information from its broker located outside the NAT.
•
DXL Fabric — Consists of more than one broker. You can bridge DXL fabrics that are managed by
different McAfee ePolicy Orchestrator (McAfee ePO ) servers to share information being routed on
the fabric.
®
®
™
•
Hubs — Contain one or two brokers and provide failover protection in a multi-broker environment.
If a hub has two brokers, both act simultaneously. If one is unavailable, the other continues to
function.
•
Consumers — Modules or clients that receive and process messages from the brokers. An
example of a consumer is the Threat Intelligence Exchange for VirusScan Enterprise module.
Consumers subscribe and publish to the fabric without API-based integration.
•
Service zones — A service zone is associated with brokers and hubs and routes requests from
clients. In the following example, service zones are organized into locations. When the TIE client
sends a file or certificate reputation request, it attempts to find a TIE server in the Portland service
zone first. If a server is not available in that zone, it looks in the North America service zone,
because the Portland hub is part of the North America zone. Without specifying service zones,
requests might be sent to the Europe or London hub first.
McAfee Data Exchange Layer 1.1.0
Product Guide
7
1
Introduction
Overview
After installing the DXL brokers and client software, you create the hubs and zones for the brokers in
your environment. You can also bridge hubs and brokers managed by different instances of McAfee
ePO so that the brokers can communicate information over the fabric.
8
McAfee Data Exchange Layer 1.1.0
Product Guide
2
Installing Data Exchange Layer
Contents
System requirements
Data Exchange Layer network overview
Install the DXL brokers
Verify the installation
Troubleshooting the installation
System requirements
Make sure that your system environment meets these requirements and that you have administrator
rights.
Component
Products
VMware vSphere
Version
5.1.0 with ESXi 5.1 or
later
McAfee ePO
5.1.1, 5.1.2, 5.3
McAfee ePO product extensions and
packages (checked in)
McAfee Agent
5.0
McAfee Agent
extension
5.0
Products installed on each of your managed McAfee Agent
systems
5.0
®
Operating system
You can install the Data Exchange Layer client on the following operating systems.
Microsoft Windows
Windows 7 (32-bit and 64-bit)
Windows 8.0 (32-bit and 64-bit)
Windows 8.1 (32-bit and 64-bit)
Windows 8.1U1/U2 (32-bit and 64-bit)
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Non-Microsoft Windows
McAfee Linux OS (MLOS)
Other Linux operating systems
(for example, Red Hat, CentOS)
McAfee Data Exchange Layer 1.1.0
Product Guide
9
2
Installing Data Exchange Layer
Data Exchange Layer network overview
Data Exchange Layer network overview
The Data Exchange Layer framework uses these network protocols and ports.
Make sure these ports are open and available for use with DXL.
Install the DXL brokers
Download the DXL software, then install and configure DXL brokers using VMware vSphere.
Tasks
•
Download the DXL software on page 10
Download the DXL software manually from the McAfee product download website, or use
the McAfee Software Manager.
•
Install the DXL appliance on page 11
Install and configure the DXL brokers.
Download the DXL software
Download the DXL software manually from the McAfee product download website, or use the McAfee
Software Manager.
10
McAfee Data Exchange Layer 1.1.0
Product Guide
Installing Data Exchange Layer
Install the DXL brokers
2
Task
For option definitions, click ? in the interface.
•
Use one of these methods to download the DXL software:
•
In the Software Manager, click McAfee Data Exchange Layer 1.1, then download or check in the
components.
•
To install manually, download the McAfee Data Exchange Layer 1.1 files from the McAfee
product download website. Then check in the Data Exchange Layer package to McAfee ePO.
The broker appliance is installed using VMware vSphere. Download the broker appliance file and save it
locally before continuing.
Install the DXL appliance
Install and configure the DXL brokers.
Task
1
Open the VMware vSphere client, then click File | Deploy OVF Template.
2
Browse to and select the DXL .ova file on your computer, then click Next.
3
Complete the steps in the wizard, accepting the default values or entering different values as
needed.
4
When finished, select Power On to turn on the virtual machine and open a Console window to install
the brokers.
McAfee Data Exchange Layer 1.1.0
Product Guide
11
2
12
Installing Data Exchange Layer
Install the DXL brokers
5
Read and accept the license agreement. Press Enter to view each page.
6
Create a root password for the appliance. The password must be at least nine characters.
McAfee Data Exchange Layer 1.1.0
Product Guide
2
Installing Data Exchange Layer
Install the DXL brokers
7
Enter the operational account name, real name, and password, using the Tab key to move to the
next field. When finished, press Y to continue.
The account name is typically something like jsmith and is used to log on to and administer the
appliance. The real name is your full name, for example, John Smith.
8
On the Network Selection page, enter N to continue.
McAfee Data Exchange Layer 1.1.0
Product Guide
13
2
Installing Data Exchange Layer
Install the DXL brokers
9
Select a configuration type, then enter Y to continue.
•
DHCP — Enter D.
•
Manual IP address — Enter M, then enter the remaining information.
10 Enter the host name and domain name of the computer where you are installing the appliance.
Enter Y to continue.
14
McAfee Data Exchange Layer 1.1.0
Product Guide
Installing Data Exchange Layer
Install the DXL brokers
2
11 Enter up to three Network Time Protocol servers to synchronize the time of the appliance. Use the
default server listed, or enter the address for up to three servers. Enter Y to continue.
12 Enter the IP address or fully qualified domain name, port, and account information for your McAfee
ePO server. The user account must have administrator rights. Enter Y to continue.
McAfee Data Exchange Layer 1.1.0
Product Guide
15
2
Installing Data Exchange Layer
Verify the installation
13 Specify the port that DXL uses. Use the default port, or enter a port number within the range
shown, then enter Y to continue.
14 When the logon screen appears, close it.
See Verify the installation to make sure that the DXL broker was installed successfully.
Verify the installation
After you complete the DXL broker appliance pages in VMware, verify that the installation was
successful.
Task
For option definitions, click ? in the interface.
1
On the System Tree main page, verify that the broker is listed and tagged as DXLBROKER.
If the broker is not tagged as DXLBROKER, run the Manage DXL Brokers server task.
2
In the System Tree, select the DXL broker name, then click the Products tab. Verify that the DXL
broker and version are listed.
a
If the DXL broker and version are not listed, click Wake Up Agents.
b
On the Wake Up McAfee Agent page, select Force complete policy and task update, then click OK.
It might take a few minutes for the broker properties to be sent to the appliance.
When the installation is successful, the installed brokers are tagged as DXLBROKER and the correct
DXL version is displayed in the Products tab.
16
McAfee Data Exchange Layer 1.1.0
Product Guide
2
Installing Data Exchange Layer
Troubleshooting the installation
Troubleshooting the installation
McAfee provides log files and scripts that can help you resolve common issues that might occur during
installation.
Accessing log files
To troubleshoot installation problems, view the log files.
The DXL broker log files are at /var/McAfee/dxlbroker/logs/dxlbroker.log. Have these files
available if you contact technical support.
Reconfiguring the installation using scripts
You can use scripts to reconfigure the DXL brokers and the McAfee Agent. The scripts are located in
the /home/<username> directory. They must be executed with sudo permissions, for example, sudo /
home/myname/reconfig‑dxl.
Script name
Description
Reboot?
change-hostname Changes the host name of the current DXL broker appliance. It
restarts the McAfee Agent and the broker.
Recommended
change-services
No
Enables or disables the DXL broker.
If the broker was initially disabled during first boot, the script
prompts for broker configuration information.
reconfig-dxl
Reconfigures the DXL port.
No
reconfig-ma
Reconfigures the McAfee Agent.
Recommended
The agent and DXL broker services are restarted. New
keystores are generated when the service starts.
reconfig-network Reconfigures the current network interface (from DHCP to
manual, or from manual to DHCP).
Required
reconfig-ntp
No
McAfee Data Exchange Layer 1.1.0
Reconfigures the Network Time Protocol servers.
Product Guide
17
2
Installing Data Exchange Layer
Troubleshooting the installation
18
McAfee Data Exchange Layer 1.1.0
Product Guide
3
Managing Data Exchange Layer
Data Exchange Layer includes a client and brokers that allow bidirectional communication between
endpoints on a network. You can organize brokers as needed for your environment.
Contents
Working with brokers
The DXL fabric
Bridging Data Exchange Layer fabrics
Working with brokers
The Data Exchange Layer brokers can be organized into hubs and service zones to determine how
brokers are accessed.
Brokers are installed on managed systems and communicate messages between security products that
are integrated with the DXL fabric. The network of brokers tracks active clients and dynamically
adjusts the message routing as needed.
Organizing brokers
Brokers can be organized into hubs that manage how brokers are accessed and provide failover
protection in a multi-broker environment. If a hub has two brokers, both act simultaneously. If one is
unavailable, the other continues to function. You can create as many hubs as needed. A broker,
however, can be assigned to only one hub.
You can organize brokers and hubs into service zones to further determine how servers are accessed.
For example, if you have multiple Threat Intelligence Exchange servers and brokers in different
geographical locations, you can create service zones of servers and brokers. Clients in a service zone
access servers in that zone first. If those servers are not available, the clients access the servers in
other zones. If you don't use service zones, client requests can be sent to any server at any location.
Tools for working with brokers
Use the Data Exchange Layer Fabric feature to view the broker topology in your environment. You can
quickly see how brokers are connected and managed. You can also see the number of clients that are
connected to a specific broker. This can help you determine if you need more brokers in your
environment.
To increase or decrease the number of clients that can connect to a broker, change the Client Connection
Limit settings in the McAfee DXL Broker Management policy.
Configure brokers
If you installed DXL brokers on more than one system, you can create a hierarchy of brokers to
provide failover protection if any brokers are unavailable.
McAfee Data Exchange Layer 1.1.0
Product Guide
19
3
Managing Data Exchange Layer
Working with brokers
Task
For option definitions, click ? in the interface.
1
Select Menu | Configuration | Server Settings | DXL Topology.
2
Select Edit to create hubs, service zones, and assign brokers.
The options on the page depend on whether you selected a broker or a hub. Unassigned brokers
are listed below the hubs.
3
Select an item from the Actions menu to create or delete a hub, or to detach a broker from its
current hub.
For details about connecting DXL brokers that are managed by different McAfee ePO servers, see
Bridging DXL brokers.
Add brokers
You might want to install more brokers throughout your environment as you add new endpoints and
systems.
Task
For option definitions, click ? in the interface.
1
Use the VMware vSphere client to run the DXL appliance installation.
You can install brokers on a system already running brokers, or on a different system.
2
On the Service Selection page, select DXL Broker and complete the broker installation.
For details about installing brokers, see Installing Data Exchange Layer.
Adding brokers to a DMZ
You can install Data Exchange Layer brokers in a demilitarized zone (DMZ) where publicly accessible
servers are not allowed.
Installing a broker in the DMZ allows remote users to access information from products that use the
DXL, such as Threat Intelligence Exchange.
You must have an Agent Handler in the DMZ and your network must be configured to support this.
McAfee ePO communicates with the DXL broker to share configuration, policy, and performance
information via the agent on the broker.
To use a DXL broker in a DMZ, firewall rules are necessary. Also, the DXL framework must be
structured in a way to allow communication from brokers in the DMZ to brokers in the internal
network. The DXL Topology page enables you to create this structure. (To access the DXL Topology
page, select Menu | Configuration | Server Settings | DXL Topology.)
This diagram shows the default ports used.
20
McAfee Data Exchange Layer 1.1.0
Product Guide
Managing Data Exchange Layer
The DXL fabric
3
The DXL fabric
Quickly see all DXL brokers in your environment. You can see their status, how they are connected,
clients they support, and other details.
There are several views that allow you to see the broker fabric in different ways:
•
The current connection status for all brokers
•
Brokers managed by different instances of McAfee ePO
•
Brokers by hub
•
Brokers by connected clients
For all brokers in the fabric, you can see detailed properties, bridging information, registered services,
and more.
View the DXL fabric
View all brokers in your environment and see connection, status, and detailed information.
Before you begin
The DXL fabric page is view-only and requires permissions to access it. To set permissions
to access the fabric, use the McAfee DXL Fabric permission set in McAfee ePO.
McAfee Data Exchange Layer 1.1.0
Product Guide
21
3
Managing Data Exchange Layer
Bridging Data Exchange Layer fabrics
Task
For option definitions, click ? in the interface.
1
Select Menu | Systems | Data Exchange Layer Fabric.
2
Use the View drop-down list to select how you want the information to be organized.
•
To resize the items on the page to zoom in our out, use the mouse wheel.
•
To fit all items on the fabric view on the page, double-click the mouse.
3
Use the Label drop-down list to select the type of labels that you want to see.
4
Click a broker to see detailed information about it on the Properties, Bridges, and Services tabs.
Bridging Data Exchange Layer fabrics
The DXL fabric enables bridging hubs to connect brokers that are managed by multiple McAfee ePO
servers.
Instead of each McAfee ePO server and its DXL brokers operating as a standalone system, DXL can
connect brokers from different systems to share information. For example, if you have a McAfee
Advanced Threat Defense server in one McAfee ePO environment, but do not have an ATD server in
another McAfee ePO environment, endpoints integrated with DXL in both environments can access the
ATD server information.
®
To enable DXL brokers to communicate between multiple McAfee ePO servers, you create DXL fabric
bridges from one system to another. This bridge allows the fabric of brokers to communicate and
share information.
•
Outgoing bridge — A top-level broker hub managed by a McAfee ePO server. It shares its DXL
fabric of brokers with an incoming bridge managed by another McAfee ePO server.
•
Incoming bridge — A hub managed by a McAfee ePO server that shares its DXL fabric with the
outgoing bridge.
Process for bridging DXL fabrics
Bridging DXL fabrics is a multi-step process that ensures that the DXL fabric on different McAfee ePO
servers can communicate with each other. The outgoing and incoming bridge systems must export and
import each other's information.
1
Bridge A exports its DXL fabric information to Bridge B. Bridge A becomes the outgoing bridge, and
Bridge B is the incoming bridge.
2
Bridge B imports the DXL fabric information from Bridge A.
3
Bridge B exports its DXL fabric information to Hub A.
4
Hub A imports the information from Hub B.
Both bridges must send and receive information to connect their DXL fabrics. This process must be
completed at the hub level to create the bridge. You cannot create a bridge from an individual broker.
22
McAfee Data Exchange Layer 1.1.0
Product Guide
3
Managing Data Exchange Layer
Bridging Data Exchange Layer fabrics
Bridging existing TIE servers and databases
If you have existing TIE servers and databases managed by different McAfee ePO servers, you can
bridge them to share reputation information. However, you can have only one master TIE database.
For details about bridging existing TIE servers and databases, see the KnowledgeBase article:
KB83896.
Create an outgoing bridge to another hub
When you designate a DXL hub as an outgoing bridge to a remote hub, the DXL framework shares
information between the brokers managed by different instances of McAfee ePO.
Each McAfee ePO server can have only one hub that is designated as an outgoing bridged hub. And
that hub must be the top-level hub in the DXL topology with at least one broker assigned to it. You
can have multiple incoming bridges from other outgoing hubs.
Task
For option definitions, click ? in the interface.
1
Select Menu | Configuration | Server Settings | DXL Topology.
2
On the DXL Topology page, select Edit.
3
From the topology tree, select the top-level hub, and from the Actions menu, select Create Outgoing
Bridge - Remote ePO Hub.
4
Click Export Local Hub Information to create a file containing information about the hub's brokers. Save
this file and make it available to the remote system.
5
On the remote McAfee ePO server where you are bridging:
a
From the Actions menu, select Create Incoming Bridge - Remote ePO Hub.
b
Import the file you created in Step 4 using the DXL Topology page. Select a hub to bridge to the
outgoing hub, then click Import Remote Hub Information and navigate to the file. This creates an
incoming bridge.
c
Click Export Local Hub Information to create a file containing information about the brokers.
See Create an incoming bridge from another hub for details about these steps.
6
On the local system, click Import Remote Hub Information and navigate to the file created by the remote
system in Step 5.
The local and remote hubs now have the broker information necessary to communicate and share
information via the DXL framework.
Create an incoming bridge from another hub
Designating a hub as an incoming bridge from a remote hub enables the DXL fabric to share
information between the brokers managed by different McAfee ePO servers.
Task
For option definitions, click ? in the interface.
1
Select Menu | Configuration | Server Settings | DXL Topology.
2
On the DXL Topology page, click Edit.
McAfee Data Exchange Layer 1.1.0
Product Guide
23
3
Managing Data Exchange Layer
Bridging Data Exchange Layer fabrics
3
From the topology tree, select a hub to bridge to the incoming broker fabric. These brokers
communicate with the brokers on the remote system.
4
From the Actions menu, select Create Incoming Bridge - Remote ePO Hub.
5
Click Import Remote Hub Information. Navigate to the outgoing bridge file created by the remote McAfee
ePO server.
This file contains information about its brokers. You can import files from several McAfee ePO
servers.
6
Click Export Local Hub Information to create a file containing information about the brokers in the local
hub.
The remote system (outgoing bridge) imports this file to complete the bridge.
Both hubs now have the broker information necessary to communicate and share information via
the DXL fabric.
7
24
To complete the bridge, run the Send DXL State Event server task on both the incoming and outgoing
systems.
McAfee Data Exchange Layer 1.1.0
Product Guide
Index
A
about this guide 5
B
bridging Data Exchange Layer hubs and brokers 22
broker appliance 11
brokers for Data Exchange Layer
about 7
adding 20
adding brokers to a DMZ 20
bridging 23
broker status 21
creating service zones 19
fabric 19, 21
how brokers are connected 21
organizing 19
tagged in McAfee ePO 16
using with multiple McAfee ePO servers 22
C
configuration
brokers 19
using scripts 17
conventions and icons used in this guide 5
hubs (continued)
bridging 23
creating 19
organizing brokers 19
I
installation
brokers using the appliance 11
downloading software 10
log files for troubleshooting 17
requirements 9
troubleshooting 17
verify the installation 16
L
log files, troubleshooting the installation 17
M
McAfee Agent
installation requirements 9
McAfee ePO and Data Exchange Layer 22
McAfee ServicePortal, accessing 6
N
network overview 10
D
DMZ
adding Data Exchange Layer brokers 20
documentation
audience for this guide 5
product-specific, finding 6
typographical conventions and icons 5
F
O
operating systems, supported 9
P
ports used 10
protocols used 10
R
fabric
about 7, 21
viewing 21
failover protection, organizing brokers 19
H
hubs
about 7
McAfee Data Exchange Layer 1.1.0
reconfiguration using scripts 17
S
scripts
reconfiguring the installation 17
service zones
about 7
Product Guide
25
Index
service zones (continued)
creating 19
organizing brokers 19
ServicePortal, finding product documentation 6
supported operating systems 9
system requirements 9
T
U
using Data Exchange Layer with multiple McAfee ePO servers 22
V
verify the installation 16
VMware vSphere
deploying the OVF template 11
technical support, finding product information 6
topology, broker 21
troubleshooting
installation 17
26
McAfee Data Exchange Layer 1.1.0
Product Guide
0-00
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement