McAfee Support Community - Re: How to add as data source in the ESM; System C... - Page 2

rickrick · ‎08-24-2017

Another quick question. In the Firewall rule, do I need allow rule enabled for both ForeFront Endpoint console IP and DB IP to the Receiver.

For instance.
Forefront EndPoint console IP 10.0.0.2

ForeFront DB IP 10.20.2.3

Kind regards,

sssyyy · ‎08-24-2017

So the firewall rule will be:

source ip [ERC ip] to DB [10.20.2.3] over TCP port 1433 [if 1433 is your DB port].

In my configuration, ESM only needs to pull data from the DB not console.

rickrick · ‎08-24-2017

Thanks this really helps to clearify the firewall rule now.

I am still working on the McAfee support to fix this, will update you once it is done.

Kind regards,

Tenzin Oshoe

santosh.k.seth · ‎11-08-2018

Hi, we are trying to set up this connection. Although in the GUI it says connection is successful but there is no traffic in TCP dump. We are using SCCM 1806, which doesnt have the SQL view name mentioned in the data source config guide. SCCM DB view name is v_AM_NormalizedDetectionHistory. Please suggest if this is causing the issue.

Leath · ‎06-11-2019

I am having this problem too.

Any solution?

Re: How to add as data source in the ESM; System Center Endpoint Protection 2016 also known as ForeFront Endpoint?

Re: How to add as data source in the ESM; System Center Endpoint Protection 2016 also known as ForeFront Endpoint?

Re: How to add as data source in the ESM; System Center Endpoint Protection 2016 also known as ForeFront Endpoint?

Re: How to add as data source in the ESM; System Center Endpoint Protection 2016 also known as ForeF

Re: How to add as data source in the ESM; System Center Endpoint Protection 2016 also known as ForeF