Learn How We Can Help You Keep Teleworkers Protected During the COVID-19 Crisis

McAfee

Reply
This is an open group. Sign in and click the "Join Group" button to become a group member and start posting.
Highlighted
McAfee ATD updating Infoblox RPZ with DXL Wrapper - DNS Security Integration
Techie
Posts: 2
Registered: ‎12-03-2013
Techie
Posts: 2

This integration is focusing on the automated threat response with McAfee ATD, OpenDXL and Infoblox. McAfee Advanced Threat Defense (ATD) will produce local threat intelligence that will be pushed via DXL. An OpenDXL wrapper will subscribe and parse IP and URL indicators ATD produced and will automatically update Infoblox RPZ rules.

 

McAfee ATD receives files from multiple sensors like Endpoints, Web Gateways, Network IPS or via Rest API. ATD will perform malware analytics and produce local threat intelligence. After an analysis every IOC will be published via the Data Exchange Layer (topic: /mcafee/event/atd/file/report).

 

Configuration, Video and Content can be seen under the following github repo:

 

https://github.com/mohlcyber/OpenDXL-ATD-Infoblox

 

 

Highlighted
Re: McAfee ATD updating Infoblox RPZ with DXL Wrapper - DNS Security Integration
Adviser
Posts: 155
Registered: ‎09-09-2015
Adviser
Posts: 136

Phil, Thanks!

Showing results for 
Search instead for 
Do you mean