Skip to main content
Integrations

Impelix IMPACT Integration
with Trellix ePolicy Orchestrator

The Impelix IMPACT platform ingests telemetry from your all your security products as well as third-party feeds (threat intelligence, cybersecurity risk, business resilience intelligence, etc.) and delivers event correlation, security control efficacy, and compliance monitoring.

We believe that the more data ingested into IMPACT, the more context you will have regarding security incidents, which will allow effective and efficient incident response and compliance management. Therefore, we encourage and facilitate connecting vendor products telemetry with Impelix IMPACT platform.

Trellix ePolicy Orchestrator

Syslog Forwarding from McAfee ePO

On the ePO server:

  1. Configure your ePO server to use the newly created syslog server:
    1. Add a new Registered Server and select Syslog for the type.
    2. Enter the FQDN of the IMPACT Appliance.
    3. Enter 6514 for the port
  2. Select Enable event forwarding.
  3. Click Test Connection.
  4. Flip back over to the IMPACT “Search” interface and search for the IP address of the McAfee ePO server. An entry should be listed on the Syslog tab.
  5. On the ePO server, click Save to save the syslog Registered Server.

Reference: https://kc.mcafee.com/corporate/index?page=content&id=KB87927

The Next Evolution of SIEM

Avoid alert noise, high cost of data ingestion, and incident response complexity.
Move to our Automated SecOps and Enterprise Risk Management Platform.
✔︎ Respond     ✔︎ Investigate     ✔︎ Prevent     ✔︎ Comply
Schedule a Demo

10 S Riverside Plaza
Ste 875 PMB159
Chicago, IL 60606

(888) 311-3002
contacts@impelix.com