The McAfee EPO suite of products enables alerts to pinpoint when attacks happen and on which assets by linking together those notifications with telemetry seen across the environment.
McAfee EPO requires syslog destinations to use TLS. CYDERES will activate a listener with a self signed certificate unless one is provided.
- In the McAfee EPO console, go to Menu > Configuration > Registered Servers.
- Add a new Registered Server with the Syslog type.
- Enter in the IP and port of your CYCLOPS appliance.
- Click Enable event forwarding. Optionally, you can send a test message by using Test Connection
- Click Save to save the configuration.