Skip to content
  • There are no suggestions because the search field is empty.

Set Up Multi-Factor Authentication

Set Up Multi-Factor Authentication

You can set up Multi-Factor Authentication (MFA) for NetWitness using one of the following methods:

ADFS Log in to NetWitness with SecurID Passcode

Single Sign-On (SSO) functionality of NetWitness can be leveraged where the user authenticates using ADFS log in user interface with AD user credentials followed by the SecurID passcode.

Note: This method is suitable only for single AD users.

Prerequisites

  • The NetWitness Platform (NW) version 11.4 or later

  • MS Active Directory Federation Services (ADFS) - MS Windows Server 2012 R2 or later

  • MS Active Directory (AD) – MS Windows Server 2008 R2 or later

  • Authentication Manager (AM) 8.4 or later

  • Authentication Agent for ADFS 1.0 or later

Perform the following configurations:

  1. Configure Authentication Manager.
  2. Configure NetWitness.
  3. Configure ADFS.

Configure Authentication Manager

Configure Active Directory as an Identity Source in Authentication Manager using the steps described in the section Add an Identity Source.

Configure NetWitness

  1. Configure Active Directory for External Authentication to NetWitness using the steps described in the section Configure Active Directory.

  2. NetWitness must be configured for SSO using the steps described in the section Configure Single Sign-On.

Configure ADFS

ADFS must be configured for SSO in NetWitness. You must copy the exported metadata (see step 9 in Configure Single Sign-On) to ADFS and perform the following steps:

  1. Go to Server Manager > Tools > ADFS management > Trust Relationships.

  2. On the right-side, click Add Relying Part Trust > Start.

  3. Click Import data about the relying party from a file and select the metadata file.

  4. Click Next, and enter a display name.

  5. Click Next until the Close button is displayed.

  6. Ensure the Open the Edit Claim Rules option is selected.

  7. Click Close.

  8. In the Edit Claim Rules dialog, click Add Rule.

  9. In the Add Transform Claim Wizard dialog, click Next.

  10. Enter a claim rule name.

  11. In the Attribute Store drop-down menu, select Active Directory.

  12. In the Mapping of LDAP attributes table, on the left-side select SAM-Account-Name and on right-side, select Name ID.

    Note: Only one mapping is required.

  13. Click Finish.

  14. Click Apply.

  15. Click OK.

    Next you need to configure MFA using Authentication Agent in ADFS. The agent is freely available at (https://community.securid.com/t5/securid-authentication-agent-for/tkb-p/auth-agent-ad-fs-documentation) and for more information on configuration, see ® Authentication Agent 2.0.3 for Microsoft® AD FS Administrator's Guide.

PAM SecurID Log in to NetWitness for AD Users

In this method only SecurID Passcode is required for authenticating to NetWitness. Authentication Manager takes care of the authentication to AD without requiring the password from the user.

After the configuration, the user registered in the Active Directory can log in to NetWitness using the SecurID passcode.

Prerequisites

  • The NetWitness Platform (NW) version 11.0 or later

  • MS Active Directory (AD) – MS Windows Server 2008 R2 or later

  • Authentication Manager (AM) 8.2 or later

Perform the following configurations:

  1. Configure Authentication Manager.
  2. Configure NetWitness.

Configure Authentication Manager

Configure Active Directory as a Identity Source in Authentication Manager using the steps described in the section Add an Identity Source.

Configure NetWitness

Complete the additional configuration for Authentication Manager and NetWitness configuration as described in the section Configure PAM Login Capability.

Azure ADFS Log in to NetWitness

Note: This option for SSO is available only when using the SAML Token Based SSO which is available from Netwitness 12.4. Refer Configure ADFS for SAML Token Based Authorization for more information.

Prerequisites

  • NetWitness Platform (NW) version 12.4 or later

  • User must have read and write access to Azure Entra ID.

  • Install the Microsoft Authenticator app in your phone for additional security verification.

Perform the following configurations:

  1. Configure NetWitness

  2. Configure ADFS

  3. Enable MFA for Azure Entra ID Users

  4. Setting Up First Login for the MFA-enabled Azure Users

Configure NetWitness

NetWitness must be configured for SSO using the steps described in the section Configure Single Sign-On.

Configure ADFS

  1. Login to Azure Entra ID.

    1. Click New application.

    2. Click Create your own application and mention an appropriate name for the application (for example: Netwitness) and select non-gallery radio button then click Create.

  1. Add User/Group to the application.

    1. Select User and groups under the Manage tab. Click Add user/group.

    2. Click None Selected under Users/Groups.

    3. Select the User/Group and click Assign.

    4. Click None Selected under Select a role.

    5. Select the Role(s) and click Assign.

  1. Setup SAML based SSO.

    1. Click Single sign-on under Manage tab. Select SAML.

    2. Click Upload metadata file and select the metadata file.

    3. Edit the Attributes & Claims. Click Add a group claim.

    4. Select the groups associated with the user that should be returned in the claim and the Source attribute from the dropdown. Click Save.

      Note: user.userprincipalname and user.groups are required claims.

    5. Once you save the attributes, the Azure ADFS configuration is complete.

Enable MFA for Azure Entra ID Users

  1. Select Azure Entra ID from the left panel.

  2. Under the Manage tab, select Users.

  3. Click the Per-user MFA option at the top. Now, you will see a list of users populating in a new browser window.

  4. Select the user(s) for whom you want to enable the MFA and click the Enable option on the right panel.

  5. In the pop-up box, click the Enable multi-factor auth button to complete the set up.

Setting Up First Login for the MFA-enabled Azure Users

The below steps are for users to set up their first login and multi-factor authentication using the Microsoft Authenticator app.

  1. Login to the Microsoft Azure portal - https://portal.azure.com using the user credentials for which you have enabled the MFA.

  2. Once you login, you will be redirected to the Additional security verification screen. Select the Mobile app from the drop-down menu and select Receive notifications for verification. Click Next.

  3. Open up the Microsoft Authenticator app on your phone and scan the QR code shown. Click Next.

  4. Select your Country and enter the Mobile number. Click Next.

  5. You will get a password for your first login in this window. Copy and save the password securely and click Done.

  6. The first login set up is complete. When you try to log in to your Azure account for the first time, you will get a notification on your mobile device to verify the authenticity of your login attempt.

Now, when you login to Netwitness Portal using SSO, you will be navigated to the Azure MFA website for authentication.

  • Column 1:
  • Column 2:


ka0Rm0000005GQwIAM,Juniper Networks NetScreen ScreenOS,JuniperNetworksNetScreenScreenOS565739,5.1, 5.3, 5.4, 6.x,Documentation, ka0Rm0000005GYGIA2,Radiator Radius Server,RadiatorRadiusServer543252,4.x,Documentation, ka0Rm0000005GQsIAM,Secdo Platform,SecdoPlatform544394,Documentation, ka0Rm0000005GQuIAM,Kaspersky Anti-Virus,KasperskyAnti-Virus566721,Kaspersky Security Center 9.0, 10.x,11.x, 14.0 Kaspersky Administration Kit 8.0 Kaspersky Anti-Virus for Microsoft ISA Server 2004 Enterprise Edition and 2006 Enterprise Edition,Documentation, ka0Rm0000005GYQIA2,Extreme Networks Dragon IPS (formerly Enterasys Dragon),ExtremeNetworksDragonIPS-formerlyEnterasysDragon548276,5.x, 6.x, 7.2, 7.4,Documentation, ka0Rm0000005GYZIA2,Juniper Networks Wireless LAN Controller,JuniperNetworksWirelessLANController565065,7.6.1,Documentation, ka0Rm0000005GQrIAM,Cisco ThreatGRID,CiscoThreatGRID543139,Documentation, ka0Rm0000005GYFIA2,Cisco Aggregation Services Router,CiscoAggregationServicesRouter565059,3.3,Documentation, ka0Rm0000005GYKIA2,VMware View,VMwareView553768,3.1, 4.0, 4.5, 4.6, 5.0, 5.1, 5.2, 5.3, 6.0, 7.x,Documentation, ka0Rm0000005GYcIAM,RSA Adaptive Authentication (Hosted),RSAAdaptiveAuthentication-Hosted547550,8.8, 8.9, 9.0, 9.1,Documentation, ka0Rm0000005GYWIA2,VMware vCloud Director,VMwarevCloudDirector543209,1,Documentation, ka0Rm0000005GYSIA2,Cisco Aironet AP (Wireless Access Point),CiscoAironetAP-WirelessAccessPoint540717,IOS 12.2,Documentation, ka0Rm0000005GYbIAM,RSA Adaptive Authentication (OnPrem),RSAAdaptiveAuthentication-OnPrem547565,6.0.2.1,Documentation, ka0Rm0000005GYMIA2,Hewlett Packard OpenVMS,HewlettPackardOpenVMS557017,all,Documentation, ka0Rm0000005GQlIAM,BeyondTrust PowerBroker Servers,BeyondTrustPowerBrokerServers563654,7, 8,Documentation, ka0Rm0000005GQjIAM,Radware AppWall,RadwareAppWall564437,5.6,Documentation, ka0Rm0000005GYTIA2,Cisco Umbrella,CiscoUmbrella560280,Schema Version 5,Documentation, ka0Rm0000005GQtIAM,Free BSD,FreeBSD565793,5.x,Documentation, ka0Rm0000005GQoIAM,BeyondTrust Powerbroker Endpoint Protection (formerly eEye Blink Endpoint Protection),BeyondTrustPowerbrokerEndpointProtection-formerlyeEyeBlinkEndpointProtection565780,4.x,Documentation, ka0Rm0000005GQkIAM,Radware DDoS,RadwareDDoS703810,API v1.0,Documentation, ka0Rm0000005GYYIA2,Fox Technologies Server Control,FoxTechnologiesServerControl522785,Documentation, ka0Rm0000005GXlIAM,Sybase ASE,SybaseASE557006,15.x,Documentation, ka0Rm0000005GQmIAM,Cisco ASA Security Services Module,CiscoASASecurityServicesModule565839,4.x. 5.0, 5.1, 6.0, 6.1, 6.2, 7.0, 7.1.1,Documentation, ka0Rm0000005GQpIAM,Cisco Catalyst Switch,CiscoCatalystSwitch555522,Cisco Catalyst 6500, Cisco Catalyst 2960-CX,Documentation, ka0Rm0000005GXvIAM,VMware NSX,VMwareNSX556536,6.x,Documentation, ka0Rm0000005GXpIAM,VMware vRealize Automation,VMwarevRealizeAutomation542206,6.0.1, 6.2,Documentation, ka0Rm0000005GXkIAM,Swimlane,Swimlane563172,Documentation, ka0Rm0000005GXxIAM,VMware ESX / ESXi,VMwareESX-ESXi542618,ESX: 3.0.3, 3.5, 4.0, 4.1ESXi: 3.5, 4.0, 4.1, 5.0, 5.1, 5.5, 6.x, 7.0 U2,Documentation, ka0Rm0000005GY7IAM,ServiceNow ITSM,ServiceNowITSM564424,Documentation, ka0Rm0000005GY6IAM,Securaa,Securaa650488,APIv1.0,Documentation, ka0Rm0000005GYAIA2,SECUDE Security Intelligence,SECUDESecurityIntelligence561183,1,Documentation, ka0Rm0000005GY3IAM,RSA Identity Governance & Lifecycle,RSAIdentityGovernanceLifecycle541084,6.5.1, 6.9,Documentation, ka0Rm0000005GY0IAM,RSA SecurID Access Authentication Mgr,RSASecurIDAccessAuthenticationMgr563425,8.x,Documentation, ka0Rm0000005GXnIAM,Salesforce,Salesforce565386,API v1.0,Documentation, ka0Rm0000005GXNIA2,CyberArk Account Security and Identity Management,CyberArkAccountSecurityandIdentityManagement559413,7.x, 8.x, 9.x, 10.x, 12.1,Documentation, ka0Rm0000005GXwIAM,Juniper Networks NetScreen Firewall,JuniperNetworksNetScreenFirewall565678,5.1, 5.3, 5.4, 6.x,Documentation, ka0Rm0000005GXyIAM,Microdasys XML Security Gateway,MicrodasysXMLSecurityGateway565966,1.1.0,Documentation, ka0Rm0000005GXeIAM,OPSWAT MetaAccess Cloud,OPSWATMetaAccessCloud694651,3.2,Documentation, ka0Rm0000005GXsIAM,MapR Converged Data Platform (part of Hewlett Packard Enterprise),MapRConvergedDataPlatform-partofHewlettPackardEnterprise563645,Documentation, ka0Rm0000005GPXIA2,IBM Domino,IBMDomino538677,8.5, 9.x,Documentation, ka0Rm0000005GRwIAM,Sophos Enterprise Console,SophosEnterpriseConsole561042,3.0, 4.5, 4.7, 5.x,Documentation, ka0Rm0000005GUKIA2,Cimcor CimTrak,CimcorCimTrak563736,2.0.6.11,Documentation, ka0Rm0000005GXjIAM,CyberArk Privileged Threat Analytics,CyberArkPrivilegedThreatAnalytics563771,2.6.3.1,Documentation, ka0Rm0000005GVHIA2,Microsoft Windows (via WinRM),MicrosoftWindows-viaWinRM563701,Server 2008, 2008 R2, 2012, 2012 R2 Data Center Edition, 2016, 2019 | Windows 7, 8 and 10,Documentation, ka0Rm0000005GUHIA2,Cisco Adaptive Security Appliance (ASA),CiscoAdaptiveSecurityAppliance-ASA561527,7.x, 8.x, 9.x, 11.13,Documentation, ka0Rm0000005GRxIAM,Juniper Networks Intrusion Detection and Prevention (IDP),JuniperNetworksIntrusionDetectionandPrevention-IDP566023,3.0, 3.1, 3.2, 4.0, 4.1, 5.0,Documentation, ka0Rm0000005GXoIAM,Google Workspace (Formerly Google G Suite),GoogleWorkspace-FormerlyGoogleGSuite562638,API v1.0,Documentation, ka0Rm0000005GRuIAM,ThreatQuotient Threat Intelligence Platform,ThreatQuotientThreatIntelligencePlatform565520,Documentation, ka0Rm0000005GS0IAM,Oracle Solaris (formerly Sun Solaris),OracleSolaris-formerlySunSolaris557030,8, 9, 10, 11.x,Documentation, ka0Rm0000005GS6IAM,Barracuda Web Application Firewall,BarracudaWebApplicationFirewall550081,Firmware: 7.4.0, 7.8.0, 7.9.2, 8.x, 9.x,Documentation, ka0Rm0000005GXuIAM,Exabeam Advanced Analytics,ExabeamAdvancedAnalytics563195,3,Documentation, ka0Rm0000005GRiIAM,Dell EMC Celerra (also known as Dell EMC Control Station, Blades, DataMover, NSX),DellEMCCelerra-alsoknownasDellEMCControlStation-Blades-DataMover-NSX565913,7.0, 7.1,Documentation, ka0Rm0000005GXEIA2,EMC Fabric OS,EMCFabricOS548745,6.1, 6.2,Documentation, ka0Rm0000005GXPIA2,Dell EMC Secure Remote Support (ESRS),DellEMCSecureRemoteSupport-ESRS548792,2,Documentation, ka0Rm0000005GXVIA2,Evidian Authentication Manager,EvidianAuthenticationManager562769,9.x, 10.x,Documentation, ka0Rm0000005GQXIA2,Digital Guardian,DigitalGuardian563864,6.1,Documentation, ka0Rm0000005GU7IAM,Nginx,Nginx694801,1,22,Documentation, ka0Rm0000005GXdIAM,IPFIX,IPFIX696067,NetFlow v10,Documentation, ka0Rm0000005GXmIAM,Forcepoint DLP (formerly Websense Data Security),ForcepointDLP-formerlyWebsenseDataSecurity565784,7.x, 8.x,Documentation, ka0Rm0000005GRdIAM,Endgame,Endgame551072,2.5.4,Documentation, ka0Rm0000005GSSIA2,CryptoniteNXT,CryptoniteNXT561558,Documentation, ka0Rm0000005GY2IAM,Gurucul Risk Analytics,GuruculRiskAnalytics539126,Documentation, ka0Rm0000005GSaIAM,Pivotal HD,PivotalHD563703,Documentation, ka0Rm0000005GVBIA2,Kaspersky Threat Intelligence Portal,KasperskyThreatIntelligencePortal564338,Documentation, ka0Rm0000005GRgIAM,Symantec Zero Trust Network Access (ZTNA),SymantecZeroTrustNetworkAccess-ZTNA712589,v2,Documentation, ka0Rm0000005GU2IAM,Digital Guardian,DigitalGuardian558701,Documentation, ka0Rm0000005GWpIAM,McAfee Database Security,McAfeeDatabaseSecurity557242,4.2, 5.x,Documentation, ka0Rm0000005GS4IAM,IBM Guardium SQL Guard,IBMGuardiumSQLGuard565094,7, 8.0.2, 9.5.x,Documentation, ka0Rm0000005GQSIA2,RSA NetWitness Platform Malware Analysis,RSANetWitnessPlatformMalwareAnalysis565816,1.0.5.0,Documentation, ka0Rm0000005GWsIAM,McAfee Network Security Platform,McAfeeNetworkSecurityPlatform556097,2.1, 3.1, 4.1, 5.1, 6.1, 7.1, 8.x, 9.x,Documentation, ka0Rm0000005GRnIAM,Motorola AirDefense Enterprise Console,MotorolaAirDefenseEnterpriseConsole557505,7.2, 7.3, 8.1, 9.0,Documentation, ka0Rm0000005GXIIA2,Palo Alto Enterprise Firewall,PaloAltoEnterpriseFirewall565924,PAN OS versions 3.0, 4.0.7, 5.0, 6.0, 6.1, 6.1.x, 7.0, 7.1, 8.x, 9.x, 10.x,Documentation, ka0Rm0000005GSTIA2,McAfee VirusScan Enterprise,McAfeeVirusScanEnterprise565953,8.x,Documentation, ka0Rm0000005GSMIA2,Netskope,Netskope559442,API v2,Documentation, ka0Rm0000005GWxIAM,F5 Firepass SSL VPN,F5FirepassSSLVPN542452,5.5-20051019, 7.0.1,Documentation, ka0Rm0000005GWwIAM,F5 SSL Orchestrator,F5SSLOrchestrator563924,Documentation, ka0Rm0000005GYEIA2,CiscoWorks LAN Management Solution,CiscoWorksLANManagementSolution557214,3.2, 4.0,Documentation, ka0Rm0000005GY5IAM,Citrix Access Gateway,CitrixAccessGateway543857,4.5, 4.6, 5.0,Documentation, ka0Rm0000005GRkIAM,Kubernetes,Kubernetes695364,1.18,Documentation, ka0Rm0000005GWZIA2,CyberSponse CyOps,CyberSponseCyOps563828,Documentation, ka0Rm0000005GS8IAM,Acalvio ShadowPlex,AcalvioShadowPlex563426,2017.07,Documentation, ka0Rm0000005GUDIA2,RSA NetWitness Endpoint (formerly ECAT),RSANetWitnessEndpoint-formerlyECAT558834,3.4, 4.x,Documentation, ka0Rm0000005GU8IAM,VMware vRealize Operations Manager,VMwarevRealizeOperationsManager542843,5.8.2, 6.0,Documentation, ka0Rm0000005GYDIA2,CyberArk Account Security and Identity Management,CyberArkAccountSecurityandIdentityManagement563793,Documentation, ka0Rm0000005GRsIAM,Array Networks SPX Series Universal Access Controllers,ArrayNetworksSPXSeriesUniversalAccessControllers522823,8.4.6,Documentation, ka0Rm0000005GWaIAM,BeyondTrust PowerBroker Servers,BeyondTrustPowerBrokerServers532649,Documentation, ka0Rm0000005GU5IAM,Arbor Networks Peakflow X,ArborNetworksPeakflowX545079,4.1,Documentation, ka0Rm0000005GXrIAM,Cisco Secure Access Control Server (ACS),CiscoSecureAccessControlServer-ACS560298,Software only: 4.2,Documentation, ka0Rm0000005GShIAM,IBM WebSphere DataPower,IBMWebSphereDataPower557741,3.8.1, 7.x,Documentation, ka0Rm0000005GSYIA2,cPacket Networks CVU Family,cPacketNetworksCVUFamily563819,Documentation, ka0Rm0000005GQOIA2,RSA Data Protection Manager (formerly RSA Key Manager),RSADataProtectionManager-formerlyRSAKeyManager540679,2.1.3, 2.5, 2.7, 3.1,Documentation, ka0Rm0000005GU3IAM,RSA Archer Suite,RSAArcherSuite565715,5.1, 5.5.1, 6.x,Documentation, ka0Rm0000005GVKIA2,Siemplify ThreatNexus,SiemplifyThreatNexus563812,2.5,Documentation, ka0Rm0000005GY1IAM,Barracuda Spam Firewall,BarracudaSpamFirewall551981,3.4, 3.5, 6.1.x, 8.x,Documentation, ka0Rm0000005GRtIAM,Symantec DLP (part of Broadcom Inc.),SymantecDLP-partofBroadcomInc561530,10.5.1, 11, 12.x, 14.x, 15.x,Documentation, ka0Rm0000005GRyIAM,CA ACF2 (formerly IBM Mainframe ACF2),CAACF2-formerlyIBMMainframeACF2547169,Supported Platforms : z/OS v1.9, v1.10, v1.11, v1.12, and v1.13,Documentation, ka0Rm0000005GReIAM,Cisco 3300 Series Mobility Services Engine,Cisco3300SeriesMobilityServicesEngine548219,5.2.91.0, 6.0.97.0, 7.0.105.0,Documentation, ka0Rm0000005GXfIAM,Amazon AWS Cloudwatch,AmazonAWSCloudwatch570164,API v1.0,Documentation, ka0Rm0000005GQYIA2,LANDesk Management Suite,LANDeskManagementSuite566739,9.0 Service Pack 2, 9.5,Documentation, ka0Rm0000005GXhIAM,Amazon AWS AppFabric,AmazonAWSAppFabric595235,N/A,Documentation, ka0Rm0000005GS3IAM,Cloudera Navigator,ClouderaNavigator565933,4.8, 5.x,Documentation, ka0Rm0000005GYCIA2,ALTOR (A Juniper Networks Company) Security Suite,ALTOR-AJuniperNetworksCompanySecuritySuite563509,4,Documentation, ka0Rm0000005GWnIAM,Symantec Data Center Security,SymantecDataCenterSecurity698385,6.9,Documentation, ka0Rm0000005GYBIA2,ALTOR (A Juniper Networks Company) Security Suite,ALTOR-AJuniperNetworksCompanySecuritySuite563499,4,Documentation, ka0Rm0000005GVOIA2,BluVector Cortex,BluVectorCortex552390,3.1,Documentation, ka0Rm0000005GU9IAM,Bayshore Networks SingleKey,BayshoreNetworksSingleKey554529,6.3,Documentation, ka0Rm0000005GWjIAM,Symantec Data Center Security,SymantecDataCenterSecurity716923,6.9,Documentation, ka0Rm0000005GWiIAM,Radware DefensePro,RadwareDefensePro566476,5.01.02, 6.05, 8.x,Documentation, ka0Rm0000005GSXIA2,Juniper Networks NetScreen-Security Manager,JuniperNetworksNetScreen-SecurityManager541970,2006, 2007, 2010, 2011, 2012,Documentation, ka0Rm0000005GS7IAM,Cisco IronPort Email Security Appliance,CiscoIronPortEmailSecurityAppliance558005,5.7.0, 7.1.3, 8.0.1, 8.5.x, 11.x,Documentation, ka0Rm0000005GWoIAM,Cisco Prime Infrastructure & Wireless Control System,CiscoPrimeInfrastructureWirelessControlSystem565798,Prime Infrastructure: 1.1, 1.2, 2.0, 2.1,Documentation, ka0Rm0000005GWVIA2,Cisco Nexus,CiscoNexus548833,1000V, 5000V and 7000V,Documentation, ka0Rm0000005GS5IAM,Infoblox NIOS,InfobloxNIOS565898,5.1, 6.4.5, 8.x,Documentation, ka0Rm0000005GY8IAM,Carbon Black Cb Response,CarbonBlackCbResponse563719,N/A,Documentation, ka0Rm0000005GRhIAM,Safestone DetectIT,SafestoneDetectIT527644,14.3,Documentation, ka0Rm0000005GWhIAM,Git,Git565735,1.7.6,Documentation, ka0Rm0000005GXgIAM,Palo Alto Enterprise Firewall,PaloAltoEnterpriseFirewall564406,Documentation, ka0Rm0000005GWgIAM,Dell iDRAC,DelliDRAC558570,DRAC 5, iDrac 6, iDRAC 9.x,Documentation, ka0Rm0000005GWcIAM,Dell EMC VNX (formerly Clariion Navisphere),DellEMCVNX-formerlyClariionNavisphere542598,Navisphere 6.28 and Unisphere 1.1,Documentation, ka0Rm0000005GWRIA2,Dell EMC VPLEX,DellEMCVPLEX561078,all,Documentation, ka0Rm0000005GPjIAM,CorreLog, Inc. SIEM Agent for IBM z/OS (part of BMC Software, Inc.),CorreLog-Inc-SIEMAgentforIBMz-OS-partofBMCSoftware-Inc563802,5.5.1 z/OS,Documentation, ka0Rm0000005GY9IAM,Akamai Kona Site Defender,AkamaiKonaSiteDefender565874,1,Documentation, ka0Rm0000005GUtIAM,Microsoft Windows (Legacy),MicrosoftWindows-Legacy542180,Microsoft Windows Server versions 2003 and earlier,Documentation, ka0Rm0000005GVLIA2,Brocade FastIron Switch,BrocadeFastIronSwitch565298,FGS624P- STK,Documentation, ka0Rm0000005GUVIA2,Microsoft Windows (via Adiscon Event Reporter, Intersect Alliance SNARE),MicrosoftWindows-viaAdisconEventReporter-IntersectAllianceSNARE565982,NT | 2000 | XP | 2003 | Vista Business, Ultimate and Enterprise | Server 2008, 2008 Enterprise with Hyper-V | Server 2008 R2 Standard, Enterprise, and Datacenter | Web Server 2008 R2 | Windows 7 Professional, Ultimate, and Enterprise | Server 2012 | Server 2016 | Server 2019 | Windows 8 and 10,Documentation, ka0Rm0000005GPxIAM,Cyberoam UTM,CyberoamUTM544010,10.04.3,Documentation, ka0Rm0000005GWlIAM,Dell EMC Symmetrix Solutions Enabler,DellEMCSymmetrixSolutionsEnabler545796,6.4, 6.5.3, 7.0, 7.1, 7.3.0.1, 7.6.1,Documentation, ka0Rm0000005GXGIA2,Entrust Identity Guard,EntrustIdentityGuard542711,10.1,Documentation, ka0Rm0000005GPpIAM,CoreTrace Bouncer,CoreTraceBouncer563690,6.0.1,Documentation, ka0Rm0000005GPzIAM,Trellix ePolicy Orchestrator,TrellixePolicyOrchestrator716905,7.2,Documentation, ka0Rm0000005GRlIAM,Cisco Network Admission Control (NAC),CiscoNetworkAdmissionControl-NAC548232,4.7, 4.9,Documentation, ka0Rm0000005GQBIA2,Trellix ePolicy Orchestrator (formerly McAfee ePolicy Orchestrator),TrellixePolicyOrchestrator-formerlyMcAfeeePolicyOrchestrator562778,3.5, 3.6.0, 3.6.1, 4.0, 4.5, 4.6, 5.x,Documentation, ka0Rm0000005GWeIAM,Dell EMC Voyence,DellEMCVoyence561177,4.0.1,Documentation, ka0Rm0000005GSWIA2,McAfee Security for Microsoft Exchange,McAfeeSecurityforMicrosoftExchange557724,8.x,Documentation, ka0Rm0000005GUmIAM,Universal REST API,UniversalRESTAPI678337,API v1.0,Documentation, ka0Rm0000005GXYIA2,Fortinet FortiGate,FortinetFortiGate572447,2.8, 3.0, 4.0 MR1, 4.0 MR2, 5.x, 6.x, 7.4.4,Documentation, ka0Rm0000005GRvIAM,Pulse Connect Secure (formerly Juniper SSL VPN),PulseConnectSecure-formerlyJuniperSSLVPN565829,5.4, 5.5, 6.0, 6.2 R2, 6.5 R2, 7.0 R2, 7.1 R5, 7.2 R1, 8.0, 8.0 R7.1, 8.x, and 9.x,Documentation, ka0Rm0000005GXHIA2,Fortinet FortiMail,FortinetFortiMail556549,4.0, 5.2, 6.x,Documentation, ka0Rm0000005GWqIAM,FireEye Web Malware Protection System,FireEyeWebMalwareProtectionSystem566008,6.x, 7.x, 8.x, 9.x,Documentation, ka0Rm0000005GQCIA2,CoreTrace Bouncer,CoreTraceBouncer533102,Documentation, ka0Rm0000005GXXIA2,Oracle iPlanet Web Server,OracleiPlanetWebServer544236,6.1, 7.0,Documentation, ka0Rm0000005GRqIAM,HelpSystems PowerTech Interact,HelpSystemsPowerTechInteract563220,3,Documentation, ka0Rm0000005GWSIA2,Oracle Database Vault,OracleDatabaseVault540456,10g R2,Documentation, ka0Rm0000005GUpIAM,Microsoft Windows (via NetWitness Endpoint),MicrosoftWindows-viaNetWitnessEndpoint564851,Windows 7, 8, 8.1, 10 | Windows Server 2008, 2012, 2016, 2019,Documentation, ka0Rm0000005GXOIA2,DataSunrise Database Security Suite,DataSunriseDatabaseSecuritySuite542564,3.7,Documentation, ka0Rm0000005GWkIAM,IBM Mainframe IMS,IBMMainframeIMS565701,Mainframe z/OS v1.9, v1.10, v1.11, v1.12 and v1.13,Documentation, ka0Rm0000005GWfIAM,IBM Mainframe IPSec,IBMMainframeIPSec546441,Mainframe z/OS v1.9, v1.10, v1.11, v1.12 and v1.13,Documentation, ka0Rm0000005GQHIA2,AirTight Networks SpectraGuard Enterprise,AirTightNetworksSpectraGuardEnterprise563184,6.5, 6.6, 6.7,Documentation, ka0Rm0000005GQGIA2,AirTight Networks SpectraGuard Enterprise,AirTightNetworksSpectraGuardEnterprise563443,6.5, 6.6, 6.7,Documentation, ka0Rm0000005GRzIAM,AirMagnet Enterprise,AirMagnetEnterprise539459,7.5, 8.5, 10.1,Documentation, ka0Rm0000005GWWIA2,IBM Mainframe ICSF,IBMMainframeICSF565653,Mainframe z/OS v1.9, v1.10, v1.11, v1.12 and v1.13,Documentation, ka0Rm0000005GQ0IAM,Amazon S3 Universal Connector,AmazonS3UniversalConnector595235,API v1.0,Documentation, ka0Rm0000005GV7IAM,Extreme Networks Switch (formerly Enterasys Switch,ExtremeNetworksSwitch-formerlyEnterasysSwitch565948,S-Series,Documentation, ka0Rm0000005GRjIAM,Nominum Vantio (part of Akamai),NominumVantio-partofAkamai563883,5.2,Documentation, ka0Rm0000005GUeIAM,F-Secure,F-Secure564553,5.x,Documentation, ka0Rm0000005GRcIAM,PAS Global ICS,PASGlobalICS544768,Documentation, ka0Rm0000005GWUIA2,Interface Masters Niagara 2299,InterfaceMastersNiagara2299563873,Documentation, ka0Rm0000005GWYIA2,Interface Masters Niagara 4272,InterfaceMastersNiagara4272563336,Documentation, ka0Rm0000005GQJIA2,Radiflow iSID,RadiflowiSID542709,N/A,Documentation, ka0Rm0000005GXJIA2,VMware Workspace ONE UEM,VMwareWorkspaceONEUEM611277,1904 & above,Documentation, ka0Rm0000005GQIIA2,Arbor Networks Peakflow SP5,ArborNetworksPeakflowSP5565857,5.X, 9.X,Documentation, ka0Rm0000005GXZIA2,Hewlett Packard Integrity NonStop Server,HewlettPackardIntegrityNonStopServer566037,All NonStop OS releases supported by HP,Documentation, ka0Rm0000005GUlIAM,HelpSystems PowerTech Interact,HelpSystemsPowerTechInteract532811,Documentation, ka0Rm0000005GV2IAM,Custom JDBC,CustomJDBC699656,Any version of Oracle or ibmdb2,Documentation, ka0Rm0000005GUrIAM,Symantec Web Security Services (part of Broadcom Inc.),SymantecWebSecurityServices-partofBroadcomInc663427,API v1.0,Documentation, ka0Rm0000005GRoIAM,Dell EMC Avamar,DellEMCAvamar562813,4.1, 6.0, 7.0,Documentation, ka0Rm0000005GRmIAM,Avecto Privilege Guard,AvectoPrivilegeGuard563709,3.5,Documentation, ka0Rm0000005GXcIAM,GlobalSCAPE Enhanced File Transfer (EFT) Server,GlobalSCAPEEnhancedFileTransfer-EFTServer541106,all versions up to 6.3.8,Documentation, ka0Rm0000005GQAIA2,SonicWall E-Class SRA / Aventail SSL VPN,SonicWallE-ClassSRA-AventailSSLVPN565984,8.8, 9.0, 10.x,Documentation, ka0Rm0000005GWzIAM,Gigamon SSL Solution,GigamonSSLSolution563397,Documentation, ka0Rm0000005GXRIA2,Linux (Novell SuSE),Linux-NovellSuSE566301,9, 10, 10.2, 11, 12.x, 15,Documentation, ka0Rm0000005GUZIA2,Cisco Secure IDS or IPS,CiscoSecureIDSorIPS565839,4.x, 5.0, 5.1, 6.0, 6.1, 6.2, 7.x; Signature Engines: E1, E2, E3, E4,Documentation, ka0Rm0000005GRrIAM,CA ACF2 (formerly IBM Mainframe ACF2),CAACF2-formerlyIBMMainframeACF2564148,Versions : r14 and higher,Documentation, ka0Rm0000005GWbIAM,DFLabs IncMan,DFLabsIncMan563455,4.5+,Documentation, ka0Rm0000005GQ2IAM,Safend Protector,SafendProtector544089,3.x,Documentation, ka0Rm0000005GXUIA2,Blue Coat Systems Inc. Director (part of Broadcom Inc.),BlueCoatSystemsInc-Director-partofBroadcomInc542665,5.5.1.1, 5.5.2.3, 6.1.1.1,Documentation, ka0Rm0000005GUgIAM,CA Top Secret,CATopSecret563923,z/OS,Documentation, ka0Rm0000005GUsIAM,STEALTHbits StealthINTERCEPT,STEALTHbitsStealthINTERCEPT563348,3.3,Documentation, ka0Rm0000005GQ9IAM,Oracle Solaris Basic Security Model (BSM),OracleSolarisBasicSecurityModel-BSM565894,8, 9, 10, 11,Documentation, ka0Rm0000005GQ5IAM,Oracle MySQL Enterprise,OracleMySQLEnterprise542364,5.x,Documentation, ka0Rm0000005GUYIA2,SSH Communications Security CryptoAuditor,SSHCommunicationsSecurityCryptoAuditor564502,Documentation, ka0Rm0000005GRTIA2,Array Networks SPX Series Universal Access Controllers,ArrayNetworksSPXSeriesUniversalAccessControllers563577,8.4.6,Documentation, ka0Rm0000005GS1IAM,PostgreSQL,PostgreSQL564523,8.4,9.x,15.x,Documentation, ka0Rm0000005GR3IAM,Cofense Intelligence (formerly PhishMe),CofenseIntelligence-formerlyPhishMe561372,Documentation, ka0Rm0000005GWOIA2,ESET Remote Administrator,ESETRemoteAdministrator563902,4.0, 5.0,Documentation, ka0Rm0000005GXCIA2,BigFix Enterprise Suite,BigFixEnterpriseSuite538518,7.2,Documentation, ka0Rm0000005GXaIAM,Symantec Endpoint Protection (part of Broadcom Inc.),SymantecEndpointProtection-partofBroadcomInc563478,9.0, 10.0, 10.1, 10.2, 11, 11.0.5, 11.0.6, 12, 14, 15 (Syslog only),Documentation, ka0Rm0000005GWdIAM,IBM DB2 Universal Database,IBMDB2UniversalDatabase555424,7, 8, 8.1, 9.1, 9.5, 9.7, 10.x, 11.5.6 (File Collection for AIX),Documentation, ka0Rm0000005GXWIA2,Symantec DeepSight Intelligence (part of Broadcom Inc.),SymantecDeepSightIntelligence-partofBroadcomInc563121,Documentation, ka0Rm0000005GUXIA2,Check Point GAiA,CheckPointGAiA565879,R77.20,Documentation, ka0Rm0000005GRIIA2,Picus,Picus655447,APIv1.0,Documentation, ka0Rm0000005GRCIA2,Trustwave DbProtect (formerly Application Security; part of Singtel),TrustwaveDbProtect-formerlyApplicationSecurity-partofSingtel539895,6,Documentation, ka0Rm0000005GWtIAM,Kernel Based Virtual Machine (KVM),KernelBasedVirtualMachine-KVM565586,2.6.32-220,Documentation, ka0Rm0000005GUhIAM,Check Point IPSO (formerly Nokia IPSO),CheckPointIPSO-formerlyNokiaIPSO547465,3.6, 3.7, 3.8, 3.9, 6.2,Documentation, ka0Rm0000005GV1IAM,Huawei VRP,HuaweiVRP566936,5.x, 6.x, 8.x,Documentation, ka0Rm0000005GWFIA2,Tenable Nessus,TenableNessus539488,Documentation, ka0Rm0000005GUfIAM,Check Point Security Suite (IPS-1),CheckPointSecuritySuite-IPS-1565223,R76, R77.x, R80.x, R81.10,Documentation, ka0Rm0000005GRpIAM,Blackberry Ltd Enterprise Server,BlackberryLtdEnterpriseServer561332,5.x,Documentation, ka0Rm0000005GXSIA2,Linux (Debian GNU),Linux-DebianGNU566301,3.1, 4.0,Documentation, ka0Rm0000005GWPIA2,ESET Remote Administrator,ESETRemoteAdministrator533015,Documentation, ka0Rm0000005GPqIAM,AttackIQ Platform,AttackIQPlatform568323,Dec-20,Documentation, ka0Rm0000005GXDIA2,Nozomi Networks,NozomiNetworks710790,N/A,Documentation, ka0Rm0000005GUkIAM,Cimcor CimTrak,CimcorCimTrak533084,Documentation, ka0Rm0000005GWvIAM,Network Critical SmartNAx Series,NetworkCriticalSmartNAxSeries564385,Documentation, ka0Rm0000005GWXIA2,Ixia Vision ONE (part of Keysight),IxiaVisionONE-partofKeysight559869,Documentation, ka0Rm0000005GWTIA2,Juniper Steel-Belted Radius,JuniperSteel-BeltedRadius557486,5.4, 6.x,Documentation, ka0Rm0000005GWyIAM,BigFix Enterprise Suite,BigFixEnterpriseSuite716975,7.2,Documentation, ka0Rm0000005GQ7IAM,Palo Alto Prisma Access,PaloAltoPrismaAccess706762,2.1 Schema,Documentation, ka0Rm0000005GUcIAM,Slack,Slack564461,Documentation, ka0Rm0000005GWAIA2,nCircle Configuration Compliance Manager,nCircleConfigurationComplianceManager543959,5.1,Documentation, ka0Rm0000005GPmIAM,McAfee Endpoint Security,McAfeeEndpointSecurity716832,10.x,Documentation, ka0Rm0000005GV4IAM,Apcon IntellaPatch Series 3000 Network Monitoring Switch,ApconIntellaPatchSeries3000NetworkMonitoringSwitch565309,4.34.2,Documentation, ka0Rm0000005GRJIA2,Lieberman Enterprise Random Password Manager (ERPM),LiebermanEnterpriseRandomPasswordManager-ERPM564375,4.83.6,Documentation, ka0Rm0000005GRMIA2,Cisco Unified Computing System Manager,CiscoUnifiedComputingSystemManager540550,1.0 (2d),Documentation, ka0Rm0000005GWJIA2,F5 BIG-IP Advanced Firewall Manager,F5BIG-IPAdvancedFirewallManager542942,11.5,Documentation, ka0Rm0000005GXFIA2,Intersect Alliance Snare for Linux,IntersectAllianceSnareforLinux565579,3.7 and later,Documentation, ka0Rm0000005GPyIAM,Bind DNS,BindDNS559613,Bind: 9.x, 11,Documentation, ka0Rm0000005GXQIA2,Dell EMC NetWorker,DellEMCNetWorker548781,7.6 SP2,Documentation, ka0Rm0000005GUTIA2,RSA Web Threat Detection (formerly Silver Tail System Forensics and Mitigator),RSAWebThreatDetection-formerlySilverTailSystemForensicsandMitigator547557,Forensics 1.x, 2.x, and 3.x,Documentation, ka0Rm0000005GR1IAM,Raz-Lee iSecurity for IBM iSeries,Raz-LeeiSecurityforIBMiSeries564452,11.4,Documentation, ka0Rm0000005GXKIA2,Jamf Protect,JamfProtect698580,API v1.0,Documentation, ka0Rm0000005GRNIA2,Riverbed Cascade Profiler (formerly known as mazu Profiler),RiverbedCascadeProfiler-formerlyknownasmazuProfiler545684,5.5.2, 6.0, 7.0, 9.5.1,Documentation, ka0Rm0000005GV0IAM,J4Care Healthcare Connector,J4CareHealthcareConnector545610,N/A,Documentation, ka0Rm0000005GWLIA2,CrowdStrike Falcon,CrowdStrikeFalcon708951,N/A,Documentation, ka0Rm0000005GR2IAM,Radware AppWall,RadwareAppWall533171,Documentation, ka0Rm0000005GWuIAM,Attivo ThreatMatrix Platform,AttivoThreatMatrixPlatform563606,4.x,Documentation, ka0Rm0000005GXbIAM,STEALTHbits StealthINTERCEPT,STEALTHbitsStealthINTERCEPT532708,Documentation, ka0Rm0000005GRYIA2,RSA Access Manager,RSAAccessManager547172,6.0, 6.2 on Solaris, Windows, and Linux,Documentation, ka0Rm0000005GXBIA2,BeyondTrust Retina Network Security Scanner (formerly eEye Retina Network Security Scanner),BeyondTrustRetinaNetworkSecurityScanner-formerlyeEyeRetinaNetworkSecurityScanner565890,5.1,Documentation, ka0Rm0000005GX0IAM,RSA SecurID Access Cloud Authentication Service,RSASecurIDAccessCloudAuthenticationService563425,All latest versions,Documentation, ka0Rm0000005GRQIA2,ManageEngine Netflow Analyzer,ManageEngineNetflowAnalyzer543022,8.0, 9.5,Documentation, ka0Rm0000005GUaIAM,Ixia CloudLens (part of Keysight),IxiaCloudLens-partofKeysight564238,Documentation, ka0Rm0000005GXLIA2,Qualys Vulnerability Management,QualysVulnerabilityManagement566098,API V2.0,Documentation, ka0Rm0000005GWKIA2,Gigamon GigaSECURE OpenStack,GigamonGigaSECUREOpenStack563479,Documentation, ka0Rm0000005GPtIAM,M86 Secure Web Gateway (part of Trustwave),M86SecureWebGateway-partofTrustwave532848,Documentation, ka0Rm0000005GPoIAM,McAfee Endpoint Encryption,McAfeeEndpointEncryption561430,5.2.2. 5.2.12,Documentation, ka0Rm0000005GUqIAM,Soltra Edge,SoltraEdge563551,Documentation, ka0Rm0000005GWEIA2,IBM DB2,IBMDB2699658,7, 8, 8.1, 9.1, 9.5, 9.7, 10.x,Documentation, ka0Rm0000005GWCIA2,IBM AIX,IBMAIX561689,5L (Security and Authentication messages only), 6.1, 7.x,Documentation, ka0Rm0000005GV9IAM,Sendmail,Sendmail565988,Sendmail : 8.x,Documentation, ka0Rm0000005GWNIA2,IBM WebSphere,IBMWebSphere565992,6.0.0.1, 7.0.0.9, 8.0, 8.5,Documentation, ka0Rm0000005GWGIA2,Symantec Endpoint Security Incidents,SymantecEndpointSecurityIncidents694800,14.3.x,Documentation, ka0Rm0000005GWQIA2,Damballa Failsafe,DamballaFailsafe544585,5.0.2, 6.2.0,Documentation, ka0Rm0000005GRBIA2,Jenkins,Jenkins561376,1.58, 1.8.x, 2.x,Documentation, ka0Rm0000005GUzIAM,RSA Data Loss Prevention Suite,RSADataLossPreventionSuite556523,7.0.0, 8.0, 8.0 SP1, 8.5, 8.8, 9.x,Documentation, ka0Rm0000005GV3IAM,RSA Federated Identity Manager,RSAFederatedIdentityManager547655,4.1,Documentation, ka0Rm0000005GRGIA2,Absolute Data and Device Security (DDS),AbsoluteDataandDeviceSecurity-DDS562882,Absolute DDS Customer Center 5.26+, SIEM Connector 1.1,Documentation, ka0Rm0000005GStIAM,General Electric (GE) Centricity PACS-IW,GeneralElectric-GECentricityPACS-IW565904,3.7.3,Documentation, ka0Rm0000005GSmIAM,Squid,Squid563392,2.5.9, 2.7, 3.x,Documentation, ka0Rm0000005GW8IAM,Avocent IP KVM,AvocentIPKVM544368,Dell PowerEdge 2161DS-2,Documentation, ka0Rm0000005GREIA2,DenyAll WAF (formerly Bee Ware Web Application Firewall),DenyAllWAF-formerlyBeeWareWebApplicationFirewall545160,5.x,Documentation, ka0Rm0000005GSwIAM,Gigamon GigaVUE FM Series,GigamonGigaVUEFMSeries699230,Documentation, ka0Rm0000005GUvIAM,Proofpoint Email Security,ProofpointEmailSecurity565746,6.3, 7.2, 7.5, 8.x,Documentation, ka0Rm0000005GRLIA2,VMware vCenter Server,VMwarevCenterServer543602,VirtualCenter Server: 2.0.2, 2.5vCenter Server: 4.1, 5.0, 5.1, 5.5, 6.x,Documentation, ka0Rm0000005GSlIAM,Citrix XenApp,CitrixXenApp539356,5 (for Windows Server 2003), 6, 6.5, 7.x,Documentation, ka0Rm0000005GXMIA2,CyberArk Account Security and Identity Management,CyberArkAccountSecurityandIdentityManagement530256,Documentation, ka0Rm0000005GR4IAM,Cisco Virtual Security Gateway,CiscoVirtualSecurityGateway540492,4.2(1)VSG(1),Documentation, ka0Rm0000005GSuIAM,Linux (CentOS),Linux-CentOS539991,6,Documentation, ka0Rm0000005GPlIAM,Imperva SecureSphere,ImpervaSecureSphere546885,6, 7, 8, 8.5, 9.0, 9.5,10.0,Documentation, ka0Rm0000005GWHIA2,NetApp Data ONTAP,NetAppDataONTAP565756,6.x, 7.0-7.3.1.1, 8.x, 9.x,Documentation, ka0Rm0000005GWMIA2,HyTrust CloudControl (formerly HyTrust Appliance),HyTrustCloudControl-formerlyHyTrustAppliance565960,Appliance: 2.0.10264, 2.5.1, 3.0.2, 3.6,Documentation, ka0Rm0000005GWIIA2,Anomali ThreatStream Intelligence Platform,AnomaliThreatStreamIntelligencePlatform563531,Documentation, ka0Rm0000005GRSIA2,Senrio Insight,SenrioInsight552323,1,Documentation, ka0Rm0000005GWBIA2,Cymulate Integration,CymulateIntegration597558,Documentation, ka0Rm0000005GSrIAM,IBM Tivoli Access Manager WebSEAL,IBMTivoliAccessManagerWebSEAL565760,6.0, 7.x, 9.x,Documentation, ka0Rm0000005GQ8IAM,IBM Tivoli Access Manager ESSO,IBMTivoliAccessManagerESSO555793,8.0.1,Documentation, ka0Rm0000005GQ3IAM,IBM MQ (formerly branded as WebSphere MQ),IBMMQ-formerlybrandedasWebSphereMQ540740,7.0.1,Documentation, ka0Rm0000005GUnIAM,RSA SecurID Access Identity Router (formerly Via Access),RSASecurIDAccessIdentityRouter-formerlyViaAccess563425,All latest versions,Documentation, ka0Rm0000005GUiIAM,McAfee Firewall Enterprise,McAfeeFirewallEnterprise565021,6.1.1.x, 6.1.2.x, 7.0.0.x, 8.0, 8.x,Documentation, ka0Rm0000005GPkIAM,IBM Mainframe Syslog and Hardcopy Log Facility,IBMMainframeSyslogandHardcopyLogFacility565885,Mainframe z/OS v1.9, v1.10, v1.11, v1.12, v1.13, 2.x,Documentation, ka0Rm0000005GUjIAM,LogRhythm Platform,LogRhythmPlatform554836,Documentation, ka0Rm0000005GSsIAM,Carbon Black Cb Response,CarbonBlackCbResponse554347,Documentation, ka0Rm0000005GWDIA2,Cyware Integration,CywareIntegration662649,Documentation, ka0Rm0000005GPsIAM,M86 Secure Web Gateway (part of Trustwave),M86SecureWebGateway-partofTrustwave563154,10.1, 10.2,Documentation, ka0Rm0000005GQ1IAM,CA Top Secret,CATopSecret535508,Documentation, ka0Rm0000005GUxIAM,Bit9 Security Platform,Bit9SecurityPlatform538617,6.0.2, 7.0, 7.2,Documentation, ka0Rm0000005GPwIAM,CA SiteMinder,CASiteMinder524755,Documentation, ka0Rm0000005GSjIAM,McAfee Vulnerability Manager,McAfeeVulnerabilityManager565953,5.0, 6.5.1, 6.8, 7.0, 7.5,Documentation, ka0Rm0000005GPLIA2,Stonesoft StoneGate Management Center (part of Forcepoint LLC.),StonesoftStoneGateManagementCenter-partofForcepointLLC563163,5.3,Documentation, ka0Rm0000005GSoIAM,Anomali Link,AnomaliLink633181,API v1.0,Documentation, ka0Rm0000005GQzIAM,Cisco Advanced Malware Protection (AMP) for Endpoints,CiscoAdvancedMalwareProtection-AMPforEndpoints566848,All,Documentation, ka0Rm0000005GW7IAM,IBM Tivoli Identity Manager,IBMTivoliIdentityManager555842,5.1,Documentation, ka0Rm0000005GPRIA2,Novell eDirectory,NovelleDirectory543056,8.8 for Windows and Linux,Documentation, ka0Rm0000005GW4IAM,Clearswift SECURE Gateway Suite,ClearswiftSECUREGatewaySuite563626,Web Gateway: 3.0,Documentation, ka0Rm0000005GUUIA2,Preempt Security Behavioral Firewall,PreemptSecurityBehavioralFirewall564397,2.2,Documentation, ka0Rm0000005GR6IAM,Solarwinds IPAM,SolarwindsIPAM565812,4.x,Documentation, ka0Rm0000005GUdIAM,Microsoft Azure Log Analytics Workspace,MicrosoftAzureLogAnalyticsWorkspace699033,All,Documentation, ka0Rm0000005GRHIA2,Splunk Phantom RSA NetWitness Logs & Network App,SplunkPhantomRSANetWitnessLogsNetworkApp563965,Documentation, ka0Rm0000005GUwIAM,OpenText Documentum,OpenTextDocumentum562842,6.5, 6.7, 7.0, 7.1,Documentation, ka0Rm0000005GV8IAM,OPSWAT MetaDefender,OPSWATMetaDefender547033,3.1,Documentation, ka0Rm0000005GPTIA2,Stonesoft StoneGate Management Center (part of Forcepoint LLC.),StonesoftStoneGateManagementCenter-partofForcepointLLC532748,Documentation, ka0Rm0000005GW1IAM,McAfee Network Data Loss Prevention (Reconnex),McAfeeNetworkDataLossPrevention-Reconnex556513,8.6, 9.x,Documentation, ka0Rm0000005GQFIA2,FireEye Mandiant Security Validation (formerly Verodin),FireEyeMandiantSecurityValidation-formerlyVerodin563985,Documentation, ka0Rm0000005GW0IAM,McAfee Network Access Control,McAfeeNetworkAccessControl545054,3.1.1,Documentation, ka0Rm0000005GSpIAM,Tripwire Enterprise,TripwireEnterprise565980,5.4, 5.5, 7.x, 8.x,Documentation, ka0Rm0000005GUoIAM,McAfee Integrity Control,McAfeeIntegrityControl565317,5.0.2, 5.1.0, 6.x,Documentation, ka0Rm0000005GRAIA2,Google Cloud Platform (GCP),GoogleCloudPlatform-GCP567868,API v1.0,Documentation, ka0Rm0000005GUyIAM,Oracle Access Manager,OracleAccessManager542343,10.1.4.0.3,11g R2,Documentation, ka0Rm0000005GSqIAM,Dell EMC Greenplum HD,DellEMCGreenplumHD565870,1.2,Documentation, ka0Rm0000005GW5IAM,Tenable Nessus,TenableNessus566061,NessusClient 1.0.2 Nessus 3.0.6, 4.0.1, 4.2, 4.4, 5.0, 7.x, 8.x,Documentation, ka0Rm0000005GRFIA2,IBM Mainframe RACF,IBMMainframeRACF546554,Mainframe z/OS v1.9, v1.10, v1.11, v1.12, v1.13, v2.1 and v2.2,Documentation, ka0Rm0000005GSkIAM,Dell EMC Isilon,DellEMCIsilon560316,6.5.3.32, 6.5.5.7.x, 8.x,Documentation, ka0Rm0000005GQ4IAM,F5 BIG-IP Application Security Manager,F5BIG-IPApplicationSecurityManager561539,10.2.0, 11.2, 11.5.x, 11.6,13.x, 14.x,Documentation, ka0Rm0000005GW3IAM,VMware AppDefense,VMwareAppDefense549818,API v1.0,Documentation, ka0Rm0000005GW9IAM,Fox Technologies Server Control,FoxTechnologiesServerControl568908,6.5, 6.6,Documentation, ka0Rm0000005GRVIA2,APCON Inc. IntellaFlex Series 3000,APCONInc-IntellaFlexSeries3000563538,Documentation, ka0Rm0000005GQDIA2,Microsoft Team Foundation Server (TFS),MicrosoftTeamFoundationServer-TFS565718,Microsoft TFS 2018,Documentation, ka0Rm0000005GRWIA2,Gigamon GigaSECURE,GigamonGigaSECURE563979,Documentation, ka0Rm0000005GSnIAM,Dell EMC Ionix Unified Infrastructure Manager,DellEMCIonixUnifiedInfrastructureManager562856,1.0, 2.1, 3.0, 3.1,Documentation, ka0Rm0000005GPnIAM,Cisco Application Control Engine,CiscoApplicationControlEngine565940,4710,Documentation, ka0Rm0000005GRKIA2,ThreatConnect Threat Intelligence Platform,ThreatConnectThreatIntelligencePlatform564491,Documentation, ka0Rm0000005GVxIAM,AirTight Management Console,AirTightManagementConsole565820,7.0, 7.1 U4,Documentation, ka0Rm0000005GRUIA2,Syncurity IR Flow,SyncurityIRFlow563466,Documentation, ka0Rm0000005GVvIAM,Clearswift SECURE Gateway Suite,ClearswiftSECUREGatewaySuite563762,Email Gateway: 3.6,Documentation, ka0Rm0000005GR0IAM,Fortinet Manager,FortinetManager563097,5.x, 6.x, 7.x,Documentation, ka0Rm0000005GUSIA2,Cisco Security Agent,CiscoSecurityAgent538550,4.0, 5.1, 6.0,Documentation, ka0Rm0000005GVyIAM,SkyHigh Networks Enterprise Connector,SkyHighNetworksEnterpriseConnector564355,3.3.3,Documentation, ka0Rm0000005GTzIAM,Oracle Audit Vault,OracleAuditVault540472,10.3, 12.x, 20.3,Documentation, ka0Rm0000005GP8IAM,Aruba Networks AirWave,ArubaNetworksAirWave539509,6.3.x, 6.4.x, 7.5.x,Documentation, ka0Rm0000005GVIIA2,Demisto Enterprise,DemistoEnterprise542360,Documentation, ka0Rm0000005GSVIA2,Dell PowerConnect 5324 Switch,DellPowerConnect5324Switch565421,1.0.0.47,Documentation, ka0Rm0000005GUJIA2,Amazon AWS Security Hub,AmazonAWSSecurityHub571544,API v1.0,Documentation, ka0Rm0000005GUIIA2,Amazon AWS GuardDuty,AmazonAWSGuardDuty566379,All,Documentation, ka0Rm0000005GW2IAM,Ixia Phantom vTap (part of Keysight),IxiaPhantomvTap-partofKeysight563848,Documentation, ka0Rm0000005GTxIAM,Alcatel-Lucent OmniSwitch,Alcatel-LucentOmniSwitch544595,6600, 6850, 9700,Documentation, ka0Rm0000005GVEIA2,FluentD,FluentD699520,1.15.1,Documentation, ka0Rm0000005GSPIA2,SECUDE Halocore,SECUDEHalocore563390,Halocore v3.8/ BI Launchpad 4.1 minimum SP2,Documentation, ka0Rm0000005GW6IAM,Enforcive Enterprise Security (part of Precisely),EnforciveEnterpriseSecurity-partofPrecisely563894,7.x,Documentation, ka0Rm0000005GRbIAM,FairWarning Privacy Monitoring,FairWarningPrivacyMonitoring561029,2.9.2, 4.x,Documentation, ka0Rm0000005GROIA2,DeepInspect,DeepInspect705623,2.1,Documentation, ka0Rm0000005GPCIA2,Symantec Brightmail (part of Broadcom Inc.),SymantecBrightmail-partofBroadcomInc542433,9.5.3,Documentation, ka0Rm0000005GUuIAM,NXLog,NXLog558769,Enterprise Edition,Documentation, ka0Rm0000005GPSIA2,Okta Workforce Identity Cloud,OktaWorkforceIdentityCloud713347,N/A,Documentation, ka0Rm0000005GPIIA2,Oracle Identity Manager,OracleIdentityManager540487,9.1,Documentation, ka0Rm0000005GPfIAM,Hewlett Packard UNIX,HewlettPackardUNIX529185,11.X, C2 v11.X,Documentation, ka0Rm0000005GPBIA2,Aruba Networks Mobility Controller,ArubaNetworksMobilityController554522,ArubaOS 2.5.4.0, 3.4, 6.x, 8.10.0.7,Documentation, ka0Rm0000005GVpIAM,Skyhigh Web Gateway (previously known as McAfee Web Gateway),SkyhighWebGateway-previouslyknownasMcAfeeWebGateway566056,6.8.5, 7.x, 8.x, 11.2.16,Documentation, ka0Rm0000005GPgIAM,Hewlett Packard ProCurve Switch,HewlettPackardProCurveSwitch565364,series 2600, 2800, 5300, 7510,Documentation, ka0Rm0000005GRXIA2,General Electric (GE) Centricity Enterprise Archive,GeneralElectric-GECentricityEnterpriseArchive563011,4,Documentation, ka0Rm0000005GSLIA2,F5 BIG-IP Access Policy Manager,F5BIG-IPAccessPolicyManager542913,10.2.0, 11.4 HF4, 11.5.2 HF1, 15.x,Documentation, ka0Rm0000005GVrIAM,Tufin SecureTrack,TufinSecureTrack569516,12.2, 20.1,Documentation, ka0Rm0000005GRPIA2,Claroty Platform,ClarotyPlatform553690,2.0, 2.1,Documentation, ka0Rm0000005GRRIA2,Symantec Endpoint Security Events,SymantecEndpointSecurityEvents694799,14.3.x,Documentation, ka0Rm0000005GVGIA2,BMC Remedy IT Service Management,BMCRemedyITServiceManagement538726,7.6.04,Documentation, ka0Rm0000005GQRIA2,Cisco Sourcefire Defense Center / SNORT,CiscoSourcefireDefenseCenter-SNORT566808,4.x, 5.x, 6.x,Documentation, ka0Rm0000005GVJIA2,ForeScout CounterACT,ForeScoutCounterACT564592,6.3.4.0, 7.x, 8.x,Documentation, ka0Rm0000005GSUIA2,Forcepoint Web Security (formerly Websense Web Security),ForcepointWebSecurity-formerlyWebsenseWebSecurity566685,5.5, 6.3, 7.0, 7.1, 7.5, 7.6, 7.7, 7.8.1, 7.8.4, 8.x,Documentation, ka0Rm0000005GSiIAM,Forcepoint Email Security),ForcepointEmailSecurity566642,8.x,Documentation, ka0Rm0000005GU1IAM,Actiance Vantage,ActianceVantage554322,12.2,Documentation, ka0Rm0000005GVzIAM,Varonis DatAdvantage,VaronisDatAdvantage565928,5.5, 5.9, (6.x for Syslog only),Documentation, ka0Rm0000005GVqIAM,UnboundID Identity Data Store,UnboundIDIdentityDataStore542475,4.5.1.1,Documentation, ka0Rm0000005GVnIAM,IBM Mainframe IDMS,IBMMainframeIDMS565825,Mainframe z/OS v1.9, v1.10, v1.11, v1.12 and v1.13,Documentation, ka0Rm0000005GVtIAM,Anomali STAXX,AnomaliSTAXX563518,Documentation, ka0Rm0000005GPFIA2,Kaspersky CyberTrace (formerly Threat Feed Service),KasperskyCyberTrace-formerlyThreatFeedService564601,Documentation, ka0Rm0000005GUMIA2,Lumension Endpoint Management and Security Suite,LumensionEndpointManagementandSecuritySuite566745,7,Documentation, ka0Rm0000005GVoIAM,Blue Coat Systems Inc. ProxyAV (part of Broadcom Inc.),BlueCoatSystemsInc-ProxyAV-partofBroadcomInc559837,3.3.1.2, 3.5.1.1,Documentation, ka0Rm0000005GSRIA2,Blue Coat Systems Inc. ProxySG SGOS (part of Broadcom Inc.),BlueCoatSystemsInc-ProxySGSGOS-partofBroadcomInc559837,4.x, 5.x, 6.x, 7.x,Documentation, ka0Rm0000005GPQIA2,Blue Coat Systems Inc. SSL Visibility Appliance (part of Broadcom Inc.),BlueCoatSystemsInc-SSLVisibilityAppliance-partofBroadcomInc563677,Documentation, ka0Rm0000005GPPIA2,BlueCat,BlueCat542549,Adonis 7.0,Documentation, ka0Rm0000005GPZIA2,SafeNet Hardware Security Module,SafeNetHardwareSecurityModule566000,6.2.0, 8.x,Documentation, ka0Rm0000005GUEIA2,McAfee Data Loss Prevention Endpoint,McAfeeDataLossPreventionEndpoint558876,2.2, 3.0, 9.0, 9.1, 9.2, 9.3, 9.4.x, 10.x,Documentation, ka0Rm0000005GULIA2,McAfee Data Loss Prevention Endpoint,McAfeeDataLossPreventionEndpoint716934,2.2, 3.0, 9.0, 9.1, 9.2, 9.3, 9.4.x, 10.x,Documentation, ka0Rm0000005GSeIAM,McAfee Host Intrusion Prevention (aka Entercept),McAfeeHostIntrusionPrevention-akaEntercept562877,6.0.1 supported on McAfee ePolicy Orchestrator 3.6.0, 3.6.1 7.0, 8.0 supported on McAfee ePolicy Orchestrator 4.0,Documentation, ka0Rm0000005GVuIAM,Dell EMC Greenplum Database,DellEMCGreenplumDatabase548759,4,Documentation, ka0Rm0000005GVwIAM,Dell EMC Data Protection Advisor,DellEMCDataProtectionAdvisor562824,5.6,Documentation, ka0Rm0000005GVsIAM,Dell EMC Data Domain,DellEMCDataDomain540227,5.1.0.4,Documentation, ka0Rm0000005GPUIA2,Oracle WebLogic Server,OracleWebLogicServer570696,10.0, 10.3, 10.3.2, 10.3.5, 10.3.6, 12.x,Documentation, ka0Rm0000005GR8IAM,Morphisec Endpoint Threat Prevention,MorphisecEndpointThreatPrevention563598,2.7,Documentation, ka0Rm0000005GRDIA2,Nominum Vantio (part of Akamai),NominumVantio-partofAkamai533152,Documentation, ka0Rm0000005GR7IAM,NETASQ Unified Manager,NETASQUnifiedManager561135,8.1.3, 9.0.2, 9.0.3.2,Documentation, ka0Rm0000005GR9IAM,Netflow,Netflow597791,5, 9,Documentation, ka0Rm0000005GUPIA2,Crossbeam C-Series,CrossbeamC-Series540804,4.x, 5.x, 6.x,Documentation, ka0Rm0000005GR5IAM,Cuckoo Sandbox,CuckooSandbox570780,Documentation, ka0Rm0000005GPGIA2,Sentryo ICS CyberVision (part of Cisco Systems),SentryoICSCyberVision-partofCiscoSystems564876,2.0.3,Documentation, ka0Rm0000005GQqIAM,Cisco Firepower System Event Streamer ( eStreamer),CiscoFirepowerSystemEventStreamer-eStreamer710780,6.x, 7.x,Documentation, ka0Rm0000005GVNIA2,Palo Alto Prisma Cloud,PaloAltoPrismaCloud597544,21.x,Documentation, ka0Rm0000005GTyIAM,Cisco Meraki,CiscoMeraki544791,MX60, GA 12.26,Documentation, ka0Rm0000005GQxIAM,Amazon AWS Detective,AmazonAWSDetective526458,API v1.0,Documentation, ka0Rm0000005GYPIA2,Splunk Phantom RSA Security Analytics App,SplunkPhantomRSASecurityAnalyticsApp542018,Documentation, ka0Rm0000005GUNIA2,Tenable.ot powered by Indegy,Tenable-otpoweredbyIndegy557757,3.x,Documentation, ka0Rm0000005GQTIA2,Oracle Database,OracleDatabase573310,8i, 9i, 10g, 11g, 11.2g, 12c (Mixed mode auditing and Unified auditing on Windows), 18c (Unified auditing on Unix and Windows), 19c (Unified auditing on Unix and Windows).,Documentation, ka0Rm0000005GUFIA2,Oracle Database (JDBC),OracleDatabase-JDBC699319,Oracle 11.xg, Oracle 12c, 18c, 19c (Unified auditing on Unix and Windows),Documentation, ka0Rm0000005GQWIA2,Microsoft Azure via Azure Audit,MicrosoftAzureviaAzureAudit716796,All,Documentation, ka0Rm0000005GQKIA2,McAfee Email Gateway (formerly CipherTrust IronMail),McAfeeEmailGateway-formerlyCipherTrustIronMail542785,5.5, 7.x,Documentation, ka0Rm0000005GVMIA2,GitHub Enterprise,GitHubEnterprise566028,2.8.x,Documentation, ka0Rm0000005GPEIA2,VMware Unified Access Gateway (UAG),VMwareUnifiedAccessGateway-UAG697195,2209,Documentation, ka0Rm0000005GYRIA2,Check Point SPLAT OS,CheckPointSPLATOS547409,R75, 77.10,Documentation, ka0Rm0000005GSgIAM,Symantec Critical Systems Protection (part of Broadcom Inc.),SymantecCriticalSystemsProtection-partofBroadcomInc571941,5.2.4, 5.2.8, 5.2.9,Documentation, ka0Rm0000005GYIIA2,Cisco Secure Access Control Server (ACS) Express,CiscoSecureAccessControlServer-ACSExpress548263,5,Documentation, ka0Rm0000005GPYIA2,Securonix SNYPR,SecuronixSNYPR541251,6,Documentation, ka0Rm0000005GSQIA2,Riverbed Steelhead,RiverbedSteelhead565684,7.0.2, 9.x,Documentation, ka0Rm0000005GPDIA2,VMware Orchestrator,VMwareOrchestrator542541,5.5,Documentation, ka0Rm0000005GVFIA2,Lieberman Enterprise Random Password Manager (ERPM),LiebermanEnterpriseRandomPasswordManager-ERPM563729,Documentation, ka0Rm0000005GPAIA2,Aruba Networks ClearPass Policy Manager,ArubaNetworksClearPassPolicyManager566328,5.2, 6.x,Documentation, ka0Rm0000005GQPIA2,McAfee Endpoint Security,McAfeeEndpointSecurity561104,10.x,Documentation, ka0Rm0000005GSfIAM,Fortinet FortiAnalyzer,FortinetFortiAnalyzer563097,5.x, 6.x, 7.x,Documentation, ka0Rm0000005GP9IAM,Juniper Networks JUNOS,JuniperNetworksJUNOS561098,6.1, JUNOS 9.4, 9.6, 10.0, 10.3, 10.4, 11.1, 11.2, 11.4, 12.1, 17.x,Documentation, ka0Rm0000005GYUIA2,SonicWALL Email Security,SonicWALLEmailSecurity544707,7.2,Documentation, ka0Rm0000005GYVIA2,SonicWALL Firewall,SonicWALLFirewall565845,SonicOS 5.8 and SonicOS Enhanced 6.x,Documentation, ka0Rm0000005GVDIA2,Lancope StealthWatch,LancopeStealthWatch545675,5.5, 5.6, 5.9, 5.10, 6.0,Documentation,