The McAfee VirusScan iRecorder, when running with McAfee VirusScan version 4.51 on Windows 2000, receives Class 2 support from CA.

Class 2 support means that CA Tecnical Support has assisted customers who use the specified product/version/operating system combination, but it has not been tested by CA directly. See the Support Connect web site for full details of CA Support Classes.

The Symantec AntiVirus iRecorder, running with Symantec AntiVirus version 7.6, receives Class 2 support from CA.

Class 2 support means that CA Tecnical Support has assisted customers who use the specified product/version/operating system combination, but it has not been tested by CA directly. See the Support Connect web site for full details of CA Support Classes.

The Trend OfficeScan iRecorder, running with Trend OfficeScan versions 5.02 and 5.5 on Windows 2000 or Windows XP, receives Class 2 support from CA.

Class 2 support means that CA Tecnical Support has assisted customers who use the specified product/version/operating system combination, but it has not been tested by CA directly. See the Support Connect web site for full details of CA Support Classes.

Before installing the iRecorder, you must install the patch QO80243 for eTrust Secure Content Manager r8. It can be downloaded from CA Support.

Before you install and configure the Oracle iRecorder, ensure that you have the following:

• The iRecorder is being installed on a host where Oracle client is installed.
• Oracle Net Services Name exists.

• Create a new user name to be used by the iRecorder.


The user must have access to the database to be audited and has select privilege on SYS.AUD$, SYS.AUDIT_ACTIONS, SYS.SYSTEM_PRIVILEGE_MAP and SYS.STMT_AUDIT_OPTION_MAP tables.

The following example SQL script can be used to enable the user privileges: create role myrole identified by myrolepassword;
grant audit system to myrole;
grant select on sys.aud$ to myrole;
grant select on sys.audit_actions to myrole;
grant select on sys.stmt_audit_option_map to myrole;
grant select on system_privilege_map to myrole;
create user myuser identified by myuserpassword;
grant myrole, create session to myuser;
grant select on fga_log$ to myrole;


• Auditing feature is enabled in Oracle. For details, see Enable Auditing in Oracle in the iRecorder Integration Guide for Oracle.
• On Linux
• ORACLE_HOME environmental variable is set for the iRecorder.
• "$(ORACLE_HOME)/lib" path is added to the "etc/Id.so.conf" file and the command "Idconfig" is executed.


For example: /u01/app/oracle/product/10.2.0/db_1/lib

Before you install and configure the Check Point NG iRecorder, ensure that you have completed the following specific tasks:

• Configure Check Point NG to accept LEA connections from the iRecorder computer.
• Set up the LEA OPSEC object on Check Point NG so the iRecorder can connect.

For more information on these tasks see the iRecorder Integration Guide for Checkpoint NG.

In order for the iRecorder to function properly, the BorderWare Firewall Server 7.1 software must be installed and configured to send logs to a remote machine.

See the Borderware Firewall documentation for more information.

Before you install and configure the Enterasys Dragon iRecorder, ensure that you have the following:

• MySQL ODBC 3.51 driver installed on the computer where the iRecorder will be installed. See the iRecorder Reference Guide for Enterasys Dragon for details.
• Enter the following command to stop the Enterasys Dragon server:
  
  <DragonHome>/dragon-stop.sh
  Delete the line bind-address = 127.0.0.1 in my.cnf located at <DragonHome>/enterprise-manager/server/default/data/mysql/data.
  <DragonHome>
  Defines the path where Enterasys Dragon is installed.
  Copy my.cnf to /etc.
  
  Enter the following command to start the Enterasys Dragon server:
  dragon-start.sh
• Open the MySQL on the Enterasys Dragon server by executing the following command at the command prompt.
  
  mysql -udragon -p
• At the MySQL prompt, execute the following commands:
  
  GRANT ALL ON dragonevents.* TO 'user'@'iRecorderHost';
  GRANT ALL ON dem.* TO 'user'@'iRecorderHost'; user
  Defines the user name used to connect to the Enterasys Dragon database
  iRecorderHost
  Defines the hostname where the iRecorder will be installed.

The iRecorder captures logs properly only when Snort is running in Full mode.

If you are installing the iRecorder on a Windows operating system, install the KIWI Syslog Daemon. To download the KIWI Syslog Daemon, go to the KIWI web site.

The patches required for the Cisco Devices iRecorder running on Solaris can be downloaded from the SunSolve Online home page.

The Syslog iRecorder, running on Linux Advanced Server 2.1, receives Class 2 support from CA.

Class 2 support means that CA Tecnical Support has assisted customers who use the specified product/version/operating system combination, but it has not been tested by CA directly. See the Support Connect web site for full details of CA Support Classes.

The NT Event Log iRecorder, running on Windows NT 4.0 with service pack 6a, receives Class 2 support from CA.

Class 2 support means that CA Tecnical Support has assisted customers who use the specified product/version/operating system combination, but it has not been tested by CA directly. See the Support Connect web site for full details of CA Support Classes.

The CCure 800/800 iRecorder, running on Windows XP or Windows 2003, receives Class 2 support from CA.

Class 2 support means that CA Tecnical Support has assisted customers who use the specified product/version/operating system combination, but it has not been tested by CA directly. See the Support Connect web site for full details of CA Support Classes.

If you are installing ISS SiteProtector and iRecorder on different systems, you must first install MS SQL Client tools on the system where you are installing the ISS SiteProtector iRecorder.

The ISS SiteProtector iRecorder, when running with ISS SiteProtector, version 2.0, Service Pack 6.0 (DB version 6.11) receives Class 2 support from CA.

Class 2 support means that CA Tecnical Support has assisted customers who use the specified product/version/operating system combination, but it has not been tested by CA directly. See the Support Connect web site for full details of CA Support Classes.

The Symantec Enterprise Security Manager iRecorder, when running with Symantec Enterprise Security Manager versions 3.0 and 2.4, receives Class 2 support from CA.

Class 2 support means that CA Tecnical Support has assisted customers who use the specified product/version/operating system combination, but it has not been tested by CA directly. See the Support Connect web site for full details of CA Support Classes.

This section describes latest testfixes published for NTEventLog iRecorder for Audit r8 SP1 CR2/CR3.

iRecorder Fix, which includes NTEventLog.dll, selogrec.str and dependent files.
T5IS032
Operating System to which Fix is applicable.
Windows 2000/2003/XP

Policy Manager Template File (PTF File) Fix:
T5IS036
Operating System to which Fix is applicable.
Windows 2000/2003/XP/2008

This section describes latest testfixes published for NTEventLog iRecorder for Audit r8 SP2

iRecorder Fix, which includes NTEventLog.dll, selogrec.str and dependent files.
T5IS026
Operating System to which Fix is applicable.
Windows 2000/2003/XP

Policy Manager Template File (PTF File) Fix:
T5IS036
Operating System to which Fix is applicable.
Windows 2000/2003/XP

This section describes latest testfixes published for NTEventLog iRecorder for Audit r8 SP2 CR1

Policy Manager Template File (PTF File) Fix:
T5IS036
Operating System to which Fix is applicable.
Windows 2000/2003/XP/2008