Accenture MDR Quick Start Guide for Proofpoint Insider Threat Management
- KS
This quick start guide will help Accenture MDR customers configure Proofpoint Insider Threat Management to allow log collection from the Log Collection Platform (LCP).
The document includes the following topics:
Supported Versions
A list of supported versions is available in the Accenture MDR Supported Products List document (Accenture_MDR_Supported_Products_List.xlsx) which can be found at Accenture MDR Portal - https://mss.accenture.com/PortalNextGen/Reports/Documents
Port Requirements    Â
Table 1-1: Port requirements for LCP communication.
Source | Destination | Port | Description |
LCP | Proofpoint Insider Threat Management | TCP / 443 | Default port and protocol |
Configuring Proofpoint Insider Threat Management
Login to the ITM web console. The first step is to create an application.
Click on the + Create link.
Enter a name for your application, provide scope as * and click on Save.
Grant permissions to the application from the shield icon
Choose the Audit Exploration policy and click on Done.
Click on the flash icon
Copy the client ID and secret and share with MxDR.
Also share the domain URL, same console URL which administrator login to access web console. Please provide FQDN domain only as highlighted in the below snapshot.
LCP Configuration parameters
Table 1-2: The Proofpoint Insider Threat Management Event Security collector (API-5066) properties to be configured by MSS are shown in table.
Property | Default Value | Â Description |
URL | <Custom Value> | URL mentioned in the Pre-Installation Questionnaire (PIQ). |
Client ID | <Custom Value> | Client ID mentioned in the Pre-Installation Questionnaire (PIQ). This field required for Authentication. |
Client Secret | <Custom Value> | Client Secret mentioned in the Pre-Installation Questionnaire (PIQ). This field required for Authentication. |
Legal Notice
Copyright © 2021 Accenture. All rights reserved.
Accenture, the Accenture Logo, and DeepSight Intelligence are trademarks or registered trademarks of Accenture in the U.S. and other countries. Other names may be trademarks of their respective owners.
The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Accenture and its licensors, if any.
THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. ACCENTURE SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.
The Licensed Software and Documentation are deemed to be commercial computer software as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19 "Commercial Computer Software - Restricted Rights" and DFARS 227.7202, et seq. "Commercial Computer Software and Commercial Computer Software Documentation," as applicable, and any successor regulations, whether delivered by Accenture as on premises or hosted services. Any use, modification, reproduction release, performance, display or disclosure of the Licensed Software and Documentation by the U.S. Government shall be solely in accordance with the terms of this Agreement.