Product Guide
Page 8
... Network Security Platform deployment 8 McAfee® Network Security Platform M-3050/M-4050 Sensor Product Guide In the illustration, McAfee® Network Security Platform (formerly McAfee® IntruShield®) provides IPS protection to its configured policy. High port-density and virtualization provides a highly scalable solution, while Network Security Platform protects against Web and eCommerce mail server exploits. The Sensor is purpose-built for the monitoring of installed Sensors. Network...
... Network Security Platform deployment 8 McAfee® Network Security Platform M-3050/M-4050 Sensor Product Guide In the illustration, McAfee® Network Security Platform (formerly McAfee® IntruShield®) provides IPS protection to its configured policy. High port-density and virtualization provides a highly scalable solution, while Network Security Platform protects against Web and eCommerce mail server exploits. The Sensor is purpose-built for the monitoring of installed Sensors. Network...
Product Guide
Page 10
... flash. For more information, see the on the monitored segment. The following table describes the M-3050/M-4050 front panel LEDs. 10 McAfee® Network Security Platform M-3050/M-4050 Sensor Product Guide If you need to reboot the Sensor through a switch or router. 10 One RJ-45 10/100... IEC320-C13 port, and you must procure a country-appropriate power cable. 2 Power Supply B (optional, purchased separately). you can assign an IP address to this port is used to monitor eight SPAN ports, four full-duplex tapped segments, four segments in stealth mode, meaning they have ...
... flash. For more information, see the on the monitored segment. The following table describes the M-3050/M-4050 front panel LEDs. 10 McAfee® Network Security Platform M-3050/M-4050 Sensor Product Guide If you need to reboot the Sensor through a switch or router. 10 One RJ-45 10/100... IEC320-C13 port, and you must procure a country-appropriate power cable. 2 Power Supply B (optional, purchased separately). you can assign an IP address to this port is used to monitor eight SPAN ports, four full-duplex tapped segments, four segments in stealth mode, meaning they have ...
Quick Start Guide
Page 5
...extract the setup file. d To add a Sensor in McAfee Network Security Platform Installation Guide and the Network Security Platform Release Notes. For more information, see McAfee Network Security Platform Device Administration Guide. Following steps briefly explain the Manager ...IPS on M-series Sensors. b Close all open applications. f Double-click Manager__setup.exe and follow the on license, go to Device List | Add-On Licenses page. To import and assign an add-on screen prompts. 5 Start the Manager Click Start | Programs | McAfee | Network Security Manager | Network Security...
...extract the setup file. d To add a Sensor in McAfee Network Security Platform Installation Guide and the Network Security Platform Release Notes. For more information, see McAfee Network Security Platform Device Administration Guide. Following steps briefly explain the Manager ...IPS on M-series Sensors. b Close all open applications. f Double-click Manager__setup.exe and follow the on license, go to Device List | Add-On Licenses page. To import and assign an add-on screen prompts. 5 Start the Manager Click Start | Programs | McAfee | Network Security Manager | Network Security...
Quick Start Guide
Page 7
... format. The secret key value can include hyphens, underscores, and periods, and must manually enter the complete command syntax. If you use the set manager ip . Example: set sensor gateway . At the prompt, type: set sensor name HR_sensor1 The Sensor name is a number between 0 and 255, followed by...can enter the setup command at the prompt and this point have successfully established the Sensor on the same network as the Manager, set sensor gateway 192.168.3.68 f Set the IP address of the Manager server. The string can be between the Sensor and the Manager. Example: set ...
... format. The secret key value can include hyphens, underscores, and periods, and must manually enter the complete command syntax. If you use the set manager ip . Example: set sensor gateway . At the prompt, type: set sensor name HR_sensor1 The Sensor name is a number between 0 and 255, followed by...can enter the setup command at the prompt and this point have successfully established the Sensor on the same network as the Manager, set sensor gateway 192.168.3.68 f Set the IP address of the Manager server. The string can be between the Sensor and the Manager. Example: set ...
Quick Start Guide
Page 9
d Select your port settings match the cabling (for this Sensor appear under the Sensor_Name node. To view this or any attack in the McAfee Network Security Platform IPS Administration Guide. The Default Inline IPS policy contains attacks already configured with a "blocking" Sensor response action; f Click Device List | Device_Name | Port Settings. g Click the button representing the ports on...
d Select your port settings match the cabling (for this Sensor appear under the Sensor_Name node. To view this or any attack in the McAfee Network Security Platform IPS Administration Guide. The Default Inline IPS policy contains attacks already configured with a "blocking" Sensor response action; f Click Device List | Device_Name | Port Settings. g Click the button representing the ports on...
Installation Guide
Page 4
Unpacking the Sensor...41 Cable Specifications...41 Network Security Platform fail-closed dongle specification 42 Console port pin-outs ...42 Auxiliary port pin-outs...42 Response port pin-outs ...43 Monitoring port pin-outs ...Manager 46 Configuring the Sensor ...46 Adding a Sensor to the Manager 48 Verifying successful configuration 49 Changing Sensor values ...50 Adding a secondary Manager IP 51 Removing a secondary Manager IP 51 Device Licenses ...52 Importing a Device License 52 Manually assigning a device license 53 Chapter 7 Configuring the Update Server 55 Specifying the Update...
Unpacking the Sensor...41 Cable Specifications...41 Network Security Platform fail-closed dongle specification 42 Console port pin-outs ...42 Auxiliary port pin-outs...42 Response port pin-outs ...43 Monitoring port pin-outs ...Manager 46 Configuring the Sensor ...46 Adding a Sensor to the Manager 48 Verifying successful configuration 49 Changing Sensor values ...50 Adding a secondary Manager IP 51 Removing a secondary Manager IP 51 Device Licenses ...52 Importing a Device License 52 Manually assigning a device license 53 Chapter 7 Configuring the Update Server 55 Specifying the Update...
Installation Guide
Page 5
... provides the capability of numbered steps. Preface This preface provides a brief introduction to contact McAfee Technical Support. Introducing McAfee Network Security Platform McAfee® Network Security Platform [formerly McAfee® Intrushield®] delivers the most comprehensive, accurate, and scalable Network Access Control (NAC), network Intrusion Prevention System (IPS) and Network Threat Behavior Analysis (NTBA) for this guide and how to the product, discusses the...
... provides the capability of numbered steps. Preface This preface provides a brief introduction to contact McAfee Technical Support. Introducing McAfee Network Security Platform McAfee® Network Security Platform [formerly McAfee® Intrushield®] delivers the most comprehensive, accurate, and scalable Network Access Control (NAC), network Intrusion Prevention System (IPS) and Network Threat Behavior Analysis (NTBA) for this guide and how to the product, discusses the...
Installation Guide
Page 6
... specific ENTER. Warning: Notes that provide related, but non-critical, information are denoted using this guide. set Sensor ip Information that you must read to this notation. Note: Related Documentation The following documents and on-line help are companions... Guide M-3050/M-4050 Quick Start Guide M-6050 Sensor Product Guide M-6050 Quick Start Guide vi McAfee® Network Security Platform 6.0 Preface Convention Example Variable information that you must read before beginning a procedure or that alerts you must supply are shown enclosed...
... specific ENTER. Warning: Notes that provide related, but non-critical, information are denoted using this guide. set Sensor ip Information that you must read to this notation. Note: Related Documentation The following documents and on-line help are companions... Guide M-3050/M-4050 Quick Start Guide M-6050 Sensor Product Guide M-6050 Quick Start Guide vi McAfee® Network Security Platform 6.0 Preface Convention Example Variable information that you must read before beginning a procedure or that alerts you must supply are shown enclosed...
Installation Guide
Page 7
...Technical Support is available for assistance: Online Contact McAfee Technical Support http://mysupport.mcafee.com. vii to -date documentation, technical bulletins, and quick tips on McAfee's 24x7 comprehensive KnowledgeBase. McAfee® Network Security Platform 6.0 Preface M-8000 Sensor Product Guide ... Domain Configuration Guide Manager Server Configuration Guide CLI Guide Device Configuration Guide IPS Configuration Guide NAC Configuration Guide Integration Guide System Status Monitoring Guide Reports Guide...
...Technical Support is available for assistance: Online Contact McAfee Technical Support http://mysupport.mcafee.com. vii to -date documentation, technical bulletins, and quick tips on McAfee's 24x7 comprehensive KnowledgeBase. McAfee® Network Security Platform 6.0 Preface M-8000 Sensor Product Guide ... Domain Configuration Guide Manager Server Configuration Guide CLI Guide Device Configuration Guide IPS Configuration Guide NAC Configuration Guide Integration Guide System Status Monitoring Guide Reports Guide...
Installation Guide
Page 9
..., and how to respond when an attack is detected. Network Security Platform components Network Security Platform consists of service (DDoS) attacks, and network misuse. The Manager server is described in detail in the network traffic that indicate malicious activity. CHAPTER 1 About Network Security Platform McAfee® Network Security Platform [formerly McAfee® IntruShield®] is a combination of network appliances and software built for the accurate detection and...
..., and how to respond when an attack is detected. Network Security Platform components Network Security Platform consists of service (DDoS) attacks, and network misuse. The Manager server is described in detail in the network traffic that indicate malicious activity. CHAPTER 1 About Network Security Platform McAfee® Network Security Platform [formerly McAfee® IntruShield®] is a combination of network appliances and software built for the accurate detection and...
Installation Guide
Page 13
... enables creation of attack incident conditions, which, when met, provide real-time correlative analysis of IPS-event data relevancy. Network Security Platform integrates with McAfee Host Intrusion Prevention version 7.0. McAfee Network Access Control: Using Network Security Sensors, you to determine security threats in the network, thus protecting services and applications running on system health, user identity, or both. Sensors and...
... enables creation of attack incident conditions, which, when met, provide real-time correlative analysis of IPS-event data relevancy. Network Security Platform integrates with McAfee Host Intrusion Prevention version 7.0. McAfee Network Access Control: Using Network Security Sensors, you to determine security threats in the network, thus protecting services and applications running on system health, user identity, or both. Sensors and...
Installation Guide
Page 14
...: view logged packets/flows using third-party software, such as IPS alerts to a third-party application. McAfee Update Server For your MySQL database, you can be used for storing persistent configuration information and event data. To graphically administrate and view your Network Security Platform to properly detect and protect against malicious activity, the Manager and...
...: view logged packets/flows using third-party software, such as IPS alerts to a third-party application. McAfee Update Server For your MySQL database, you can be used for storing persistent configuration information and event data. To graphically administrate and view your Network Security Platform to properly detect and protect against malicious activity, the Manager and...
Installation Guide
Page 17
...as the installation of Network Security Platform, refer to installing the software. If the time is changed on the Manager server, the Manager will lose connectivity with all McAfee® Network Security Sensors (Sensors) and the McAfee® Network Security Update Server [formerly IPS Update Server] because SSL...installation and functionality requirements for any reason. This server should perform prior to Network Security Platform 6.0 Upgrade Guide. To keep time from drifting, use a dedicated server, hardened for security, and placed on its own subnet. Tip: For more than 60 ...
...as the installation of Network Security Platform, refer to installing the software. If the time is changed on the Manager server, the Manager will lose connectivity with all McAfee® Network Security Sensors (Sensors) and the McAfee® Network Security Update Server [formerly IPS Update Server] because SSL...installation and functionality requirements for any reason. This server should perform prior to Network Security Platform 6.0 Upgrade Guide. To keep time from drifting, use a dedicated server, hardened for security, and placed on its own subnet. Tip: For more than 60 ...
Installation Guide
Page 21
... Manager will be connected to a firewall, router, or end node. For the Manager server, McAfee strongly recommends assigning a static IP against using Manager/Central Manager version 6.0.7.5 or above. Accumulate the required number of Network Security Platform dongles, which McAfee® Network Security Manager software will be used for programs like instant messaging or other nonsecure Internet functions...
... Manager will be connected to a firewall, router, or end node. For the Manager server, McAfee strongly recommends assigning a static IP against using Manager/Central Manager version 6.0.7.5 or above. Accumulate the required number of Network Security Platform dongles, which McAfee® Network Security Manager software will be used for programs like instant messaging or other nonsecure Internet functions...
Installation Guide
Page 22
... If you are created there that might conflict with the Manager If you cannot assign IPs using a homemade mail client. 14 Also exclude the Network Security Platform installation directory and its sub-directories because temporary files are upgrading from a previous version, we recommend...and its sub-directories are the functional requirements to an NTP timeserver. (If the time is changed on the client PCs. McAfee® Network Security Platform 6.0 Preparing for the Manager installation If applicable, identify the ports to be mirrored, and someone who has the...
... If you are created there that might conflict with the Manager If you cannot assign IPs using a homemade mail client. 14 Also exclude the Network Security Platform installation directory and its sub-directories because temporary files are upgrading from a previous version, we recommend...and its sub-directories are the functional requirements to an NTP timeserver. (If the time is changed on the client PCs. McAfee® Network Security Platform 6.0 Preparing for the Manager installation If applicable, identify the ports to be mirrored, and someone who has the...
Installation Guide
Page 32
... Maximum RAM Usage is based on the Number of Windows Server 2003 (SP2) English are supported. The default is greater. McAfee® Network Security Platform 6.0 Installing the Manager/Central Manager 11 Enter a value to configure the same IP that it should use to specify a dedicated interface is Physical Server Memory divided by 2 or 1170 MB -
... Maximum RAM Usage is based on the Number of Windows Server 2003 (SP2) English are supported. The default is greater. McAfee® Network Security Platform 6.0 Installing the Manager/Central Manager 11 Enter a value to configure the same IP that it should use to specify a dedicated interface is Physical Server Memory divided by 2 or 1170 MB -
Installation Guide
Page 33
... is connected to both the Sensors (using one another. Figure 10: Selecting the dedicated interface 25 McAfee® Network Security Platform 6.0 Installing the Manager/Central Manager Network Security Platform assumes that all the IP addresses are reachable to one for each network. An alternative solution could be deploying the Manager in a DMZ such that it . If an...
... is connected to both the Sensors (using one another. Figure 10: Selecting the dedicated interface 25 McAfee® Network Security Platform 6.0 Installing the Manager/Central Manager Network Security Platform assumes that all the IP addresses are reachable to one for each network. An alternative solution could be deploying the Manager in a DMZ such that it . If an...
Installation Guide
Page 38
... on to a Super User role at the root admin domain. In Network Security Platform, this translates to the Manager, see Logging onto Network Security Manager (on the Central Manager server: McAfee Network Security Central Manager McAfee Network Security Central Manager Database McAfee Network Security Central Manager User Interface McAfee Network Security Central Manager Watchdog 2 Open the Manager using the shortcut icon that you...
... on to a Super User role at the root admin domain. In Network Security Platform, this translates to the Manager, see Logging onto Network Security Manager (on the Central Manager server: McAfee Network Security Central Manager McAfee Network Security Central Manager Database McAfee Network Security Central Manager User Interface McAfee Network Security Central Manager Watchdog 2 Open the Manager using the shortcut icon that you...
Installation Guide
Page 53
...information presented in this chapter was developed based on Sensor (See text above.) Input Reserved for use in the Product Guide for example, IP address and netmask, Sensor name, and so on). 6 Verify that you are terminated to ground through a 75 ohm resistor & ...up the Sensor. (This information is described in detail in the fail-closed dongle. McAfee recommends that the Sensor is generic to Manager (on page 48) using it. All Sensors used in a specific lab environment. McAfee® Network Security Platform 6.0 Adding a Sensor Pin # 1 2 3 4 Signal TxD+ FO TxD- ...
...information presented in this chapter was developed based on Sensor (See text above.) Input Reserved for use in the Product Guide for example, IP address and netmask, Sensor name, and so on). 6 Verify that you are terminated to ground through a 75 ohm resistor & ...up the Sensor. (This information is described in detail in the fail-closed dongle. McAfee recommends that the Sensor is generic to Manager (on page 48) using it. All Sensors used in a specific lab environment. McAfee® Network Security Platform 6.0 Adding a Sensor Pin # 1 2 3 4 Signal TxD+ FO TxD- ...
Installation Guide
Page 55
... must begin with two colons (::) Example: set the address of the Sensor. Example: set sensor ipv6 2001:0db8:8a2e::0111/64 Note: Setting the IP address for Sensor IP address. Each group (A,B,C,D etc) represents a group of four hexadecimal numbers, separated by a prefix length I with two colons (::) Example: set sensor gateway-... 2001:0db8:8a2e:0000:0000:0000:0000:0111/64 If one for the first time-that is , during the initial configuration of the Sensor. McAfee® Network Security Platform 6.0 Adding a Sensor 3 Set the name of the Sensor-does not require a Sensor reboot.
... must begin with two colons (::) Example: set the address of the Sensor. Example: set sensor ipv6 2001:0db8:8a2e::0111/64 Note: Setting the IP address for Sensor IP address. Each group (A,B,C,D etc) represents a group of four hexadecimal numbers, separated by a prefix length I with two colons (::) Example: set sensor gateway-... 2001:0db8:8a2e:0000:0000:0000:0000:0111/64 If one for the first time-that is , during the initial configuration of the Sensor. McAfee® Network Security Platform 6.0 Adding a Sensor 3 Set the name of the Sensor-does not require a Sensor reboot.