McAfee M3050 Installation Guide

McAfee M3050 - Network Security Platform Manual

Get McAfee M3050 - Network Security Platform PDF manuals and user guides View all McAfee M3050 manuals
Add to My Manuals
Save this manual to your list of manuals

McAfee M3050 manual content summary:

  • McAfee M3050 | Installation Guide - Page 1
    Installation Guide revision 5.0 McAfee® Network Security Platform version 6.0 McAfee® Network Protection Industry-leading network security solutions
  • McAfee M3050 | Installation Guide - Page 2
    security is distinctive of McAfee brand products INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO McAfee OR THE PLACE OF PURCHASE FOR A FULL REFUND. License Attributions This product Thai Open Source Software 4150 Network Circle, Thomas Installation Guide 700-2252-00/ 5.0 - English
  • McAfee M3050 | Installation Guide - Page 3
    Technical Support ...vii Chapter 1 About Network Security Platform 1 Network Security Platform components 1 About McAfee Network Security Sensor 1 Manager components ...4 McAfee Update Server...6 Chapter 2 About Network Security Central Manager 8 Chapter 3 Preparing for the Manager installation
  • McAfee M3050 | Installation Guide - Page 4
    ...41 Cable Specifications...41 Network Security Platform fail-closed dongle specification 42 Console port pin-outs ...42 Auxiliary port pin-outs...42 Response port pin-outs ...43 Monitoring port pin-outs ...44 Configuring a Sensor...45 Configuration overview...45 Establish a Sensor naming scheme
  • McAfee M3050 | Installation Guide - Page 5
    this guide and how to contact McAfee Technical Support. Introducing McAfee Network Security Platform McAfee® Network Security Platform [formerly McAfee® Intrushield®] delivers the most comprehensive, accurate, and scalable Network Access Control (NAC), network Intrusion Prevention System (IPS) and
  • McAfee M3050 | Installation Guide - Page 6
    McAfee® Network Security Platform 6.0 Preface Convention Example Variable information that you must Type: Sensor-IP-address and then press type based on your specific ENTER. situation or environment is shown in italics. Parameters that you must supply are shown enclosed in angle brackets.
  • McAfee M3050 | Installation Guide - Page 7
    McAfee® Network Security Platform 6.0 Preface  M-8000 Sensor Product Guide  M-8000 Quick Start Guide  Gigabit Optical Fail-Open Bypass Kit Guide  Gigabit Copper Fail-Open Bypass Kit Guide  10 Gigabit Fail-Open Bypass Kit Guide  M-8000/M-6050/M-4050/M-3050 Slide Rail Assembly Procedure  M-
  • McAfee M3050 | Installation Guide - Page 8
    McAfee® Network Security Platform 6.0 Preface Global phone contact numbers can be found at McAfee Contact Information http://www.mcafee.com/us/about/contact/index.html page. Note: McAfee requires that you provide your GRANT ID and the serial number of your system when opening a ticket with
  • McAfee M3050 | Installation Guide - Page 9
    Network Security Platform McAfee® Network Security Platform [formerly McAfee® IntruShield®] is a combination of network appliances and software built for the accurate detection and prevention of intrusions, denial of service (DoS) attacks, distributed denial of service (DDoS) attacks, and network
  • McAfee M3050 | Installation Guide - Page 10
    McAfee® Network Security Platform 6.0 About Network Security Platform If an attack is detected, a Sensor responds according to its configured policy. Sensor can perform many types of attack responses, including generating alerts and packet logs, resetting TCP connections, "scrubbing" malicious
  • McAfee M3050 | Installation Guide - Page 11
    McAfee® Network Security Platform 6.0 About Network Security Platform M-series and N-450 Sensors M-8000 M-6050 M-4050 M-3050 M-2750 M-1450 M-1250 N-450 10/100 Nil Nil Nil Base-T Monitoring Port Interface Module 16 One Gigabit SFP ports 12 Ten Gigabit XFP ports 8 SFP ports 8 XFP ports
  • McAfee M3050 | Installation Guide - Page 12
    McAfee® Network Security Platform 6.0 About Network Security Platform Each device is described in the corresponding Sensor Product Guide. Manager components The Manager is a term that represents the hardware and software resources that are used to configure and manage the Network Security Platform
  • McAfee M3050 | Installation Guide - Page 13
    McAfee® Network Security Platform 6.0 About Network Security Platform  Configure. The Configure page provides all system configuration options, and facilitates the configuration of your devices - Sensors and NTBA Appliances, failover pairs of Sensors, administrative domains, users, roles, Network
  • McAfee M3050 | Installation Guide - Page 14
    McAfee® Network Security Platform 6.0 About Network Security Platform  McAfee Artemis: Network Security Platform integrates with McAfee Artemis technology, which is an Internet-based service that provides active malware detection in an Internet cloud. Network Security Sensors use McAfee Artemis
  • McAfee M3050 | Installation Guide - Page 15
    McAfee® Network Security Platform 6.0 About Network Security Platform signatures that combat the latest in hacking, misuse, and denials of service (DoS). When a severe-impact attack happens that cannot be detected with the current signatures, a new signature update is developed and released. Since
  • McAfee M3050 | Installation Guide - Page 16
    that Central Manager. This avoids manual customization of policy at every Manager. The Central Manager provides you with a single sign-on mechanism to manage the authentication of global users across all Managers. McAfee® Network Security Sensor configuration and threat analysis tasks are performed
  • McAfee M3050 | Installation Guide - Page 17
    corresponding Release Notes. If you are installing the Manager as part of an upgrade to the latest version of Network Security Platform, refer to Network Security Platform 6.0 Upgrade Guide. General settings  McAfee recommends you use a dedicated server, hardened for security, and placed on its own
  • McAfee M3050 | Installation Guide - Page 18
    McAfee® Network Security Platform 6.0 Preparing for the Manager installation Other third-party applications Install a packet log viewing program to be used in conjunction with the Threat Analyzer interface. Your packet log viewer, also known as a protocol analyzer, must support library packet
  • McAfee M3050 | Installation Guide - Page 19
    McAfee® Network Security Platform 6.0 Preparing for the Manager installation Component Minimum CPU Server model processor such as Intel Xeon Disk space 40GB Network Monitor 100Mbps card 32-bit color, 1024 x 768 display setting Recommended Same 80GB disk with 8MB memory cache 10/100/1000Mbps
  • McAfee M3050 | Installation Guide - Page 20
    ® Network Security Platform 6.0 Preparing for the Manager installation Manager installation with Local Service account privileges The Manager installs the following services as a Local Service:  McAfee Network Security Manager  McAfee Network Security Manager Database  McAfee Network Security
  • McAfee M3050 | Installation Guide - Page 21
    required number of wires and (supported) GBICs, SFPs, or XFPs. Ensure these are approved hardware from McAfee or a supported vendor. Ensure that the required number of Network Security Platform dongles, which ship with the McAfee Network Security Sensors (Sensors), are available.  Crossover cables
  • McAfee M3050 | Installation Guide - Page 22
    McAfee® Network Security Platform 6.0 Preparing for the Manager installation  If applicable, identify the ports to be mirrored, and someone who has the knowledge and rights to mirror them.  Allocate the proper static IP addresses for the Sensor. For the Sensors, you cannot assign IPs using DHCP.
  • McAfee M3050 | Installation Guide - Page 23
    McAfee® Network Security Platform 6.0 Preparing for the Manager installation VirusScan avoids blocking outbound SMTP connections from legitimate mail clients, such as Outlook and Eudora, by including the processes used by these products in an exclusion list. In other words, VirusScan ships with a
  • McAfee M3050 | Installation Guide - Page 24
    McAfee® Network Security Platform 6.0 Preparing for the Manager installation  When scheduling certain Manager actions (backups, file maintenance, archivals, database tuning), set a time for each that is unique and is a minimum of an hour after/
  • McAfee M3050 | Installation Guide - Page 25
    the installation of a MySQL database. Unless explicitly stated, the information in this chapter applies to both the McAfee® Network Security Central Manager and Manager though the sections refer to Manager. Caution: Close all open programs, including email, the Administrative Tools > Services window
  • McAfee M3050 | Installation Guide - Page 26
    McAfee® Network Security Platform 6.0 Installing the Manager/Central Manager Note 5: The Installation Wizard creates the default folders based on the Manager Type you are installing. For example, for a first-time installation of Network Security Manager, the default location is C:\Program Files\
  • McAfee M3050 | Installation Guide - Page 27
    McAfee® Network Security Platform 6.0 Installing the Manager/Central Manager 3 Confirm your acknowledgement of the License Agreement by selecting "I accept the terms of the License Agreement." You will not be able to continue the installation if you do not select this option. Figure 2: Manager
  • McAfee M3050 | Installation Guide - Page 28
    McAfee® Network Security Platform 6.0 Installing the Manager/Central Manager 5 Choose a folder where you want to install the Manager software. For a first-time installation, the default location is C:\Program Files\McAfee\Network Security Manager\App. For an upgrade, it is the same location as
  • McAfee M3050 | Installation Guide - Page 29
    McAfee® Network Security Platform 6.0 Installing the Manager/Central Manager Figure 5: Manager Installation Wizard - Choose Shortcut Folder 7 Set the following:  Database Type is displayed as MySQL. You must use only the MySQL bundled with the Manager installation file. rovide the database
  • McAfee M3050 | Installation Guide - Page 30
    McAfee® Network Security Platform 6.0 Installing the Manager/Central Manager Figure 6: Manager Installation Wizard - Customize Installation 8 Click Next. Note: If you are creating a new database, Network Security Platform will ask you, through a pop-up window, to confirm that you really want to
  • McAfee M3050 | Installation Guide - Page 31
    McAfee® Network Security Platform 6.0 Installing the Manager/Central Manager Figure 7: My SQL Root Password 10 Click Next. Figure 8: Manager Installation Wizard - specify RAM usage Note: Make sure the OS version displayed in the Customize Installation you must have configured the Regional and
  • McAfee M3050 | Installation Guide - Page 32
    McAfee® Network Security Platform 6.0 Installing the Manager/Central Manager 11 Enter a value to set Actual Maximum RAM Usage. The RAM size indicated here determines the recommended amount of program memory (virtual memory) to allocate for server processes required by Network Security Platform.
  • McAfee M3050 | Installation Guide - Page 33
    Installing the Manager/Central Manager  Network Security Platform assumes that all the IP addresses are bound to the same host name. McAfee recommends that you use a separate system for the Manager to avoid using multiple host names.  If the Manager has an IPv6 address then you can add Sensors
  • McAfee M3050 | Installation Guide - Page 34
    McAfee® Network Security Platform 6.0 Installing the Manager/Central Manager 14 Review the "Pre-Installation Summary" section for accurate folder locations and disk space requirements. This page lists the following information:  Product Name: shows product as Manager.  Install Folder: the folder
  • McAfee M3050 | Installation Guide - Page 35
    McAfee® Network Security Platform 6.0 Installing the Manager/Central Manager Figure 12: Installing the Manager Important: Post-installation, you can check the initdb.log (from the installation folder) for any installation errors. In case of errors, contact McAfee Support with initdb.log. 16 A
  • McAfee M3050 | Installation Guide - Page 36
    McAfee® Network Security Platform 6.0 Installing the Manager/Central Manager b. For Manager Upgradation  URL to access web-based user interface  Check box to Launch the Web-based user interface on exit? (
  • McAfee M3050 | Installation Guide - Page 37
    McAfee® Network Security Platform 6.0 Installing the Manager/Central Manager Figure 15: Select Manager type Note: Sensor communication Interface is not present during Central Manager installation. There can be only one active installation on a Windows machine. Every Central Manager and Manager
  • McAfee M3050 | Installation Guide - Page 38
    are running on the Manager server:  McAfee Network Security Manager  McAfee Network Security Manager Database  McAfee Network Security Manager User Interface  McAfee Network Security Manager Watchdog See Manager installation with Local Service account privileges (on page 12). If you have
  • McAfee M3050 | Installation Guide - Page 39
    McAfee® Network Security Platform 6.0 Starting the Manager/Central Manager Java installation for client systems The Manager software requires Java runtime engine software for some of its components. When you first log onto the Manager from a client system, you are prompted to download and install
  • McAfee M3050 | Installation Guide - Page 40
    McAfee® Network Security Platform 6.0 Starting the Manager/Central Manager 3 The Manager Home page appears as shown in the Network Security Manager Home page. During initial login (per client), Network Security Platform prompts you to install the following:  Security certificate granting the
  • McAfee M3050 | Installation Guide - Page 41
    McAfee® Network Security Platform 6.0 Starting the Manager/Central Manager  Java Runtime Engine: You must install this plug-in to view objects in the Central Manager Home page and other areas of the Central Manager program, such as the Custom Attack
  • McAfee M3050 | Installation Guide - Page 42
    and the McAfee Network Security Manager User Interface service. For details on how to close client connections, stop/ restart the Manager services etc., see Manager Installation Guide. Logging onto the Manager using CAC authentication 1 Insert a card into the card reader. 2 Start a fresh browser
  • McAfee M3050 | Installation Guide - Page 43
    McAfee® Network Security Platform 6.0 Starting you are directly given access to the Manager Home Page. Troubleshooting Tips  If the card is not inserted in the problem, verify that the user name on the CAC card exactly matches the Manager user name. Shutting down the Manager/Central Manager services
  • McAfee M3050 | Installation Guide - Page 44
    McAfee® Network Security Platform 6.0 Starting the Manager/Central Manager 1 Close all client connections. 2 Stop the McAfee Network Security Central Manager service. 3 Stop the McAfee Network Security Central Manager User Interface service. 4 Stop the McAfee Network Security Central Manager
  • McAfee M3050 | Installation Guide - Page 45
    McAfee® Network Security Platform 6.0 Starting the Manager/Central Manager Once this service is completely stopped, continue to the next step. 3 Go to Start > Settings > Control Panel. 4 Open Administrative Tools. 5 Open Services. 6 Find and select McAfee Network Security Manager Database or
  • McAfee M3050 | Installation Guide - Page 46
    McAfee® Network Security Platform 6.0 Starting the Manager/Central Manager Figure 20: My SQL Services 6 Find and select McAfee Network Security Manager Database or McAfee Network Security Central Manager Database in the services list under the "Name" column. 7 Click the Stop Service button. Once
  • McAfee M3050 | Installation Guide - Page 47
    Sensor model's Product Guide. Network topology considerations Deployment of McAfee® Network Security Platform [formerly McAfee® IntruShield®] requires basic knowledge of your network to help determine the level of configuration and amount of installed Sensors and McAfee® Network Security Managers
  • McAfee M3050 | Installation Guide - Page 48
    McAfee® Network Security Platform 6.0 Adding a Sensor Warning: Before working on equipment that is connected to power lines, remove jewelry (including rings, necklaces, and watches). Metal objects will heat up when connected to power not installed and used in accordance with the instruction manual,
  • McAfee M3050 | Installation Guide - Page 49
    .  One set of rack mounting ears.  Fail-closed dongles (two for the I-1200, four for the I-1400, six for I-2700).  One printed Quick Start guide.  Release notes. Cable Specifications This section lists the specifications for all cables to use with McAfee® Network Security Sensors (Sensors). 41
  • McAfee M3050 | Installation Guide - Page 50
    in Figure McAfee® Network Security Platform Fail-Closed Dongle Specification for all monitoring modes requiring a fail-closed connection. Configurations requiring the dongle are described in the Sensor Product Guide chapter on cabling the Sensor. Figure 22: Fail-Closed Dongle Specification Console
  • McAfee M3050 | Installation Guide - Page 51
    McAfee® Network Security Platform 6.0 Adding a Sensor Pin # 1 2 3 4 5 6 7 8 9 Signal DCD RXD TXD DTR GND DSR RTS CTS RI Direction on Sensor Input Input Output Output n/a Input Output Input Input Management port pin-outs The Management (Mgmt) port uses a Cat 5/Cat 5e cable. Pin # 1 2 3 4 5 6 7
  • McAfee M3050 | Installation Guide - Page 52
    McAfee® Network Security Platform 6.0 Adding a Sensor Pin # 4 5 6 7 8 Signal Direction on Sensor These pins are terminated to ground through a 75 ohm resistor & capacitor. RxD- Input These pins are terminated to ground through a 75 ohm resistor & capacitor. Monitoring
  • McAfee M3050 | Installation Guide - Page 53
    describes how to configure a McAfee® Network Security Sensor (Sensor). This information is generic to all Sensor appliance models. Note: The information presented in this chapter was developed based on devices in a specific lab environment. All Sensors used in this document started with a cleared
  • McAfee M3050 | Installation Guide - Page 54
    , start by typing factorydefaults from the CLI. See the CLI Guide for specific details on the usage of factorydefaults command. 1 Open a hyperterminal session to configure the Sensor. (For instructions on connecting to the Console port, see the section Cabling the Console Port, in the Product Guide
  • McAfee M3050 | Installation Guide - Page 55
    McAfee® Network Security Platform 6.0 Adding a Sensor 3 Set the name of the Sensor. At the prompt, type: set sensor name The Sensor name is a case-sensitive alphanumeric character string up to 25 characters. The string can include hyphens, underscores, and periods, and must begin with a
  • McAfee M3050 | Installation Guide - Page 56
    McAfee® Network Security Platform 6.0 Adding a Sensor Use the same convention as the one for Sensor IP address. Example: set manager ip 192.34.3.2 Or Type an IPv6 address of the Manager server, as given below: set manager ip where is a 128-bit address written as
  • McAfee M3050 | Installation Guide - Page 57
    McAfee® Network Security Platform 6.0 Adding a Sensor Note: The process of installing and connecting a Sensor is described in the Product Guide for each Sensor model. The following steps describe how to add a Sensor to the Manager: 1 Start the Manager software. 2 Log on to the Manager (the default
  • McAfee M3050 | Installation Guide - Page 58
    McAfee® Network Security Platform 6.0 Adding a Sensor Note: If you have difficulty in troubleshooting the above, see Troubleshooting Guide. Also, see CLI Guide for a description of all available CLI commands. Changing Sensor values Changing certain values on the Sensor, like the Sensor's name or
  • McAfee M3050 | Installation Guide - Page 59
    McAfee® Network Security Platform 6.0 Adding a Sensor Changing Sensor's shared secret key 1 In the Manager Configuration page , select Device List >Device List >Devices . 2 Select a Sensor. 3 Click Edit. 4 Type a new Shared Secret. 5 Click Save. 6 On the Sensor manager secondary ip 2001:0db8:8a2e
  • McAfee M3050 | Installation Guide - Page 60
    McAfee® Network Security Platform 6.0 Adding a Sensor Device Licenses No license file is required for enabling IPS on I-series and M-series Sensors; no license is required for enabling NAC on N-450 Sensors. In other words, when you add a Sensor to the Manager, upon discovery, the native
  • McAfee M3050 | Installation Guide - Page 61
    ® Network Security Platform 6.0 Adding a Sensor 4 Click Browse to browse and select the appropriate license for the device file (.jar format) received from McAfee. Click Import to import the license file. After a successful import, these licenses are stored in "
  • McAfee M3050 | Installation Guide - Page 62
    McAfee® Network Security Platform 6.0 Adding a Sensor 2 Select a license from the drop down. Devices matching the selected Sensor license manual assignment of device license. For this, select the device from Current License Assignments and click Revoke. Note: Only device licenses that are manually
  • McAfee M3050 | Installation Guide - Page 63
    IP address or hostname for contacting the Update Server; contact information is hardcoded into Manager. You need only supply your credentials using the Credentials action. McAfee provides your credentials by email. You can only perform one download/upload at a time from any Network Security Platform
  • McAfee M3050 | Installation Guide - Page 64
    McAfee® Network Security Platform 6.0 Configuring the Update Server Configuration Guide) action to confirm success or failure. If the Password is incorrect, or if you did not receive the same via e-mail from McAfee, please contact McAfee Customer Support. Once communication is successful, you can
  • McAfee M3050 | Installation Guide - Page 65
    McAfee® Network Security Platform 6.0 Configuring the Update Server Manually importing a software image or signature set The Manual Import action enables manual loading of the latest Sensor and NTBA Appliance software and signature files to the Manager (or Central Manager) from another workstation
  • McAfee M3050 | Installation Guide - Page 66
    McAfee® Network Security Platform 6.0 Configuring the Update Server  Software on the Manager: the software versions that have been downloaded to the Manager. Figure 31: Sensor Software Details Page 2 Select the required software update from the "Software Available for Download" column of the
  • McAfee M3050 | Installation Guide - Page 67
    McAfee® Network Security Platform 6.0 Configuring the Update Server a Log on to the Sensor. The default username is admin and default password admin123. McAfee a group of hexadecimal numbers between 0000-FFFF. Example: set tftpserver ip 2001:0db8:8a2e:0000:0000:0000:0000:0111 If one or more four
  • McAfee M3050 | Installation Guide - Page 68
    McAfee® Network Security Platform 6.0 Configuring the Update Server Then, the Sensor contacts the Manager for the latest signature set. After the signature set is downloaded to the Sensor, its System Health Status is displayed as "good." Figure 33: System Health Status: good 6 Verify the Sensor's
  • McAfee M3050 | Installation Guide - Page 69
    McAfee® Network Security Platform 6.0 Configuring the Update Server Platform checks to see if a required regular signature set is missing and downloads it prior to downloading the related emergency signature set. Note: You must use the Signature Sets or Automation action in order for Network
  • McAfee M3050 | Installation Guide - Page 70
    McAfee® Network Security Platform 6.0 Configuring the Update Server For more information on downloading signature sets to a single Sensor, see Updating the software on a Sensor, Device Configuration Guide Automating updates McAfee is constantly researching security issues and developing new
  • McAfee M3050 | Installation Guide - Page 71
    McAfee® Network Security Platform 6.0 Configuring the Update Server To configure a day  Weekly: once a week 4 Fill in the Start Time:, End Time:, and Recur every fields to your desired of your Sensors and NTBA Appliances. This means you can have all of your Sensors and NTBA Appliances updated: 1)
  • McAfee M3050 | Installation Guide - Page 72
    McAfee® Network Security Platform 6.0 1 Select Manager > Update Server > Automation. Configuring the Update Server Figure 36: Sensor Update Scheduler 2 In the Automatic Deployment, click Yes at Deploy in Real-time to have the Manager push signature sets update to all Sensors and NTBA Appliances
  • McAfee M3050 | Installation Guide - Page 73
    ► To uninstall the Manager software: Note: McAfee recommends you stop the Manager service and applicable Java services before starting an uninstall. If not, you will have to manually delete files from the Network Security Platform program folder. 1 Go to Start > Settings > Control Panel > Add/Remove
  • McAfee M3050 | Installation Guide - Page 74
    McAfee® Network Security Platform 6.0 Uninstalling the Manager/Central Manager Figure 38: Uninstall Complete Note: Uninstallation of the Network Security Platform database (MySQL) is not part of this uninstallation. Figure 39: Uninstall Complete Uninstalling via script You can also uninstall the
  • McAfee M3050 | Installation Guide - Page 75
    McAfee® Network Security Platform 6.0 Uninstalling the Manager/Central Manager ► To uninstall via script: 1 Navigate to the directory containing the uninstallation script. The default path is: \UninstallerData 2 Run Uninstall ems.exe. 67
  • McAfee M3050 | Installation Guide - Page 76
    11 F fail-closed dongle specification 43 H hosting ISM on VMware 4 I import command 53 M McAfee Network Security Central Manager 1 Central Manger services 31 N Network Security Platform system components 3 Network Security Platform license file 53 Network Security Platform Update Server
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
Installation Guide
revision 5.0
McAfee
®
Network Protection
Industry-leading network security solutions
McAfee® Network Security Platform
version 6.0