McAfee M-1250 Deployment Guide - Page 33

Deployment Scenarios, Deployment flexibility, Deployment scenario for beginners

Get McAfee M-1250 - Network Security Platform PDF manuals and user guides View all McAfee M-1250 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 33 highlights

CHAPTER 4 Deployment Scenarios This section provides some guidance on how to deploy McAfee® Network Security Platform using the most simple, or out-of-the-box method, and then gear up to more complex scenarios. Deployment flexibility IPS deployment can be daunting, and a complex product can be difficult to integrate initially. Network Security Platform, while complex, provides great flexibility in deployment so you can start monitoring your network even while you familiarize yourself with its features and capabilities and tune your security policies. McAfee Network Security Platform deployment can be simple or complex, depending on your needs and your skill with the product. If you are a Beginner, you can use Network Security Platform straight out of the box and get your entire deployment up and monitoring in an extremely short period of time. An Intermediate approach might be to customize your policies a bit and shift to another operating mode, such as Tap mode. An Advanced user might use all of the features available, tracking traffic at extremely granular levels, creating multiple administrative domains managed by a variety of users with various privileges, tailored policies and custom responses to detected attacks, and so on. Deployment scenario for beginners Network Security Platform includes a variety of pre-configured security policies targeting different environments. These policies (defined in Working with Network Security Platform Resources, Getting Started Guide) enable you to start monitoring your network right away. Details on how to accomplish these tasks, unless otherwise specified, are described in Administrative Domain Configuration Guide. 1 Install the Manager as described in Installation Guide. 2 The Default Inline IPS policy is specified by default. You can leave this policy in place or pick the policy that best matches your needs. McAfee® Network Security Sensors (Sensors) you add will inherit this policy and pass it along to all interfaces of the Sensor. Note: This policy enables blocking for certain attacks; immediately upon in-line deployment Sensors will begin blocking these attacks when they are detected. 26

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
26
C
HAPTER
4
Deployment Scenarios
This section provides some guidance on how to deploy McAfee
®
Network Security
Platform using the most simple, or out-of-the-box method, and then gear up to more
complex scenarios.
Deployment flexibility
IPS deployment can be daunting, and a complex product can be difficult to integrate
initially. Network Security Platform, while complex, provides great flexibility in deployment
so you can start monitoring your network even while you familiarize yourself with its
features and capabilities and tune your security policies.
McAfee Network Security Platform deployment can be simple or complex, depending on
your needs and your skill with the product. If you are a
Beginner
, you can use Network
Security Platform straight out of the box and get your entire deployment up and monitoring
in an extremely short period of time. An
Intermediate
approach might be to customize your
policies a bit and shift to another operating mode, such as Tap mode. An
Advanced
user
might use all of the features available, tracking traffic at extremely granular levels, creating
multiple administrative domains managed by a variety of users with various privileges,
tailored policies and custom responses to detected attacks, and so on.
Deployment scenario for beginners
Network Security Platform includes a variety of pre-configured security policies targeting
different environments. These policies (defined in
Working with Network Security Platform
Resources
,
Getting Started Guide
) enable you to start monitoring your network right away.
Details on how to accomplish these tasks, unless otherwise specified, are described in
Administrative Domain Configuration Guide
.
1
Install the Manager as described in
Installation Guide
.
2
The
Default Inline IPS
policy is specified by default. You can leave this policy in place or
pick the policy that best matches your needs. McAfee
®
Network Security Sensors
(Sensors) you add will inherit this policy and pass it along to all interfaces of the
Sensor.
Note:
This policy enables blocking for certain attacks; immediately upon in-line
deployment Sensors will begin blocking these attacks when they are detected.