Home » McAfee Manuals » Networking » McAfee M-1250 » Manual Viewer

McAfee M-1250 Deployment Guide - Page 35

Define DoS policies., Define user roles.

Add to My Manuals
Save this manual to your list of manuals

Page 35 highlights

McAfee® Network Security Platform 6.0 Deployment Scenarios  Split your deployment into multiple Admin Domains. You may want to organize your deployment by geographical location, business unit, or functional area (that is, HR, Finance).  Segment your network traffic into VLAN tags and CIDR blocks. You can then monitor various traffic with distinct policies using the sub-interfaces feature.  Create (or clone) policies on a sub-interface basis. Create policies tuned for specific traffic flows within a network segment, and apply them on an extremely granular level.  Define user roles. Delegate the day-to-day management of the IPS to specific individuals, providing each person with only enough access to the system to carry out his/her responsibilities.  Define DoS policies. Configure DoS policies for specific hosts or a subset of your network. 28

Section	Page
Preface	4
Introducing McAfee Network Security Platform	4
About this Guide	4
Audience	4
Conventions used in this guide	4
Related Documentation	5
Contacting Technical Support	7
Getting Started	8
Deciding where to deploy Sensors and in what operating mode	8
Setting up your Sensors	9
Establish Sensor-to-Manager communication	11
Viewing and working with data generated by Network Security Platform	12
Configuring your deployment using the Manager	12
Updating your signatures and software	13
Tuning your deployment	14
Planning Network Security Platform Installation	15
Pre-deployment considerations	15
What is the size of your network?	15
How many access points are there between your network and the extranets or Internet?	16
Where are the critical servers that require protection within your network?	16
How complex is your network topology?	16
How much traffic typically crosses your network?	17
Where are your security operations located?	18
Where should I deploy Sensors?	18
Sensor Deployment Modes	20
Flexible deployment options	20
Multi-port Sensor deployment	20
Supported deployment modes	20
Full-duplex and half-duplex monitoring	22
Deploying Sensors in in-line mode	22
Fail-open versus fail-closed	24
Fail-open option for GE ports	25
Fail-open option for FE ports	25
Layer 2 passthru mode	25
Deploying Sensors in tap mode	25
Deploying the Sensors with FE ports in internal tap mode	26
Deploying Sensors with GE ports in external tap mode	27
Shifting from tap mode to in-line mode	28
SPAN port and hub monitoring	28
SPAN port and hub monitoring	29
High-Availability	29
Understanding failover in Network Security Platform	30
\	31
Interface groups	31
Deployment Scenarios	33
Deployment flexibility	33
Deployment scenario for beginners	33
Deployment scenario for intermediate users	34
Deployment scenario for advanced users	34