McAfee M-1250 Network Protection - Page 20

Download configuration, signature set, and software updates to the Sensor

Get McAfee M-1250 - Network Security Platform PDF manuals and user guides View all McAfee M-1250 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 20 highlights

McAfee® Network Security Platform 6.0 Failover: configure two Sensors in inline mode 1 Click / My Company / Device List > Device List > Failover Pairs. 2 Click New. The Add a Failover Pair dialog opens. 3 Select the Sensor Model type. Both Sensors in a failover pair must be the same model. 4 Type a failover pair Name that will uniquely identify the grouping. 5 Select the Primary Sensor Template Device from the drop-down menu. 6 Select the Secondary Sensor Peer Device from the drop-down menu. 7 Click Create. Upon saving, a message informs you that the failover pair creation will take a few moments. 8 Click OK. The new failover pair appears as a child node of the Sensors node under which it was created. That node contains icons for each interface taking part in the failover process. Also within the Failover Pair node is a list of its member Sensors. Most configuration options are hereafter done at the Failover Pair node level. For example, you can now apply a policy, update the configuration, or even create an ACL rule at the Failover Pair node level and it will automatically propagate to each of the member Sensors. On the other hand, you still configure the port settings, view interface statistics, and upgrade the Sensor software at the Sensor node level. The easiest way to get a feel for the Failover Pair configuration process is to examine the user interface once the Pair has been created. Note: The Sensors must be running the same software version to run in a failover configuration. However, you upgrade software at a Sensor level, even those that are part of a Failover Pair. The recommended upgrade procedure is to therefore upgrade the software version on both Sensors, and then reboot them sequentially. That is, once the upgrade process is complete on both, reboot (for example) the secondary, confirm that it has rebooted without error, and reboot the primary. Download configuration, signature set, and software updates to the Sensor After configuring your ports for inline mode, setting the TCP/IP parameters, and customizing and applying policy, you will need to download this configuration to the Sensor in order for all of your changes to be active. This process is described in detail in the section Updating the Configuration of a Sensor in the Sensor Configuration Guide. • Configuration changes, including port configuration, policy, and signature set updates: / My Company / Device List / Sensor_Name> Physical Device > Configuration Update • Software updates only: / My Company / Device List / Sensor_Name > Physical Device > Software Upgrade 12

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
McAfee® Network Security Platform 6.0
Failover: configure two Sensors in inline mode
1
Click
/ My Company / Device List > Device List > Failover Pairs
.
2
Click
New
. The
Add a Failover Pair
dialog opens.
3
Select the Sensor
Model
type. Both Sensors in a failover pair must be the same model.
4
Type a failover pair
Name
that will uniquely identify the grouping.
5
Select the Primary Sensor
Template Device
from the drop-down menu.
6
Select the Secondary Sensor
Peer Device
from the drop-down menu.
7
Click
Create
. Upon saving, a message informs you that the failover pair creation will
take a few moments.
8
Click
OK
. The new failover pair appears as a child node of the Sensors node under
which it was created. That node contains icons for each interface taking part in the
failover process. Also within the Failover Pair node is a list of its member Sensors.
Most configuration options are hereafter done at the Failover Pair node level. For example,
you can now apply a policy, update the configuration, or even create an ACL rule at the
Failover Pair node level and it will automatically propagate to each of the member
Sensors. On the other hand, you still configure the port settings, view interface statistics,
and upgrade the Sensor software at the Sensor node level. The easiest way to get a feel
for the Failover Pair configuration process is to examine the user interface once the Pair
has been created.
Note:
The Sensors must be running the same software version to run in a failover
configuration. However, you upgrade software at a Sensor level, even those that are
part of a Failover Pair. The recommended upgrade procedure is to therefore
upgrade the software version on both Sensors, and then reboot them sequentially.
That is, once the upgrade process is complete on both, reboot (for example) the
secondary, confirm that it has rebooted without error, and reboot the primary.
Download configuration, signature set, and software updates
to the Sensor
After configuring your ports for inline mode, setting the TCP/IP parameters, and
customizing and applying policy, you will need to download this configuration to the Sensor
in order for all of your changes to be active. This process is described in detail in the
section
Updating the Configuration of a Sensor
in the
Sensor Configuration Guide.
Configuration changes, including port configuration, policy, and signature set updates:
/ My Company / Device List / Sensor_Name> Physical Device > Configuration Update
Software updates only:
/ My Company / Device List / Sensor_Name > Physical Device > Software
Upgrade
12