McAfee M4050 Troubleshooting Guide - Page 31
Situations that may lead to Auto-negotiation issues, Checking Sensor health, Pinging a Sensor
UPC - 731944582832
View all McAfee M4050 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 31 highlights
McAfee® Network Security Platform 6.0 Troubleshooting Network Security Platform Situations that may lead to Auto-negotiation issues Auto-negotiation issues with the Sensor may result from nonconforming implementation, hardware incapability, or software defects. Generally, if the switch used with the Sensor adheres to IEEE 802.3u auto-negotiation specifications and all additional features are disabled, auto-negotiation should properly negotiate speed and duplex, and no operational issues should exist. Problems may arise when vendor switches/routers do not conform exactly to the IEEE specification 802.3u. Vendor-specific advanced features that are not described in IEEE 802.3u for 10/100 Mbps auto-negotiation (such as auto-polarity or cabling integrity) can also lead to hardware incompatibility and other issues. Checking Sensor health To see if your Sensor is functioning correctly, do one of the following: On the Sensor: At the command prompt, type status. This displays system status (such as Operational Status, system initialization, signature version, trust, channel status, alert counts, and so on). Sensor should be initialized and in good health. At the command prompt, type show. This displays configuration information (such as Sensor image version, type, name, Manager and Sensor IP addresses, and so on). On the Manager: In the Manager Home page, view the Operational Status section. Manager status should be UP, and Sensor status should be ACTIVE. Note: If you see system faults indicating that the Manager is down, see System Fault Messages (on page 38), to interpret the fault and, if necessary, take action to clear the fault. Pinging a Sensor The Sensor Management port responds only to 1 ping/sec. This prevents it from susceptibility to a ping flood. To ping a Sensor Management port from multiple hosts, increase the time interval between pings. Ensuring that the Sensor is receiving traffic Sensor Statistics can be viewed in the Threat Analyzer by creating a new dashboard and by choosing monitors that display different type of Sensor statistics. Sensor Flow Statistics, IP Spoofing Statistics, Packet Drop Statistics, Port Packet Drop Statistics and Rate Limiting Statistics are the monitors available. Follow this procedure to view Sensor Flow Statistics: 22