Product Guide
Page 12
... Remove the Slide Rail Kit. 7 Pull out the packing material surrounding the Sensor. 12 McAfee® Network Security Platform M-1250/M-1450 Sensor Product Guide These parts are shipped in Contents of the Sensor box The following ...network voltage (TNV) circuits. Blank faceplates and cover panels prevent exposure to hazardous voltages and currents inside the chassis, contain electromagnetic interference (EMI) that the host is operated in which case users will be grounded. International customers are provided a country-appropriate power cable with the instruction manual...
... Remove the Slide Rail Kit. 7 Pull out the packing material surrounding the Sensor. 12 McAfee® Network Security Platform M-1250/M-1450 Sensor Product Guide These parts are shipped in Contents of the Sensor box The following ...network voltage (TNV) circuits. Blank faceplates and cover panels prevent exposure to hazardous voltages and currents inside the chassis, contain electromagnetic interference (EMI) that the host is operated in which case users will be grounded. International customers are provided a country-appropriate power cable with the instruction manual...
Quick Start Guide
Page 7
The string can include hyphens, underscores, and periods, and must manually enter the complete command syntax. At the prompt, type: set sensor gateway . Make sure the value matches the shared secret key value you must begin ... is used to this will automatically prompt you to provide the necessary information or you to complete its reboot. This value is not on the network. Example: At the prompt, type: set sensor sharedsecretkey. Type: reboot. i Ping the Manager from the Sensor to determine if your configuration settings and check that...
The string can include hyphens, underscores, and periods, and must manually enter the complete command syntax. At the prompt, type: set sensor gateway . Make sure the value matches the shared secret key value you must begin ... is used to this will automatically prompt you to provide the necessary information or you to complete its reboot. This value is not on the network. Example: At the prompt, type: set sensor sharedsecretkey. Type: reboot. i Ping the Manager from the Sensor to determine if your configuration settings and check that...
IPS Configuration Guide
Page 31
McAfee® Network Security Platform 5.1 Managing IPS settings Figure 18: Step1: Add an IPS Policy Dialog 8 Follow the steps to detect in your network thoroughly before enabling Threshold Mode attacks. Network Security Platform provides enforcement of DoS traffic profiling by direction of Service) tab...Exploit category configuration, move to Customizing Denial of Service (DoS) modes (on page 23). You must manually enable each direction separately. McAfee recommends enabling all Learning Mode attacks-Inbound, Outbound, and Bidirectional-are disabled when adding a new policy....
McAfee® Network Security Platform 5.1 Managing IPS settings Figure 18: Step1: Add an IPS Policy Dialog 8 Follow the steps to detect in your network thoroughly before enabling Threshold Mode attacks. Network Security Platform provides enforcement of DoS traffic profiling by direction of Service) tab...Exploit category configuration, move to Customizing Denial of Service (DoS) modes (on page 23). You must manually enable each direction separately. McAfee recommends enabling all Learning Mode attacks-Inbound, Outbound, and Bidirectional-are disabled when adding a new policy....
IPS Configuration Guide
Page 109
... the Message field as well as a batch file (aclxmlconverter.bat) in the diag folder within your Network Security Platform installation folder. (For example C:\Program Files\McAfee\ Network Security Manager\App\ diag folder) In the CSV file that can then manually import the converted XML file to the Manager. You can be randomly assigned. Each line should contain...
... the Message field as well as a batch file (aclxmlconverter.bat) in the diag folder within your Network Security Platform installation folder. (For example C:\Program Files\McAfee\ Network Security Manager\App\ diag folder) In the CSV file that can then manually import the converted XML file to the Manager. You can be randomly assigned. Each line should contain...
IPS Configuration Guide
Page 135
McAfee® Network Security Platform 5.1 Managing IPS settings Figure 138: IPS Quarantine settings from IPS Quarantine -... that are displayed for another 15 minutes. • Release from Hosts page Two options are not quarantined by Network Security Platform. 127 removes a host from IPS Quarantine. Select the required option. extends the time for the host with the...Summary is displayed in the top left corner of hosts in IPS Quarantine from the Summary page. See also Manual quarantine of hosts that are displayed: 15 Minutes 30 Minutes 45 Minutes 1 Hour You can view the graphical...
McAfee® Network Security Platform 5.1 Managing IPS settings Figure 138: IPS Quarantine settings from IPS Quarantine -... that are displayed for another 15 minutes. • Release from Hosts page Two options are not quarantined by Network Security Platform. 127 removes a host from IPS Quarantine. Select the required option. extends the time for the host with the...Summary is displayed in the top left corner of hosts in IPS Quarantine from the Summary page. See also Manual quarantine of hosts that are displayed: 15 Minutes 30 Minutes 45 Minutes 1 Hour You can view the graphical...
IPS Configuration Guide
Page 145
and UDP-based attacks generate packet logs by default. (Only TCP- you must manually set packet logging for all other Exploit attacks.) To help you plan your capacity needs, the following data from the underlying database:... Oldest Alert: displays the date and time • Total counts for avoiding degradation in performance due to consider when planning database capacity. McAfee® Network Security Platform 5.1 Managing IPS settings Figure 150: Capacity planning details Manager retrieves and displays the following statistics have been determined from packet log frequency since...
and UDP-based attacks generate packet logs by default. (Only TCP- you must manually set packet logging for all other Exploit attacks.) To help you plan your capacity needs, the following data from the underlying database:... Oldest Alert: displays the date and time • Total counts for avoiding degradation in performance due to consider when planning database capacity. McAfee® Network Security Platform 5.1 Managing IPS settings Figure 150: Capacity planning details Manager retrieves and displays the following statistics have been determined from packet log frequency since...
IPS Configuration Guide
Page 177
...long-term volume. McAfee® Network Security Platform 5.1 The IPS Sensor_Name node measure. Note: For automatic dropping and blocking, you must initiate the response from the Threat Analyzer for one of Service (DoS) modes (on how to the Filter Time. For manual blocking, you configure ...and click Extend. b Type the number of the violated measure. Once a Statistical alert has been raised, your Network Security Sensor can initiate an automatic or manual response to block all subsequent packets of seconds to add to enable this automatic response, see Blocking further DoS ...
...long-term volume. McAfee® Network Security Platform 5.1 The IPS Sensor_Name node measure. Note: For automatic dropping and blocking, you must initiate the response from the Threat Analyzer for one of Service (DoS) modes (on how to the Filter Time. For manual blocking, you configure ...and click Extend. b Type the number of the violated measure. Once a Statistical alert has been raised, your Network Security Sensor can initiate an automatic or manual response to block all subsequent packets of seconds to add to enable this automatic response, see Blocking further DoS ...
Network Protection
Page 27
... it. In both cases, Network Security Platform performs an incremental checksum of illegal packets is not negotiated in the SYN/SYN_ACK packet for a connection, but appears in the SYN/SYN_ACK packets for example, inbound HTTP responses that the most specific rules should be manually enabled (navigate to get established...include permit, drop (discard silently), and deny (send a TCP reset to set two rules where one rule might seem sufficient. McAfee® Network Security Platform 6.0 Block attacks • Each rule has a response action associated with the first rule it matches -
... it. In both cases, Network Security Platform performs an incremental checksum of illegal packets is not negotiated in the SYN/SYN_ACK packet for a connection, but appears in the SYN/SYN_ACK packets for example, inbound HTTP responses that the most specific rules should be manually enabled (navigate to get established...include permit, drop (discard silently), and deny (send a TCP reset to set two rules where one rule might seem sufficient. McAfee® Network Security Platform 6.0 Block attacks • Each rule has a response action associated with the first rule it matches -
Upgrade Guide
Page 13
...of Central Managers. Make sure there are no 4.1 Managers or Sensors when you upgrade the 4.1 Sensors to a 5.1 version, do a manual synchronization. See Performing Signature Set and Sensor Software Upgrade. See also Upgrading the Central Manager on page 3 Upgrading the Manager on page .... See Upgrading the Manager. 3 Upgrade the required Sensors managed by an MDR pair of the same or higher version than the Managers. McAfee® Network Security Platform 6.1 Upgrade Guide 13 See the 4.1 to 5.1 Upgrade Guide for details. 4 After you begin to upgrade to the latest 6.0 version....
...of Central Managers. Make sure there are no 4.1 Managers or Sensors when you upgrade the 4.1 Sensors to a 5.1 version, do a manual synchronization. See Performing Signature Set and Sensor Software Upgrade. See also Upgrading the Central Manager on page 3 Upgrading the Manager on page .... See Upgrading the Manager. 3 Upgrade the required Sensors managed by an MDR pair of the same or higher version than the Managers. McAfee® Network Security Platform 6.1 Upgrade Guide 13 See the 4.1 to 5.1 Upgrade Guide for details. 4 After you begin to upgrade to the latest 6.0 version....
Upgrade Guide
Page 14
...and functioning as configured. Make sure there are up and functioning as configured. 3 Upgrade the 4.1 Sensors to a 5.1 version, do a manual synchronization. See Upgrading the Central Manager. 6 Upgrade the required Manager MDR pairs to the latest 6.0 version. See the 4.1 to 5.1 Upgrade...Set and Sensor Software upgrade on page 3 Scenario 4 This scenario is as follows: 1 Upgrade all the 4.1 Managers to 6.0. 14 McAfee® Network Security Platform 6.1 Upgrade Guide See the 4.1 to 5.1 Upgrade Guide for this scenario is about an upgrade from a heterogeneous Manager environment in 5.1...
...and functioning as configured. Make sure there are up and functioning as configured. 3 Upgrade the 4.1 Sensors to a 5.1 version, do a manual synchronization. See Upgrading the Central Manager. 6 Upgrade the required Manager MDR pairs to the latest 6.0 version. See the 4.1 to 5.1 Upgrade...Set and Sensor Software upgrade on page 3 Scenario 4 This scenario is as follows: 1 Upgrade all the 4.1 Managers to 6.0. 14 McAfee® Network Security Platform 6.1 Upgrade Guide See the 4.1 to 5.1 Upgrade Guide for this scenario is about an upgrade from a heterogeneous Manager environment in 5.1...
Upgrade Guide
Page 17
...standalone Manager to the latest 6.0 version. See Upgrading the Manager. 2 Upgrade the required Sensors to the latest 6.0 version. McAfee® Network Security Platform 6.1 Upgrade Guide 17 Managing a Heterogeneous Environment Upgrade paths to a heterogeneous environment 2 The upgrade path for this scenario is ...relevant 6.0 version. See Performing Signature Set and Sensor Software Upgrade. See the 4.1 to a 5.1 version, do a manual synchronization. Then, ensure the Sensors are no 4.1 Sensors added to the Managers when you upgrade the 4.1 Sensors to 5.1 Upgrade Guide...
...standalone Manager to the latest 6.0 version. See Upgrading the Manager. 2 Upgrade the required Sensors to the latest 6.0 version. McAfee® Network Security Platform 6.1 Upgrade Guide 17 Managing a Heterogeneous Environment Upgrade paths to a heterogeneous environment 2 The upgrade path for this scenario is ...relevant 6.0 version. See Performing Signature Set and Sensor Software Upgrade. See the 4.1 to a 5.1 version, do a manual synchronization. Then, ensure the Sensors are no 4.1 Sensors added to the Managers when you upgrade the 4.1 Sensors to 5.1 Upgrade Guide...
Upgrade Guide
Page 18
See the 4.1 to a 5.1 version, do a manual synchronization. else, the Manager upgrade will fail. 2 After you upgrade the 4.1 Sensors to 5.1 Upgrade Guide for details. See Upgrading the Manager. 4 Upgrade ...feature-support matrix and the points that you should note when you work in a heterogeneous environment in Network Security Platform 6.0. The following table contains the major feature x Sensor software version x Sensor model matrix: 18 McAfee® Network Security Platform 6.1 Upgrade Guide See also Upgrading the Manager on page 3 Performing Signature Set and Sensor Software ...
See the 4.1 to a 5.1 version, do a manual synchronization. else, the Manager upgrade will fail. 2 After you upgrade the 4.1 Sensors to 5.1 Upgrade Guide for details. See Upgrading the Manager. 4 Upgrade ...feature-support matrix and the points that you should note when you work in a heterogeneous environment in Network Security Platform 6.0. The following table contains the major feature x Sensor software version x Sensor model matrix: 18 McAfee® Network Security Platform 6.1 Upgrade Guide See also Upgrading the Manager on page 3 Performing Signature Set and Sensor Software ...