McAfee Network Security Platform 8.3

Size: px
Start display at page:

Download "McAfee Network Security Platform 8.3"

Transcription

1 Manager-Mxx30-series Release Notes McAfee Network Security Platform 8.3 Revision C Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product documentation About this release This document contains important information about the current release. We strongly recommend that you read the entire document. Network Security Platform follows a new process release 8.2 onwards. The changes in the release process are based on customer requirements, and best practices followed by other McAfee teams. For details, read KB This release of Network Security Platform is to provide few features and enhancements on the Manager and Mxx30-series Sensor software. Release parameters Version Network Security Manager Signature Set Mxx30-series Sensor

2 This version of 8.3 Manager software can be used to configure and manage the following hardware: Hardware Version NS9x00-series Sensors (NS9100, NS9200, NS9300) 7.1, 8.1, 8.2, 8.3 NS7x00-series Sensors (NS7100, NS7200, NS7300) 8.1, 8.2, 8.3 NS5x00-series Sensors (NS5100, NS5200) 8.1 Sensor software versions 8.2 and 8.3 are currently not available for NS5x00-series. NS3x00-series Sensors (NS3100, NS3200) 8.1 Sensor software versions 8.2 and 8.3 are currently not available for NS3x00-series. Virtual IPS Sensors (IPS-VM100 and IPS-VM600) 8.1, 8.2 Sensor software version 8.3 is currently not available for IPS-VM100 and IPS-VM600. Virtual Security System Sensors (IPS-VM100-VSS) 8.1 Sensor software versions 8.2 and 8.3 are currently not available for IPS-VM100-VSS. M series Sensors (M-1250, M-1450, M-2750, M-2850, M-2950, M-3050, M-4050, M-6050, M-8000) 7.1, 8.1, 8.2, 8.3 Mxx30-series Senors (M-3030, M-4030, M-6030, M-8030) 7.1, 8.1, 8.2, 8.3 XC Cluster Appliances (XC-240) 7.1, 8.1, 8.2, 8.3 XC Cluster Appliances (XC-640) Manager version 8.3 does not currently support the 8.1 XC-640 Load Balancer Appliance. Also, Sensor software versions 8.2 and 8.3 are currently not available for XC-640 Load Balancers. Not applicable NTBA Appliance software (T-200, T-500, T-600, T-1200, T-VM, T-100VM, T-200VM) 7.1, 8.1, 8.2, 8.3 The above mentioned Network Security Platform software versions support integration with the following product versions: Table 1-1 Network Security Platform compatibility matrix Product Version supported McAfee epo 5.0, 5.1, McAfee Global Threat Intelligence Compatible with all versions McAfee Advanced Threat Defense , McAfee Endpoint Intelligence Agent 2.4, 2.5 McAfee Logon Collector 2.2, 3.0 McAfee Threat Intelligence Exchange 1.0.0, 1.0.1, 1.1.1, 1.2 McAfee Vulnerability Manager 7.5 McAfee Host Intrusion Prevention 7.0, 8.0 Intel Security Controller 1.0 2

3 Currently port 4167 is used as the UDP source port number for the SNMP command channel communication between Manager and Sensors. This is to prevent opening up all UDP ports for inbound connectivity from SNMP ports on the sensor. Older JRE versions allowed the Manager to bind to the same source port 4167 for both IPv4 and IPv6 communication. But with the latest JRE version 1.7.0_67, it is no longer possible to do so, and the Manager uses port 4166 as the UDP source port to bind for IPv6. Manager 8.3 uses JRE version 1.7.0_67. If you have IPv6 Sensors behind a firewall, you need to update your firewall rules accordingly such that port 4166 is open for the SNMP command channel to function between those IPv6 Sensors and the Manager. Manager software version 8.3 is not supported on McAfee-built Dell based Manager Appliances. McAfee recommends that you use Intel-based Manager Appliances instead. New features This release of Network Security Platform includes the following new features: Migration of Network Threat Response features to Network Security Platform Detection of file extension mismatch Attackers sometimes attempt to modify the extension of the file in order to avoid detection. Certain file types which are subject to a more thorough analysis because of the nature of the content that they can hold have their extensions changed in order to misguide firewalls or conventional security systems into excluding the file from analysis or blocking. Once such a file is in the network it can perform various actions such contacting a bot server or attaching itself to documents in order to proliferate across a network. A common example is when an executable file is sent with an extension of.sys but has a content-type value of "plain text". Network Security Platform 8.3 is able to detect such anomalies. NS-series Sensors are by default equipped with signatures to detect such files, whose extension has been tampered with, by extracting the magic number of the file. A magic number is a unique numerical or text value that is used to identify a file format. The Sensor extracts this number to identify the file type and does not use the file extension mentioned in the file name. When the Sensor has extracted the magic number, it is able to distinguish between files whose extensions are genuine and those of which have been tampered. If the extension has been tampered with, the Sensor raises a MALWARE: File Mismatch Detected alert in the Attack Log. To use this, feature you must confirm that the attack definition, MALWARE: File Mismatch Detected, is enabled. It is enabled by default. In the current release, magic numbers are not extracted for JAR, APK, and ZIP files since the Sensor cannot distinguish between these three files. For more information, see McAfee Network Security Platform IPS Administration Guide. Blocking Skype traffic Detection of Skype traffic is made challenging by the very nature of the way in which it is deployed to users. In release 8.3, Network Security Platform is able to block Skype traffic using certain heuristics and pattern matching techniques. This feature is available by default when you load the latest signature set available with Manager version

4 Enhancements This release of Network Security Platform includes the following enhancements: Manager UI redesign to migrate away from Java In release 8.3, the following existing UI pages have been enhanced to use the extjs framework: Attack Log With release 8.3, the Real-Time Threat Analyzer and Historical Threat Analyzer features are deprecated. The alerts that were previously displayed in the Alerts tab in Real-Time Threat Analyzer and Historical Threat Analyzer are now displayed in Attack Log. All actions performed in the Alerts tab today, can be performed in the Attack Log. You can acknowledge alerts and also update rules, quarantine hosts, tag endpoints, configure auto-acknowledgement rules, etc. You can also perform forensics on alerts for further analysis. To view the alerts, go to Analysis <Admin Domain Name> Attack Log. The Attack Log feature is not available in the Central Manager. To view alerts in the Central Manager, go to Analysis Real-Time Threat Anlayzer. For more information, see McAfee Network Security Platform Manager Administration Guide. The Threat Analyzer is disabled by default. To enable it in Manager version 8.3 perform the following steps: 1 In the Manager, using Windows Explorer go to C:\Program Files\McAfee\Network Security Manager\App\config. 2 Locate the ems.properties file, right-click and open it using Windows Notepad. 3 If iv.ui.ta.display.isenabled is already present within the file, change its value to true. Otherwise, add iv.ui.ta.display.isenabled=true to the file. Attack Log workflow Previously to view alerts generated for an attack, you were directed to the Threat Analyzer. With this release you can view all alerts in the Attack Log. To drill-down details for an attack, you can click the attack or malware from the dashboard. You are then directed to the Threat Explorer page. To view further details for an IP address, application or attack, select the attack, application or IP address and click View Attacks to view all the alerts. Following are the changes with respect to features in the Analysis tab: Malware Files With release 8.3, the Details for: 'hash' section is removed. To view alert related to a malware hash, double-click the hash to navigate to Attack Log. Callback Activity To view alerts related to a callback activity or the IP address of a callback activity, double-click the callback activity or the IP address of the callback activity to navigate to Attack Log. With release 8.3, the 'Botnet' Events tab in the Latest Related Events for: 'IP address' section is removed. High-Risk Endpoints To view alerts related to a high-risk endpoint, double-click the endpoint IP address to navigate to Attack Log. With release 8.3, the Endpoint Risk tab in the Latest Related Events for: 'IP address' section is removed. 4

5 Endpoint Executables You can view the alerts related to an endpoint executable hash, IP address or the application by double clicking the respective hash, IP address or the application. The Attack Log opens when you perform the following actions: Double-click a hash in the Executable section. Double-click the IP address related to the hash in the Endpoint tab of the Details for: 'hash name' section. Double-click the application related to the hash in the Applications tab of the Details for: 'hash name' section. With release 8.3, the Events tab in the Details for: 'hash name' section is removed. For more information, see McAfee Network Security Platform Manager Administration Guide. Custom Attacks Custom Attacks feature enables you to create Native McAfee Attacks as well as Snort Rules. Using this tool, you can also import custom attacks in bulk instead of defining them individually. You can launch the tool from the it from the IPS Policies page of the Manager. From the Manager, select Policy <Root Admin Domain> Intrusion Prevention Policy Types IPS Policies. Click Custom Attacks. For more information, see McAfee Network Security Platform Custom Attack Definitions Guide. The previous Custom Attack Editor is disabled by default. To enable it in Manager version 8.3 perform the following steps: 1 In the Manager, using Windows Explorer go to C:\Program Files\McAfee\Network Security Manager\App\config. 2 Locate the ems.properties file, right-click and open it using Windows Notepad. 3 Search for iv.ui.cae.display.isenabled within the file. 4 Update the value to true. Traffic Statistics Traffic Statistics provides data for different traffic parameters to maintain and improve the Sensor health. The various traffic statistics data that were available as monitors in the Threat Analyzer can now be viewed under Traffic Statistics. The counters for the respective statistics shown in the Sensor CLI is also available in the Traffic Statistics page. The following Threat Analyzer monitors are now migrated: Threat Analyzer Statistics Rx/Tx Statistics - Flows Statistics - Port Packet Drops Statistics - Malware Statistics - Rate Limiting Traffic Statistics Traffic Received / Sent Flows Dropped Packets Advanced Malware Analysis Rate Limiting To view the traffic data, go to Devices <Admin Domain Name> Devices <Device Name> Troubleshooting Traffic Statistics. For more information, see McAfee Network Security Platform IPS Administration Guide. Performance Charts The Sensor performance charts available in the Threat Analyzer are now available in Performance Charts. You can monitor the Sensor performance metrics depending on the Sensor/port throughput utilization, flow usage, and CPU usage. To view the Sensor performance charts, go to Devices <Admin Domain Name> Devices <Device Name> Troubleshooting Performance Charts. For more information, see McAfee Network Security Platform IPS Administration Guide. 5

6 Auto Acknowledgment The Automatic Alert Acknowledgement Rules option that was available in the Threat Analyzer under Create Exceptions is now available as Auto-Acknowledgment option in the Policy tab. You can create rules for acknowledgement based on alert severity or rules. You can view the acknowledged alerts in Attack Log. To create auto acknowledgement for alerts, go to Policy <Admin Domain Name> Intrusion Prevention Exceptions Auto-Acknowledgement. For more information, see McAfee Network Security Platform IPS Administration Guide. IPS Monitors Migration Attacks Over Time and Top Attacks monitors are enhanced to display of data using extjs in the home Dashboard. The following new monitors are added in release 8.3: CPU Usage Displays the CPU utilization data for devices based on the usage. Flow Usage Displays the flow utilization data for devices based on the usage. Throughput Usage Displays the throughput utilization data for devices based on the usage. For more information, see McAfee Network Security Platform Manager Administration Guide. Enhancements in Threat Explorer Earlier, Threat explorer displays data only based on attack count. In 8.3 release, the Threat Explorer also displays flow based data. The data is displayed in the Threat Explorer page by selecting the options Bytes and Connections from the drop-down list. NTBA Communication Rules Earlier, NTBA Communication Rules were configured in the Communication Rules tab in the Edit NTBA Policy page under Policy Network Threat Behavior Analysis NTBA. With release 8.3, communication rules are configured in Network Threat Behavior Analysis <Communication Rules>. Earlier, communication rules for inside zone and outside zone was configured in the following path: Inside Zone Devices <Admin Domain Name> Devices <NTBA Appliance> Zones Inside Zones Default InsideZone Communication Rules Outside Zone Devices <Admin Domain Name> Devices <NTBA Appliance> Zones Outside Zones Default OutsideZone Communication Rules With release 8.3, communication rules for both inside and outside zones are configured in the Rule Details panel in the Communication Rules page. The Time of Day criterion that was displayed under Devices <Admin Domain Name> Global Default Device Settings NTBA Devices Device Settings Setup Time of Day is removed in release 8.3. With release 8.3, the effective time of the communication rule is configured in the Effective Time panel under Rule Details panel. For more information, see McAfee Network Security Platform NTBA Administration Guide. NTBA Policies The Manager UI has been enhanced for the following page: Policy <Admin Domain Name> Network Threat Behavior Analysis NTBA Policies. When you are working on NTBA appliance prior to version 8.3, use the Worm Policies page under Policy <Admin Domain Name> Network Threat Behavior Analysis Worm Policies to configure worm policies. Earlier, the New, Clone, View/Edit and Delete buttons appeared on top of the page. In the 8.3 the New, Copy, Edit, Delete appear at the bottom of the page. The View/Edit options on the page are removed. You can view a policy by double clicking on the row specific to a policy. Earlier, NTBA and Worm policies are exported in Export NTBA and Worm Policies page in Policy Network Threat Behavior Analysis Advanced Export NTBA and Worm Policies. In 8.3, you can export NTBA and Worm policies in Export NTBA and Worm Policies page in Policy Network Threat Behavior Analysis Policy Export NTBA Policies. 6

7 Earlier, NTBA and Worm policies are imported in Import NTBA and Worm Policies page in Policy Network Threat Behavior Analysis Advanced Import NTBA and Worm Policies. In 8.3, you can import NTBA and Worm policies in Import NTBA and Worm Policies page in Policy Network Threat Behavior Analysis Policy Import NTBA Policies. In 8.3, Default NTBA Attack Settings is renamed to Default NTBA Attack Repository. Prior to 8.3, the following paths was used to configure Advanced Botnet Detection. Device <Admin Domain Name> Global Default Device Settings NTBA Devices Zone Settings Advanced Botnet Detection Device <Admin Domain Name> Devices <NTBA Appliance> Zones Inside Zones/Outside Zone Default Inside Zone/ Outside Zone Advanced Botnet Detection In 8.3, Advanced Botnet Detection is renamed to Advanced Callback Detection and the following paths are used to configure Advanced Callback Detection: Devices <Admin Domain Name> Global NTBA Device Settings Zone Settings Advanced Callback Detection Devices <Admin Domain Name> Devices <NTBA Appliance> Zones Inside Zones/Outside Zone Default Inside Zone/ Outside Zone Advanced Callback Detection For more information, see McAfee Network Security Platform NTBA Administration Guide. Enhancements in Threat Explorer and NTBA Security Monitors Earlier, Threat explorer displays data only based on attack count. In 8.3 release, the Threat Explorer also displays flow based data. The data is displayed in the Threat Explorer page by selecting the options Bytes and Connections from the drop-down list. The Top Applications monitor is enhanced to display the flow based data based on bytes and connections. The Top Applications (NTBA) monitor enables you to view the top applications seen in the network based on bytes or connections. The following new security monitors are added in the Dashboard page: Top Sources Enables you to view the top source IP addresses identified in the network based on bytes or connections. Top Destinations Enables you to view the top destination IP addresses identified in the network based on bytes or connections. Top URLs Enables you to view the most accessed URLs in the network based on bytes or connections Top Files Enables you to view the files that are most used in the network based on bytes or connections. Top Endpoint Executables Enables you to view the top endpoint executables based on attacks and endpoints. The storage types field configuration under Devices <Admin Domain Name> Devices <NTBA Appliance> Maintenance Database Pruning is enhanced to configure the following storage types: 1-Hour Summary Data 2-Day Summary Data 6-Hour Summary Data 7-Day Summary Data 12-Hour Summary Data 14-Day Summary Data 1-Day Summary Data For more information, see McAfee Network Security Platform NTBA Administration Guide. 7

8 Default IPS Policies name changes In release 8.3, the following changes are made to the existing default IPS policies: Default IPS policy name prior to 8.3 Default IPS policy name in 8.3 Default IDS Default Detection Default Inline IPS Default Prevention Null Default DoS and Reconnaissance Only All-Inclusive without Audit Default Exclude Informational All-Inclusive with Audit Default Testing Default IPS Attack Settings Master Attack Repository For more information, see McAfee Network Security Platform IPS Administration Guide. Domain Name Exceptions The Manager retrieves all whitelisted domains for the IPS Inspection Whitelist tab from the Callback Detectors bundle. For more information, see McAfee Network Security Platform IPS Administration Guide. Manager Blacklist You can configure a maximum of 99,000 entries (whitelist and blacklist). The Manager retrieves a maximum of 1000 hashes from the callback detectors file. The callback detectors file can have 0 or up to 1000 McAfee blacklisted file hashes. For more information, see McAfee Network Security Platform IPS Administration Guide. Gateway Anti-Malware Engine enhancements If you currently have an M-series Sensor and want to deploy Gateway Anti-Malware Engine in your network, you must integrate it with an 8.2 or later NTBA Appliance. In release 8.3, NS-series Sensors and NTBA Appliances running device software version 8.3 or later incorporate Gateway Anti-Malware Engine 2014 version 3. All 8.2 Sensors and NTBA Appliances use Gateway Anti-Malware Engine The way to distinguish between Gateway Anti-Malware Engine 2013 and 2014 is to look for the version mentioned in the UI or the CLI. Gateway Anti-Malware Engine, version 2014 must be listed as xxxx xxxx. For example, In the Manager UI, you can use one of the following means to find out the version running on your Sensor: Method 1: Locate the Sensor in the Device Summary monitor in the Dashboard tab and look for GAM. Method 2: 1 Go to Devices <Admin Domain Name> Devices <Device Name>. 2 On the Summary page, look for the version listed beside Gateway Anti-Malware Engine Version. Manual update of the Gateway Anti-Malware Engine software has been available on NS-series Sensors since an earlier release. NTBA Appliances do not support manual update of the Gateway Anti-Malware Engine. 8

9 However, in case of a heterogeneous environment after this release, you have the option to manually import only Gateway Anti-Malware Engine, version As a consequence, it means Manager version 8.3 supports manual updates only for NS-series Sensors running software version 8.3. The table below provides you a overview of the combinations and whether it is allowed. Manager Sensor Manual update allowed? Pre Pre Yes Yes or later Pre Manual import is not allowed. You must either upgrade the Sensor software version or assign the Sensor to a Pre Manager. For more information, see McAfee Network Security Platform IPS Administration Guide. Layer 7 data collection enhancements With 8.3 release the following layer 7 data collection enhancements are made in the Traffic Inspection tab under Inspection Options: The default option for Layer 7 Data Collection is configured to Inbound and Outbound. While selecting the Disabled option in Layer 7 Data Collection, a confirmation window to confirm the disable action and the need for Layer 7 data collection is displayed. To disable Layer 7 Data Collection option in Traffic Inspection Callback Detectors and Heuristic Callback Discovery option should also be disabled in the Advanced Callback Detection tab. For more information, see McAfee Network Security Platform IPS Administration Guide. When Layer 7 data collection is enabled, the percentage of the maximum number of concurrent flows that capture Layer 7 data is set to 20%, by default. For more information, see McAfee Network Security Platform Manager Administration Guide. Health Check enhancements In 8.3, the following Health check enhancements are made in Manager <Admin Domain Name> Troubleshooting Health Check: Enhancement to adjust the column width for any field by dragging the column line to customize the display of column width Enhancement to select checks based on the following options: Summary Only Database Checks Only Connectivity Check Only For more information, see McAfee Network Security Platform Manager Administration Guide. 9

10 Vulnerability scan in Vulnerability Assessment tab Earlier vulnerability scans were performed only in the Threat Analyzer. In 8.3, this feature has been enhanced to scan through the Vulnerability assessment tab in the following pages: Threat Explorer Callback Activity (earlier named Active Botnets page) High-Risk Endpoints In 8.3, you can scan for vulnerabilities by clicking the Scan for Vulnerabilities button in the Vulnerability assessment tab. Scan for Vulnerabilities option is available only when integration with Vulnerability Manager is enabled and if you have edit privileges to run the scan. For more information, see McAfee Network Security Platform Manager Administration Guide. Import of Non-MVM Reports Earlier, import of vulnerability data was manually performed. In 8.3, enhancement is made in the Manager to schedule automatic import of non-mvm report in Manager <Admin Domain Name> Integration Vulnerability Assessment Non-MVM Report Import. You can view the import result and domain statistics. You can also purge the vulnerability assessment results, if needed. For more information, see McAfee Network Security Platform Integration Guide. Enhancement to prevent network outage due to hung data path processes With release 8.3, in case the Sensor hangs when data path processes are not reachable, the traffic is passed through an Active Fail-Open kit (if connected). In addition, an auto-recovery is triggered in the Sensor. Advanced Threat Defense scan result caching If you have integrated Network Security Platform with Advanced Threat Defense, when a file is analyzed by McAfee Advanced Threat Defense, file results are cached. If the same file is received by the Sensor, the file is not sent to McAfee Advanced Threat Defense for analysis, and the results are retrieved from the cache. By default, the McAfee Advanced Threat Defense malware engine file results are cached. The Sensor continues to submit files for analysis to McAfee Advanced Threat Defense until the file analysis results are complete and stored in the cache. You can use the CLI commands, atdcache autopurge, atdcache autopurge status, set atdcachepurge interval hours, and clearmalwarecache to configure the cache settings. For more information, see McAfee Network Security Platform Integration Guide and McAfee Network Security Platform CLI Guide. 10

11 Other IPS CLI enhancements From this release, certain Sensor CLI commands are now configurable through the Manager and are not available in the CLI: set sshaccesscontrol sshaccesscontrol set auditlog set previous256byteslogging set parsetunneledtraffic set sensor-load set sshlog To configure settings for CLI logging and tunneled traffic at the admin domain level, go to Devices <Admin Domain Name> Global IPS Device Settings Advanced Device Settings Alternatively, you can configure these settings for a Sensor from Devices <Admin Domain Name> Devices <Device Name> Setup Advanced Advanced Device Settings. The following commands have been added to configure the McAfee Advanced Threat Defense results cache settings: set atdcachepurge interval hours Used to configure time interval for atdcachepurge feature. atdcache autopurge Purges the cache entries made in the Sensor for the files sent to ATD for analysis. atdcache autopurge status Displays whether the atdcache autopurge feature is enabled or disabled. By default, the command is enabled. clearmalwarecache Deletes cache entries, made in the Sensor, for all the malware engines or a specific malware engine, based on user input. The following command has been updated in this release: show malwareserverstats The command has been enhanced to display the File Reputation Request/Response Statistics. For more information, see McAfee Network Security Platform CLI Guide. Resolved issues These issues are resolved in this release of the product. For a list of issues fixed in earlier releases, see the Release Notes for the specific release. Resolved Manager software issues The following table lists the medium-severity Manager software issues: ID # Issue Description In the Trend Analysis reports, the ending day and week options cannot be updated When you backup all tables, the dump file is not exported completely Few users are not displayed in the Manager Role Assignment page. 11

12 ID # Issue Description After an automatic signature download, new attack names do not appear in the attack definitions Manager should use the 5-tuple associated with the flow that triggered the event, coupled with a time window, to identify or query the VM information from Intel Security Controller s are not sent for triggered malware alerts On the Manager dashboard, each child domain should show its respective device The Next Generation Report for Layer 7 data shows only ten attacks regardless of configured output limit On the Physical Ports page, empty SFP slots are displayed as configured The Real-Time Threat Analyzer fails to open from the Central Manager's Analysis tab In the Alert Details window, under the Layer 7 Data section, the label Recipient Addresses has to be updated Renamed Inspection Options policy still shows old name in the Policy Manager For the and signature sets, the description and signature information is not available for attacks The <CLEARED> string is added to unacknowledged faults notification MySQL or earlier is vulnerable to IAVM 2015-A The Malware Files page displays the file in Pending state, even though the report shows complete for Advanced Threat Defense After a Manager upgrade, the Dashboard's Device Summary monitor displays an error, Unable to retrieve update status: null Blank revision numbers are displayed during bulk IPS Policies updates When you select a device and view the source, the shared secret key is visible A quarantined IP address from SIEM does not display the correct date and release time In the system logs, an error, Error in Alert Property Creation is displayed Fresh installation of the Manager creates one table improperly, and creates errors in the log file Connection Limiting policy is not available, if the Visibility property for that policy is set as Owner domain only In a rare scenario, database tuning is not completed In the Threat Analyzer and reports, "--" is displayed for source countries Some dashboard monitors display an error 0:communication error. Resolved Sensor software issues The following table lists the medium-severity Sensor software issues: ID # Issue Description The Sensor is vulnerable against OpenSSH vulnerability CVE Due to exhaustion of internal resources related to certain system events, the packet capture files cannot be uploaded from the Sensor to the Manager The Sensor is vulnerable against tcp-sack option which does not trigger an alert CVE The Sensor stops sending packet logs to the Manager when Layer 7 data collection is enabled. 12

13 ID # Issue Description The Sensor is vulnerable against CVE ; race condition in the IPC object implementation in the Linux kernel through allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. Since existing Sensor deployments use a Linux kernel without this fix, the vulnerability theoretically applies with an extremely low exploit likelihood. The vulnerability is not available through a remote, network vector without authentication. In order to exploit the vulnerability locally, an attacker must first surmount to levels of authentication. Then, a specially crafted application specific to this vulnerability must be scheduled. Sensor applications must then be restarted. The application may only be used to exploit the vulnerability at the time of Sensor initialization In a corner case scenario, a crash in the internal process causes the Sensor to switch to into layer 2 mode The Sensor autorecovers while processing GCM ciphersuite with certain TCP segmentation of SSL records The queries to McAfee Cloud engine does not use proxy when configured In rare exceptions, the malware processing engine might prevent the Sensor from sending files to an NTBA or Advanced Threat Defense appliance False positives are triggered when HTTP: Web application server attack detected is enabled The Sensor-load shows 0% when very low traffic is run on the Sensor Skype application is not blocked even if blocking is enabled Unable to add IP address ending with.127 to the quarantine list Quarantined hosts are not released after the specified time period. 13

14 Installation instructions Manager server/client system requirements The following table lists the 8.3 Manager server requirements: Operating system Minimum required Any of the following: Windows Server 2008 R2 Standard or Enterprise Edition, English operating system, SP1 (64-bit) (Full Installation) Windows Server 2008 R2 Standard or Enterprise Edition, Japanese operating system, SP1 (64-bit) (Full Installation) Windows Server 2012 R2 Standard Edition (Server with a GUI) English operating system Windows Server 2012 R2 Standard Edition (Server with a GUI) Japanese operating system Windows Server 2012 R2 Datacenter Edition (Server with a GUI) English operating system Windows Server 2012 R2 Datacenter Edition (Server with a GUI) Japanese operating system Only X64 architecture is supported. Recommended Windows Server 2012 R2 Standard Edition operating system. Memory 8 GB Supports up to 3 million alerts in Solr. >16 GB Supports up to 10 million alerts in Solr. CPU Server model processor such as Intel Xeon Same Disk space 100 GB 300 GB or more Network 100 Mbps card 1000 Mbps card Monitor 32-bit color, 1440 x 900 display setting 1440 x 900 (or above) The following are the system requirements for hosting Central Manager/Manager server on a VMware platform. 14

15 Table 5-1 Virtual machine requirements Component Minimum Recommended Operating system Any of the following: Windows Server 2008 R2 Standard or Enterprise Edition, English operating system, SP1 (64-bit) (Full Installation) Windows Server 2008 R2 Standard or Enterprise Edition, Japanese operating system, SP1 (64-bit) (Full Installation) Windows Server 2012 R2 Standard Edition (Server with a GUI) English operating system Windows Server 2012 R2 Standard Edition (Server with a GUI) Japanese operating system Windows Server 2012 R2 Datacenter Edition (Server with a GUI) English operating system Windows Server 2012 R2 Datacenter (Server with a GUI) Japanese operating system Only X64 architecture is supported. Windows Server 2012 R2 Standard Edition operating system. Memory 8 GB >16 GB Supports up to 3 million alerts in Solr. Supports up to 10 million alerts in Solr. Virtual CPUs 2 2 or more Disk Space 100 GB 300 GB or more Table 5-2 VMware ESX server requirements Component Minimum Virtualization software ESXi 5.1 Update 2 ESXi 5.5 Update 3 ESXi 6.0 Update 1 CPU Memory Internal Disks Intel Xeon CPU ES 2.00 GHz; Physical Processors 2; Logical Processors 8; Processor Speed 2.00 GHz Physical Memory: 16 GB 1 TB 15

16 The following table lists the 8.3 Manager client requirements when using Windows 7, Windows 8, or Windows 2012: Operating system Minimum Windows 7, English or Japanese Windows 8, English or Japanese Windows 8.1, English or Japanese Windows 10, English or Japanese The display language of the Manager client must be the same as that of the Manager server operating system. Recommended RAM 2 GB 4 GB CPU 1.5 GHz processor 1.5 GHz or faster Browser Internet Explorer 10, 11, or Microsoft Edge Mozilla Firefox Google Chrome (App mode in Windows 8 is not supported.) To avoid the certificate mismatch error and security warning, add add the Manager web certificate to the trusted certificate list. Internet Explorer 11 Mozilla Firefox 20.0 or later Google Chrome 24.0 or later If you are using Google Chrome 42 or later, the NPAPI plug-in is disabled by default, which means that Java applet support is disabled by default. Perform the following steps to enable NPAPI plug-in: 1 In the address bar, type chrome://flags/#enable-npapi. 2 Click the Enable link in the Enable NPAPI configuration option. 3 Click Relaunch Now at the bottom of the page to restart Google Chrome for the changes to take effect. For the Manager client, in addition to Windows 7, Windows 8, and Windows 8.1, you can also use the operating systems mentioned for the Manager server. The following are Central Manager and Manager client requirements when using Mac: Mac operating system Yosemite El Capitan Browser Safari 8 or 9 For more information, see McAfee Network Security Platform Installation Guide. Upgrade recommendations McAfee regularly releases updated versions of the signature set. Note that automatic signature set upgrade does not happen. You need to manually import the latest signature set and apply it to your Sensors. 16

17 The following is the upgrade matrix supported for this release: Component Manager/Central Manager software Minimum Software Version , , (only for NS5x00 and NS3x00), , M-series Sensor software , , , Known issues For a list of known issues in this product release, see this McAfee KnowledgeBase article: Network Security Platform software issues: KB86387 Product documentation Every McAfee product has a comprehensive set of documentation. Find product documentation 1 Go to the McAfee ServicePortal at and click Knowledge Center. 2 Enter a product name, select a version, then click Search to display a list of documents. 8.3 product documentation list The following software guides are available for Network Security Platform 8.3 release: Quick Tour Installation Guide (includes Upgrade Guide) Manager Administration Guide Manager API Reference Guide (selective distribution - to be requested via support) CLI Guide IPS Administration Guide Custom Attacks Definition Guide XC Cluster Administration Guide Integration Guide NTBA Administration Guide Best Practices Guide Troubleshooting Guide 17

18 2016 Intel Corporation Intel and the Intel logo are trademarks/registered trademarks of Intel Corporation. McAfee and the McAfee logo are trademarks/ registered trademarks of McAfee, Inc. Other names and brands may be claimed as the property of others. 0C-00

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 8.3.7.7-8.3.3.2 Manager-NTBA Release Notes McAfee Network Security Platform 8.3 Revision C Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 8.3.7.7-8.3.7.3 Manager-Virtual IPS Release Notes McAfee Network Security Platform 8.3 Revision B Contents About this release New features Enhancements Resolved issues Installation instructions Known issues

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 8.3.7.7-8.3.5.6 Manager-NS-series Release Notes McAfee Network Security Platform 8.3 Revision C Contents About this release New features Enhancements Resolved issues Installation instructions Known issues

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 8.3.7.44-8.3.7.14 Manager-Virtual IPS Release Notes McAfee Network Security Platform 8.3 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 8.3.7.28-8.3.3.9 Manager-Mxx30-series Release Notes McAfee Network Security Platform 8.3 Revision C Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 8.3.7.28-8.3.7.6 Manager-Virtual IPS Release Notes McAfee Network Security Platform 8.3 Revision B Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.82-8.1.3.100 Manager-M-series Release Notes Network Security Platform 8.1 Revision B Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product

More information

McAfee Network Security Platform 9.1

McAfee Network Security Platform 9.1 9.1.7.15-9.1.3.3 Manager-NTBA Release Notes McAfee Network Security Platform 9.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues

More information

McAfee Network Security Platform 9.2

McAfee Network Security Platform 9.2 McAfee Network Security Platform 9.2 (9.2.7.22-9.2.7.20 Manager-Virtual IPS Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 Revision A McAfee Network Security Platform 8.3 (8.3.7.86-8.3.7.59 Manager-Virtual IPS Release Notes) Contents About this release New features Enhancements Resolves issues Installation instructions Known

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 Revision A McAfee Network Security Platform 8.3 (8.3.7.86-8.3.3.39 Manager-M-series Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

McAfee Network Security Platform 9.1

McAfee Network Security Platform 9.1 9.1.7.15-9.1.5.9 Manager-NS-series Release Notes McAfee Network Security Platform 9.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues

More information

McAfee Network Security Platform 9.1

McAfee Network Security Platform 9.1 9.1.7.15-9.1.3.4 Manager-M-series, Mxx30-series, XC Cluster Release Notes McAfee Network Security Platform 9.1 Revision A Contents About this release New features Enhancements Resolved issues Installation

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 8.3.7.68-8.3.7.55-8.3.7.14 Manager-Virtual IPS Release Notes McAfee Network Security Platform 8.3 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 Revision A McAfee Network Security Platform 8.3 (8.3.7.86-8.3.5.53 Manager-NS-series Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 8.3.7.86-8.3.7.56 Manager-Virtual IPS Release Notes McAfee Network Security Platform 8.3 Revision C Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.100-8.1.3.130 Manager-M-series Release Notes Network Security Platform 8.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues

More information

McAfee Network Security Platform 9.2

McAfee Network Security Platform 9.2 McAfee Network Security Platform 9.2 (9.2.7.9-9.2.7.17 Manager-Virtual IPS Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product

More information

McAfee Network Security Platform 9.1

McAfee Network Security Platform 9.1 Revision A McAfee Network Security Platform 9.1 (9.1.7.73-9.1.3.11 Manager-M-series, Mxx30-series, and XC Cluster Release Notes) Contents About the release New features Enhancements Resolved Issues Installation

More information

McAfee Network Security Platform 9.1

McAfee Network Security Platform 9.1 9.1.7.49-9.1.3.6 Manager-M-series, Mxx30-series, XC Cluster Release Notes McAfee Network Security Platform 9.1 Revision C Contents About the release New features Enhancements Resolved issues Installation

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.91-8.1.3.40 NTBA Appliance Release Notes Network Security Platform 8.1 Revision B Contents About this release New features Enhancements Resolved issues Installation Instructions Known issues Product

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.96-8.1.3.130 Manager-M-series Release Notes Network Security Platform 8.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product

More information

McAfee Network Security Platform

McAfee Network Security Platform Revision B McAfee Network Security Platform (9.2.9.3-9.2.5.34 Manager-NS3500 Release Notes) Contents About this release New Features Resolved issues Installation instructions Known issues Product documentation

More information

McAfee Network Security Platform 9.2

McAfee Network Security Platform 9.2 Revision B McAfee Network Security Platform 9.2 (9.2.7.9-9.2.7.10 Manager-Virtual IPS Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.82-8.1.5.175-8.1.3.100 Manager-XC-Cluster Release Notes Network Security Platform 8.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

McAfee Network Security Platform

McAfee Network Security Platform Revision A McAfee Network Security Platform (9.1.7.73-9.1.3.54 Manager-NTBA Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 8.3.7.52-8.3.3.27-2.11.9 Manager-XC-Cluster Release Notes McAfee Network Security Platform 8.3 Revision C Contents About this release New features Enhancements Resolved issues Installation instructions

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 8.3.7.44-8.3.5.11-8.3.5.15 Manager-NS-series Release Notes McAfee Network Security Platform 8.3 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.91-8.1.3.124-2.11.9 Manager-XC-Cluster Release Notes Network Security Platform 8.1 Revision B Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

McAfee Network Security Platform 9.1

McAfee Network Security Platform 9.1 9.1.7.12-9.1.5.15 NS7x50-series Release Notes McAfee Network Security Platform 9.1 Revision A Contents About this release New features Resolved issues Installation instructions Known issues Product documentation

More information

McAfee Network Security Platform 8.1

McAfee Network Security Platform 8.1 Revision C McAfee Network Security Platform 8.1 (8.1.7.91-8.1.3.124 Manager-M-series Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

McAfee Network Security Platform 8.1

McAfee Network Security Platform 8.1 Revision A McAfee Network Security Platform 8.1 (8.1.7.105-8.1.5.219 Manager-NS-series Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.91-8.1.7.44 Manager-Virtual IPS Release Notes Network Security Platform 8.1 Revision B Contents About this release New features Enhancements Resolved issues Installation instructions Known issues

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.5-8.1.3.10 NTBA Appliance Release Notes Network Security Platform 8.1 Revision B Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Find

More information

McAfee Network Security Platform 9.1

McAfee Network Security Platform 9.1 9.1.7.49-9.1.5.20 Manager-NS-series Release Notes McAfee Network Security Platform 9.1 Revision C Contents About the release New features Enhancements Resolved issues Installation instructions Known issues

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.5-8.1.3.43 M-series Release Notes Network Security Platform 8.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product documentation

More information

McAfee Network Security Platform

McAfee Network Security Platform Revision B McAfee Network Security Platform (8.1.7.5-8.1.3.43 M-series Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product

More information

McAfee Network Security Platform 9.1

McAfee Network Security Platform 9.1 Revision A McAfee Network Security Platform 9.1 (9.1.7.63-9.1.7.12 Manager-Virtual IPS Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 8.3.7.64-8.3.3.35 Manager-M-series Release Notes McAfee Network Security Platform 8.3 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 8.3.7.64-8.3.5.47 Manager-NS-series Release Notes McAfee Network Security Platform 8.3 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues

More information

McAfee Network Security Platform

McAfee Network Security Platform Revision E McAfee Network Security Platform (9.1.7.11-9.1.3.4 Manager-M-series, Mxx30-series, XC Cluster Release Notes) Contents About this release New features Enhancements Resolved issues Installation

More information

McAfee Virtual Network Security Platform 8.4 Revision A

McAfee Virtual Network Security Platform 8.4 Revision A 8.4.7.101-8.3.7.18 Manager-Virtual IPS Release Notes McAfee Virtual Network Security Platform 8.4 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.82-8.1.7.34 Manager-Virtual IPS Release Notes Network Security Platform 8.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 8.3.7.52-8.3.5.32 Manager-NS-series Release Notes McAfee Network Security Platform 8.3 Revision C Contents About this release New features Enhancements Resolved issues Installation instructions Known issues

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.12-8.1.5.39 NS-series Release Notes Network Security Platform 8.1 Revision B Contents About this release New features Resolved issues Installation instructions Known issues Product documentation

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.13-8.1.5.75 NS-series Release Notes Network Security Platform 8.1 Revision B Contents About this release Enhancements Installation instructions Known issues Product documentation About this release

More information

McAfee Network Security Platform 8.1

McAfee Network Security Platform 8.1 8.1.7.73-8.1.5.163-3.5.82 Manager-XC-Cluster Release Notes McAfee Network Security Platform 8.1 Revision B Contents About this release New features Resolved issues Installation instructions Known issues

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.13-8.1.5.57 NS-series Release Notes Network Security Platform 8.1 Revision B Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product documentation

More information

McAfee Network Security Platform 9.2

McAfee Network Security Platform 9.2 Revision B McAfee Network Security Platform 9.2 (9.2.7.22-9.2.5.27 Manager-NS-series Release Notes) Contents About this release New features Enhancements Resolved Issues Installation instructions Known

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.3.6-8.1.3.5 M-series Release Notes Network Security Platform 8.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product documentation

More information

McAfee Network Security Platform 9.1

McAfee Network Security Platform 9.1 9.1.7.11-9.1.7.4 Manager-Virtual IPS Release Notes McAfee Network Security Platform 9.1 Revision C Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

McAfee Network Security Platform 9.2

McAfee Network Security Platform 9.2 Revision C McAfee Network Security Platform 9.2 (9.2.7.9-9.2.5.6 Manager-NS-series Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known issues

More information

McAfee Network Security Platform

McAfee Network Security Platform Revision A McAfee Network Security Platform (9.1.7.75-9.1.3.12 Manager-NTBA Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.33-8.1.3.89-2.11.9 Manager-XC-Cluster Release Notes Network Security Platform 8.1 Revision C Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.19.23-8.1.15.14 Manager-M-series FIPS Release Notes Network Security Platform 8.1 Revision A Contents About this release New features Enhancements Resolved issues Known issues Installation instructions

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.52-8.1.5.154 NS5x00-series Release Notes Network Security Platform 8.1 Revision A Contents About this release New features Resolved issues Installation instructions Known issues Product documentation

More information

McAfee Network Security Platform 9.1

McAfee Network Security Platform 9.1 Revision B McAfee Network Security Platform 9.1 (9.1.7.75-9.1.3.13 Manager-M-series, Mxx30-series, and XC Cluster Release Notes) Contents About the release New features Enhancements Resolved Issues Installation

More information

McAfee Network Security Platform 9.1

McAfee Network Security Platform 9.1 Manager Appliance (Linux) Release Notes McAfee Network Security Platform 9.1 Revision A Contents About this release What's new Enhancements Resolved issues Installation instructions Known issues Product

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.13-8.1.5.71 NS9x00-series Release Notes Network Security Platform 8.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.91-8.1.5.210 Manager-NS-series Release Notes Network Security Platform 8.1 Revision B Contents About this release New features Enhancements Resolved issues Installation instructions Known issues

More information

Network Security Platform 8.1

Network Security Platform 8.1 8.1.7.33-8.1.5.135 Manager-NS-series Release Notes Network Security Platform 8.1 Revision D Contents About this release New features Enhancements Resolved issues Installation instructions Known issues

More information

McAfee Network Security Platform

McAfee Network Security Platform McAfee Network Security Platform 9.2 (Quick Tour) McAfee Network Security Platform [formerly McAfee IntruShield ] is a combination of network appliances and software that accurately detects and prevents

More information

Network Security Platform 8.1

Network Security Platform 8.1 FIPS Release Notes Network Security Platform 8.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product documentation About this

More information

McAfee Network Security Platform Administration Course

McAfee Network Security Platform Administration Course McAfee Network Security Platform Administration Course Education Services administration course The McAfee Network Security Platform Administration course from McAfee Education Services is an essential

More information

McAfee Network Security Platform 8.1

McAfee Network Security Platform 8.1 Revision P McAfee Network Security Platform 8.1 (Upgrade Guide) COPYRIGHT Copyright 2018 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection, epolicy Orchestrator, McAfee

More information

McAfee Next Generation Firewall 5.9.1

McAfee Next Generation Firewall 5.9.1 Release Notes Revision A McAfee Next Generation Firewall 5.9.1 Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Find product documentation About

More information

Network Security Platform Overview

Network Security Platform Overview Quick Tour Revision B McAfee Network Security Platform 8.1 Network Security Platform Overview McAfee Network Security Platform [formerly McAfee IntruShield ] is a combination of network appliances and

More information

Stonesoft Management Center. Release Notes Revision A

Stonesoft Management Center. Release Notes Revision A Stonesoft Management Center Release Notes 5.10.2 Revision A Table of contents 1 About this release...3 System requirements... 3 Build version...4 Compatibility... 5 2 New features...6 3 Enhancements...

More information

McAfee Advanced Threat Defense 3.4.8

McAfee Advanced Threat Defense 3.4.8 3.4.8.178 Hotfix Release Notes McAfee Advanced Threat Defense 3.4.8 Revision A Contents About this release New Features Enhancements Resolved issues Installation and upgrade notes Known issues Product

More information

McAfee Advanced Threat Defense 3.4.4

McAfee Advanced Threat Defense 3.4.4 Release Notes McAfee Advanced Threat Defense 3.4.4 Revision B Contents About this release New Features Enhancements Resolved issues Installation and upgrade notes Known issues Product documentation About

More information

Next Generation Firewall

Next Generation Firewall Next Generation Firewall Release Notes 5.10.10 Revision A Contents About this release on page 2 Lifecycle model on page 2 System requirements on page 3 Build version on page 6 Compatibility on page 7 New

More information

NGFW Security Management Center

NGFW Security Management Center NGFW Security Management Center Release Notes 6.5.3 Revision A Contents About this release on page 2 System requirements on page 2 Build number and checksums on page 4 Compatibility on page 5 New features

More information

Stonesoft Management Center. Release Notes Revision A

Stonesoft Management Center. Release Notes Revision A Stonesoft Management Center Release Notes 5.10.5 Revision A Table of contents 1 About this release...3 System requirements... 3 Build version...4 Compatibility... 5 2 New features...6 3 Enhancements...

More information

Managing Latency in IPS Networks

Managing Latency in IPS Networks Revision C McAfee Network Security Platform (Managing Latency in IPS Networks) Managing Latency in IPS Networks McAfee Network Security Platform provides you with a set of pre-defined recommended settings

More information

NGFW Security Management Center

NGFW Security Management Center NGFW Security Management Center Release Notes 6.3.4 Revision A Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 5 New features on page 5

More information

NGFW Security Management Center

NGFW Security Management Center NGFW Security Management Center Release Notes 6.3.3 Revision A Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 5 New features on page 5

More information

NGFW Security Management Center

NGFW Security Management Center NGFW Security Management Center Release Notes 6.3.0 Revision A Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 5 New features on page 5

More information

Endpoint Intelligence Agent 2.2.0

Endpoint Intelligence Agent 2.2.0 Release Notes Endpoint Intelligence Agent 2.2.0 Revision A Contents About this release New features Resolved issues Installation instructions Known issues Find product documentation About this release

More information

NGFW Security Management Center

NGFW Security Management Center NGFW Security Management Center Release Notes 6.4.3 Revision A Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 4 New features on page 5

More information

NGFW Security Management Center

NGFW Security Management Center NGFW Security Management Center Release Notes 6.4.0 Revision B Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 4 New features on page 5

More information

NGFW Security Management Center

NGFW Security Management Center NGFW Security Management Center Release Notes 6.3.2 Revision A Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 5 New features on page 5

More information

Stonesoft Management Center. Release Notes Revision A

Stonesoft Management Center. Release Notes Revision A Stonesoft Management Center Release Notes 6.1.3 Revision A Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 4 New features on page 5 Enhancements

More information

NGFW Security Management Center

NGFW Security Management Center NGFW Security Management Center Release Notes 6.3.7 Revision A Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 5 New features on page 5

More information

McAfee Advanced Threat Defense Release Notes

McAfee Advanced Threat Defense Release Notes Revision B McAfee Advanced Threat Defense 4.2.0 Release Notes Contents About this release New features and enhancements Resolved issues Installation information Known issues Find product documentation

More information

Stonesoft Next Generation Firewall. Release Notes Revision C

Stonesoft Next Generation Firewall. Release Notes Revision C Stonesoft Next Generation Firewall Release Notes 5.10.4 Revision C Table of contents 1 About this release...3 System requirements... 3 Build version...6 Compatibility...7 2 New features...8 3 Enhancements...

More information

Stonesoft Next Generation Firewall

Stonesoft Next Generation Firewall Stonesoft Next Generation Firewall Release Notes 6.1.3 Revision B Contents About this release on page 2 Lifecycle model on page 2 System requirements on page 3 Build version on page 6 Compatibility on

More information

McAfee Network Security Platform

McAfee Network Security Platform NS9x00 Quick Start Guide Revision E McAfee Network Security Platform This quick start guide explains how to quickly set up and activate your McAfee Network Security Platform NS-series Sensor in in-line

More information

McAfee Endpoint Security

McAfee Endpoint Security Release Notes 10.5.3 Contents About this release What's new Resolved issues Installation information Known issues Getting product information by email Where to find product documentation About this release

More information

NGFW Security Management Center

NGFW Security Management Center NGFW Security Management Center Release Notes 6.4.4 Revision A Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 5 New features on page 5

More information

NGFW Security Management Center

NGFW Security Management Center NGFW Security Management Center Release Notes 6.4.5 Revision A Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 4 New features on page 5

More information

Stonesoft Next Generation Firewall. Release Notes Revision B

Stonesoft Next Generation Firewall. Release Notes Revision B Stonesoft Next Generation Firewall Release Notes 5.10.5 Revision B Table of contents 1 About this release...3 System requirements... 3 Build version...6 Compatibility...7 2 New features...8 3 Enhancements...

More information

NGFW Security Management Center

NGFW Security Management Center NGFW Security Management Center Release Notes 6.2.4 Revision A Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 4 New features on page 5

More information

NGFW Security Management Center

NGFW Security Management Center NGFW Security Management Center Release Notes 6.3.8 Revision A Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 5 New features on page 5

More information

Product overview. McAfee Web Protection Hybrid Integration Guide. Overview

Product overview. McAfee Web Protection Hybrid Integration Guide. Overview McAfee Web Protection Hybrid Integration Guide Product overview Overview The McAfee Web Protection hybrid solution is the integration of McAfee Web Gateway and McAfee Web Gateway Cloud Service (McAfee

More information

NGFW Security Management Center

NGFW Security Management Center NGFW Security Management Center Release Notes 6.3.5 Revision A Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 5 New features on page 5

More information

Trend Micro Incorporated reserves the right to make changes to this document and to the product described herein without notice. Before installing and using the product, review the readme files, release

More information

Trend Micro Incorporated reserves the right to make changes to this document and to the product described herein without notice. Before installing and using the product, review the readme files, release

More information

NGFW Security Management Center

NGFW Security Management Center NGFW Security Management Center Release Notes 6.4.7 Revision A Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 5 New features on page 5

More information

McAfee Network Security Platform 9.2

McAfee Network Security Platform 9.2 Revision F McAfee Network Security Platform 9.2 (Installation Guide) COPYRIGHT Copyright 2018 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection, epolicy Orchestrator,

More information

Stonesoft Management Center. Release Notes Revision C

Stonesoft Management Center. Release Notes Revision C Stonesoft Management Center Release Notes 6.0.0 Revision C Table of contents 1 About this release...3 System requirements... 3 Build version...4 Compatibility... 5 2 New features...6 3 Enhancements...

More information