McAfee Network Security Platform

Similar documents
McAfee Network Security Platform

Manager Appliance Quick Start Guide

Manager Appliance Installation Guide Revision B. McAfee Network Security Platform

Installing the IPS 4345 and IPS 4360

Installing the Cisco Unified Videoconferencing 3545 MCU

Juniper Secure Analytics Quick Start Guide

Hardware Guide. McAfee MVM3200 Appliance

Dell Storage Center. Getting Started Guide. SCv2000 and SCv2020 Storage System. Regulatory Model: E09J, E10J Regulatory Type: E09J001, E10J001

Hardware Guide. McAfee Advanced Threat Defense 4.0.0

Setting Up Your Cisco Unified Videoconferencing 3515 MCU

Install your TPS 440T and 2200T security devices

Installing IDS Introducing IDS-4215 CHAPTER

Switched Rack Power Distribution Unit

Cascade Express Installation Guide. Version 8.2 March 2009

McAfee Network Security Platform

Cascade Sensor Installation Guide. Version 8.2 March 2009

QUICK START GUIDE 7000 SERIES DEVICES. 3D7010/7020/7030 (Chassis: CHRY-1U-AC) 3D7115/7125, AMP7150 (Chassis: GERY-1U-4C8S-AC)

NGFW Security Management Center Appliance. for Forcepoint Next Generation Firewall Hardware Guide. Revision B

Installing IDS 4215 CHAPTER. This chapter describes IDS 4215 and how to install it. It also describes the accessories and how to install them.

Setting Up Your Cisco Unified Videoconferencing 3500 Gateway

QUICK START GUIDE 7000 SERIES DEVICES

Installation and Configuration Guide

DX Application Acceleration Platform Quick Start

1 Getting Started Installing & Configuring

Dell MD1280 Storage Enclosure Getting Started Guide

N3150 Installation and Setup Instructions

Before you begin. Installation and Setup Instructions for E-Series 60-Drive Trays. Unpack & Prepare. Install Hardware. Connect Hardware.

DX 32xx and DX 36xx Quick Start

IBM Systems. Quick start guide for IBM System p5 505 ( )

Installing the Cisco SFS 3504 Server Switch

Dell SC460 Expansion Enclosure Getting Started Guide

Installing and Managing the Switch

N3240 Installation and Setup Instructions

Product Overview. Cisco ME 6524 Ethernet Switch (ME-C6524GS-8S) CHAPTER

Before you begin. Unpack & Prepare. Install Hardware. Connect Drive Trays. Apply Power. Connect Data Hosts. Choose Management Method

Network Security Platform Overview

VTRAK E-Class/J-Class Quick Start Guide

How to Set Up Your SRX300 Services Gateway

IndigoVision Enterprise NVR-AS 4000 Linux Appliance. Quick Start Guide

How to Set Up Your SRX4100 Services Gateway

Citrix NetScaler 10 Quick Start Guide: MPX 5500 Platform

Quick start guide for p5 520 ( )

24-Port Gigabit with 4 Optional 10G Slots. Layer 3 Managed Stackable Switch XGS Quick Installation Guide

Installing the IPS 4260

HP UPS R/T3000 G2. Overview. Precautions. Kit contents. Installation Instructions

Before you begin. Unpack & Prepare. Install Hardware. Connect Hardware. Apply Power. Choose Management Method. Install & Use SANtricity Software

48-Port 10/100/1000Base-T with 4 Shared SFP. Managed Gigabit Switch WGSW Quick Installation Guide

N3220 Installation and Setup Instructions

McAfee Network Security Platform

How to Set Up Your SRX340 Services Gateway

Management Security Switch SGSD-1022 / SGSD-1022P SGSW-2840 / SGSW-2840P. Quick Installation Guide

Rack Installation Instructions

E-Series Site Preparation Guide

Dell SC7020 Storage Controller Getting Started Guide

Dell SC5020 and SC5020F Storage Systems Getting Started Guide

TRC-190 User s Manual

28-Port 10/100/1000Mbps with. 4 Shared SFP Managed Gigabit Switch WGSW / WGSW-28040P. Quick Installation Guide

SCOPIA 100 MCU Quick Start

GigaStor Upgradeable 2U. User Guide

Quick start guide for i5 520 ( or )

16-SLOT IN-BAND MANAGEMENT CHASSIS

How to Set Up Your SRX550 High Memory Services Gateway

SCv360 Expansion Enclosure

16/24/48-Port 10/100/1000T + 2/4-Port 100/1000X SFP Managed Switch GS T2S/GS T2S/GS T4S. Quick Installation Guide

Initial Configuration for the Switch

16/24-Port 10/100/1000T 802.3at PoE + 2-Port 100/1000X SFP Managed Switch GS P2S GS P2S. Quick Installation Guide

StorNext M440 Site Planning Guide

Cisco MCS 7845-H1 Unified CallManager Appliance

Before you begin. Unpack & Prepare. Install Hardware. Connect Drive Shelves. Apply Power. Connect Data Hosts. Connect Ethernet Cables

HPE Intelligent Power Distribution Unit Installation Instructions

Sun StorageTek SL48 Tape Library Getting started

XenData SXL- 4200N Archive System: Getting Started & Library Operation Basics. Document last updated: November 30, 2017.

Cisco MCS 7825-I1 Unified CallManager Appliance

Dell SCv3000 and SCv3020 Storage System Getting Started Guide

SAS to SAS/SATA JBOD Subsystem. User Manual. Revision 1.1

Before you begin. Unpack & Prepare. Install Hardware. Connect Drive Shelves. Apply Power. Connect Data Hosts. Connect Ethernet Cables

1.2 Intel Server Chassis SC5400BASE Summary

Power Enclosure Components

64 Bays SAS to SAS/SATA JBOD Subsystem. User Manual. Revision 1.0

24-Port 100/1000X SFP + 4-Port 10G SFP+ Managed. Metro Ethernet Switch MGSW-28240F. Quick Installation Guide

Quick Start. This document describes how to install the Juniper Networks PTX5000 Packet Transport

24-Port 10/100/1000Mbps with. 4 Shared SFP Managed Gigabit Switch

Sidewinder. Hardware Guide Models S1104, S2008, S3008. Revision E

SAS to SAS/SATA JBOD Subsystem. User Manual. Revision 1.1

4-Post and Universal Telco Frame (UTF) Rack Mount Kit Installation Instructions

Installing IDS-4235 and IDS-4250

G3-APEX-ENT-32T. Apex technical specifications. Parts list

Deploy a Customer Site

ReadyNAS OS 6 Rack-Mount Hardware Manual

Configuring the Switch with the CLI Setup Program

HP UPS R/T3000 ERM. Overview. Precautions. Installation Instructions

48-Port 10/100Mbps + 4 Gigabit TP / 2 SFP. Managed Switch WGSW Quick Installation Guide

Cisco TelePresence Video Communication Server. Getting started

Power Xpert Meter 2000 Gateway Card Kit

Privileged Access Appliance Hardware Installation

Power Xpert Meter 2000 Gateway Card Kit

Sun StorageTek SL24 Tape Autoloader Getting started

D-Link (Europe) Ltd. 4 th Floor Merit House Edgware Road London HA7 1DP U.K. Tel: Fax:

Dell EMC Storage MD1280 Enclosure Owner's Manual

Raritan PXE. Quick Setup Guide. Safety Precautions. Before You Begin. Mounting the PXE. Unpacking the PXE. Zero U Size. 1U Size

Transcription:

NTBA Appliance T-1200 and T-600 Quick Start Guide Revision C McAfee Network Security Platform This guide is a high-level description of how to install and configure McAfee Network Threat Behavior Analysis Appliance T-1200 and T-600. For more detailed installation information, refer to the NTBA Administration Guide. 1 Verify the shipment Check for these contents that are shipped with the McAfee Network Threat Behavior Analysis Appliance (NTBA Appliance). NTBA Appliance Accessory kit containing: NTBA Appliance Quick Start Guide Lockable front bezel with key Power cords (2) Console cable (1) System diagnostic USB flash drive System restore (recovery / image re-installation) USB flash drive Tool-less slide rail (2) Chassis cable management arm If any of the contents from the preceding list are missing or damaged, contact McAfee support at http:// mysupport.mcafee.com. 2 Download documentation Download the product documentation for the NTBA Appliance. 1 Go to McAfee ServicePortal at http://support.mcafee.com and click Knowledge Center. 2 Enter a product name, select a version, then click Search to display list of documents. 1

3 Download these documents. McAfee Network Threat Behavior Analysis Release Notes McAfee Network Threat Behavior Analysis Administration Guide 3 Install the mounting rails Position the mounting rails correctly and install them at same levels. a At the front of the rack, position one of the mounting rails so that its mounting bracket aligns with the required rack holes. Clip the rail into the rack. Figure 1 Slide rail installation b c d e At the back of the rack, pull the back mounting-bracket (extending the mounting rail) so that it aligns with the required rack holes. Clip the rail to the rack and secure it. Repeat these steps to secure the second mounting rail to the rack. Make sure that the mounting rails are at the same level on each side of the rack. Make sure that you follow the safety warnings. When identifying where you want the NTBA Appliance to go in the rack, remember that you should always load the rack from the bottom up. If you are installing multiple NTBA Appliances, start with the lowest available position first. Install the NTBA Appliance in the mounting rails 1 With help from another person, lift the NTBA Appliance so that the side rails at the back of the NTBA Appliance are aligned with the mounting rails in the rack, then push the NTBA Appliance into the mounting rails until it stops. Lifting the NTBA Appliance and attaching it to the rack is a two-person job. 2 Use a screwdriver to fix a screw through the front and back rack holes to secure the system to the rack. 3 Attach the provided cable management arm if required. 4 Attach the lockable bezel to protect the front panel if required. 2

4 Front panel features and indicators T-1200 The front panel features and indicators of NTBA Appliance T-1200 are as follows: Figure 2 Front panel T-1200 Item Description 0-11 Hard Drive Bays (12) 12 Front Control Panel Front Control Panel options 1 Power button with integrated indicator light 2 Hard Drive Activity indicator light 3 System ID button integrated with indicator light 4 System Cold Reset button 5 System NIC 4 Activity indicator light 6 System NIC 3 Activity indicator light 7 Non-maskable interrupt (NMI) button 8 System Status indicator light 9 System NIC 2 Activity indicator light 10 System NIC 1 Activity indicator light (Management port) 3

5 Back panel features and indicators T-1200 The T-1200 NTBA Appliance has three collection ports and one management port. For cabling, use ports 1 to 10 in the back panel. The collection ports connect to the network infrastructure that generates the NetFlow data from the routers and McAfee Network Security Sensor (Sensor)s. The three collection ports can be used to distribute the NetFlow data from different routers and Sensors. The management port connects to a network device that in turn connects to the Manager. The NTBA Appliance is managed through the Manager. Figure 3 Back panel T-1200 Item Description 1 Power supply 1 2 Power supply 2 3 Management port (1) 4-6 Collection ports (3) 7 Video connector 8 Console port 9 USB ports (3) 10 Remote Management Module (RMM4 NIC) port 11 Add-in card slots 4

6 Front panel features and indicators T-600 The front panel features and indicators of NTBA Appliance T-600 are as follows: Figure 4 Front panel T-600 Item Description 0-3 Hard drive bays (4) 4 Front Control Panel 5 USB ports (2) 6 Video connector Front Control Panel options 1 System ID button integrated with indicator light 2 Non-maskable interrupt (NMI) button 3 System NIC 1 Activity indicator light (Management port) 4 System NIC 3 Activity indicator light 5 System Status indicator light 6 Power button with integrated indicator light 7 Hard Drive Activity indicator light 8 System Cold Reset button 9 System NIC 4 Activity indicator light 10 System NIC 2 Activity indicator light 5

7 Back panel features and indicators T-600 The T-600 NTBA Appliance has three collection ports and one management port. For cabling, use ports 1 to 10 in the back panel. Figure 5 Back panel T-600 Item Description 1 Power supply 1 2 Power supply 2 3 Management port (1) 4-6 Collection ports (3) 7 Video connector 8 Console port 9 USB ports (3) 10 Remote Management Module (RMM4 NIC) port 11 Add-in card slots 8 Hardware specifications These are the hardware specifications for T-1200 and T-600. Table 1 Hardware specifications Appliance model T-1200 T-600 Form factor 2U 1U Width 17.244 in (438 mm) 17.244 in (438 mm) Depth 27.87 in (707.8 mm) 27.93 in (709.37 mm) Height 3.45 in (87.6 mm) 1.7 in (43.2 mm) Maximum weight 21.6 kg (47.65 lbs) 14.96 kg (33 lbs) Redundant power supply 750W 750W Estimated inlet power utilization (worst case scenario) 666W 402W Quiescent power utilization (@ 120V) 230W 140W Flows per second (fps) 100000 60000 6

9 Environmental requirements These are the system level operating and non-operating environmental limits. Table 2 NTBA Appliance environmental requirements Parameter Limits Environment Operating Temperature +10 C to +35 C with the maximum rate of change not to exceed 10 C per hour Non- Operating Temperature -40 C to +70 C Non- Operating Humidity 50% to 90%, non-condensing at 35 C Acoustic noise Shock, operating Shock, unpackaged Shock, packaged Vibration, unpackaged Vibration, packaged ESD, Air Discharged ESD, Contact Discharge System Cooling Requirement in BTU/Hr Sound power: 7.0 BA in an idle state at typical office ambient temperature. (23 +/- 2 C) Half sine, 2 g peak, 11 milliseconds Trapezoidal, 25 g, velocity change 136 inches/second ( 40 lbs to <80 lbs) Non-palletized free fall in height 18 inches ( 40 lbs to <80 lbs) 5 Hz to 500 Hz, 2.20 g RMS random 5 Hz to 500 Hz, 1.09 g RMS random 12 kv 8 kv T-1200: 2280 BTU/Hr T-600: 1370 BTU/Hr 10 Connect the console ports a b Plug a console cable (RJ45 to DB9 serial) to the console port at the back panel of the NTBA Appliance. Connect the other end of the cable directly to the serial port of the PC or Terminal Server you will be using to configure the NTBA Appliance (for example, a PC running correctly configured Windows HyperTerminal software.) 7

You must connect directly to the console for initial configuration. You can't configure the NTBA Appliance remotely. The required settings for HyperTerminal are: Name Setting Baud rate 115200 Number of Bits 8 Parity Stop Bits 1 Control Flow None None The procedure for cabling the console port of NTBA Appliance T-1200 and T-600 is similar. 11 Connect the power cables Connect one end of the power cable to the NTBA Appliance. Plug the other end of the power cable into a grounded electrical outlet or a separate power source such as an uninterrupted power supply (UPS) or a power distribution unit (PDU). When you connect power to the appliance, the appliance will immediately turn on and boot up. 12 Install the Manager software a b c Prepare the system according to the requirements outlined in the McAfee Network Security Platform Installation Guide and McAfee Network Security Platform Release Notes. Close all open applications. Insert the Manager CD into the appropriate drive of the Windows server that you want to use as your Manager server. Follow the instructions in the Installation Wizard as it guides you through the entire process. You must have administrator rights on the target Windows server to install the Manager software. A MySQL database is included with the Manager and is installed (embedded) automatically on your target Windows server during this process. 8

13 Add the NTBA Appliance to the Manager Adding an NTBA Appliance to the Manager enables the Manager to accept communication from a physically installed and network-connected Appliance. After communication has been established, the Manager allows editing of the Appliance configuration. The alert data is available in the Attack Log and Report queries. You can add a device by selecting Devices <Admin Domain Name> Global Add and Remove Devices but it is recommended to use the Add Device Wizard to add all devices (except Virtual HIP Sensors) and to establish the trust between the Manager and the device. a The Add Device Wizard window is displayed after the Manager Initialization Wizard is completed. McAfee recommend to first add an Appliance to the Manager. Select Devices <Admin Domain Name> Global Add Device Wizard. The Preparation page is displayed. b Click Next. The Add New Device page is displayed. c Enter the device name. The name must begin with a letter and can contain alphanumeric characters, hyphens, underscores and periods. The length of the name is not configurable. d e Select the Device Type as NTBA Appliance. Enter the Shared Secret (repeat at Confirm Shared Secret). The device name and shared secret are case-sensitive. The Device Name and Shared Secret must also be entered on the device command line interface (CLI) during physical installation and initialization. If not, the Appliance will not be able to register itself with the Manager. The shared secret must be a minimum of 8 characters in length: the length of the shared secret is not configurable. The shared secret cannot start with an exclamation mark or have any spaces. The characters that can be used while creating a shared secret are as follows: 26 alpha: upper and lower case (a,b,c,...z and A, B, C,...Z) 10 digits: 0 1 2 3 4 5 6 7 8 9 32 symbols: ~ `! @ # $ % ^ & * ( ) _ + - = [ ] { } \ ; : " ',. <? / f g h For a NTBA Appliance, the Updating mode is set to Online. [Optional] Enter the Contact Information and Location. Click Next. The Trust Establishment page is displayed. 9

i Follow the instructions on the page to complete the command line interface (CLI) setup and click Check Trust. Using the command line interface (CLI), enter the necessary information for the Appliance identification and communication as described in the McAfee Network Security Platform Installation Guide. If you set up the NTBA Appliance first, after the Manager addition, you need to return to the Appliance to reset the shared secret key and begin Appliance-to-Manager communication. j Click Next. The Next button is enabled once the trust between the Appliance and the Manager is established. The Port Settings page is displayed. By default, the collection ports are disabled. k Enable the ports and modify settings. Click Save and then Next. The General Settings page is displayed. l Configure NTBA Appliance settings for collection ports. Click Next. The DNS Settings page is displayed. m By default global settings are inherited. If you wish, modify the DNS server details. Click Next. The Exporters page is displayed. n Add a router exporter that will forward records to the NBA Sensor for processing and click Next. To add a IPS exporter, go to IPS devices. The Inside Zones page is displayed. o Add a new inside zone or edit the default inside zones. Click Next. The Outside Zones page is displayed. p Add a new outside zone or edit the default outside zone. Click Next. The Update Configuration page is displayed. q Click Update to deploy configuration on the device. This might take some time. The Update Status bar displays 100% complete. r Click Finish. On the Devices tab, under the Device drop-down list, the NTBA Appliance is added. From Global Add and Remove Devices option, you can also view the added Appliance. 14 Set up NTBA Appliance a b Plug a console cable (RJ45 to DB9 serial) to the console port at the back panel of the NTBA Appliance. Connect the other end of the cable directly to the serial port of the PC or Terminal Server you are using to configure the NTBA Appliance. (For example, a PC running correctly configured Windows HyperTerminal software.) 10

The required settings for HyperTerminal are: Name Setting Baud rate 115200 Number of Bits 8 Parity None Stop Bits 1 Control Flow None c d e f Run the HyperTerminal. At the logon prompt, log on to the NTBA Appliance using the default user name admin and password admin123. At the Press Y to start the setup now or N to do it later prompt, enter Y. Set and confirm a setup password. Wait for some time to configure the NTBA Appliance. At the Please enter the sensor name prompt, enter the name of the NTBA Appliance. The values between <> characters are to be entered by the user, excluding the <> characters. Example: ntba_appliance_1 The NTBA Appliance name is a case-sensitive alphanumeric character string up to 25 characters. The string must begin with a letter and can include hyphens. underscores, periods but not spaces. The NTBA Appliance name typed here should be identical to the one entered against Device Name in the Add New Device page of the Manager. g At the Please enter the sensor IP(A.B.C.D) prompt, type the management port IP address of the NTBA Appliance. Specify a 32-bit address written as four eight-bit numbers separated by periods as in <A.B.C.D>, where A, B, C, or D is an eight-bit number between 0-255. Example: 10.213.173.237 Setting the IP address for the first time during the initial configuration of the NTBA Appliance does not require an NTBA Appliance reboot. Subsequent changes to the IP address however, require reboot for the change to take effect. h At the Please enter the sensor subnet mask(a.b.c.d) prompt, type the management port subnet mask of the Appliance. <A.B.C.D> represents the subnet mask. Example: 255.255.255.0 i j At the Please enter the manager primary IPv4 address(a.b.c.d) prompt, type the IPv4 address of the Manager server. Example: 192.34.3.2 (Optional) At the Press Y to configure manager secondary IP address prompt, type Y if you wish to set a Manager secondary IP address. By default, this is set to N. 11

k At the Please enter the sensor default gateway(a.b.c.d) prompt, type the IP address. Use the same convention as for the Sensor IP address. Note that you should be able to ping the gateway. The gateway should be reachable. Example: 192.34.2.8 l m n o Make sure you have set a shared secret key on the Manager for this Sensor. At the Please enter shared secret key prompt, type the shared secret key value. This value is used to establish a trust relationship between the NTBA Appliance and the Manager. Type the same shared secret key value that you typed in the Add New Device page of the Manager. The NTBA Appliance prompts you to verify the value. Make sure that the configuration settings to this point have successfully established the NTBA Appliance on the network. Type the value again and press ENTER. You can change the NTBA Appliance password by using the passwd command. A password must be between 8 and 25 characters, is case-sensitive, and can consist of any alphanumeric character or symbol. McAfee strongly recommends that you choose a password with a combination of characters that is easy for you to remember but difficult for someone else to guess. 15 Verify successful NTBA Appliance configuration You can check whether the NTBA Appliance is configured and is available by executing the following actions: Verification process You can check the NTBA Appliance configuration as follows: At the NTBA Appliance console type status. The status information of the NTBA Appliance is displayed. This includes information on whether the NTBA Appliance is initialized and its health status. At the NTBA Appliance console type show. The system information is displayed. This includes information on system uptime and the status of the Management port link. To exit the session, type exit. To view or configure the settings of the collection ports for the NTBA appliance, you access the configuration page in Devices <Admin Domain Name> Devices <Device Name> Setup Physical Ports. Download the latest NTBA Appliance software a b Select Manager <Admin Domain Name> Updating Download Device Software. The Download Device Software page is displayed. Select the latest software listed under Software Available for Download and click Download. The Download Status window is displayed. 12

c Click Close Window once the download is complete. The downloaded software is listed under Software on the Manager in the Download Device Software page as also in the Deploy Device Software page (Devices <Admin Domain Name> Devices <NTBA Appliance> Maintenance Deploy Device Software). Upgrade NTBA Appliance software You need to upgrade to the latest available version from the Manager. a b c Select Devices <Admin Domain Name> Devices <NTBA Appliance> Maintenance Deploy Device Software. The Deploy Device Software page is displayed. Select the latest software listed under Software Ready for Installation and click Upgrade. The Download Status page is displayed. Click Close Window once the download is complete. 13

14

15

Copyright 2017 McAfee, LLC McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the US and other countries. Other marks and brands may be claimed as the property of others. 16 700-4259C00

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback