Network Security Platform 8.1

8.1.7.52-8.1.5.154 NS5x00-series Release Notes Network Security Platform 8.1 Revision A Contents About this release New features Resolved issues Installation instructions Known issues Product documentation About this release This document contains important information about the current release. We strongly recommend that you read the entire document. This maintenance release of Network Security Platform is to introduce the new NS5x00-series Sensor models. Network Security Manager software version: 8.1.7.52 Signature Set: 8.7.61.4 NS-series Sensor software version: 8.1.5.154 This Manager release is to only support the new NS5x00-series, namely the NS5100 and NS5200 Sensors. Hence, upgrade the Manager to version 8.1.7.52 only if you are using the NS5x00-series Sensors. This release is for NS5200 and NS5100 Sensor models. For NS9x00-series and NS7x00-series, McAfee recommends that you use Sensor software version 8.1.5.135. 1

This version of 8.1 Manager software can be used to configure and manage the following hardware: 7.1 and 8.1 NS9x00-series Sensors 8.1 NS7x00-series and NS5x00-series Sensors 8.1 Virtual IPS Sensors 7.1 and 8.1 M series and Mxx30-series Sensors 7.1 and 8.1 XC Cluster Appliances 7.1 and 8.1 NTBA Appliance software (Physical and Virtual) 7.1 I-series Sensors Currently port 4167 is used as the UDP source port number for the SNMP command channel communication between Manager and Sensors. This is to prevent opening up all UDP ports for inbound connectivity from SNMP ports on the sensor. Older JRE versions allowed the Manager to bind to the same source port 4167 for both IPv4 and IPv6 communication. But with the latest JRE version 1.7.0_85, it is no longer possible to do so, and the Manager uses port 4166 as the UDP source port to bind for IPv6. Manager 8.1 uses JRE version 1.7.0_85. If you have IPv6 Sensors behind a firewall, you need to update your firewall rules accordingly such that port 4166 is open for the SNMP command channel to function between those IPv6 Sensors and the Manager. New features This release of Network Security Platform includes the following new features. Introducing Network Security Sensors: NS5100 and NS5200 This release of 8.1 introduces McAfee's next generation Network Security Platform hardware, NS series Sensor models NS5100 and NS5200. The NS5200 and NS5100 Sensor models that provide 1Gbps and 600 Mbps throughput respectively. The NS series Sensors are flexible enough to adapt to the security needs of any enterprise environment. When deployed at key network access points, they provide real time monitoring on high traffic loads to detect malicious activity and respond to the malicious activity as configured by the administrator. The NS5x00 Sensors are 1RU units equipped with the following components: Pluggable Transceiver modules McAfee's IAC SFTSR FOT 10 Gbps enhanced 850nm SFP+ transceivers are designed for use in 10 Gigabit Ethernet links over multimode fiber McAfee's IAC SFTLR FOT 10 Gbps enhanced 1310nm SFP+ transceivers are designed for use in 10 Gigabit Ethernet links up to 10 km over single mode McAfee's ITV-2KSG-NA-100 1 Gbps 850nm SFP transceivers are designed for use in 1 Gigabit Ethernet links over multimode fiber McAfee's ITV-2MLG-NA-100 1 Gbps 1310nm SFP transceivers are designed for use in 1 Gigabit Ethernet links up to 10 km over single mode Two fixed SFP/SFP+ 1/10 fiber Gigabit or SFP 1 Gbps copper Ethernet ports 2

Twelve fixed SFP 1 Gbps copper or fiber Gigabit Ethernet ports Eight RJ 45 10/100/1000 Mbps Ethernet Monitoring ports One Console port Up to 1 Gbps Support on Management and Response ports One RJ-45 10/100/1000 Management port One RJ-45 10/100/1000 Response port External USB ports for Storage/Rescue application DB9/Serial Console Baud Rate 115200 One RJ-11 port for fail-open control of two built-in SFP+ ports in slot G0 Six RJ-11 port for external passive fail-open control of twelve built-in SFP ports in slot G1 The front and rear panel LEDs provide status information for the health of the Sensor and the activity on its ports. Diagnostics for field replacement The 10/100/1000 Mbps Fail Open Kit and the 1 Gigabit Fail Open Kits are supported on the NS5x00 Sensors, NTBA is supported on the NS5x00 Sensors. Unsupported features The following features are not supported on the NS5x00-series Sensors for this release: Traffic management QoS policies/rate limiting VLAN bridging Resolved issues These issues are resolved in this release of the product. For a list of issues fixed in earlier releases, see the Release Notes for the specific release. Resolved Manager software issues This release of the Manager software is to support the new NS-series hardware namely, NS5100 and NS5200. This release does not contain resolved issues for any previously known issues. Resolved Sensor software issues This is the first release of the NS5100 and NS5200 Sensors. Hence, there are no resolved issues applicable. 3

Installation instructions Manager server/client system requirements The following table lists the 8.1 Manager server requirements: Operating system Minimum required Any of the following: English operating system, SP1 (64-bit) (Full Installation) Japanese operating system, SP1 (64-bit) (Full Installation) Windows Server 2012 Standard Edition (Server with a GUI) English operating system Windows Server 2012 Standard Edition (Server with a GUI) Japanese operating system Windows Server 2012 R2 Standard Edition (Server with a GUI) English operating system Windows Server 2012 R2 Standard Edition (Server with a Windows Server 2012 R2 Datacenter Edition (Server with a GUI) English operating system Windows Server 2012 R2 Datacenter Edition (Server with a Only x64 architecture is supported. Recommended Same as the minimum required. Memory 8 GB 8 GB or more CPU Server model processor such as Intel Xeon Same Disk space 100 GB 300 GB or more Network 100 Mbps card 1000 Mbps card Monitor 32-bit color, 1440 x 900 display setting 1440 x 900 (or above) The following are the system requirements for hosting Central Manager/Manager server on a VMware platform. 4

Table 4-1 Virtual machine requirements Component Minimum Recommended Operating system Any of the following: English operating system, SP1 (64-bit) (Full Installation) Japanese operating system, SP1 (64-bit) (Full Installation) Windows Server 2012 Standard Edition (Server with a GUI) English operating system Windows Server 2012 Standard Edition (Server with a Windows Server 2012 R2 Standard Edition (Server with a GUI) English operating system Windows Server 2012 R2 Standard Edition (Server with a Windows Server 2012 R2 Datacenter Edition (Server with a GUI) English operating system Windows Server 2012 R2 Datacenter (Server with a Only X64 architecture is supported. Same as minimum required. Memory 8 GB 8 GB or more Virtual CPUs 2 2 or more Disk Space 100 GB 300 GB or more Table 4-2 VMware ESX server requirements Component Minimum Virtualization software ESXi 5.0 ESXi 5.1 ESXi 5.5 CPU Memory Internal Disks Intel Xeon CPU ES 5335 @ 2.00 GHz; Physical Processors 2; Logical Processors 8; Processor Speed 2.00 GHz Physical Memory: 16 GB 1 TB 5

The following table lists the 8.1 Manager client requirements when using Windows 7, Windows 8, or Windows 10: Operating system Minimum Windows 7 English or Japanese Windows 8 English or Japanese Windows 8.1 English or Japanese Windows 10 English or Japnese The display language of the Manager client must be same as that of the Manager server operating system. Recommended RAM 2 GB 4 GB CPU 1.5 GHz processor 1.5 GHz or faster Browser Internet Explorer 9, 10 or 11 Mozilla Firefox Google Chrome in not supported since the NPAPI plug-in is disabled by default and will not be supported by Google going forward. This means that Java applet support is also disabled by default. Internet Explorer 11 Mozilla Firefox 41.0.2 or above For the Manager client, in addition to Windows 7 and Windows 8, you can also use the operating systems mentioned for the Manager server. The following table lists the 8.1 Central Manager / Manager client requirements when using Mac: Mac operating system Lion Mountain Lion Browser Safari 6 or 7 For more information, see McAfee Network Security Platform Installation Guide. Upgrade recommendations McAfee regularly releases updated versions of the signature set. Note that automatic signature set upgrade does not happen. You need to manually import the latest signature set and apply it to your Sensors. The following is the upgrade matrix supported for this release: Component Manager/Central Manager software This Manager release is to only support the new NS5x00-series, namely the NS5100 and NS5200 Sensors. Hence, upgrade the Manager to version 8.1.7.52 only if you are using the NS5x00-series Sensors. NS5x00-series Sensor software Minimum Software Version 7.1 7.1.5.15 7.5 7.5.5.11 8.1 8.1.7.5, 8.1.7.13, 8.1.7.33 This is the first release of the Sensor software. Hence, upgrade is not applicable. 6

Known issues For a list of known issues in this product release, see this McAfee KnowledgeBase article: Manager software issues: KB81373 NS-series Sensor software issues: KB82173 Product documentation Every McAfee product has a comprehensive set of documentation. Find product documentation 1 Go to the McAfee ServicePortal at http://mysupport.mcafee.com and click Knowledge Center. 2 Enter a product name, select a version, then click Search to display a list of documents. The related documents available with NS5x00 software are: NS5x00 Sensor Quick Start Guide CLI Guide NS5x00 Sensor Product Guide IPS Administration Guide Installation Guide Integration Guide Upgrade Guide Best Practices Guide Manager Administration Guide Copyright 2015 McAfee, Inc. www.intelsecurity.com Intel and the Intel logo are trademarks/registered trademarks of Intel Corporation. McAfee and the McAfee logo are trademarks/ registered trademarks of McAfee, Inc. Other names and brands may be claimed as the property of others. 0A-00