Sign In
Upload
Manuals
Brands
McAfee Manuals
Firewall
Network Security Platform
McAfee Network Security Platform Manuals
Manuals and User Guides for McAfee Network Security Platform. We have
4
McAfee Network Security Platform manuals available for free PDF download: Configuration Manual, Installation Manual, Deployment Manual, Manual
McAfee Network Security Platform Configuration Manual (259 pages)
IPS Configuration Guide VERSION 5.1
Brand:
McAfee
| Category:
Firewall
| Size: 6.82 MB
Table of Contents
Table of Contents
3
About the Guide
5
Audience
5
Introducing Mcafee Network Security Platform
5
Preface
5
Conventions Used in this Guide
6
Related Documentation
7
Contacting Technical Support
8
Chapter 1 Overview of IPS Settings
9
Configuring and Setting Rule-Based Policies
9
Responding to Detected Attacks
10
Packet Logging
10
Sensor Actions
11
Setting Notification for Attacks
11
How Network Security Platform Calculates Severity Level
12
Attack Categories and Severity Range
12
Chapter 2 Managing IPS Settings
14
Viewing Assigned Policies
14
Configuring and Managing Policies
15
Managing Policies with IPS Policy Editor
16
Managing Policies with Reconnaissance Policy Editor
46
Policy Assignment
54
Managing HTTP Response Scanning
56
Configuring Advanced Policies
58
Configuring Non-Standard Ports
59
Managing Rule Sets with the Rule Set Editor
61
Managing Attack Responses Using GARE
73
User-Defined Signatures Action
73
Setting up Global Auto Acknowledgement
74
Using the Incident Generator Service
75
Exporting and Importing Policies
82
Managing Alert Filters and Attack Responses
86
Using the Alert Filter Editor
86
Alert Filter Assignments
90
Exporting Alert Filters
92
Importing Alert Filters
92
Setting up Acls
93
Configuring ACL Rules
93
ACL Syslog Forwarder
107
XML Converter Tool for ACL Rules
109
Using L3 Acls for Fragmented Traffic
110
Enabling Secure Socket Layer (SSL) Decryption
112
Enabling SSL Decryption in IPS Settings Node
113
Importing SSL Keys to the Sensors
114
Managing the Imported SSL Keys of Sensors
115
IPS Quarantine Settings
116
IPS Quarantine Configuration in Policy Editors
117
IPS Quarantine Configuration in Admin Domain
123
IPS Quarantine Settings in the Threat Analyzer
131
Archiving Data
136
Viewing Scheduled Actions
136
Archiving Alerts and Packet Logs
136
Scheduling Automatic Archival
138
Restoring an Archive
139
Exporting an Archive
141
Archiving Alerts Using Dbadmin.bat
141
Restoring Alerts Using Dbadmin.bat
142
Manager Database Maintenance
144
Capacity Planning
144
Alert Data Pruning
148
Manager Pruning
150
Setting up Alert Notifications
151
Viewing Alert Notification Details
151
Forwarding Alerts to an SNMP Server
152
Forwarding Alerts to a Syslog Server
154
Specifying Email or Pager Parameters
158
Specifying Script Parameters
160
Updating the Configuration of All Sensors
162
Chapter 3 The IPS Sensor_Name Node
164
IPS Sensor Settings
164
Policies at Sensor_Name Level
164
Alert Filter Assignments
165
Managing HTTP Response Scanning
168
Viewing the Dos Detection Status of a Sensor
170
Configuring Advanced Scanning
171
Managing Non-Standard Ports
172
Creating an Interface Group
172
Managing Dos Learning Mode Profiles
173
Managing Dos Filters
176
Configuring TCP Settings
177
Configuring IP Settings for Ipv4 and Ipv6 Traffic
180
Configuring Alert Suppression with Packet Log Response
184
OS Fingerprinting
186
Configuring ACL Rules in the IPS Sensor
188
Assigning ACL Rules in the IPS Sensor
189
Editing ACL Log Settings
194
Enabling IP Address Spoofing Detection
196
Traffic Management
198
Configuring Traffic Management
199
Precedence in Traffic Management
207
Considerations in Rate Limiting
208
Network Scenarios for Traffic Management
211
Enabling SSL Decryption
212
Configuring SSL Decryption in the IPS Sensor
213
Managing the Imported SSL Keys of a Sensor
214
Configuring at the Interface Level
216
IPS Quarantine Settings in the IPS Sensor
217
Summary of Sensor Configurations for IPS Quarantine
217
NAC ACL Logging in the Sensor for IPS Quarantine
218
Sensor Port Settings for IPS Quarantine
219
Setting Policy for Interfaces and Sub-Interfaces
221
Using Virtualization for Policy Application
221
The IPS Sensor Interface Node
221
Configuring General Interface Settings
222
Scanning Policies at the Interface Level
229
Adding Acls on the Interface
241
IPS Sensor Sub-Interface Node
242
Chapter 4 Understanding Attack Descriptions
250
Impact Categories
251
Impact Subcategories
252
Index
258
Advertisement
McAfee Network Security Platform Installation Manual (76 pages)
VERSION 6.0
Brand:
McAfee
| Category:
Firewall
| Size: 1.95 MB
Table of Contents
Table of Contents
3
Conventions Used in this Book
5
Introducing Mcafee Network Security Platform
5
Preface
5
Related Documentation
6
Contacting Technical Support
7
Chapter 1 About Network Security Platform
9
Network Security Platform Components
9
About Mcafee Network Security Sensor
9
Manager Components
12
Mcafee Update Server
14
Chapter 2 About Network Security Central Manager
16
Chapter 3 Preparing for the Manager Installation
17
Pre-Requisites
17
General Settings
17
Other Third-Party Applications
18
Browser Display Settings (Windows)
18
Server Requirements
18
Manager Installation with Local Service Account Privileges
20
Client Requirements
20
Java Runtime Engine Requirements
20
Database Requirements
21
Pre-Installation Recommendations
21
Planning for Installation
21
Functional Requirements
22
Using Anti-Virus Software with the Manager
22
User Interface Responsiveness
23
Downloading the Manager/Central Manager Executable
24
Chapter 4 Installing the Manager/Central Manager
25
Installing the Manager
25
Installing the Central Manager
36
Chapter 5 Starting the Manager/Central Manager
38
Accessing the Manager from a Client Machine
38
Java Installation for Client Systems
39
Logging Onto the Manager
39
Logging Onto the Central Manager
40
Authenticating Access to the Manager Using CAC
41
Shutting down the Manager/Central Manager Services
43
Closing All Client Connections
44
Shutting down Using the Network Security Platform System Tray Icon
44
Shutting down Using the Control Panel
45
Chapter 6 Adding a Sensor
47
Before You Install Sensors
47
Network Topology Considerations
47
Safety Measures
47
Usage Restrictions
48
Unpacking the Sensor
49
Cable Specifications
49
Network Security Platform Fail-Closed Dongle Specification
50
Console Port Pin-Outs
50
Auxiliary Port Pin-Outs
50
Response Port Pin-Outs
51
Monitoring Port Pin-Outs
52
Configuring a Sensor
53
Configuration Overview
53
Establish a Sensor Naming Scheme
53
Communication between the Sensor and the Manager
54
Configuring the Sensor
54
Adding a Sensor to the Manager
56
Verifying Successful Configuration
57
Changing Sensor Values
58
Adding a Secondary Manager IP
59
Removing a Secondary Manager IP
59
Device Licenses
60
Importing a Device License
60
Manually Assigning a Device License
61
Chapter 7 Configuring the Update Server
63
Specifying the Update Server Authentication
63
Specifying a Proxy Server for Internet Connectivity
64
Manually Importing a Software Image or Signature Set
65
Downloading Software Updates
65
Downloading Signature Set Updates
68
Automating Updates
70
Automating Signature Set Downloads from the Update Server
70
Automatically Deploy New Signature Sets to Your Devices
71
Chapter 8 Uninstalling the Manager/Central Manager
73
Uninstalling Using Add/Remove Programs
73
Uninstalling Via Script
74
Index
76
McAfee Network Security Platform Deployment Manual (36 pages)
Deployment Guide
Brand:
McAfee
| Category:
Firewall
| Size: 0.44 MB
Table of Contents
Table of Contents
3
About this Guide
4
Audience
4
Conventions Used in this Guide
4
Introducing Mcafee Network Security Platform
4
Preface
4
Related Documentation
5
Contacting Technical Support
7
Chapter 1 Getting Started
8
Deciding Where to Deploy Sensors and in What Operating Mode
8
Setting up Your Sensors
9
Establish Sensor-To-Manager Communication
11
Viewing and Working with Data Generated by Network Security Platform
12
Configuring Your Deployment Using the Manager
12
Updating Your Signatures and Software
13
Tuning Your Deployment
14
Chapter 2 Planning Network Security Platform Installation
15
Pre-Deployment Considerations
15
What Is the Size of Your Network
15
How Many Access Points Are There between Your Network and the Extranets or Internet
16
Where Are the Critical Servers that Require Protection Within Your Network
16
How Complex Is Your Network Topology
16
How Much Traffic Typically Crosses Your Network
17
Where Are Your Security Operations Located
18
Where Should I Deploy Sensors
18
Chapter 3 Sensor Deployment Modes
20
Flexible Deployment Options
20
Multi-Port Sensor Deployment
20
Supported Deployment Modes
20
Full-Duplex and Half-Duplex Monitoring
22
Deploying Sensors in In-Line Mode
22
Fail-Open Versus Fail-Closed
24
Deploying Sensors in Tap Mode
25
Deploying the Sensors with FE Ports in Internal Tap Mode
26
Deploying Sensors with GE Ports in External Tap Mode
27
Shifting from Tap Mode to In-Line Mode
28
SPAN Port and Hub Monitoring
28
SPAN Port and Hub Monitoring
29
High-Availability
29
Understanding Failover in Network Security Platform
30
Interface Groups
31
Chapter 4 Deployment Scenarios
33
Deployment Flexibility
33
Deployment Scenario for Beginners
33
Deployment Scenario for Intermediate Users
34
Deployment Scenario for Advanced Users
34
Index
36
Advertisement
McAfee Network Security Platform Manual (32 pages)
Network Protection
Brand:
McAfee
| Category:
Firewall
| Size: 0.34 MB
Table of Contents
Table of Contents
3
About this Guide
5
Conventions Used in this Guide
5
Introducing Mcafee Network Security Platform
5
Preface
5
Related Documentation
6
Contacting Technical Support
7
Chapter 1 What Is Inline Mode
9
Benefits of Running Inline
9
Chapter 2 Inline Deployment Walkthrough
11
Chapter 3 Determine Your High Availability Strategy
12
Failover, or High-Availability
12
Fail-Open or Fail-Closed Functionality
13
Chapter 4 Install and Cable the Sensor
14
Cable the Fast Ethernet Monitoring Ports
15
Cable the Gigabit Ethernet Monitoring Ports
15
Cable a Failover Pair
15
Configure the Sensor Monitoring Ports
16
About Sensor Port Configuration
16
Chapter 5 Failover: Configure Two Sensors in Inline Mode
19
Create a Failover Pair
19
Download Configuration, Signature Set, and Software Updates to the Sensor
20
Chapter 6 Configure Policies
21
Tune Your Policies
21
About False Positives and "Noise
22
Incorrect Identification
22
Correct Identification; Significance Subject to Usage Policy
22
Correct Identification; Significance Subject to User Sensitivity (also Known as Noise)
22
Chapter 7 Block Attacks
24
Methods for Blocking Attacks
24
Block Exploit Traffic
24
How Blocking Works for Exploit Traffic
25
Verify Dropped Exploit Attacks Using the Threat Analyzer
25
Block Dos Traffic
25
How Blocking Works for Dos Traffic
26
Verify Blocked Dos Attacks Using the Threat Analyzer
26
Drop Dos Attacks from the Threat Analyzer
26
Block Using Acls
26
Utilize Traffic Normalization
27
Blocking Based on Configured TCP & IP Settings
28
Blocking of IP-Spoofed Packets
28
Chapter 8 Troubleshooting
29
Verify that Traffic Is Flowing through the Sensor
29
Verify Failover Pair Creation Success
29
Show
29
Status
29
Show Failover-Status
30
Downloadstatus
30
Index
31
Advertisement
Related Products
McAfee Network Security Platform 6.0
McAfee Network Security Platform 6.1
McAfee PASCDE-AB-IA - Policy Auditor For Servers
McAfee PSMCDE-AB-AA - PortalShield For Microsoft SharePoint Server External Connection Option
MCAFEE VIRUSSCAN PLUS 2009
MCAFEE VIRUSSCAN PLUS 2008
McAfee SiteAdvisor Enterprise Plus 3.0
McAfee Policy Auditor 6.0
McAfee 1650
McAfee 3650
McAfee Categories
Software
Firewall
Accessories
Network Hardware
Server
More McAfee Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL