Table of Contents
Advertisement
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for McAfee NS Series
Summary of Contents for McAfee NS Series
- Page 1 Revision A McAfee Network Security Platform (NS9500 Sensor Product Guide)
- Page 2 TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection, ePolicy Orchestrator, McAfee ePO, McAfee EMM, Foundstone, McAfee LiveSafe, McAfee QuickClean, Safe Eyes, McAfee SECURE, SecureOS, McAfee Shredder, SiteAdvisor, McAfee Stinger, True Key, TrustedSource, VirusScan are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the US and other countries.
-
Page 3: Table Of Contents
Attaching cables to the Sensor Connect the cable to the Console port ......29 McAfee Network Security Platform... - Page 4 Remove a license from the Manager ......Troubleshooting the Sensor Sensor technical specifications McAfee Network Security Platform...
-
Page 5: About Network Security Sensors
Network Security Manager (Manager). The process of configuring a Sensor and establishing communication with the Manager is described in subsequent chapters of this guide. For the details about the Manager, see the McAfee Network Security Platform Manager Administration Guide. Contents... -
Page 6: Deployment Of An Ns-Series Sensor
) servers required to protect your network. The Sensor is purpose-built for the monitoring of traffic across one or more network segments. ® Following is an example of a network topology using Gigabit Ethernet throughput. In the illustration, McAfee Network Security Platform (formerly McAfee IntruShield ) provides IPS protection to outsourced servers. -
Page 7: Ns-Series Physical Description
SFP/SFP+ 1/10 Gigabit Ethernet Monitoring ports (8) • RJ-45 10/100/1000 Mbps Ethernet Monitoring ports (6) • RJ-45 100/1000/10000 Gigabit Ethernet Monitoring ports (4) • 1/10 Gigabit Ethernet Monitoring ports (4) RJ-45 100/1000/10000 Mbps Ethernet Monitoring ports (4) McAfee Network Security Platform... -
Page 8: Sensor Leds
The port speed is 100 Mbps. Gigabit Ports Link Green The link is up. The link is down. RJ45 FailOpen/ Green The port pair is in Inline Fail-Open/Inline Fail-Close/Span/Tap Mode. Bypass The Port Pair is in the Bypass Mode. McAfee Network Security Platform... - Page 9 Response Port Speed Green The port speed is 10000 Mbps. Amber The port speed is 1000 Mbps. Response Port Link/Act Green The link is up. Blinking Green Data is received or transmitted. The link is down. McAfee Network Security Platform...
- Page 10 NS-series physical description Sensor LEDs McAfee Network Security Platform...
-
Page 11: Before You Install
McAfee prohibits the use of the Sensor appliance for anything other than operating Network Security Platform. • McAfee prohibits the modification or installation of any hardware or software on the Sensor appliance that is not part of the normal operation of Network Security Platform. Safety measures Please read the following warnings before you install the Sensor. -
Page 12: About Fiber-Optic Ports
Sensor. Contents of the box The following accessories are shipped in the NS-series Sensor crate: • Sensor • Power supply (x2) • Power cords. McAfee provides a standard and international power cables. McAfee Network Security Platform... -
Page 13: Unpack The Sensor
11 Pull out the packing material surrounding the Sensor. 12 Remove the Sensor from the antistatic bag. 13 Save the box and packing materials for later use in case you need to move or ship the Sensor. McAfee Network Security Platform... - Page 14 Before you install Unpack the Sensor McAfee Network Security Platform...
-
Page 15: Setting Up The Sensor
Place the Sensor in a physically secure location, close to the switches or routers it will be monitoring. Ideally, the Sensor should be located within a standard communications rack. To mount the Sensor on a rack, you will attach two mounting rails to the Sensor as described in the subsequent sections of this guide. McAfee Network Security Platform... -
Page 16: Install The Slide Rails And Rack Mount The Sensor
Install the front end of each slide cabinet section to rack using the slide tool-less features. The tool-less latch rotates when the bracket is pressed up against the rack rails. Align, adjust, and attach the rear brackets to the rack rail. McAfee Network Security Platform... - Page 17 With the chassis unit in fully closed position, secure using two truss head screws. Drive the screws through the inner member flange and through the rack rails. The screws thread directly to the cabinet slide members. Tighten the screws. McAfee Network Security Platform...
- Page 18 Setting up the Sensor Install the slide rails and rack mount the Sensor McAfee Network Security Platform...
-
Page 19: Ns-Series Interface Modules
Remove an interface module 2-port QSFP28 100 Gigabit Network Interface Module The 2-port QSFP28 (Quad Small Form-Factor Pluggable 28) Network Interface Module provides 100 Gigabit Ethernet performance on each port. Figure 5-1 2-port QSFP28 100 Gigabit interface module McAfee Network Security Platform... -
Page 20: 2-Port Qsfp+ 40 Gigabit Network Interface Module
Figure 5-2 2-Port QSFP+ 40 Gigabit interface module 4-port QSFP+ 40 Gigabit Network Interface Module The 4-port QSFP+ (Quad Small Form-Factor Pluggable Plus) Network Interface Module provides 40 Gigabit Ethernet performance on each port. Figure 5-3 4-port QSFP+ 40 Gigabit interface module McAfee Network Security Platform... -
Page 21: 4-Port 10/1 Gige Sm 8.5 Μm With Internal Fail-Open Network Interface Module
4-port 10/1 GigE MM 50 µm with internal fail-open Network Interface Module The 4-port MM 50 µm Network Interface Module provides internal fail-open capability with 10/1 Gigabit Ethernet performance on each port. Figure 5-5 4-port 10/1 GigE SM 50 µm with internal fail-open interface module McAfee Network Security Platform... -
Page 22: 4-Port 10/1 Gige Mm 62.5 Μm With Internal Fail-Open Network Interface Module
Figure 5-7 4-port RJ-45 10 Gbps/1 Gbps/100 Mbps interface module 6-port RJ-45 10/100/1000 Mbps Network Interface module The 6-port RJ‑45 Network Interface Module provides 10/100/1000 Mbps Ethernet performance on each port. Figure 5-8 6-port RJ-45 10/100/1000 Mbps interface module McAfee Network Security Platform... -
Page 23: 8-Port Sfp/Sfp+ 1/10 Gigabit Network Interface Module
Grip the sides of the module with your thumb and forefinger and insert the module into the slot. Figure 5-10 Install an interface module Drive in the screws fixed on the sides of the module to attach it to the Sensor. Turn on the Sensor. Establish trust between the Sensor and the Manager. McAfee Network Security Platform... -
Page 24: Install The Interface Module On An Up And Running Sensor
Perform these steps if you need to remove an interface module. Task Disconnect the network fiber optic cable from the module. Remove the transceivers from the module. Unscrew the interface modules to detach them from the Sensor. Place the module into its protective packaging. McAfee Network Security Platform... - Page 25 SFP optical interfaces are less than half the size of GBIC interfaces. To ensure compatibility, McAfee supports only those SFP, SFP+, QSFP+ and QSFP28 modules purchased through McAfee or from a McAfee-approved vendor. For a list of approved vendors, locate the relevant KnowledgeBase article at http://mysupport.mcafee.com/Eservice/. Click Search the KnowledgeBase.
-
Page 26: Small Form-Factor Pluggable Transceiver Modules Sfp Transceiver Modules
The enhanced small form-factor pluggable ( SFP+ ) is an enhanced version of the SFP that supports data rates up to 10 Gbps. 850nm SFP+ 1310nm SFP+Transceiver modules are supported. Figure 6-2 850nm SFP+ transceiver module Figure 6-3 1310nm SFP+ transceiver module McAfee Network Security Platform... -
Page 27: Qsfp+ Transceiver Modules
Remove the module from its protective packaging. Locate the label on the module and make sure that the alignment groove is down. Grip the sides of the module with your thumb and forefinger and insert the module into the module socket. McAfee Network Security Platform... -
Page 28: Remove A Transceiver Module
Disconnect the network fiber-optic cable from the module. Release the module from the slot by pulling the bail clasp out of its locked position. Slide the module out of the slot. Insert the module plug into the module optical bore for protection. McAfee Network Security Platform... -
Page 29: Attaching Cables To The Sensor
The Console port on the NS-series Sensor is used for setup and configuration of the Sensor. Task For console connections, plug the DB9 Console cable supplied by McAfee into the Console port on the Sensor. This port is labeled Console in the Sensor front panel. -
Page 30: Connect The Cable To The Management Port
Plug the other end of the cable into the network device connected to your Manager server. To isolate and protect your management traffic, McAfee strongly recommends you to use a separate, dedicated management subnet to interconnect the Sensors and the Manager. -
Page 31: Cable Types For Routers, Switches, Hubs, And Computers
Sensor to external active fail-open kits. For instructions, see the subsequent sections of this chapter. This section provides the steps to connect the Sensor's Gigabit Ethernet ports so they fail-close. McAfee Network Security Platform... -
Page 32: Connect The Cables For Tap Mode
To deploy the Sensor in tap mode, you must use a Sensor's Gigabit Ethernet Monitoring port pair with a third-party external tap. For a list of McAfee-approved third party vendors, see the KnowledgeBase at http://mysupport.mcafee.com/ Eservice/. Click Search the KnowledgeBase and locate the relevant KnowledgeBase article. -
Page 33: Connect The Cables For Sensor Fail-Open
• For distances up to 3m, purchase QSFP28 DAC from external source • For distances greater than 3m, purchase 40G SR4 transceivers from McAfee and fiber cables from external source Task Plug the cable(s) appropriate for use with your QSFP+ or QSFP28 module into port G0/1 (NS9500) of the active NS-series Sensor. -
Page 34: Turning The Sensor On And Off
The Sensor has no power switch. The Sensor turns on as soon as one of its power cables is connected to a power source. McAfee recommends that you use the shutdown CLI command to halt the Sensor before turning it off. For more information on CLI commands, see McAfee Network Security Platform CLI Guide for specific Sensor software version you are running. -
Page 35: Add License To The Manager
The Assign License pop-up window opens. Click the Assign To drop down and select the Sensor. Click Assign to assign the license to the Sensor. You must reboot the device for the changes to take effect. McAfee Network Security Platform... -
Page 36: Unassign A License From A Sensor
Click Other Actions | Remove. Click Ok. Once a license is removed from the Manager, the Sensor to which the license was assigned will not be able to deploy pending changes, including new signature sets and policy updates. McAfee Network Security Platform... -
Page 37: Troubleshooting The Sensor
The system fault "Switch The Active Fail-Open Kit is Check the Active Fail-Open Kit and make sure it is absent" appears in the disconnected. properly connected to the Sensor. Manager Status page. McAfee Network Security Platform... - Page 38 Troubleshooting the Sensor McAfee Network Security Platform...
-
Page 39: Sensor Technical Specifications
FCC Part 15 Subpart B Class A (USA); CAN ICES-3 Class A (Canada); EN 55022, EN 55032, EN 55024, EN61000-3-2, EN61000-3-3 (Europe and International); VCCI Class A (Japan); AS/NZS CISPR 32 (Australia and New Zealand); CNS 13438 (Taiwan); GB 9254-2008 (China); KN32 and KN35 (South Korea); GB 17625.1 (China) McAfee Network Security Platform... - Page 40 Sensor technical specifications McAfee Network Security Platform...
- Page 41 0A00...
Need help?
Do you have a question about the NS Series and is the answer not in the manual?
Questions and answers