McAfee® IntruShield® IPS 4.1
M-8000 Sensor Product Guide
Cable types for routers, switches, hubs, and PCs
The cabling instructions in this chapter
Note:
sensor monitoring port.
Cabling for in-line
The Gigabit Ethernet ports fail closed, meaning they stop the flow of traffic if the
sensor fails. To allow traffic to flow uninterrupted, you must use special hardware and
cable the sensor for fail-open functionality. For instructions, see the section later in
this chapter.
To connect the M-8000's Gigabit Ethernet ports so they fail closed:
1
2
3
Cabling for TAP mode
The M-8000 sensor's Gigabit Ethernet ports must be used with a 3rd party external
tap.
Note:
https://mysupport.mcafee.com
External tap mode requires a port pair (for example, 1A and 1B).
To connect the sensor to the devices you want to monitor in external tap mode:
Monitoring Ports
Operating Mode
In-line
•
Use a crossover Ethernet RJ-45 cable to connect a router port to the
10/100/1000 copper SFP Monitoring ports.
•
Use a straight-through Ethernet RJ-45 cable to connect a switch/hub port to
10/100/1000 copper SFP Monitoring ports.
•
Use a crossover Ethernet RJ-45 cable to connect a router port to PC to the
sensor Management port.
You should also use a crossover Ethernet RJ-45 cable to connect a PC to the
Plug the cable appropriate for use with your Gigabit Ethernet into one of the ports
labeled xA (for example, 1A).
Plug another cable into the peer of the port used in Step 1. This port will be
labeledxB (for example, 1B).
Connect the other end of each cable to the network devices that you want to
monitor. (For example, if you plan to monitor traffic between a switch and a
router, connect the cable connected to 1A to the switch and the one connected to
1B to the router.)
For a list of approved 3rd party vendors, see the KnowledgeBase at
Attaching Cables to the M-8000
Speed/Duplex Setting
Auto-negotiation is ON
21
Cabling for in-line