Subscribe to Our Youtube Channel
Related Manuals for McAfee IIP-S14C-NA-100I - IntruShield 1400 Sensor Appliance
Summary of Contents for McAfee IIP-S14C-NA-100I - IntruShield 1400 Sensor Appliance
- Page 1 IntruShield Sensor 1400 Product Guide revision 8.0 McAfee® IntruShield® IPS IntruShield Security Manager (ISM) version 4.1 McAfee ® Network Protection Industry-leading intrusion prevention solutions...
- Page 2 VIRUS FORUM, VIRUSCAN, VIRUSSCAN, VIRUSSCAN (AND IN KATAKANA), WEBSCAN, WEBSHIELD, WEBSHIELD (AND IN KATAKANA) are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. The color red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners.
-
Page 3: Table Of Contents
Contents Preface ......................iv Introducing McAfee IntruShield IPS ....................iv About this guide..........................iv Contents of this guide ......................iv Audience ............................v Conventions used in this guide ..................... v Related Documentation.........................vi Contacting Technical Support .......................vi Chapter 1 An introduction to IntruShield sensors........1 What is an IntruShield sensor? ..................... -
Page 4: Preface
Preface This preface provides a brief introduction to McAfee IntruShield, discusses the information in this document, and explains how this document is organized. It also provides information such as the supporting documents for this guide and how to contact McAfee Technical Support. -
Page 5: Audience
McAfee® IntruShield® IPS 4.1 IntruShield Sensor 1400 Product Guide Audience Audience This guide is intended to be used by network technicians and maintenance personnel who are responsible for installing, configuring, and maintaining this IntruShield sensor, but not necessarily familiar with IPS-related tasks, the relationship between tasks, or the commands necessary to perform particular tasks. -
Page 6: Related Documentation
• In-line Sensor Deployment • Virtualization • IntruShield Gigabit Optical Fail-Open Bypass Kit Guide • IntruShield Gigabit Copper Fail-Open Bypass Kit Guide Contacting Technical Support If you have any questions, contact McAfee for assistance: Online Contact McAfee Technical Support http://mysupport.mcafee.com. - Page 7 Global phone contact numbers can be found at McAfee Contact Information http://www.mcafee.com/us/about/contact/index.html page. McAfee requires that you provide your GRANT ID and the serial number of Note: your system when opening a ticket with Technical Support. You will be provided...
-
Page 9: Chapter 1 An Introduction To Intrushield Sensors
TCP connections, “scrubbing” malicious packets, and even blocking attack packets entirely before they reach the intended target. Sensor platforms McAfee offers multiple sensor platforms providing different bandwidth and deployment strategies. -
Page 10: The Intrushield 1400 Sensor
Power supply . The I-1400 power supply port is located in the front of the sensor. The supply uses a standard IEC port (IEC320-C13). McAfee provides a standard, 2m NEMA 5-15P (US) power cable (3 wire). International customers must procure a country-appropriate power cable. -
Page 11: Front Panel Leds On The I-1400
McAfee® IntruShield® IPS 4.1 An introduction to IntruShield sensors IntruShield Sensor 1400 Product Guide The IntruShield 1400 Sensor Built-in internal tap (not shown) . The internal tap (used with the 10/100 ports) provide stealth mode monitoring functionality and forgo the need of an external tap or connection to a SPAN port or hub. - Page 12 McAfee® IntruShield® IPS 4.1 An introduction to IntruShield sensors IntruShield Sensor 1400 Product Guide The IntruShield 1400 Sensor Status Description Temp Green Inlet air temperature measured inside chassis is normal. (Chassis temperature OK.) Amber Inlet air temperature measured inside chassis is too hot. (Chassis temperature too hot.)
-
Page 13: Chapter 2 Before You Install
H A P T E R Before you install Sensor specifications, safety measures, unpacking a sensor This chapter describes best practices for deployment of IntruShield sensors on your network. Topics include system requirements, site planning, safety considerations for handling the sensor, and usage restrictions that apply to the sensor. I-1400 sensor specifications The following table lists the specifications of the I-1400 sensor. -
Page 14: Sensor Capacity For I-1400 Sensor
McAfee® IntruShield® IPS 4.1 Before you install IntruShield Sensor 1400 Product Guide Sensor capacity for I-1400 sensor Sensor Specifications Description Operating Relative Humidity (Non- condensing) 10%-90% non-condensing Non-operating 5% to 95% non-condensing System Heat Dissipation 341 BTU/hr 200 lfm (1 m/s) -
Page 15: Network Topology Considerations
McAfee® IntruShield® IPS 4.1 Before you install IntruShield Sensor 1400 Product Guide Network topology considerations Maximum Type I-1400 DoS Profiles SYN rate (64-byte packets per second) 64,000 ACL Rules (refer to note below) Computing the number of ACL rules utilized per sensor You can calculate the number of ACL rules being utilized per sensor by adding all the rules configured at the sensor-level, port-level, and sub-interface level. -
Page 16: Safety Measures
McAfee® IntruShield® IPS 4.1 Before you install IntruShield Sensor 1400 Product Guide Safety measures Safety measures The safety measures given below apply to all sensor models unless otherwise specified. Carefully read the following warnings before you install the product. Failure to observe these safety warnings could result in serious physical injury. -
Page 17: Usage Restrictions
• The sensor appliance is not a general purpose workstation. • McAfee prohibits the use of the sensor appliance for anything other than operating the IntruShield IPS. • McAfee prohibits the modification or installation of any hardware or software in the sensor appliance that is not part of the normal operation of the IntruShield IPS. -
Page 18: Chapter 3 Setting Up The I-1400 Sensor Prior To Configuration
H A P T E R Setting up the I-1400 sensor prior to configuration This chapter describes the process of setting up a sensor prior to configuring it via the ISM. Setup overview Setting up a sensor involves the following steps: Positioning the sensor. - Page 19 Figure 1: Attaching the mounting ears to the sensor chassis Mounting the I-1400 sensor in a rack McAfee recommends rack-mounting your sensors. The rack-mounting hardware included with the sensors is suitable for most 19-inch equipment racks and telco-type racks. For maintenance purposes, you should have access to the front and rear of the sensor.
-
Page 20: Cabling The Sensor
Connect the power cable to the sensor power supply. Connect the power cable to a power source. Powering off the sensor McAfee recommends that you use the shutdown CLI command to halt the sensor before powering it down. -
Page 21: Chapter 4 Attaching Cables To The I-1400 Sensor
Follow the steps outlined in this chapter to connect cables to the various ports on your sensor. Cabling the Console port The Console port is used for setup and configuration of the sensor. For console connections, plug the DB9 Console cable supplied by McAfee into port (labeled on the sensor front panel). Console... -
Page 22: Cabling The Response Ports
Connect the other end of the cable to the network device (for example, hub, switch, router) that in turn connects to the ISM server. To isolate and protect your management traffic, McAfee strongly Note: recommends using a separate, dedicated management subnet to interconnect the... -
Page 23: Cabling The Monitoring Ports
McAfee® IntruShield® IPS 4.1 Attaching cables to the I-1400 Sensor IntruShield Sensor 1400 Product Guide Cabling the Monitoring ports Cabling the Monitoring ports Monitoring ports connect to the network devices you will be monitoring via the sensor. You can deploy sensors in the operating modes shown in the following table. -
Page 24: Cable Types For Routers, Switches, Hubs, And Pcs
McAfee® IntruShield® IPS 4.1 Attaching cables to the I-1400 Sensor IntruShield Sensor 1400 Product Guide Cabling the Monitoring ports Default monitoring port speed settings: Monitoring Ports Operating Mode Speed/Duplex Setting SPAN Auto-negotiation is OFF; Speed and Duplex are configurable Auto-negotiation is ON;... -
Page 25: Cabling For In-Line Mode
McAfee® IntruShield® IPS 4.1 Attaching cables to the I-1400 Sensor IntruShield Sensor 1400 Product Guide Cabling for in-line mode Cabling for in-line mode Cabling the I-1400 to monitor in in-line mode In-line mode requires that you use a pair of sensor ports as described in the section Using peer ports (on page 15). -
Page 26: Cabling For Span Mode
McAfee® IntruShield® IPS 4.1 Attaching cables to the I-1400 Sensor IntruShield Sensor 1400 Product Guide Cabling for SPAN mode The total cable length of the two LAN cables connected to the two ports in Note: Tap mode (that is 1A and 1B) cannot exceed 100 meters if you want to use fail- open mode. -
Page 27: Cabling Failover Interconnection Ports For 1400 Sensor
McAfee® IntruShield® IPS 4.1 Attaching cables to the I-1400 Sensor IntruShield Sensor 1400 Product Guide Cabling failover interconnection ports for 1400 sensor Cabling failover interconnection ports for 1400 sensor Failover requires connecting two identical I-1400 sensors (same model, same software) via an interconnection cable or cables. -
Page 28: Index
front panel LEDs ............3 Index GBIC Monitoring ports speed settings ....17 10/100 ports heat requirements ............ 5 10/100 Management port ........15 10/100 Monitoring ports........17 10/100 Monitoring ports Link LED ....... 3 in-line mode ............18 10/100 Response port ........15 deployment............ - Page 29 tap mode ..............19 Temp LED ..............3 using fail-closed dongles - TAP mode....19 using peer ports ............. 16...
Need help?
Do you have a question about the IIP-S14C-NA-100I - IntruShield 1400 Sensor Appliance and is the answer not in the manual?
Questions and answers