NS9x00 Quick Start Guide Revision C
McAfee® Network Security Platform
This quick start guide explains how to quickly set up and activate your McAfee® Network Security Platform NS-series Sensor in in-line mode. All product documentation referenced in this quick start guide is found on the McAfee Service Portal. The NS9100/NS9200 Sensor model
Figure 1 Sensor front panel 1
Console port (1)
2
QSFP+ 40 Gigabit Ethernet ports (2)
3
Two slots for I/O modules (Any combination of the interface modules can be used)
4
•
QSFP+ 40 Gigabit Ethernet ports (4)
•
QSFP+ 40 Gigabit Ethernet ports (2)
•
SFP/SFP+ 1/10 Gigabit Ethernet Monitoring ports (8)
•
RJ-45 10/100/1000 Mbps Ethernet Monitoring ports (6)
RJ-45 10/100/1000 Mbps Ethernet Monitoring ports (8)
1
The supported transceiver modules are QSFP+, SFP+ (M2M and SM), SFP Fiber (MM and SM) and SFP Copper.
Figure 2 Sensor rear panel 1
USB ports (2)
4
RJ-45 100/1000/10000 Management port (Mgmt) (1)
2
Power supply A (Pwr A)
5
RJ-45 100/1000/10000 Response port (R1) (1)
3
Power supply B (Pwr B) (optional on NS9100)
6
RJ-45 Auxiliary port (Aux) (1)
The NS9300 Sensor model
Figure 3 Sensor front panel The NS9300 Sensor consists of a Primary Sensor, NS9300P, and a Secondary Sensor, NS9300S. 2
1
Console ports on the NS9300P and NS9300S Sensors (2)
2
QSFP+ 40 Gigabit Ethernet Interconnect ports (4). G0/1 and G0/2 on NS9300P Sensor and G4/1 and G4/2 on NS9300S Sensor.
3
Four slots for I/O modules (Any combination of the interface modules can be used)
4
•
QSFP+ 40 Gigabit Ethernet ports (4)
•
QSFP+ 40 Gigabit Ethernet ports (2)
•
SFP/SFP+ 1/10 Gigabit Ethernet Monitoring ports (8)
•
RJ-45 10/100/1000 Mbps Ethernet Monitoring ports (6)
RJ-45 10/100/1000 Mbps Ethernet Monitoring ports (16)
The supported transceiver modules are QSFP+, SFP+ (MM and SM), SFP Fiber (MM and SM) and SFP Copper.
Figure 4 Sensor rear panel 1
USB ports (4)
2
Power supply A (Pwr A)
3
Power supply B (Pwr B)
4
RJ‑45 100/1000/10000 Management port (Mgmt) (2). Mgmt on NS9300S Sensor is used as an interconnect port.
5
RJ‑45 100/1000/10000 Response port (R1) (2). R1 on NS9300P Sensor is used as an interconnect port.
6
RJ‑45 Auxiliary ports (Aux) (2)
3
1
Verify the contents in the box The following accessories are shipped in the NS-series Sensor crate:
2
•
Sensor
•
Power supply
•
Power cords. McAfee provides a standard and international power cables.
•
Set of rack mounting rails
•
Printed Quick Start Guide
Verify the hardware and software requirements The following hardware requirements are to be met. For more information, see the Installation Guide. The following are the system requirements for a Manager server.
OS
Minimum required
Recommended
Any of the following:
Same as the minimum required.
•
Windows Server 2008 R2 Standard or Enterprise Edition, English OS, SP1 (64 bit) (Full Installation)
•
Windows Server 2008 R2 Standard or Enterprise Edition, Japanese OS, SP1 (64 bit) (Full Installation) Only X64 architecture is supported.
Memory
4GB
8GB
CPU
Server model processor such as Intel Xeon
Same
Disk space 100GB
300GB or more
Network
100Mbps card
100/1000/10000 Mbps card
Monitor
32-bit color, 1024 x 768 display setting
1280 x 1024
The following are the system requirements for client systems connecting to the Manager application. Minimum
4
Recommended
OS
Windows 7
RAM
2 GB
4 GB
CPU
1.5 GHz processor
1.5 GHz or faster
Browser
•
Internet Explorer 8.0 or 9.0.
Internet Explorer 9.0 .
•
Mozilla Firefox 4.0 and above.
Minimum
Recommended
OS
Windows XP SP3.
RAM
1 GB
2 GB
Browser
•
Internet Explorer 7.0 or 8.0.
Internet Explorer 8.0
•
Mozilla Firefox 4.0 and above.
The following software are to be installed.
3
•
Sensor image
•
Manager image
•
Signature set
Install the slide rails Follow this procedure to assemble the slide rails and position the Sensor on it. a
Rack installation - Remove inner member from slides
a
front bracket
d
inner member
b
outer member
e
safety locking pin
c
rear bracket
f
release button
Pull the release button to remove inner member from slides.
5
b
Rack installation - Install slides to rack
Align brackets to desired vertical position on the rack and insert the fasteners. Move the ball retainer to the front of slides. Do not handle the NS-series appliance by the mounting brackets c
6
Chassis installation - Install inner member to chassis
Align inner member key holes to standoffs on chassis, move inner member following the direction the picture. d
Chassis installation - Install chassis to fixed slides
Pull the release button in the inner member to release the lock and allow the chassis to close. e
Chassis removal - Extend slides
Fully extend the slides until it is in the locked position, pull the release button to release lock and disconnect inner member from slides.
7
f
Chassis removal - Remove inner member from chassis
Press safety locking pin to release inner member from chassis. While installing NS9300, this procedure is to be followed for both the primary and the secondary Sensors.
4
Install the interface modules You can purchase the following interface modules and insert them into the relevant slots on your NS-series Sensor.
8
•
2-port QSFP+ 40 Gigabit interface module
•
4-port QSFP+ 40 Gigabit interface module
•
4-port SFP/SFP+ 10/1 Gigabit 8.5 µm (SM) interface module with internal fail-open
•
4-port SFP/SFP+ 10/1 Gigabit 50/62.5 µm (MM) interface module with internal fail-open
•
8-port SFP/SFP+ 1/10 Gigabit interface module
•
6-port RJ-45 10/100/1000 Mbps Ethernet interface module
a
Remove the module from its protective packaging.
b
Grip the sides of the module with your thumb and fore-finger and insert the module into the slot.
c
Drive in the screws fixed on the sides of the module to attach it to the Sensor.
5
Cable the Management and Console ports a Plug a Category 5e Ethernet cable in the Management port (labeled Mgmt):
b
a
on the rear panel of the NS9100 and NS9200 Sensors.
b
on the rear panel of the NS9300P Sensor.
Plug the other end of the cable into the network device connected to your Manager server.
c Plug the DB9 Console cable(s) into the Console port (labeled Console):
d
a
on the front panel of the NS9100 and NS9200 Sensors.
b
on the front panel of the NS9300P and NS9300S Sensors.
Connect the other end of the Console port cable directly to a COM port of the PC or terminal server you will be using to configure the Sensor (for example, a PC running correctly configured Windows Hyperterminal software). You must connect directly to the console for initial configuration; you cannot configure the Sensor remotely. Terminal servers are provided for console access. The required settings for Hyperterminal are:
e
•
Baud rate: 115200
•
Stop Bits: 1
•
Number of Bits: 8
•
Control Flow: None
•
Parity: None
Plug one end of the power cable into the power inlet and plug the other end into a power source. The Sensor ships with standard US power and international cables. The NS-series Sensor does not have a power switch; you need to only plug the power cable into a power source.
9
6
Cable the Monitoring ports This procedure describes how to cable a Sensor to run in In-line mode. a Plug the cable appropriate for use with your transceiver module into one of the Monitoring ports labeled x (for example, 1). b
Plug the cable appropriate for use with your transceiver module into one of the Monitoring ports labeled y (for example, 2).
c
Connect the other end of each cable to the network devices that you want to monitor. (For example, if you plan to monitor traffic between a switch and a router, connect the cable connected to 1 to the router and the one connected to 2 to the switch.) On the NS9300P Sensor, do not use ports G0/1 and G0/2 and on the NS9300S Sensor, do not use ports G4/1 and G4/2. These ports are reserved for interconnection between the NS9300P and NS9300S Sensors.
10
7
Cable the Interconnect ports This procedure describes how to connect the NS9300P Sensor to the NS9300S Sensor. a
Plug the supplied 40G Direct Attach cable into port G0/1 of the NS9300P Sensor and connect the other end of the cable into port G4/1 of the NS9300S Sensor.
b
Plug the supplied 40G Direct Attach cable into port G0/2 of the NS9300P Sensor and connect the other end of the cable into port G4/2 of the NS9300S Sensor.
c
Plug the supplied cable into the Response port (R1) of NS9300P Sensor and connect the other end of the cable into the Management port (Mgmt) port of the NS9300S Sensor.
11
8
Install the Manager Software For detailed instructions, refer to McAfee Network Security Platform Installation Guide. You must have administrator privileges on the target Windows server to install the Manager software. A MySQL database is included with the Manager and is installed (embedded) automatically on your target Windows server during this process. Following steps briefly explain the Manager installation:
9
a
Prepare the system according to the requirements outlined in McAfee Network Security Platform Installation Guide and the McAfee Network Security Platform Release Notes.
b
Close all open applications.
c
Go to McAfee Update Server (https://menshen.intruvert.com/) and log on, using the grant number and password.
d
Go to Manager Software Updates folder and select the latest Manager software version available.
e
Download the zip file to the target Windows server and extract the setup file.
f
Double-click Manager__setup.exe and follow the on screen prompts.
Start the Manager Click Start | Programs | McAfee | Network Security Manager | Network Security Manager.
10 Add the Sensor to the Manager The Manager displays the Logon page. a
Log on to the Manager using the default username (admin) and password (admin123).
b
Click Configure.
c
To add a Sensor in the Manager, click Device List | Devices, and then click New. You do not require a license file to enable IPS on NS-series Sensors.
12
The Add New Device page is displayed.
d
Enter the following mandatory information in the appropriate fields. 1)
Device Name The Sensor name must begin with a letter. The maximum length of the name is 25 characters.
2)
Device Type Specifies the type of device to be added. Select IPS or NAC Sensor.
3)
Shared Secret The shared secret must be a minimum of 8 characters and maximum of 25 characters in length. The key cannot start with an exclamation mark nor can have any spaces. The parameters that you can use to define the key are: •
26 alphabets: upper and lower case (a,b,c,...z and A, B, C,...Z)
•
10 digits: 0 1 2 3 4 5 6 7 8 9
•
32 symbols: ~ ` ! @ # $ % ^ & * ( ) _ + ‑ = [ ] { } \ | ; : " ' , .
