Product guide

ManualsBrandsMcAfee ManualsOtherM-2750 - Network Security Platform

M-2750 Sensor Product Guide

Revision B

McAfee

Network Security Platform

Summary of content (38 pages)

PAGE 1
M-2750 Sensor Product Guide Revision B McAfee® Network Security Platform
PAGE 2
COPYRIGHT Copyright © 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee, the McAfee logo, McAfee Active Protection, McAfee DeepSAFE, ePolicy Orchestrator, McAfee ePO, McAfee EMM, Foundscore, Foundstone, Policy Lab, McAfee QuickClean, Safe Eyes, McAfee SECURE, SecureOS, McAfee Shredder, SiteAdvisor, McAfee Stinger, McAfee Total Protection, TrustedSource, VirusScan, WaveSecure are trademarks or registered trademarks of McAfee, Inc.
PAGE 3
Contents 1 2 Preface 5 About this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . What's in this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Find product documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 4
Contents Connect the cables for tap mode . . . . . . . . . . . . . . . . . . . . . . . . . . . Connect the cables for SPAN or hub mode . . . . . . . . . . . . . . . . . . . . . . . . Cable the failover interconnection . . . . . . . . . . . . . . . . . . . . . . . . . . . About the fail-open hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 5
Preface This guide provides the information you need to configure, use, and maintain your McAfee product. Contents About this guide Find product documentation About this guide This information describes the guide's target audience, the typographical conventions and icons used in this guide, and how the guide is organized. Audience McAfee documentation is carefully researched and written for the target audience.
PAGE 6
Preface Find product documentation What's in this guide This guide contains information necessary to setup your M-2750 Sensor model. This information includes guiding you through preconfiguring, cabling, and troubleshooting your Sensor. Find product documentation McAfee provides the information you need during each phase of product implementation, from installation to daily use and troubleshooting. After a product is released, information about the product is entered into the McAfee online KnowledgeBase.
PAGE 7
1 Introducing Network Security Sensors This section describes the McAfee® Network Security Sensors at a high-level and also describes the McAfee® M-2750 Network Security Sensor (Sensor) in detail. Sensors are high-performance, scalable, and flexible content processing appliances built for the accurate detection and prevention of intrusions, misuse, distributed denial of service (DDoS) attacks, and network access control(NAC) of hosts.
PAGE 8
1 Introducing Network Security Sensors M-2750 physical description Ports on the Sensor M-2750 Sensor is a 2RU (2 rack unit) and is equipped with the following components: Figure 1-1 M-2750 Sensor front panel Item Description 1 RJ-45 10/100/1000 Management port (1) 2 RS-232C Console port (1) 3 RS-232C Auxiliary port (1) 4 RJ-11 Fail-Open Control ports (10) 5 SFP One Gigabit Ethernet Monitoring ports (20) 6 External Compact Flash port (1) 7 Front panel LEDs (4) Figure 1-2 M-2750 Sensor bac
PAGE 9
Introducing Network Security Sensors M-2750 physical description 5 1 Twenty small form-factor pluggable (SFP) 1 Gigabit Monitoring ports, which enable you to monitor ten Ethernet segments In-Line. If you choose to run in failover mode, port 10A is used to interconnect with a standby M-2750 Sensor. The gigabit ports of the M-2750 running in in-line mode fail-close, meaning that if the Sensor fails, it will interrupt/block data flow. Refer to the Gigabit Fail-Open Bypass Kit Guide for more information.
PAGE 10
1 Introducing Network Security Sensors M-2750 physical description Region in the image LEDs represented here 3 Back panel fan LEDs 4 Management Port Speed, Management Port Link, Response Port Speed, Response Port Link 5 Gigabit Ports (SFP) Act, Gigabit Ports (SFP) Link 6 Fail-Open Control Port FO, Fail-Open Control Port Err 7 Bypass LEDs The front panel LEDs provide status information for the health of the Sensor and the activity on its ports.
PAGE 11
Introducing Network Security Sensors M-2750 physical description LED Status Description Management Port Speed Green 1 The port speed is 1000 Mbps. Amber The port speed is 100 Mbps. Management Port Link Response Port Speed Off The port speed is 10 Mbps. Green The link is connected. Off The link is disconnected. Green The port speed is 1000 Mbps. Amber The port speed is 100 Mbps.
PAGE 12
1 Introducing Network Security Sensors M-2750 physical description 12 McAfee® Network Security Platform M-2750 Sensor Product Guide
PAGE 13
2 Before you install This chapter describes the best practices for deployment of Sensors on your network. Topics include system requirements, site planning, safety considerations for handling the Sensor, and usage restrictions that apply to the Sensor model.
PAGE 14
2 Before you install Working with fiber-optic ports • This equipment is intended to be grounded. Ensure that the host is connected to earth ground during normal use. • Do not remove the outer shell of the Sensor. Doing so will invalidate your warranty. • Do not operate the system unless all cards, faceplates, front covers, and rear covers are in place.
PAGE 15
Before you install Unpack the Sensor 2 Unpack the Sensor Task 1 Place the Sensor box as close to the installation site as possible. 2 Position the box with the text upright. 3 Open the top flaps of the box. 4 Remove the accessory box within the Sensor box. 5 Verify you have received all parts. These parts are listed on the packing list and in Contents of the Sensor box. 6 Remove the Slide Rail Kit. 7 Pull out the packing material surrounding the Sensor.
PAGE 16
2 Before you install Unpack the Sensor 16 McAfee® Network Security Platform M-2750 Sensor Product Guide
PAGE 17
3 Setting up the Sensor This chapter describes the process of setting up a Sensor to prepare it for configuration. Contents Setup overview Position the Sensor Redundant power supply Cable the Sensor Small form-factor pluggable modules Power on the Sensor Power off the Sensor Setup overview Setting up a Sensor involves the following steps: Task 1 Positioning the Sensor. 2 Installing interface modules (SFP). 3 Attaching power, network, and monitoring cables. 4 Powering on the Sensor.
PAGE 18
3 Setting up the Sensor Position the Sensor Install the rails and ears on the chassis and rack Before you begin Before you install the rails and ears on the chassis, make sure that power is OFF. Remove the power cable and all network interface cables from the Sensor. Each rack-mounting rail and ear has holes that match up with holes in the chassis. You will need a screwdriver to secure the slotted panhead screws.
PAGE 19
Setting up the Sensor Redundant power supply 3 Remove a Sensor from the rack Because of the weight of the appliance, McAfee recommends that two people remove the chassis from the rail cabinet. When removing the chassis from the rack, pull chassis forward until you hear the innermost rails snap in place. On each side of the rails, press in the release button as pictured below and continue pulling the chassis.
PAGE 20
3 Setting up the Sensor Cable the Sensor 3 Place the power supply in the slot with the cable outlet facing front and on the left side of the faceplate. Figure 3-3 Power supply units of the Sensor 4 Slide in the power supply until it makes contact with the backplane, then push firmly to mate the connectors solidly with the backplane. For true redundant operation with the optional redundant power supply, McAfee recommends that you plug each supply into a different power circuit.
PAGE 21
Setting up the Sensor Small form-factor pluggable modules 3 Small form-factor pluggable modules The Sensor uses two types of small form-factor pluggable modules as shown in the following table. Type Performance SFP 10/100/1000 Mbps (copper) 1 Gbps (fiber optic) Each module is a hot-swappable input/output device that plugs into an LC-type Gigabit Ethernet port, linking the module port with a copper or fiber-optic network. SFP optical interfaces are less than half the size of GBIC interfaces.
PAGE 22
3 Setting up the Sensor Power on the Sensor 3 Locate the label on the module and ensure that the alignment groove is down. 4 Grip the sides of the module with your thumb and forefinger and insert module into the module socket. Modules are keyed to prevent incorrect insertion. Figure 3-5 SFP module in the Sensor Monitoring port Remove a module Task 1 Disconnect the network cable from the module. 2 Release the module from the slot by pulling the bail-clasp out of its locked position.
PAGE 23
Setting up the Sensor Power off the Sensor 3 Task 1 Connect the power cable to the Sensor power supply. 2 Connect the power cable to a power source. The Sensor has no power switch. It powers on as soon as one of its power cable is connected to a power source. Power off the Sensor McAfee recommends that you use the shutdown CLI command to halt the Sensor before powering it down. For more information on CLI commands, see McAfee Network Security Platform CLI Guide.
PAGE 24
3 Setting up the Sensor Power off the Sensor 24 McAfee® Network Security Platform M-2750 Sensor Product Guide
PAGE 25
4 Attaching cables to the Sensor Follow the steps outlined in this chapter to connect cables to the various ports on your Sensor.
PAGE 26
4 Attaching cables to the Sensor Cable the Auxiliary port Cable the Auxiliary port The Auxiliary port is used for modem access to the Sensor for setup and configuration. You cannot use a modem the first time you configure a Sensor. Task 1 For modem connections, plug a straight-through modem cable into the Auxiliary port on the Sensor. This port is labeled as Aux on the Sensor front panel. 2 Connect a modem to the Aux port. 3 Connect a telephone line to the modem.
PAGE 27
4 Attaching cables to the Sensor Cable the Monitoring ports Cable the Monitoring ports Connect to the network devices you will be monitoring through the Sensor Monitoring ports. You can deploy Sensors in the following operating modes: • In-line mode (fail-closed) • SPAN or Hub mode • In-line mode (fail-open) • Failover • External tap mode How to use peer ports All full-duplex Sensor deployment modes require the use of two peer monitoring ports on the Sensor.
PAGE 28
4 Attaching cables to the Sensor Cable for in-line Cable types for routers, switches, hubs, and PCs This section describes the types of cables that you require to connect the Sensor to other network devices: • Use a crossover Ethernet RJ-45 cable to connect a router port to the 10/100/1000 copper SFP Monitoring ports. • Use a straight-through Ethernet RJ-45 cable to connect a switch/hub port to 10/100/1000 copper SFP Monitoring ports.
PAGE 29
Attaching cables to the Sensor Connect the cables for SPAN or hub mode 3 Connect the other end of each cable to the tap. 4 Connect the network devices that you want to monitor to the tap. 4 Connect the cables for SPAN or hub mode For the Sensor, monitoring in SPAN or hub mode occurs in in-line fail-open mode. When you monitor in SPAN or hub mode, you use only single ports.
PAGE 30
4 Attaching cables to the Sensor About the fail-open hardware The Monitoring ports on M-2750 fail-close; thus, if the Sensor is deployed in-line, a hardware failure results in network downtime. Fail-open operation for the Monitoring ports requires the use of the optional external Bypass Switch provided in the Kit. With the Bypass Switch in place, normal Sensor operation supplies power to the switch through a control cable.
PAGE 31
5 Troubleshooting the Sensor This section provides the solution to some of the common installation problems. Problem Possible Cause Solution LED is off. The control cable has been disconnected. Check the control cable and ensure it is properly connected to both the Sensor and the Bypass Switch. LED is off. The Sensor is powered off. Restore Sensor power. LED is off. The Sensor port cable is disconnected. Check the Sensor cable connections.
PAGE 32
5 Troubleshooting the Sensor 32 McAfee® Network Security Platform M-2750 Sensor Product Guide
PAGE 33
A Technical specifications The following table lists the specifications for each M-2750 Sensor. Sensor Specifics Description Dimensions Without mounting ears/rails/cable management: • width: 15.88 in. (40.34 cm) • height: 3.38 in. (8.59 cm) • depth: 24.50 in. (62.23 cm) Dimensions do not include cables or power cords. Weight 40 lbs (18.14 kg) Voltage Range 100-240V AC Frequency 50/60Hz Vibration, operating Sinusoidal: 3 to 500 Hz @ 0.15 gpk Random: 2.5 to 200 Hz @ 0.
PAGE 34
A Technical specifications 34 McAfee® Network Security Platform M-2750 Sensor Product Guide
PAGE 35
B Regulatory, compliance, and safety information The Sensor meets the following standards: Sensor regulatory, safety, and compliance Regulatory: Products with the CE Marking are compliant with the 89/336/EEC and 73/23/EEC directives, which include the safety and EMC standards listed.
PAGE 36
B Regulatory, compliance, and safety information Sensor regulatory, safety, and compliance • Radiated Emissions • Conducted Emissions 36 McAfee® Network Security Platform M-2750 Sensor Product Guide
PAGE 37
Index A M about this guide 5 auxiliary port 26 management port 26 McAfee ServicePortal, accessing 6 C P cabling a failover pair 29, 33 cabling for monitoring ports 27 Cabling for SPAN 29 Cabling for TAP mode 28 chasis 19, 22 conventions and icons used in this guide 5 peer ports 27, 28 D documentation audience for this guide 5 product-specific, finding 6 typographical conventions and icons 5 R rack unit 17 S Safety 35 Sensor front panel 8, 13, 25 ServicePortal, finding product documentation 6 SFP
PAGE 38
700-3593B00