Network Security Platform N-450 Sensor Product Guide
N-450 Sensor Product Guide
Revision A
McAfee® Network Security Platform
COPYRIGHT
Copyright © 2012 McAfee, Inc. Do not copy without permission.
TRADEMARK ATTRIBUTIONS
McAfee, the McAfee logo, McAfee Active Protection, McAfee AppPrism, McAfee Artemis, McAfee CleanBoot, McAfee DeepSAFE, ePolicy Orchestrator,
McAfee ePO, McAfee EMM, McAfee Enterprise Mobility Management, Foundscore, Foundstone, McAfee NetPrism, McAfee Policy Enforcer, Policy Lab,
McAfee QuickClean, Safe Eyes, McAfee SECURE, SecureOS, McAfee Shredder, SiteAdvisor, SmartFilter, McAfee Stinger, McAfee Total Protection,
TrustedSource, VirusScan, WaveSecure, WormTraq are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States and
other countries. Other names and brands may be claimed as the property of others.
LICENSE INFORMATION
License Agreement
NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS
FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU
HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR
SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A
FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET
FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF
PURCHASE FOR A FULL REFUND.
2
McAfee® Network Security Platform
N-450 Sensor Product Guide
Contents
Preface
5
Introducing McAfee Network Security Platform (N-450) .
About this guide . . . . . . . . . . . . . . . .
Audience . . . . . . . . . . . . . . . .
Conventions . . . . . . . . . . . . . . .
What's in this guide . . . . . . . . . . . .
Find product documentation . . . . . . . . . . . .
1
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Setup overview . . . . . . . . . . . . . . . . . . . . . .
Position the Sensor . . . . . . . . . . . . . . . . . . . .
Install the rails and ears on the chassis and rack . . . . .
Mount the Sensor on a rack . . . . . . . . . . . . . .
Remove a Sensor from the rack . . . . . . . . . . . .
Redundant power supply . . . . . . . . . . . . . . . . . .
Install the power supply . . . . . . . . . . . . . . .
Remove the power supply . . . . . . . . . . . . . .
Cable the Sensor . . . . . . . . . . . . . . . . . . . . .
Small form-factor pluggable modules . . . . . . . . . . . . .
SFP module . . . . . . . . . . . . . . . . . . . .
Power on the Sensor . . . . . . . . . . . . . . . . . . .
Power off the Sensor . . . . . . . . . . . . . . . . . . .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. .
. .
. .
. .
. .
. .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Overview
Functions of the N-450 Sensor . . . . . .
Network topology considerations . . . . .
N-450 key features . . . . . . . . . .
N-450 physical description . . . . . . .
Ports of an N-450 . . . . . . . .
Front and back panel LEDs . . . .
2
7
. . . .
. . . .
. . . .
. . . .
. . . .
. . . .
4
.
.
.
.
.
.
Before you install
Usage restrictions . . . . . . . . . . . . .
Safety measures . . . . . . . . . . . . .
Working with fiber-optic ports . . . . . . . .
Contents of the Sensor box . . . . . . . . .
Unpack the Sensor . . . . . . . . . . . .
3
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
the Console port . . . . . . . . . . . . . . . .
the Auxiliary port . . . . . . . . . . . . . . .
the fail-open port . . . . . . . . . . . . . . .
the Management port . . . . . . . . . . . . . .
the Monitoring ports . . . . . . . . . . . . . .
How to use peer ports . . . . . . . . . . . . .
.
.
.
.
11
11
12
12
13
15
Attaching cables to the Sensor
McAfee® Network Security Platform
7
7
8
8
8
9
11
. .
. .
. .
. .
. .
Setting up the Sensor
Cable
Cable
Cable
Cable
Cable
5
5
5
5
6
6
15
. 15
. 16
16
. 17
. 17
. 17
. 18
. 18
. 19
. 19
. 20
. 20
21
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
21
. 22
. 22
22
. 22
. 23
N-450 Sensor Product Guide
3
Contents
Default Monitoring port speed settings . . . .
Cable types for routers, switches, hubs, and PCs
Cable for in-line . . . . . . . . . . . . . . . .
Cabling the failover interconnection ports . . . . . .
About the fail-open hardware . . . . . . . . . . .
4
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
23
24
24
24
25
5
Troubleshooting the Sensor
27
6
Sensor Sensor technical specifications
29
Index
31
McAfee® Network Security Platform
N-450 Sensor Product Guide
Preface
This guide provides the information you need to configure, use, and maintain your McAfee product.
Contents
Introducing McAfee Network Security Platform (N-450)
About this guide
Find product documentation
Introducing McAfee Network Security Platform (N-450)
McAfee® Network Security Platform [formerly McAfee® IntruShield®]delivers the most comprehensive,
accurate, and scalable Network Access Control (NAC) for mission-critical enterprise, carrier, and
service provider networks.
What do you want to do?
•
Learn more about McAfee Network Security Platform components.
•
Learn how to Get Started.
•
Learn about the Home page and interaction with the Manager interface.
About this guide
This information describes the guide's target audience, the typographical conventions and icons used
in this guide, and how the guide is organized.
Audience
McAfee documentation is carefully researched and written for the target audience.
The information in this guide is intended primarily for:
•
Administrators — People who implement and enforce the company's security program.
Conventions
This guide uses the following typographical conventions and icons.
Book title or Emphasis Title of a book, chapter, or topic; introduction of a new term; emphasis.
Bold
Text that is strongly emphasized.
User input or Path
Commands and other text that the user types; the path of a folder or program.
McAfee® Network Security Platform
N-450 Sensor Product Guide
5
Preface
Find product documentation
Code
A code sample.
User interface
Words in the user interface including options, menus, buttons, and dialog
boxes.
Hypertext blue
A live link to a topic or to a website.
Note: Additional information, like an alternate method of accessing an option.
Tip: Suggestions and recommendations.
Important/Caution: Valuable advice to protect your computer system,
software installation, network, business, or data.
Warning: Critical advice to prevent bodily harm when using a hardware
product.
What's in this guide
This guide contains information necessary to setup your N-450 Sensor model. This information
includes guiding you through preconfiguring, cabling, and troubleshooting your Sensor.
Find product documentation
McAfee provides the information you need during each phase of product implementation, from
installation to daily use and troubleshooting. After a product is released, information about the product
is entered into the McAfee online KnowledgeBase.
Task
1
Go to the McAfee Technical Support ServicePortal at http://mysupport.mcafee.com.
2
Under Self Service, access the type of information you need:
To access...
Do this...
User documentation
1 Click Product Documentation.
2 Select a product, then select a version.
3 Select a product document.
KnowledgeBase
• Click Search the KnowledgeBase for answers to your product questions.
• Click Browse the KnowledgeBase for articles listed by product and version.
6
McAfee® Network Security Platform
N-450 Sensor Product Guide
1
Overview
This chapter provides an overview of McAfee® Network Security Sensor N-450.
N-450 Sensors are high-performance, scalable, and flexible content processing appliances built for
providing Network Access Control (NAC) of hosts.
N-450 Sensors are specifically designed to handle traffic at wire speed, and are flexible enough to
adapt to the security needs of any enterprise environment. When deployed at key Network Access
Points, the Sensor provides real-time NAC as configured by the administrator.
Once deployed and once communication is established, Sensors are configured and managed using
the McAfee® Network Security Manager (Manager) server.
The process of configuring a Sensor and establishing communication with the Manager is described in
the subsequent chapters of this guide. The Manager server is described in detail in the Getting Started
Guide.
Contents
Functions of the N-450 Sensor
Network topology considerations
N-450 key features
N-450 physical description
Functions of the N-450 Sensor
N-450 Sensors provide Network Access Control of hosts which involves regulating access to network
resources. The access could be based on a host's System Health level (Standard/ DHCP NAC), identity
of the user logged into the host (IBAC), or both. The Sensor also provides the Hybrid NAC functionality
where a host is first subjected to DHCP-NAC and then Standard NAC at different ports of the same Sensor.
For more information on the NAC functionality and configurations of the Manager, see the McAfee
Network Security Platform NAC Administration Guide.
Network topology considerations
Deployment of McAfee® Network Security Platform [formerly McAfee® IntruShield®] requires knowledge
of your network to help determine the level of configuration and amount of installed Sensors and
Managers. You also need to determine the number of McAfee® ePolicy Orchestrator (McAfee ePO)/
McAfee® Network Access Control (McAfee NAC) servers required to protect your system.
The Sensor is purpose-built for the monitoring of traffic across one or more network segments.
McAfee® Network Security Platform
N-450 Sensor Product Guide
7
1
Overview
N-450 key features
N-450 key features
The N-450 Sensor includes the following features:
•
20 small form-factor (SFP) ports (10/100/1000 Ethernet Copper or 1 Gigabit Ethernet fiber)
•
One 10/100/1000 Base-T Management port
•
One RS-232C Console port
•
Hot-swappable SFP modules
•
Dual power supply
•
Three Fan units, which are field replaceable
N-450 physical description
The high-port density N-450 Sensor, designed for high bandwidth links, is equipped to support ten 1
Gigabit full-duplex Ethernet segments. The N-450 Sensor can monitor upto 2 Gbps of aggregate traffic.
Ports of an N-450
N-450 Sensor is a 2RU (rack unit) box. Correlate the pictures with the information following them to
understand the components of an N-450.
8
Item
Description
1
RJ-45 10/100/1000 Management port (1)
2
RS-232C Console port (1)
3
RS-232C Auxiliary port (1)
4
RJ-11 Fail-Open Control ports (10)
5
SFP one Gigabit Ethernet Monitoring ports (20)
6
External Compact Flash port (1)
7
Front panel LEDs (4)
McAfee® Network Security Platform
N-450 Sensor Product Guide
Overview
N-450 physical description
Item
Description
8
Power supply A (included)
9
Power supply B (optional; sold separately)
10
Back panel LEDs (5)
1
1
One RJ-45 10/100/1000 Management port, which is used for communication with the
Manager server. You can assign an IP address to this port during installation.
2
One RS-232C Console port, which you use to set up and configure the Sensor using the CLI.
3
One RS-232C Auxiliary port, which you might use to dial in remotely to set up and configure the
Sensor.
4
Ten RJ-11 Fail-Open Control ports, designed for use the Optical Fail-Open Bypass kit. The ports
are marked X1, X2, X3, X4, X5, X6, X7, X8, X9, and X10 are used in conjunction with ports 1A/1B,
2A/2B, 3A/3B, 4A/4B, 5A/5B, 6A/6B, 7A/7B, 8A/8B, 9A/9B, and 10A/10B respectively.
5
Twenty small form-factor pluggable (SFP) 1 Gigabit Monitoring ports, which enable you to
monitor ten Ethernet segments in-line.
If you choose to run in failover mode, ports 10A and 10B are used to interconnect with a standby
N-450 Sensor.
The gigabit ports of the N-450 running in In-line Mode fail closed, meaning that if the Sensor fails, it
will interrupt/block data flow. Fail-open functionality requires either the Layer 2 Passthru feature,
described in detail in the section Enabling Layer 2 settings in Sensor Administration Guide or in the
section Cabling the failover interconnection.
6
One external Compact Flash port. You use this port only for flash recovery purposes. That is,
this port is used in troubleshooting situations where the Sensor's internal flash is corrupted and
you need to restart the Sensor through the external Compact Flash. For more information, see the
on-line KnowledgeBase at http://mysupport.mcafee.com/Eservice/. In the McAfee Technical
Support ServicePortal page, click Search the KnowledgeBase.
7
Front panel LEDs. These LEDs indicate the Sensor's general operational status.
8
Primary Power Supplies—PWR A (included). Power supply A is included with each Sensor. The
supply uses a standard IEC port (IEC320-C13). The supply uses a standard IEC port (IEC320-C13).
McAfee provides a standard; 2m NEMA 5-15P (US) power cable (3 wire). International customers
must procure a country-appropriate power cable.
9
Power Supplies—PWR B (optional, purchased separately). Power supply B is a hot-swappable,
redundant power supply. This power supply also uses a standard IEC320-C13 port, and you can
use the McAfee-provided cable or acquire one that meets your specific needs.
10 Back panel LEDs. These LEDs indicate the Sensor's fan and power supply operational status.
N-450 Sensor has one RJ-45 Response port, and this is a reserved port (not used).
See also
Cabling the failover interconnection ports on page 24
Front and back panel LEDs on page 9
Front and back panel LEDs
The front panel LEDs provide status information for the health of the Sensor and the activity on its
ports. The following table describes N-450 front panel LEDs.
McAfee® Network Security Platform
N-450 Sensor Product Guide
9
1
Overview
N-450 physical description
LED
Status Description
Sys
Green
Sensor is operating.
Amber Sensor is starting up. (It could also indicate a system failure.)
Temp Green
Inlet air temperature measured inside chassis is normal. (Chassis temperature OK.)
Amber Inlet air temperature measured inside chassis is too high. (Chassis temperature too
high.)
Flash Green
Fan
Activity on external compact flash.
Off
No activity on external compact flash.
Green
All three fans are operating.
Amber One or more fans have failed.
The back panel LEDs provide information regarding the Sensor fans and the power supply. This is
shown in the table below:
LED
Status
Description
Power A
Green
Power Supply A is functioning.
Amber
Power Supply A is not functioning.
Green
Power Supply B is functioning.
Amber
Power Supply B is not functioning.
Power B
If a power supply is not present, both green and amber LEDs are off.
Fan 1
Fan 2
Fan 3
10
Green
Fan 1 is not operating.
Amber
Fan 1 is operating.
Green
Fan 2 is not operating.
Amber
Fan 2 is operating.
Green
Fan 3 is not operating.
Amber
Fan 3 is operating.
McAfee® Network Security Platform
N-450 Sensor Product Guide
2
Before you install
This chapter describes the best practices for deployment of Sensors on your network. Topics include
system requirements, site planning, safety considerations for handling the Sensor, and usage
restrictions that apply to the Sensor model.
Contents
Usage restrictions
Safety measures
Working with fiber-optic ports
Contents of the Sensor box
Unpack the Sensor
Usage restrictions
The following restrictions apply to the use and operation of a Sensor:
•
You may not remove the outer shell of the Sensor. Doing so will invalidate your warranty.
•
The Sensor appliance is not a general purpose workstation.
•
McAfee prohibits the use of the Sensor appliance for anything other than operating McAfee®
Network Security Platform (formerly McAfee® IntruShield®).
•
McAfee prohibits the modification or installation of any hardware or software in the Sensor
appliance that is not part of the normal operation of McAfee Network Security Platform.
Safety measures
Please read the following warnings before you install the product. These safety measures apply to all
Sensor models unless otherwise specified.
Failure to observe these safety warnings could result in serious physical injury.
Warnings:
•
Read the installation instructions before you connect the system to its power source.
•
To remove all power from the Sensor, unplug all power cords, including the redundant power cord.
•
Only trained and qualified personnel should be allowed to install, replace, or service this equipment.
•
Before working on an equipment that is connected to power lines, remove jewelry (including rings,
necklaces, and watches). Metal objects will heat up when connected to power and ground, and can
cause serious burns or weld the metal object to the terminals.
McAfee® Network Security Platform
N-450 Sensor Product Guide
11
2
Before you install
Working with fiber-optic ports
•
This equipment is intended to be grounded. Ensure that the host is connected to earth ground
during normal use.
•
Do not remove the outer shell of the Sensor. Doing so will invalidate your warranty.
•
Do not operate the system unless all cards, faceplates, front covers, and rear covers are in place.
Blank faceplates and cover panels prevent exposure to hazardous voltages and currents inside the
chassis, contain electromagnetic interference (EMI) that might disrupt other equipment, and direct
the flow of cooling air through the chassis.
•
To avoid electric shock, do not connect safety extra-low voltage (SELV) circuits to
telephone-network voltage (TNV) circuits. LAN ports contain SELV circuits, and WAN ports contain
TNV circuits. Some LAN and WAN ports both use RJ-45 connectors. Use caution when connecting
cables.
•
This equipment has been tested and found to comply with the limits for a Class A digital device,
pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection
against harmful interference when the equipment is operated in a commercial environment. This
equipment generates, uses, and can radiate radio frequency energy and, if not installed and used
in accordance with the instruction manual, may cause harmful interference to radio communications.
•
Operation of this equipment in a residential area is likely to cause harmful interference in which
case users will be required to correct the interference at their own expense.
Working with fiber-optic ports
The Sensor uses fiber-optic connectors for its Monitoring ports. The connector type is a small
form-factor pluggable (SFP) fiber-optic connector that is LC-duplex compatible.
Note the following:
•
Fiber-optic SFP ports are considered Class 1 laser or Class 1 LED ports.
To avoid exposure to radiation, do not stare into the aperture of a fiber-optic port. Invisible radiation
might be emitted from the aperture of the port when no fiber cable is connected.
•
Only FDA registered, EN 60825-1 and IEC 60825-1 certified Class 1 SFP laser transceivers are
acceptable for use with the Sensor.
Contents of the Sensor box
The following accessories are shipped in the Sensor crate:
12
•
One Sensor.
•
One power supply.
•
Power cords. McAfee provides standard and international power cables.
•
One set of rack mounting rails.
•
One set of rack mounting ears.
•
One printed N-450 Slide Rail Assembly Procedure.
•
One printed N-450 Quick Start Guide.
•
Release Notes.
McAfee® Network Security Platform
N-450 Sensor Product Guide
Before you install
Unpack the Sensor
2
Unpack the Sensor
Task
1
Place the Sensor box as close to the installation site as possible.
2
Position the box with the text upright.
3
Open the top flaps of the box.
4
Remove the accessory box within the Sensor box.
5
Verify you have received all parts.
These parts are listed on the packing list and in Contents of the Sensor box.
6
Remove the Slide Rail Kit.
7
Pull out the packing material surrounding the Sensor.
8
Remove the Sensor from the anti-static bag.
9
Save the box and packing materials for later use in case you need to move or ship the Sensor.
If any of the contents from the preceding list are missing or damaged, contact McAfee support.
McAfee® Network Security Platform
N-450 Sensor Product Guide
13
2
Before you install
Unpack the Sensor
14
McAfee® Network Security Platform
N-450 Sensor Product Guide
3
Setting up the Sensor
This chapter describes the process of setting up a Sensor to prepare it for configuration.
Contents
Setup overview
Position the Sensor
Redundant power supply
Cable the Sensor
Small form-factor pluggable modules
Power on the Sensor
Power off the Sensor
Setup overview
Setting up a Sensor involves the following steps:
Task
1
Positioning the Sensor.
2
Installing interface modules (SFP).
3
Attaching power, network, and monitoring cables.
4
Powering on the Sensor.
5
Configuring the Sensor after you have set up and powered on the Sensor.
See also
Position the Sensor on page 15
Attaching cables to the Sensor on page 3
Position the Sensor
Place the Sensor in a physically secure location, close to the switches or routers it will be monitoring.
Ideally, the Sensor should be located within a standard communications rack. Each N-450 is a 2RU (2
rack unit). To mount the Sensor on a rack, you will attach two mounting ears and rails to the Sensor
as described in the subsequent sections.
McAfee® Network Security Platform
N-450 Sensor Product Guide
15
3
Setting up the Sensor
Position the Sensor
Install the rails and ears on the chassis and rack
Before you begin
Before you install the rails and ears on the chassis, make sure that power is OFF. Remove
the power cable and all network interface cables from the Sensor.
Each rack-mounting rail and ear has holes that match up with holes in the chassis. You will need a
screwdriver to secure the slotted panhead screws.
Task
1
Verify that you have all the parts you will need: two three-in-one rails, two chassis ears, and
fourteen slotted panhead screws.
Each rail includes a rail that mount to the rack, a rail that slides into the mounted rail, and a rail
that is attached to the chassis.
2
Disassemble the slide rail by pulling the inner rail out and pushing the side latch in to separate.
3
Attach the inner rail to the chassis by fastening it with the screws provided.
4
Attach the ear to each side of the chassis.
5
Mount the L-shape and external rail to your rack frame.
The adjustable end of the L-shape rail is intended for placement at the back of your rack. Adjust
the rail as needed for length. You are now ready to mount the Sensor in the rack.
Mount the Sensor on a rack
McAfee recommends rack-mounting your Sensors. The rack-mounting hardware included with the
Sensors is suitable for most 19-inch equipment racks and telco-type racks. For maintenance purposes,
you should have access to the front and rear of the Sensor.
Before you mount the Sensor on the rack, make sure that power is OFF. Remove the power cable and all
network interface cables from the Sensor.
Because of the weight of the appliance, McAfee recommends that two people place the chassis into the
rail cabinet.
Insert the chassis into the rail cabinet and complete the rack-mounting of the Sensor by securing the
rack mount ears to two posts or mounting strips in the rack. The ears secure the Sensor to two rack
posts. Be sure to fasten the ears securely to the rack.
You can also mid-mount the Sensor (optional). For details, refer to the corresponding Sensor Quick
Start Guide.
16
McAfee® Network Security Platform
N-450 Sensor Product Guide
Setting up the Sensor
Redundant power supply
3
Remove a Sensor from the rack
Because of the weight of the appliance, McAfee recommends that two people remove the chassis from
the rail cabinet. When removing the chassis from the rack, pull chassis forward until you hear the
innermost rails snap in place. On each side of the rails, press in the release button as pictured below
and continue pulling the chassis.
Figure 3-1 Rail release latch for the Sensor
Redundant power supply
A basic configuration of the Sensor includes one hot swappable supply. You may install a second
hot-swappable power supply (purchased separately from McAfee) for redundancy. Each of these
modules has one handle for insertion or extraction from the unit as well as a release latch.
Figure 3-2 Inserting the power supply for the Sensor
Install the power supply
Task
1
Unpack the power supply from its shipping carton.
2
Remove the faceplate panel covering the power supply slot.
The faceplate panel should remain in place unless a power supply is in the power supply slot. Do not
operate the Sensor without the faceplate panel in place.
McAfee® Network Security Platform
N-450 Sensor Product Guide
17
3
Setting up the Sensor
Cable the Sensor
3
Place the power supply in the slot with the cable outlet facing front and on the left side of the
faceplate.
Figure 3-3 Power supply units of the Sensor
4
Slide in the power supply until it makes contact with the backplane, then push firmly to mate the
connectors solidly with the backplane.
For true redundant operation with the optional redundant power supply, McAfee recommends that
you plug each supply into a different power circuit. For optimal protection, use uninterruptable
power sources.
Remove the power supply
Note that the power supplies are hot-swappable. To avoid data interruption, do not power off both
power supplies on an in-line Sensor, else the Sensor shuts down and all data traffic stops. Power off
only the power supply you are replacing.
Task
1
Unplug the power cable from its power source and remove the power cable from the power supply.
2
Put on an antistatic wrist or ankle strap.
3
Attach the strap to a bare metal surface of the chassis.
4
Push the release latch inward toward the handle.
5
Squeeze the handle of the power supply and pull it out.
6
Use faceplate panels to protect unused slots from dust and reduce electromagnetic radiation.
7
Replace the mounting bracket.
To remove all power from the Sensor, unplug all power cords.
Cable the Sensor
Follow the steps outlined in Attaching Cables to the Sensor to connect cables to the monitoring,
response, console, and management ports on your Sensor.
See also
Attaching cables to the Sensor on page 3
18
McAfee® Network Security Platform
N-450 Sensor Product Guide
Setting up the Sensor
Small form-factor pluggable modules
3
Small form-factor pluggable modules
The Sensor uses two types of small form-factor pluggable modules as shown in the following table.
Type
Performance
SFP
10/100/1000 Mbps (copper)
1 Gbps (fiber optic)
Each module is a hot-swappable input/output device that plugs into an LC-type Gigabit Ethernet port,
linking the module port with a copper or fiber-optic network. SFP optical interfaces are less than half
the size of GBIC interfaces.
To ensure compatibility, McAfee supports only those SFP modules purchased through McAfee or from a
McAfee-approved vendor. For a list of approved vendors, see the on-line KnowledgeBase at http://
mysupport.mcafee.com/Eservice/. Click Search the KnowledgeBase.
These installation instructions provide information for installing an SFP module that uses a bail-clasp
for securing the module in place in the Sensor. Your module may be slightly different. Check the
module manufacturer's installation instructions for more details.
For ease of installation, insert the module in the Sensor while it is powered down and before placing it
on a rack.
To prevent eye damage, do not stare into open laser apertures.
SFP module
The SFP module is a hot-swappable, protocol-independent, compact, optical receiver, which allows for
greater port density than the standard GBIC. This module operates at varying speeds for up to 1
Gigabit per second on Gigabit Ethernet. The SFP module operates in single mode and multimode.
Additionally, this module transmits on an 850-nanometer wavelength on short reach (SR) and
1310-nanometer wavelength on long reach (LR).
Figure 3-4 SFP module for the Sensor
Install a module
This section provides the steps to install an SFP module with a bail clasp.
Task
1
Remove the module from its protective packaging.
2
Ensure the module is the correct model for your network.
3
Locate the label on the module and ensure that the alignment groove is down.
4
Grip the sides of the module with your thumb and forefinger and insert module into the module
socket.
Modules are keyed to prevent incorrect insertion.
McAfee® Network Security Platform
N-450 Sensor Product Guide
19
3
Setting up the Sensor
Power on the Sensor
Remove a module
Task
1
Disconnect the network cable from the module.
2
Release the module from the slot by pulling the bail-clasp out of its locked position.
3
Slide the module out of the slot.
4
Insert the module plug into the optical bore for protection.
Power on the Sensor
Before you begin
Do not attempt to power on the Sensor until you have installed the Sensor in a rack, made
all necessary network connections, and connected the power cable to the power supply.
If you are installing a redundant power supply, you should install it as described in Installing a power
supply. For true redundant operation with the optional redundant power supply, McAfee recommends
that you plug each supply into a different power circuit.
Task
1
Connect the power cable to the Sensor power supply.
2
Connect the power cable to a power source.
The Sensor has no power switch. It powers on as soon as one of its power cable is connected to a
power source.
Power off the Sensor
McAfee recommends that you use the shutdown CLI command to halt the Sensor before powering it
down. For more information on CLI commands, see CLI Guide.
20
McAfee® Network Security Platform
N-450 Sensor Product Guide
4
Attaching cables to the Sensor
Follow the steps outlined in this chapter to connect cables to the various ports on your Sensor.
Contents
Cable the Console port
Cable the Auxiliary port
Cable the fail-open port
Cable the Management port
Cable the Monitoring ports
Cable for in-line
Cabling the failover interconnection ports
About the fail-open hardware
Cable the Console port
The Console port on the Sensor is used for setup and configuration of the Sensor.
Task
1
For console connections, plug the DB9 Console cable supplied by McAfee into the Console port on
the Sensor.
This port is labeled as Console on the Sensor front panel.
2
Connect the other end of the Console port cable directly to a COM port of the PC or terminal server
you will use to configure the Sensor, for example, a PC running correctly configured Windows
HyperTerminal software.
You must connect directly to the console for initial configuration.
Required settings for HyperTerminal are:
3
Name
Setting
Baud rate
38400
Number of bits
8
Parity
None
Stop bits
1
Flow Control
None
Power on the Sensor.
McAfee® Network Security Platform
N-450 Sensor Product Guide
21
4
Attaching cables to the Sensor
Cable the Auxiliary port
Cable the Auxiliary port
The Auxiliary port is used for modem access to the Sensor for setup and configuration.
You cannot use a modem the first time you configure a Sensor.
Task
1
For modem connections, plug a straight-through modem cable into the Auxiliary port on the Sensor.
This port is labeled as Aux on the Sensor front panel.
2
Connect a modem to the Aux port.
3
Connect a telephone line to the modem.
Required settings for the Aux port are:
Name
Setting
Baud rate
38400
Number of bits
8
Parity
None
Stop bits
1
Flow Control
None
Cable the fail-open port
Fail-open functionality for the GE Monitoring ports is accomplished using the standard Gigabit
Fail-open Bypass Kit, sold separately. McAfee recommends deploying active fail-open kits for
protection of mission critical networks. Both copper and optical versions are available. For more
information, see the documentation that accompanies the Kit.
Cable the Management port
The Management port is used for communication with the Manager server.
Task
1
Plug a Cat-5e Ethernet cable into the Management port.
This port is labeled as Mgmt on the front panel of the Sensor.
2
Connect the other end of the cable to the network device, such as a hub, a switch, or a router that
in turn connects to the Manager server.
To isolate and protect your management traffic, McAfee strongly recommends using a separate,
dedicated management subnet to interconnect the Sensors and the Manager.
Cable the Monitoring ports
Connect to the network devices you will be monitoring through the Sensor Monitoring ports. You can
deploy Sensors in the following operating modes:
22
McAfee® Network Security Platform
N-450 Sensor Product Guide
Attaching cables to the Sensor
Cable the Monitoring ports
•
In-line mode (fail-closed)
•
SPAN or Hub mode
•
In-line mode (fail-open)
•
Failover
•
External tap mode
4
See also
Cable for in-line on page 24
About the fail-open hardware on page 25
Cabling the failover interconnection ports on page 24
How to use peer ports
All full-duplex Sensor deployment modes require the use of two peer monitoring ports on the Sensor.
On the Sensors, the numbered ports are wired in pairs to accommodate the traffic.
The following SFP Gigabit Ethernet ports are coupled and must be used together:
Port Pairs
Transceiver Type
1A and 1B
SFP
2A and 2B
SFP
3A and 3B
SFP
4A and 4B
SFP
5A and 5B
SFP
6A and 6B
SFP
7A and 7B
SFP
8A and 8B
SFP
9A and 9B
SFP
10A and 10B
SFP
You cannot configure, for example, 1A and 2A to work together as a pair.
Figure 4-1 Using peer ports
Default Monitoring port speed settings
Be sure that the switch/router ports connected to the Sensor Monitoring ports match the Sensor
configuration.
Table 4-1 Default Monitoring port speed settings
Monitoring Ports
Operating Mode
Speed/Duplex Setting
SFP ports for copper
In-line fail-close (port pair)
Auto-negotiation is on.
SFP ports for fiber-optic
In-line fail-close (port pair)
Auto-negotiation is on.
McAfee® Network Security Platform
N-450 Sensor Product Guide
23
4
Attaching cables to the Sensor
Cable for in-line
Cable types for routers, switches, hubs, and PCs
This section describes the types of cables that you require to connect the Sensor to other network
devices:
•
Use a crossover Ethernet RJ-45 cable to connect a router port to the 10/100/1000 copper SFP
Monitoring ports.
•
Use a straight-through Ethernet RJ-45 cable to connect a switch/hub port to 10/100/1000 copper
SFP Monitoring ports.
•
Use a crossover Ethernet RJ-45 cable to connect a router port to PC to the Sensor Management port.
You should also use a crossover Ethernet RJ-45 cable to connect a PC to the Sensor monitoring port.
Cable for in-line
The Gigabit Ethernet ports fail-close, meaning they stop the flow of traffic if the Sensor fails. To allow
traffic to flow uninterrupted, you must use special hardware and cable the Sensor for fail-open
functionality. For instructions, see the section later in this chapter.
This section provides the steps to connect the Sensor's Gigabit Ethernet ports so they fail-close.
Task
1
Plug the cable appropriate for use with your Gigabit Ethernet into one of the Monitoring ports, for
example, 1A.
2
Plug another cable into the peer of the port used in Step 1.
3
Connect the other end of each cable to the network devices that you want to monitor.
For example, if you plan to monitor traffic between a switch and a router, connect the cable
connected to 1A to the switch and the one connected to 1B to the router.
Cabling the failover interconnection ports
Failover requires connecting two identical Sensors (same model, same software) using an
interconnection cable or cables.
Gigabit ports 10A and 10B are the failover interconnection ports on the Sensor. A failover cable is the
only additional hardware required to support failover communication between two Sensors.
To connect two Sensors for failover:
Task
24
1
Plug the cable appropriate for use with your SFP module into port 10A of the active Sensor.
2
Connect the other end of the cable to port 10B of the standby Sensor.
McAfee® Network Security Platform
N-450 Sensor Product Guide
Attaching cables to the Sensor
About the fail-open hardware
4
3
Similarly, plug the cable appropriate for use with your SFP module into port 10A of the active Sensor.
4
Connect the other end of the cable to port 10B of the standby Sensor.
About the fail-open hardware
The standard Gigabit Fail-Open Kit (sold separately) minimizes the potential risks of in-line Sensor
failure on critical network links. Both copper and optical versions of the Kit are available for 1 Gigabit
ports.
The Monitoring ports on N-450 fail-close; thus, if the Sensor is deployed in-line, a hardware failure
results in network downtime. Fail-open operation for the Monitoring ports requires the use of the
optional external Bypass Switch provided in the Kit.
With the Bypass Switch in place, normal Sensor operation supplies power to the switch through a
control cable. While the Sensor is operating, the switch is "on" and routes all traffic directly through
the Sensor. When the Sensor fails, the switch automatically shifts to a bypass state: in-line traffic
continues to flow through the network link, but is no longer routed through the Sensor. Once the
Sensor resumes normal operation, the switch returns to the "on" state, once again enabling in-line
monitoring.
Note that Sensor outage breaks the link connecting the devices on either side of the Sensor for a brief
moment and requires the renegotiation of the network link between the two peer devices connected to
the Sensor. Depending on the network equipment, this disruption introduced by the renegotiation of the
link layer between the two peer devices may range from a couple of seconds to more than a minute
with certain vendors' devices.
A very brief link disruption may also occur while the links between the Sensor and each of the peer
devices are renegotiated to place the Sensor back in in-line mode. This outage, again, varies depending
on the device, and can range from a few seconds to more than a minute.
Installation and troubleshooting instructions for the Kit can be found in the Guide that accompanies
the kit. For example, for more information on the Optical kit, see the standard Gigabit Optical
Fail-Open Bypass Kit Guide.
N-450 Sensor also supports Active Bypass Kit.
McAfee® Network Security Platform
N-450 Sensor Product Guide
25
4
Attaching cables to the Sensor
About the fail-open hardware
26
McAfee® Network Security Platform
N-450 Sensor Product Guide
5
Troubleshooting the Sensor
This section provides the solution to some of the common installation problems.
Problem
Possible Cause
Solution
LED is off.
The control cable has been
disconnected.
Check the control cable and ensure it is
properly connected to both the Sensor and
the Bypass Switch.
LED is off.
The Sensor is powered off.
Restore Sensor power.
LED is off.
The Sensor port cable is
disconnected.
Check the Sensor cable connections.
Sensor is operational,
but is not monitoring
traffic.
Network device cables have Check the cables and ensure they are
been disconnected.
properly connected to both the network
devices and the Bypass Switch.
Sensor is operational,
but is not monitoring
traffic.
The Sensor ports have not
been enabled in the
Manager.
The Sensor will not monitor traffic on the
ports unless the ports are enabled in the
Manager. Ports are disabled in a Sensor
failure; they must be re-enabled for Sensor
monitoring to resume.
Network or link problems. Improper cabling or port
configuration.
Ensure that the transmit and receive cables
are properly connected to the Bypass Switch.
Runts or giants errors on
switch and routers.
Improper cabling or port
configuration.
Ensure that the transmit and receive cables
are properly connected to the Bypass Switch.
The system fault "Switch
absent" appears in the
Manager Operational
Status window.
The control cable has been
disconnected.
Check the control cable and ensure it is
properly connected to both the Sensor and
the Bypass Switch.
McAfee® Network Security Platform
N-450 Sensor Product Guide
27
5
Troubleshooting the Sensor
28
McAfee® Network Security Platform
N-450 Sensor Product Guide
6
Sensor Sensor technical specifications
The following table lists the specifications for each Sensor Sensor.
Sensor Specifics
Description
Dimensions
Without mounting ears/rails/cable management:
• width: 16.75 in. (41.91 cm)
• height: 3.5 in. (8.89 cm)
• depth: 30.00 in. (76.20 cm)
Dimensions do not include cables or power cords.
Weight
47 lbs (21.31 kg)
Voltage Range
100-240V AC
Frequency
50/60Hz
Vibration, operating
Sinusoidal: 3 to 500 Hz @ 0.15 gpk
Random: 2.5 to 200 Hz @ 0.33 g
Vibration, non-operating
Sinusoidal: 10 to 500 Hz @ 0.8 gpk
Random: 2.5 to 200 Hz @ 1.05 g
Power requirements
450W
Temperature
Ambient Temperature Range
(Non-condensing)
Operating
0C(32F) to 40C(104F)
Non-operating
-40C(-40F) to 70C(158F)
Relative Humidity (Non-condensing)
Operating
5%-90% non-condensing
Non-operating
5% to 95% non-condensing
Sensor Specifics
System Heat Dissipation
AC (max): 535W, 1825 BTU/hr
Airflow
200 lfm (1 m/s)
Altitude
Sea level to 9000 ft (2743.2m)
McAfee® Network Security Platform
N-450 Sensor Product Guide
29
6
Sensor Sensor technical specifications
30
McAfee® Network Security Platform
N-450 Sensor Product Guide
Index
A
M
about this guide 5
auxiliary port 22
management port 22
McAfee ServicePortal, accessing 6
C
P
cabling a failover pair 24
cabling for monitoring ports 22
chasis 17, 20
conventions and icons used in this guide 5
peer ports 23, 24
D
S
documentation
audience for this guide 5
product-specific, finding 6
typographical conventions and icons 5
Sensor front panel 8, 9, 11, 21
ServicePortal, finding product documentation 6
SFP module 19–21
Slide Rail Kit 13, 15
F
T
fail open port 22
Fibre Optic ports 12
Technical Support, finding product information 6
three-in-one rails 16
R
rack unit 15
G
Gigabit Fail-Open Kit 5, 25, 27, 29
H
hot swappable power supply 17, 18
McAfee® Network Security Platform
N-450 Sensor Product Guide
31
700-3595A00
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement