Network Security Platform Manager Appliance (Linux)

Network Security Platform Manager Appliance (Linux)
Manager Appliance (Linux) Installation Guide
Revision B
McAfee Network Security Platform
COPYRIGHT
Copyright © 2017 McAfee, LLC
TRADEMARK ATTRIBUTIONS
McAfee and the McAfee logo, McAfee Active Protection, ePolicy Orchestrator, McAfee ePO, McAfee EMM, Foundstone, McAfee LiveSafe, McAfee QuickClean, Safe Eyes,
McAfee SECURE, SecureOS, McAfee Shredder, SiteAdvisor, McAfee Stinger, True Key, TrustedSource, VirusScan are trademarks or registered trademarks of McAfee,
LLC or its subsidiaries in the US and other countries. Other marks and brands may be claimed as the property of others.
LICENSE INFORMATION
License Agreement
NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE
GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE
CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE
RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU
DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF
APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND.
2
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
Contents
Preface
5
About this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
What's in this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Find product documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1
About the Manager Appliance
Warnings and cautions . . . . . . . . . . .
Before installing the Manager Appliance . . . . .
System specifications and environmental requests .
Features not supported . . . . . . . . . . .
2
7
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. . 7
. 8
.
8
. 10
Verify the shipment
11
Manager Appliance front panel description . . . . . . . . . . . . . . . . . . . . . . . . . 11
Manager Appliance back panel description . . . . . . . . . . . . . . . . . . . . . . . . . 11
3
4
Installing the Manager Appliance
13
Positioning the Manager Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Rack installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Server system installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Install system into rack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Remove the Manager Appliance from the rails . . . . . . . . . . . . . . . . . . . . . . . .
13
13
14
14
15
Configuring the Manager Appliance
17
Connect the Manager Appliance to power and the network . . . . . . . . . . . . . . . . . . . 17
Configure the Manager Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Commands for the Manager service . . . . . . . . . . . . . . . . . . . . . . . . . . .
19
5
Working with the Manager software
21
Access the Manager from a client machine . . . . . . . . . . . . . . . . . . . . . . . . . 21
Log on to the Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
6
Maintaining the Manager Appliance
23
Applying MLOS patches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Upgrading your Manager software . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Maintaining MLOS based Manager using CLI Utilities . . . . . . . . . . . . . . . . . . . . . 24
7
Troubleshooting
The Manager Appliance is not receiving power . . . . . . .
The Manager Appliance will not start . . . . . . . . . . .
The Manager Appliance is not communicating with the network .
Troubleshooting a hardware failure . . . . . . . . . . .
Index
McAfee Network Security Platform
27
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. . . 27
. . 27
. . 28
. . . 28
29
Manager Appliance (Linux) Installation Guide
3
Contents
4
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
Preface
This guide provides the information you need to configure, use, and maintain your McAfee product.
Contents
About this guide
Find product documentation
About this guide
This information describes the guide's target audience, the typographical conventions and icons used in this
guide, and how the guide is organized.
Conventions
This guide uses these typographical conventions and icons.
Italic
Title of a book, chapter, or topic; a new term; emphasis
Bold
Text that is emphasized
Monospace
Commands and other text that the user types; a code sample; a displayed message
Narrow Bold
Words from the product interface like options, menus, buttons, and dialog boxes
Hypertext blue A link to a topic or to an external website
Note: Extra information to emphasize a point, remind the reader of something, or provide an
alternative method
Tip: Best practice information
Caution: Important advice to protect your computer system, software installation, network,
business, or data
Warning: Critical advice to prevent bodily harm when using a hardware product
What's in this guide
This guide is organized to help you find the information you need.
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
5
Preface
Find product documentation
Find product documentation
On the ServicePortal, you can find information about a released product, including product documentation,
technical articles, and more.
Task
6
1
Go to the ServicePortal at https://support.mcafee.com and click the Knowledge Center tab.
2
In the Knowledge Base pane under Content Source, click Product Documentation.
3
Select a product and version, then click Search to display a list of documents.
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
1
About the Manager Appliance
The Manager Appliance is part of the McAfee® Network Security Platform intrusion prevention system. The
Manager Appliance is a 1-U rack dense chassis with multi-core Intel XEON Series Processor and four 2.5" hard
drive trays.
The Manager Appliance runs on a pre-installed, hardened McAfee Linux Operating Server (MLOS) operating
system and comes pre-loaded with the Network Security Manager software.
Contents
Warnings and cautions
Before installing the Manager Appliance
System specifications and environmental requests
Features not supported
Warnings and cautions
You should be aware of these warning and cautions.
Manager Appliance power on or off — the push button On/Off power switch on the front panel of the Manager
Appliance does not turn off the AC power. To remove AC power from the Manager Appliance, you must unplug
the AC power cord from either the power supply or wall outlet.
The power supplies in your system might produce high voltages and energy hazards, which can cause bodily
harm. Only trained service technicians are authorized to remove the covers and access any of the components
inside the system.
This system may have more than one power supply cable. To reduce the risk of electrical shock, a trained service
technician must disconnect all power supply cables before servicing the system.
Hazardous conditions — devices and cables: Hazardous electrical conditions may be present on power,
telephone, and communication cables. Turn off the Manager Appliance and disconnect telecommunications
systems, networks, modems, and the power cord attached to the Manager Appliance before opening it.
Otherwise, personal injury or equipment damage can result.
Avoid injury — lifting the Manager Appliance and attaching it to the rack is a two-person job. The Manager
Appliance weighs approximately 10.46 kg (23.05 lbs).
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
7
1
About the Manager Appliance
Before installing the Manager Appliance
Before installing the Manager Appliance
Make sure to check for the following before you install the Manager Appliance.
•
Read all provided safety information.
•
Make sure that you have selected a suitable location for installing the Manager Appliance.
•
Check that you have all the necessary equipment and components outlined in this document.
•
Familiarize yourself with the Manager Appliance network access card (NIC) ports and connectors as
described in this document.
•
Decide whether you will be using static or dynamic IP address assignment. If you use a static IP address for
the Manager Appliance, you must request a static IP address from your network administrator, who must
then update your DNS server with a valid Manager Appliance host name entry. You must have the following
information available when you configure the Manager Appliance:
•
Static IP address.
•
Network mask.
•
Default gateway address.
•
A primary and an optional secondary DNS server IP address.
To ensure the safe operation of the Manager Appliance, read all documentation before installation.
System specifications and environmental requests
These are the system specifications and requirements for the Manager Appliance.
Network recommendations
Although the Manager Appliance supports both DHCP and static IP address networks, McAfee strongly
recommends that you use static IP addresses.
In addition, McAfee recommends having a DNS server on your network. This enables you to set a fully qualified
domain name for your Manager server. The Manager generates a public key certificate that uses the Manager
Appliance host name. This certificate is used to authenticate the Manager server to any Manager clients in your
deployment.
Table 1-1 Hardware and Software specifications
Component
Specifications
Hardware
Regulatory Model Name
R1000
CPU
Intel Xeon Silver 4114 2.2Ghz10C, Skylake1 per system
Hard Drive
2.5" Enterprise HDD2TBSATA III (6Gbps)7200 RPM2 per system
DVD ROM
None
DIMM
64GB DDR42133Mhz
Integrated LAN
2 x 10 Gbe
USB ports
2 x 3.0 on front and 3 x 3.0 on rear panel
Video
DB-15 HD VGA on front & rear panel
Serial Port
RJ45 on rear panel
Software
8
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
About the Manager Appliance
System specifications and environmental requests
1
Table 1-1 Hardware and Software specifications (continued)
Component
Specifications
Manager software version
9.1
McAfee Linux OS (MLOS) version
3.4.0.8756 or above
The following table lists the 9.1 Manager client requirements when using Windows 7, Windows 8, or Windows
10:
Minimum
Operating
system
Recommended
• Windows 7, English or Japanese
• Windows 8, English or Japanese
• Windows 8.1, English or Japanese
• Windows 10, English or Japanese
The display language of the Manager client must be
the same as that of the Manager server operating
system.
RAM
2 GB
4 GB
CPU
1.5 GHz processor
1.5 GHz or faster
Browser
• Internet Explorer 10, 11
• Internet Explorer 11
• Mozilla Firefox
• Mozilla Firefox 20.0 or later
• Google Chrome (App mode in Windows 8 is not
supported)
• Google Chrome 24.0 or later
To avoid the certificate mismatch error and security
warning, add the Manager web certificate to the
trusted certificate list.
In Mozilla Firefox version 52 or
Google Chrome version 42 and
above, the NPAPI plug-in is
disabled by default.
Dimensions
59.1 cm (23.26 in.) D x 43.8 cm (17.244 in.) W x 4.32 cm (1.7 in.) H
Weight (maximum configuration) 14.06 kg (31 lbs)
Power delivery
DC Power
DC 750W Gold
AC Power
AC 1100W Platinum
Power Redundancy
The server system can support 1 or 2 installed power supply modules,
with support for the following power configurations: 1+0
Non-Redundant, 1+1 Redundant, and 2+0 Combined Power.
Environment
Operating temperature
+10°C to +35°C with the maximum rate of change not to exceed 10°C
per hour
Non-operating temperature
–40°C to +70°C
Non-operating humidity
50%—90%, non-condensing with a maximum wet bulb of 28°C (at
temperatures from 25°C to 35°C)
Acoustic noise
Sound Power: 7.0 BA in an idle state at typical office ambient
temperature. (23 +/-2 degrees C.)
Shock, operating
Half sine, 2 g peak, 11 msec
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
9
1
About the Manager Appliance
Features not supported
Dimensions
Shock, unpackaged
Trapezoidal, 25 g, velocity change is based on weight
Shock, packaged
Non-palletized free fall in height 18 inches (>=40 lbs to < 80 lbs)
Vibration, unpackaged
5 Hz to 500 Hz, 2.20 g RMS random
Vibration, packaged
5 Hz to 500 Hz, 1.09 g RMS random
ESD, Air Discharged
12.0 kV
ESD, Contact Discharge
8.0 kV
System cooling requirement in
BTU/Hr
1090 BTU/hour
EMI operating
Required to meet EMI emission requirements, tested as part of system
Manager Appliance supports only USB-compliant mouse and keyboard (PS/2 mouse and keyboard are not
supported).
Features not supported
10
•
Manager installation on a Linux PC
•
AZUL JDK
•
Central Manager support
•
Vulnerability Manager support
•
User interface support on Appliance
•
FIPS support
•
Manager image as an AMI or Virtual Machine
•
Localization
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
2
Verify the shipment
Verify shipment against content list for the Accessory kit shipped with the Manager Appliance.
If any of the content from the content list is missing or damaged, contact McAfee support at http://
mysupport.mcafee.com.
Contents
Manager Appliance front panel description
Manager Appliance back panel description
Manager Appliance front panel description
The Manager Appliance front panel has these lights and buttons.
An optional lockable bezel is included with the Manager Appliance, which can be installed to cover the front
panel.
Manager Appliance back panel description
The Manager Appliance back panel has these ports and connectors for configuration.
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
11
2
Verify the shipment
Manager Appliance back panel description
12
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
3
Installing the Manager Appliance
This section describes how to attach rails and mount the Manager Appliance on a rack.
A rack mounting kit is supplied with the Manager Appliance so you can install the Manager Appliance in a
19-inch rack, as described in the following rack mounting instructions.
The rack mounting contains:
•
Slide rails
•
Chassis cable management arm
A screwdriver is required for this procedure.
Contents
Positioning the Manager Appliance
Rack installation
Server system installation
Install system into rack
Remove the Manager Appliance from the rails
Positioning the Manager Appliance
The Manager Appliance must be installed in a suitable location. Since it is designed to be operated remotely,
physical access to the Manager Appliance is needed only to connect networking cables and the power supply
cord, a monitor, keyboard, and mouse to configure the software.
Initial setup requires attaching a single network cable to the back of the Manager Appliance. After the network
setup is finished, physical access to the Manager Appliance is necessary only to restart the appliance. McAfee
recommends that you interact with the system using remote desktop software.
The remote desktop connection is enabled by default on the appliance
Rack installation
These steps explain the procedure to install the rack for the Manager Appliance.
For graphical representation of the rack installation, refer to the 1U Rail Kit Installation Guide bundled with the
appliance.
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
13
3
Installing the Manager Appliance
Server system installation
Task
1
Identify the Right (R) and Left (L) Rail Assemblies.
2
Extend each rail assembly to expose the stamped 'R' and 'L' identifiers.
3
Install left rail assembly.
Use mounting holes within the same 1U space on both front and rear rack pillars.
The rail is securely installed when the Hook and locker extends out of the mounting hole, are fully sealed,
and locked into place.
4
Repeat steps 2 - 3 for right rail assembly.
When transporting the rack with systems pre-installed, the 10-32 shipping screws must be installed to the
center hole of the rear rail bracket to prevent possible rail mounting failure.
Server system installation
Carefully install the Manager Appliance on the mounting rails.
For graphical representation of the server system installation, refer to the 1U Rail Kit Installation Guide bundled
with the appliance.
Task
1
Fully extend the rails until they lock in place.
2
Align and insert rear mounting posts of the server into rear mounting slots of both rails.
3
Carefully rotate server down until the remaining two server mounting posts on each side of the chassis
install into the mounting slots of each rail.
4
Verify that the Server Lock is fully engaged and the system is fully sealed into each rail.
Install system into rack
These steps explain the procedure to install the Manager Appliance into the rack.
For graphical representation, refer to the 1U Rail Kit Installation Guide bundled with the appliance.
Task
14
1
Lift up on the Release Tab of both rails.
2
Push the system as far as possible into the rack.
3
Use the fixed locking screws located on the system rack handles to secure the system to the rack.
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
Installing the Manager Appliance
Remove the Manager Appliance from the rails
3
Remove the Manager Appliance from the rails
Perform these steps to remove the Manager Appliance.
Task
1
Turn off the Manager Appliance and disconnect it from the power outlet.
2
Disconnect all cables, such as network cables. Also disconnect the monitor, keyboard, and mouse cables, if
installed.
3
If installed, remove screws securing the appliance to the rack mount rails.
4
Pull the appliance out of the rack until the safety catches stop the movement.
5
Rotate the release latch at the front of each rail to disengage the safety catch.
6
With help from another person, lift the system completely out of the rack.
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
15
3
Installing the Manager Appliance
Remove the Manager Appliance from the rails
16
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
4
Configuring the Manager Appliance
The Manager Appliance comes with all Manager components pre-installed. The Manager Appliance
Configuration Tool configures the Manager Appliance and starts as soon as you log on to the Manager
Appliance.
Contents
Connect the Manager Appliance to power and the network
Configure the Manager Appliance
Commands for the Manager service
Connect the Manager Appliance to power and the network
After you have installed the Manager Appliance on the rack, connect the appliance to the power source and to
your network. Connect a monitor, keyboard, and a mouse, which are required to configure the Manager
Appliance.
Perform these steps to connect the Manager Appliance to a power source and network.
Task
1
Plug the AC power cord into the back of the Manager Appliance, then plug the other end of the cord into an
appropriate power source.
2
Connect a network cable to NIC 1.
Use only NIC 1 for initial configuration purposes.
3
Connect the monitor, mouse, and keyboard to the rear or front of the Manager Appliance.
You can manage the Manager Appliance from a remote computer after the initial installation and
configuration are completed.
4
Turn on the power for the Manager Appliance.
Appliance power on/off — the push-button on/off power switch on the front panel of the Manager Appliance
does not turn off the AC power. To remove AC power from the Manager Appliance, you must unplug the AC
power cord from either the power supply or wall outlet.
5
When the appliance has started, use valid credentials at the command prompt to logon.
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
17
4
Configuring the Manager Appliance
Configure the Manager Appliance
Configure the Manager Appliance
Log on to the Manager Appliance using a console client and configure the network settings as shown here.
Task
1
Log on using the credentials below.
•
Username: admin
•
Password: MLOSnsmApp
MLOS does not support root login over SSH, you have to login as admin and then change the user to
root.
McAfee recommends that you change the password immediately. A new password must be at least 8
characters in length and must contain a combination of numbers, characters, and special characters.
2
To update the parameters, change user to root by executing the su command.
3
Enter MLOSnsmApp as the password.
4
At the Manager command prompt, add the DNS server by executing the following command(s).
vi /etc/resolv.conf
search localhost
nameserver <DNS Server IP Address>
5
Assign IP address, network mask, and gateway to the appliance by executing the following commands:
a
Access the network file.
vi /etc/sysconfig/network-scripts/ifcfg-eth0
b
Add or modify the network configuration as shown below.
BOOTPROTO = None
IPADDR = <IP address>
NETMASK = <Network Mask>
GATEWAY = <Gateway IP Address>
c
Configure the network file as shown below.
vi /etc/sysconfig/network
NETWORKING = yes
NETWORKING_IPV6 = no
HOSTNAME = NSMAppliance.qadomain.com
GATEWAY = <Gateway IP Address>
d
Create the hostname file and add an entry as shown below.
vi /etc/hostname
NSMAppliance
18
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
Configuring the Manager Appliance
Commands for the Manager service
e
4
Modify /etc/hosts file as shown below.
127.0.0.1 localhost
<Manager Appliance IP Address> NSMAppliance.qadomain.com NSMAppliance
255.255.255.255 broadcasthost
::1 localhost NSMAppliance
fe80::1%lo0 localhost NSMAppliance
While modifying the /etc/hosts file additional blank spaces does not affect the configuration.
6
Restart the server by executing the reboot command.
Once the server restarts, all the services will be running.
7
(Optional) After rebooting the server, execute the ps -ef | grep NSM command to verify if the Manager
services are running.
You can now access the UI and manage the Manager Appliance from a remote location using a client machine.
If necessary, unplug the monitor, keyboard, and mouse.
Commands for the Manager service
To check the status of the Manager, execute the service manager status command.
To start the Manager, execute the service manager start command.
To stop the Manager, execute the service manager stop command.
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
19
4
Configuring the Manager Appliance
Commands for the Manager service
20
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
5
Working with the Manager software
After the configuration, you can access the Manager software from a client system using a supported browser.
For information on using the Manager software, refer to Network Security Platform Manager Administration Guide.
Contents
Access the Manager from a client machine
Log on to the Manager
Access the Manager from a client machine
You can access the Manager Appliance's user interface from a client machine.
Task
•
Start your browser and then type the URL of the Manager Appliance:
https://<hostname or host-IP>
Log on to the Manager
After you have successfully installed and configured the Manager, and connected to the Manager via any
supported browser, the Login Screen appears.
Task
1
Do one of the following:
For initial login after a new installation:
•
For Login ID, type admin.
•
For Password, type admin123.
McAfee strongly recommends that you change the default username and password as one of your first
operations within Manager.
If you are not the Network Security Platform system administrator/Super User:
2
•
Type the Login ID supplied to you by your administrator.
•
Type the valid Password for the specified Login ID.
Click Login or press Enter. The Manager Home page appears.
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
21
5
Working with the Manager software
Log on to the Manager
During initial login (per client), Network Security Platform prompts you to install the following:
22
•
Security certificate granting the Manager program write access to your client. Click Always.
•
Java runtime engine: You must install this plug-in to view objects in the Manager Home page and other
areas of the Manager program, such as the Threat Analyzer.
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
6
Maintaining the Manager Appliance
The Manager Appliance requires some user interaction for optimal performance.
This interaction involves regular monitoring and maintenance of the environment, including the Manager
Appliance hardware, Microsoft Windows operating system, updates to the Manager software application
including the embedded MySQL database, McAfee Anti-Virus software, and Manager Appliance security
hardening posture.
Contents
Applying MLOS patches
Upgrading your Manager software
Maintaining MLOS based Manager using CLI Utilities
Applying MLOS patches
Update patches for MLOS releases are available continuously. These packages are obtained via the MLOS
update server. The MLOS YUM RPM repository allows you to:
•
Install additional RPMs not included in the ISO
•
Install important security updates
•
Restore installed packages that were damaged or deleted
To download the complete update package using YUM:
1
Log on to the Manager Appliance using the default username and password.
2
Execute the following command at the Manager command prompt:
# yum update
Upgrading your Manager software
McAfee recommends that you regularly monitor for maintenance releases and new versions of the Manager
software.
To know whether the new version of the Manager is applicable to Linux appliances, see the specific version of
Network Security Platform release notes. For instructions on the upgrade considerations, see the Upgrade
section of the Network Security Platform Installation Guide prior to beginning your upgrade.
Follow these high-level steps to upgrade the Manager.
1
Download the Manager (Linux) version from the McAfee Download Server.
2
Verify the integrity of the downloaded file using the checksum information provided.
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
23
6
Maintaining the Manager Appliance
Maintaining MLOS based Manager using CLI Utilities
3
Execute the command:
./setup.bin
This launches the CLI installer.
4
Specify the MySQL password when prompted.
5
Specify the install location. By default, the Manager will be installed under the \root directory.
Maintaining MLOS based Manager using CLI Utilities
InfoCollector
The InfoCollector Utility collects and bundles essential Network Security Platform information for export or
diagnosis.
To execute the InfoCollector script on the Manager's CLI console, do the following:
1
Login to the Manager CLI console using SSH.
2
Navigate to the \Install\diag\InfoCollector directory.
3
Execute the InfoCollector.sh command at the console prompt.
4
Specify the log collection start date in the format MM/DD/YYYY and press Enter. Alternatively, just press Enter
to choose the default start date (date preceding the current date).
5
Specify the log collection end date in the format MM/DD/YYYY and press Enter. Alternatively, just press Enter to
choose the default end date (date preceding the current date).
6
Select the type of log files to be collected.
By default, InfoCollector collects Manager and Manager Configuration files only, however you can control which
items are collected.
1
For default log file, specify y at Collect Default Items only prompt.
The log bundle will be created with the filename in the format InfoLogs<Date><time>.zip. along with success
message.
2
For manually selecting custom sets of logs, specify n at the Collect Default Items only prompt. Now select the
log files to be included in the bundle by specify y or n one by one for each type of log.
The available log types are:
•
Manager Logs
•
Configuration Backups
•
Audit Log Backups
•
Manager Configuration Files
•
Compiled 'Sigfiles' (Sensor Deployment Binaries)
The log bundle will be created along with success message.
Database Restore
The Database Restore CLI-utility is used for restoring the backed-up database to the Manager running on MLOS.
24
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
Maintaining the Manager Appliance
Maintaining MLOS based Manager using CLI Utilities
6
To execute the Database Restore script on the Manager's CLI console, do the following:
1
Login to the Manager CLI console using SSH.
2
Execute the dbrestore.sh command at the console prompt.
3
Specify the backup file at the Restore file prompt.
Example:
Restore file: home/workspace/dbbackup.jar
4
Specify the Database User and Password at the prompt.
With this, the Database restoration process starts and a success message is displayed at the completion of the
process.
Change Database Password
The Change Database Password CLI-utility is used for changing the existing MySQL Root password for the
database.
To execute the Change Database Password script on the Manager's CLI console, do the following:
1
Login to the Manager CLI console using SSH.
2
Navigate to <Network Security Manager install directory>\Install\bin.
3
Execute the passwordchange.sh command at the console prompt.
4
Specify the MySQL Root Password (that you specified during Manager installation) at the prompt.
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
25
6
Maintaining the Manager Appliance
Maintaining MLOS based Manager using CLI Utilities
5
Specify the Current Application password at the prompt.
6
Specify the New Application Password and Confirm New Application Password.
On completion, a success message for the password change is displayed.
26
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
7
Troubleshooting
This section provides information on common issues that you may encounter as you configure and use the
Manager Appliance.
Contents
The Manager Appliance is not receiving power
The Manager Appliance will not start
The Manager Appliance is not communicating with the network
Troubleshooting a hardware failure
The Manager Appliance is not receiving power
If the appliance is not receiving power, check for these options.
•
The Manager Appliance is connected properly to a working power outlet, using the supplied power cord. If
the power outlet has a switch, make sure it is on.
•
The Manager Appliance is correctly switched on.
•
The power cord is plugged in to the back of the Manager Appliance.
If the Manager Appliance is still not receiving power, check the power outlet by plugging other equipment into
it. If the power outlet is working, there is a problem with the Manager Appliance or its power cord.
The Manager Appliance will not start
If the system information lights on the front panel do not appear after the Manager Appliance has had
reasonable time to boot, the problem may be an IP address conflict with another computer on your network.
To resolve this problem, configure the NICs to ensure they use only available IP addresses on your network. To
do this, see Configuring the Manager Appliance on page 3 section of this guide. McAfee recommends that you
use static IP address(es) for the Manager Appliance.
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
27
7
Troubleshooting
The Manager Appliance is not communicating with the network
The Manager Appliance is not communicating with the network
Look for these options if the appliance is not receiving network traffic.
Check the following:
•
The Manager Appliance is turned on and its software is running, indicated by the lights on the front display
panel.
•
The Manager Appliance has a valid IP address and can ping the gateway (or can be pinged from another
system).
•
The network cables that you are using are undamaged and connected properly to the Manager Appliance
ports and your existing network equipment. Make sure that the cables you use are the correct specification.
•
You have used the correct LAN ports when connecting the Manager Appliance to your existing network
equipment.
•
You used NIC 1 for configuring the system; if not, try connecting via NIC 1 and perform the configuration
process again.
If the Manager Appliance is still not receiving network traffic, check the network cables and the network ports
on your existing network equipment. If the cables and ports are working, there is a problem with the Manager
Appliance. Contact your supplier.
Troubleshooting a hardware failure
If you suspect a hardware failure, contact McAfee Technical Support.
McAfee recommends you troubleshoot all hardware issues in conjunction with a Technical Support Technician.
28
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
Index
A
McAfee ServicePortal, accessing 6
about this guide 5
accessing 21
N
network recommendations 8
NIC ports 8
C
communicating
receiving traffic 28
contents 11
conventions and icons used in this guide 5
D
R
rackinstalling 13
receiving power 27
removing 15
S
documentation
product-specific, finding 6
typographical conventions and icons 5
ServicePortal, finding product documentation 6
starting issue 27
F
T
failure 28
technical support, finding product information 6
H
U
hardware requirements 8
I
indicator lights 11
L
logging 21
unpacking 11
upgrading 23
W
warnings 7
what's in this guide 5
working 21
M
maintaining 23
McAfee Network Security Platform
Manager Appliance (Linux) Installation Guide
29
700-4254B00
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement