Network Security Platform 7.5



Similar documents
How To Fix A Fault Notification On A Network Security Platform (Xc) (Xcus) (Network) (Networks) (Manual) (Manager) (Powerpoint) (Cisco) (Permanent

McAfee Network Security Platform 8.2

Release Notes 7.5 [formerly IntruShield]

Network Security Platform 8.1

McAfee Network Security Platform Administration Course

Sharp Remote Device Manager (SRDM) Server Software Setup Guide

Managing Latency in IPS Networks

How To Set Up A Firewall Enterprise, Multi Firewall Edition And Virtual Firewall

Proof of Concept Guide

Analyzer 7.1 Administrator s Guide

SyAM Software* Server Monitor Local/Central* on a Microsoft* Windows* Operating System

System Status Monitoring Guide. McAfee Network Security Platform 6.1

VMware vcenter Log Insight Getting Started Guide

escan Corporate Edition User Guide

VMware vcenter Log Insight Getting Started Guide

WatchGuard Training. Introduction to WatchGuard Dimension

NMS300 Network Management System

Rally Installation Guide

Core Protection for Virtual Machines 1

Desktop Release Notes. Desktop Release Notes 5.2.1

Junos Space. Virtual Appliance Deployment and Configuration Guide. Release 14.1R2. Modified: Revision 2

Virtual Appliance Setup Guide

F-Secure Internet Gatekeeper Virtual Appliance

Virtual Web Appliance Setup Guide

Virtual Appliance Setup Guide

WatchGuard Dimension v1.1 Update 1 Release Notes

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

Juniper Secure Analytics Release Notes


Cisco WebEx Meetings Server System Requirements

Unified Security Management (USM) 5.2 Vulnerability Assessment Guide

SonicOS Enhanced Release Notes

Verizon Security Scan Powered by McAfee. Installation Guide for Home Users

VCCC Appliance VMware Server Installation Guide

FortiAnalyzer VM (VMware) Install Guide

Ekran System Help File

SysPatrol - Server Security Monitor

Table of Contents. Introduction...9. Installation Program Tour The Program Components...10 Main Program Features...11

McAfee Content Security Reporter 2.0.0

CARL : Cyberoam Aggregated Reporting and Logging :: User Guide. Table Of Contents INTRODUCTION... 4

McAfee Security Information Event Management (SIEM) Administration Course 101

PARCC Technology Troubleshooting FAQs, Version 1.0

Uila SaaS Installation Guide

PHD Virtual Backup for Hyper-V

Release Notes for Websense Security v7.2

Installing and Administering VMware vsphere Update Manager

Panorama PANORAMA. Panorama provides centralized policy and device management over a network of Palo Alto Networks next-generation firewalls.

Application Discovery Manager User s Guide vcenter Application Discovery Manager 6.2.1

msuite5 & mdesign Installation Prerequisites

OnCommand Performance Manager 1.1

Product Guide Revision A. McAfee Web Reporter 5.2.1

OnCommand Performance Manager 2.0

Hillstone StoneOS User Manual Hillstone Unified Intelligence Firewall Installation Manual

Verizon Internet Security Suite Multi-Device Powered by McAfee. Installation Guide for Multi Devices for Residential Users

Altor Virtual Network Security Analyzer v1.0 Installation Guide

NEFSIS DEDICATED SERVER

Virtual Managment Appliance Setup Guide

McAfee Web Gateway 7.4.1

Backup & Disaster Recovery Appliance User Guide

Security Analytics Virtual Appliance

Veeam Backup Enterprise Manager. Version 7.0

Desktop Surveillance Help

Avigilon Control Center Server User Guide

Enterprise Manager. Version 6.2. Administrator s Guide

Storage Sync for Hyper-V. Installation Guide for Microsoft Hyper-V

TITANXR Multi-Switch Management Software

Resolving H202 Errors (INTERNAL)

SyncThru TM Web Admin Service Administrator Manual

Pearl Echo Installation Checklist

Section 1.0 Getting Started with the Vālant EMR. Contents

Virtualization Guide. McAfee Vulnerability Manager Virtualization

Data Center Connector for vsphere 3.0.0

Juniper Networks Management Pack Documentation

HSBCnet FX AND MM TRADING. Troubleshooting and Minimum System Requirements

HP RF Manager Release

Virtual Appliance Setup Guide

VMware Horizon FLEX User Guide

ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy

Infor Xtreme Browser References

Eucalyptus User Console Guide

WatchGuard XCSv Setup Guide

Installation Guide. McAfee VirusScan Enterprise for Linux Software

Testing and Restoring the Nasuni Filer in a Disaster Recovery Scenario

DocuShare Installation Guide

Enterprise Manager. Version 6.2. Installation Guide

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy

Interact Intranet Version 7. Technical Requirements. August Interact

Sophos UTM Software Appliance

The SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client.

NetScaler VPX FAQ. Table of Contents

Introducing FortiDDoS. Mar, 2013

Installing and Configuring Websense Content Gateway

Installation Guide Revision G. McAfee Network Security Platform 8.1

Freshservice Discovery Probe User Guide

ReadyNAS Replicate. Software Reference Manual. 350 East Plumeria Drive San Jose, CA USA. November v1.0

McAfee Threat Intelligence Exchange Software

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

Transcription:

M series Release Notes Network Security Platform 7.5 Revision B Contents About this document New features Resolved issues Known issues Installation instructions Product documentation About this document This document contains important information about the current release. We strongly recommend that you read the entire document. This release notes is to announce the availability of a maintenance release for McAfee Manager software version 7.5. This release provides enhancements and few fixes on the Manager software issues. The software combination recommended by McAfee to use along with this release of Manager software are as listed below: Network Security Manager software version: 7.5.5.6 Signature Set: 7.6.8.1 M series Sensor software version: 7.5.3.16 This version of 7.5 Manager software can be used to configure and manage the following hardware: I series Sensors, M series Sensors, N series Sensors, NS series Sensors, XC Cluster, and NTBA Appliances. This version of 7.5.5 Manager can be used to configure and manage 7.1.5 NS series Sensors. Manager software version 7.5 and above are not supported on Dell based Manager Appliances. 1

New features NS series Sensor support This release of 7.5 supports the next generation McAfee Network Security Platform hardware, NS series Sensor models: NS9100 and NS9200. The high port density NS series Sensors are designed for high bandwidth links, to provide IPS/IDS capability with an aggregate performance of up to 20 Gbps on NS9200 and 10 Gbps on NS9100 while monitoring segments in the full duplex mode (tap or inline). The NS series Sensors provide industry leading reliability and Active active high availability. They meet various regulatory, compliance, and safety requirements and provide a robust Sensor capacity. The NS series Sensors are flexible to adapt to the security needs of any enterprise environment. When deployed at key network access points, they provide real time monitoring on high traffic loads to detect malicious activity and respond to the malicious activity as configured by the administrator. The NS series Sensor is a 2RU device. Features not supported by NS series Sensor Jumbo frame parsing Traffic Management Packet capture VLAN Bridging For more details, see the NS series Sensor Product Guide. Manager infrastructure enhancements In Manager software release 7.5.5, the following enhancements are supported for Manager server and Manager client: OS support for Manager Server installation In the previous 7.5.3.x Manager version, Manager server installation were supported for the following OS: Windows Server 2008 R2 Standard or Enterprise Edition, English OS, SP1 (64 bit) (Full Installation) Windows Server 2008 R2 Standard or Enterprise Edition, Japanese OS, SP1 (64 bit) (Full Installation) With this release, in addition to the above OS, Windows Server 2012 Standard (Server with a GUI) English or Japanese is also supported. OS Support for Manager Client viewing In the previous 7.5.3.x Manager version, Manager client viewing were supported for the following OS: Windows 7 Windows XP With this release, Windows 8 (English or Japanese) is also supported. Internet Explorer Support for Manager Client viewing 2

In the previous 7.5.3.x Manager version, Manager client viewing were supported for the following Internet Explorer versions: 8.0 9.0 With this release, Internet Explorer 10.0 is also supported. For more details, see the Installation Guide, Upgrade Guide. Host criticality With this release, you have the option to add criticality labels to each IPv4 and IPv6 address. Assigning criticality to a host gives you added visibility in Threat Analyzer by showing you the criticality of the source and destination involved in an attack. For more details, see the Manager Administration Guide, IPS Administration Guide. Alert exceptions In this release, the Manager provides you the option of extending automatic acknowledgment to several alerts of a similar kind for a pre determined period. Until the previous version, you could automatically acknowledge both RFSB and non RFSB alerts beyond a specific severity. The latest functionality builds on this logic by allowing you to select any alert in Threat Analyzer and assign it to be acknowledged automatically until the host is cleaned. For more details, see the Manager Administration Guide, IPS Administration Guide. Manager usability enhancements With this release, the Manager has the following enhancements: Display MDR status on the Manager application header: You can view the MDR status in the Manager application header. Automatic check for pop up blocker settings during login: In the earlier release, the Manager login page displayed a message, 'Please disable your browser's pop up blocker before attempting to log into Network Security Manager' irrespective of pop up blocker settings in the browser. In release 7.5.5.x, if pop up blocker settings is enabled in the browser, you will not be able to type your login credentials. In such an instance, disable the pop up blocker settings in your browser and then try to access the Manager using your login ID and password. Display status on pending configuration changes: You can view the status and details about the number of devices that have pending deploy configuration changes. The status of the pending deploy configuration is indicated as an icon in the top right corner of the menu bar. Option to refresh the device list: In the earlier release of 7.5, you had to click the Refresh button in the Global sub tab to populate and view the refreshed device list under the Devices sub tab. In release 7.5.5.x, the Refresh button is displayed in the Devices sub tab itself. Option for scheduling reports on a monthly basis: Earlier, the IPS Events reports and the Configuration reports could be scheduled to be generated on a daily or weekly basis. With this release, you can configure these report generation on monthly basis as well. For more details, see the Manager Administration Guide. 3

Resolved issues These issues are resolved in this release of the product. For a list of issues fixed in earlier releases, see the Release Notes for the specific release. Resolved Manager software issues The following table lists the high severity Manager software issues: 834180 The Top High Risk Hosts dashboard is unable to support more than 1000 events. 833710 Query to fetch data times out on the dashboards when the events count more than 1000. 810568 Downloading packetlog fails on the Top High Risk Hosts and the Top Active Botnets dashboards. The following table lists the medium severity Manager software issues: 872964 Configuration update fails when user changes the Protection Logic to "Use a single set of attack definitions for the entire policy (simpler)". 847238 The Manager is vulnerable against CVE 2011 1473. 845120 The members of the composite rule objects are getting disappeared automatically after editing them through the composite rule object panel. 845049 Fault synchronization is not working from Manager to Central Manager from few Managers. 843852 Unable to edit Sensor action option for certain botnet attacks on the Manager. 843759 The Dashboard for Update Status monitor shows as 'Error See system log' for NTBA devices after the Manager upgrade. 842986 Even when blocking is enabled for a signature, the Smart Blocking icon is not displayed in the Policy Editor. 841968 epo extension is not working. 841268 Memory leak is detected in the Manager, when GTI feature is enabled. 840062 Suppressed alert entries show the action as 'attack blocked' instead of 'blocking simulated', when simulated blocking feature is enabled. 838660 Unable to run Traditional reports exported to PDF. 838332 Unable to download botnet detectors through the proxy server after the Manager upgrade. 836341 Advanced search feature for signature is not returning accurate results. 836110 No graphs are displayed on the Dashboard page when the Central Manager administrator logs on to the Manager. 835920 Active Signature set on the Manager is getting deleted on failure of a sigset import. 834588 Bulk edit of the IPS policies is not working, when the attacks are selected using a filter option. 833224 The quick filter option in the Real Time Threat Analyzer is not working while exporting the values in CSV/PDF report. Instead all the values are getting exported. 832566 NTBA: The Threat Analyzer displays invalid source port (0) for the UDP Port scan alerts received from the NTBA Appliance. 830514 The granularity settings of the customized policies changes automatically. 802133 Error message "Alert unavailable" is displayed when trying to open "Inbound UDP Packet Volume Too high" alert. 4

Resolved Sensor software issues The following table lists the high severity Sensor software issues: 796871 Under certain conditions, negated Snort IP address checks can cause the Sensor to crash and reboot. 791580 In rare cases, IPS quarantine does not work for correlated attacks. 789618 Under high load, with L7 data capture enabled, the Sensor may reboot occasionally. The following table lists the medium severity Sensor software issues: 807282 Unable to configure 1Gbps speed on the management port. 806523 [M 3050 and above] TCP resets sent by the Sensor on response port have null source MAC address in the SPAN mode. 805826 The Sensor load was reported incorrectly for certain type of traffic. 799956 [M 8000] With the accelerate FTP feature enabled, the front end processing gets stuck with MPLS and tunneled traffic. 797961 When packet logs are generated at a very high rate (as during Forensic Packet Logging), there is a rare chance of a race condition to occur. This can result in an internal deadlock causing the configuration update from the Manager to fail. 795992 When mobile network security enabled, the Sensor can reboot occasionally with mobile traffic. 794368 [M 6050] The Sensor does not send the host update event to the Manager in the correct order in case of IP reassignment. 792888 Enabling SSL decryption and advanced evasions can cause the Sensor to reboot. 788389 Under rare conditions, the Sensor incorrectly raises the "SSL: Bad State Transition" alerts. 781204 Fix the rare kernel hang in Sensor due to NTP leap indicator message. This bug is applicable only if NTP is enabled on the Sensor during the time when leap second is added. 777612 When multi user support is used, and a non admin user logs in, the Bus error message is printed. 754858 Enhance the latency monitoring feature to ensure the Sensor does not cause high latency under DoS attacks. 727475 On SPAN port, the alert raised for the sub interface shows the incorrect interface. The following table lists the low severity Sensor software issues: 806894 Invalid Smbus error messages are seen on the Sensor. 778510 Firewall rules Block by source country does not always work when you get out of order ACK packets. 773568 The shell marker resource statistics is incorrectly showing high percentage in the CLI. 759048 ACL groups does not work on span ports. 5

Known issues For a list of known issues in this product release, see this McAfee KnowledgeBase article: Manager software issues: KB77069 M series Sensor software issues: KB77070 Installation instructions Review the following before you install the Manager software: The following table lists the 7.5 Manager server requirements: OS Minimum required Any of the following: Windows Server 2008 R2 Standard or Enterprise Edition, English OS, SP1 (64 bit) (Full Installation) Windows Server 2008 R2 Standard or Enterprise Edition, Japanese OS, SP1 (64 bit) (Full Installation) Windows Server 2012 Standard (Server with a GUI) English OS Windows Server 2012 Standard (Server with a GUI) Japanese OS Only X64 architecture is supported. Recommended Same as the minimum required. Memory 4GB 8GB CPU Server model processor such as Intel Xeon Same Disk space 100GB 300GB or more Network 100Mbps card 1000Mbps card Monitor 32 bit color, 1440 x 900 display setting 1440 x 900 (or above). Manager software version 7.5 and later are not supported on Dell based Manager Appliances. The following are the system requirements for hosting Central Manager/Manager server on a VMware platform. Table 5-1 VMware ESX server requirements Component Minimum Virtualization software VMware ESX Server version 4.0 update 1 and version 4.1 ESXi 5.0 ESXi 5.1 CPU Memory Internal Disks Intel Xeon CPU ES 5335 @ 2.00GHz; Physical Processors 2; Logical Processors 8; Processor Speed 2.00GHz. Physical Memory: 16GB 1 TB 6

Table 5-2 Virtual machine requirements Component Minimum OS Any of the following: Windows Server 2008 R2 Standard or Enterprise Edition with SP1 (English) (64 bit) Windows Server 2008 R2 Standard or Enterprise Edition with SP1 (Japanese) (64 bit) Windows Server 2012 Standard (Server with a GUI) English OS Windows Server 2012 Standard (Server with a GUI) Japanese OS Recommended Same as minimum required. Only X64 architecture is supported. Memory 4 GB 8 GB Virtual CPUs 2 2 or more Disk Space 100GB 300GB or more The following table lists the 7.5 Manager client requirements when using Windows 7 or Windows 8: OS Minimum Windows 7 English or Japanese Windows 8 English or Japanese The display language of the Manager client must be same as that of the Manager server OS. Recommended RAM 2 GB 4 GB CPU 1.5 GHz processor 1.5 GHz or faster Browser Internet Explorer 8.0, 9.0 or 10.0 Mozilla Firefox Google Chrome Internet Explorer 9.0 Mozilla Firefox 20.0 or above Google Chrome 24.0 or above If you are using Google Chrome, add the Manager certificate to the trusted certificate list. The following table lists the 7.5 Manager client requirements when using Windows XP SP3: Minimum Recommended OS Windows XP SP3 RAM 1 GB 2 GB Browser Internet Explorer 8.0 Mozilla Firefox Internet Explorer 8.0 Mozilla Firefox 20.0 or above For the Manager client, in addition to Windows 7, Windows 8, and Windows XP, you can also use the operating systems mentioned for the Manager server. 7

The following table lists the 7.5 Central Manager / Manager client requirements when using Mac: Mac OS Lion Mountain Lion Browser Safari 6 For more information, see McAfee Network Security Platform Installation Guide. McAfee regularly releases updated versions of the signature set. Note that automatic signature set upgrade does not happen. You need to manually import the latest signature set and apply it to your Sensors. The following is the upgrade matrix supported for this release: NSP Component Manager/Central Manager Minimum Software Version 6.1: 6.1.1.34, 6.1.5.13 7.0: 7.0.3.10 7.1: 7.1.3.5, 7.1.5.7 7.5: 7.5.3.11 M series 6.1: M 1250, M 1450, M 2750, M 3050, M 4050, M 6050, M 8000: 6.1.1.107 or above M 2850 and M 2950: 6.1.1.113 or above M 3030: 6.1.1.78, 6.1.1.113 or above. M 4030, M 6030, M 8030: 6.1.1.78, 6.1.1.107 or above. 7.0: M 1250, M 1450, M 2750, M 2850, M 2950, M 3050, M 4050, M 6050, M 8000: 7.0.3.17 M 3030, M 4030, M 6030, M 8030: Not applicable 7.1: M 1250, M 1450, M 2750, M 2850 and M 2950, M 3050, M 4050, M 6050, M 8000, M 3030, M 4030, M 6030, M 8030: 7.1.3.6 Product documentation Every McAfee product has a comprehensive set of documentation. Find product documentation 1 Go to the McAfee Technical Support ServicePortal at http://mysupport.mcafee.com. 2 Under Self Service, access the type of information you need: 8

To access... User documentation Do this... 1 Click Product Documentation. 2 Select a product, then select a version. 3 Select a product document. KnowledgeBase Click Search the KnowledgeBase for answers to your product questions. Click Browse the KnowledgeBase for articles listed by product and version. Copyright 2013 McAfee, Inc. Do not copy without permission. McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other names and brands may be claimed as the property of others. 0B-00

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information