McAfee Threat Intelligence Exchange 1.0.1 Software



Similar documents
McAfee Host Intrusion Prevention Patch 6 Software

McAfee Data Loss Prevention Endpoint

McAfee Advanced Threat Defense 3.6.0

McAfee Public Cloud Server Security Suite

Data Center Connector for vsphere 3.0.0

McAfee Data Loss Prevention Endpoint 9.4.0

McAfee Data Loss Prevention Endpoint

Data Center Connector for OpenStack

McAfee MOVE AntiVirus Multi-Platform 3.5.0

McAfee DAT Reputation Implementation Guide. Version 1.0 for Enterprise

About Help Desk. McAfee Help Desk 2.0 Software. Product Guide. Functions of McAfee Help Desk software. Quarantine release.

McAfee Network Security Platform 8.2

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform

Release Notes for McAfee(R) VirusScan(R) Enterprise for Linux Version Copyright (C) 2014 McAfee, Inc. All Rights Reserved.

McAfee MOVE AntiVirus (Agentless) 3.6.0

Upgrade Guide. McAfee Vulnerability Manager Microsoft Windows Server 2008 R2

McAfee Optimized Virtual Environments for Servers. Installation Guide

Performance Optimizer Software

Release Notes for McAfee epolicy Orchestrator 4.5

Desktop Release Notes. Desktop Release Notes 5.2.1

McAfee Optimized Virtual Environments - Antivirus for VDI. Installation Guide

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

McAfee Endpoint Security Software

How To Set Up A Firewall Enterprise, Multi Firewall Edition And Virtual Firewall

McAfee Endpoint Encryption for PC 7.0

Installation Guide. McAfee VirusScan Enterprise for Linux Software

About this release. McAfee Application Control and Change Control Addendum. Content change tracking. Configure content change tracking rule

Release Notes McAfee Risk Advisor Software For use with epolicy Orchestrator and Software

McAfee Asset Manager Console

McAfee Content Security Reporter 2.0.0

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

Deploying Dell OpenManage Server Administrator on VMware ESXi Using Dell Online Depot and VMware Update Manager

Accessing Citrix on a MAC using OS X (Mountain Lion and Newer)

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

McAfee MOVE / VMware Collaboration Best Practices

McAfee Firewall for Linux 8.0.0

Setup Guide Revision B. McAfee SaaS Archiving for Microsoft Exchange Server 2010

PANO MANAGER CONNECTOR FOR SCVMM& HYPER-V

McAfee Network Security Platform Administration Course

Virtual Appliance Setup Guide

Core Protection for Virtual Machines 1

Network Security Platform 7.5

Integration Guide. McAfee Asset Manager. for use with epolicy Orchestrator 4.6

McAfee Security Information Event Management (SIEM) Administration Course 101

McAfee Web Gateway 7.4.1

Installation Guide. McAfee epolicy Orchestrator Software

Best Practices Guide Revision B. McAfee epolicy Orchestrator Software

Installation Guide. McAfee epolicy Orchestrator Software

McAfee Server Security

Installing and Configuring vcloud Connector

Leading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA

McAfee Application Control / Change Control Administration Intel Security Education Services Administration Course

Installation Guide Revision B. McAfee epolicy Orchestrator Software

VMware Horizon FLEX User Guide

McAfee Host Data Loss Prevention 9.1 Cluster Installation Guide

McAfee VirusScan Enterprise for Linux Software

Installation Guide. McAfee epolicy Orchestrator Software

Deployment and Configuration Guide

ESET SHARED LOCAL CACHE

Upgrading VMware Identity Manager Connector

Implementing McAfee Device Control Security

Product Guide. McAfee Endpoint Security for Mac Threat Prevention

McAfee VirusScan and epolicy Orchestrator Administration Course

Product Guide. McAfee Endpoint Protection for Mac 2.1.0

McAfee SiteAdvisor Enterprise 3.5 Patch 2

Installing and Configuring vcenter Multi-Hypervisor Manager

Product Guide Revision A. McAfee Web Reporter 5.2.1

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

Migrating to vcloud Automation Center 6.1

RealPresence Platform Director

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect

Detecting rogue systems

McAfee Client Proxy 2.0

POC Installation Guide for McAfee EEFF v4.1.x using McAfee epo 4.6. New Deployments Only Windows Deployment

McAfee Data Loss Prevention Endpoint

Global Knowledge MEA Remote Labs. Remote Lab Access Procedure

User Manual. User Manual Version

VMware vcenter Update Manager Administration Guide

McAfee VirusScan Enterprise for Storage 1.1.0

Integrating ConnectWise Service Desk Ticketing with the Cisco OnPlus Portal

McAfee GTI Proxy Administration Guide

vcloud Suite Licensing

VMware Horizon FLEX User Guide

ACE Management Server Deployment Guide VMware ACE 2.0


VMware Horizon FLEX User Guide

McAfee Cloud Single Sign On

SAS 9.3 Foundation for Microsoft Windows

Release Notes for McAfee(R) GroupShield(TM) version Patch 1 for Microsoft Exchange. Copyright (C) 2011 McAfee, Inc. All Rights Reserved CONTENTS

Installation Guide. McAfee SaaS Endpoint Protection 5.2.0

Network Connect Installation and Usage Guide

vcloud Director User's Guide

How To Upgrade A Websense Log Server On A Windows 7.6 On A Powerbook (Windows) On A Thumbdrive Or Ipad (Windows 7.5) On An Ubuntu (Windows 8) Or Windows

How To Encrypt Files And Folders With A Password Protected By A Password Encrypted By A Safesafe (Mafee) (Eeff) 4

Configuring Virtual Switches for Use with PVS. February 7, 2014 (Revision 1)

JAMF Software Server Installation Guide for Linux. Version 8.6

POD INSTALLATION AND CONFIGURATION GUIDE. EMC CIS Series 1

Transcription:

Release Notes McAfee Threat Intelligence Exchange 1.0.1 Software Contents About this release Installation instructions New features Resolved issues Known issues Product documentation About this release This document contains important information about the current release. We strongly recommend that you read the entire document. McAfee Threat Intelligence Exchange (TIE) and the Data Exchange Layer (DXL) provide context-aware adaptive security for your network environment. It quickly analyzes files and content from several sources in your environment and makes informed security decisions based on a file's reputation and your specific criteria. It determines if there is a threat and stops it from spreading if it is. Installation instructions For information about installing Threat Intelligence Exchange and its components for the first time, see the McAfee Threat Intelligence Exchange 1.0.0 Installation Guide. In the Installation Guide, some files are named with a 1.0 version number. The following file names are now versioned for this upgrade release: McAfee Data Exchange Layer 1.0.1 and McAfee Threat Intelligence Exchange 1.0.1. 1

Upgrading to 1.0.1 To upgrade from Threat Intelligence Exchange version 1.0.0 to version 1.0.1, install the updated product files into epolicy Orchestrator. Before upgrading to Threat Intelligence Exchange 1.0.1, create a snapshot of your virtual machine in the VMware vsphere Client. For details about creating a snapshot, see the VMware vsphere documentation. Use one of these methods to install the 1.0.1 product files: The Software Manager contains the McAfee Threat Intelligence Exchange 1.0.1 and McAfee Data Exchange Layer 1.0.1 products. Select each product to view and install the component files. To install manually, download the Threat Intelligence Exchange 1.0.1 files and the Data Exchange Layer 1.0.1 files from the McAfee product download website. Then check the files into the Master Repository. Follow the steps below to deploy the 1.0.1 product files, upgrade the Threat Intelligence Exchange extensions, and verify the installation. Upgrade the extensions Install the Threat Intelligence Exchange and Data Exchange Layer 1.0.1 product extensions. Task 1 Select Menu Software Extensions. 2 Click Install Extension and install the extensions in the following order: a DXL Broker Management b c d DXL Client DXL Client Management TIE Server Management Check in the upgrade packages Check in the Threat Intelligence Exchange and Data Exchange Layer packages to the Master Repository in McAfee epo. Task 1 Select Menu Master Repository, then click Check In Package. 2 Check in the following 1.0.1 packages: TIE Platform TIE Server DXL Broker DXL Client Upgrade the Threat Intelligence Exchange products To upgrade the TIE 1.0.1 products onto the server appliance, create a Client Task that includes a Product Deployment Task in McAfee epo. 2

Task 1 Select Menu Policy Client Task Catalog. 2 Select McAfee Agent, then click New Task. 3 In the New Task window, select Product Deployment, then click OK. 4 Complete the new deployment information. For the Target platforms option, make sure that only McAfee Linux OS is selected. Create a ask for each package. Packages must be upgraded in the following order: a TIE Platform b c TIE Server DXL Broker 5 Save the task and run it against the Threat Intelligence Exchange server. If the TIE Platform package does not deploy successfully, stop and call Technical Support and have the log file information ready. You cannot continue until the TIE Platform package is successfully installed. Log files are located here: TIE Platform: /var/log/tieplatform-1.0.1-<build_number>.log TIE Server: /var/log/tieserver-1.0.1-<build_number>.log Upgrade the Data Exchange Layer client Upgrade the DXL client to 1.0.1 on each of your managed systems. Task 1 Select Menu Policy Client Task Catalog. 2 Select McAfee Agent, then click New Task. 3 In the New Task window, select Product Deployment, then click OK. 4 Complete the new deployment information. From the Products and components list, select the Data Exchange Layer Client. 5 Save the task and run it on each of your managed systems. Verify the installation After upgrading the Threat Intelligence Exchange and Data Exchange Layer components, perform these tasks to verify the installation. 3

Task 1 In the System Tree, click the Threat Intelligence Exchange server name, then click the Products tab. Verify that the following components are listed with the 1.0.1 version number: McAfee DXL Broker McAfee DXL Client McAfee Threat Intelligence Exchange Server 2 On managed endpoints, verify that the Data Exchange Layer client version 1.0.1 is installed. New features This release of the product includes these new features. Additional characters can be used in the Postgres read-only password When installing the Threat Intelligence Exchange server appliance and creating the Postgres read-only account password, you can now use additional characters. The password can contain any printable characters found on a standard keyboard (ASCII characters 33-126). Add reputation information from Advanced Threat Defense to the Threat Intelligence Exchange database There is a new option on the Threat Intelligence Exchange Server Management Policy page: Accept ATD reputations for files not yet seen by TIE. When McAfee Advanced Threat Defense detects a file's reputation and sends that information to the Threat Intelligence Exchange server, the information is added to the Threat Intelligence Exchange database. This enables threat information seen by ATD and not yet seen by Threat Intelligence Exchange to be added to the database. Resolved issues These issues are resolved in this release of the product. Threat Intelligence Exchange resolved issues Issue The quotation characters do not display correctly on the TIE Reputations page for a file or certificate's Enterprise Reputation. (1015725) Issue The Threat Intelligence Exchange database performance can be slow if several reputation requests are made for the same file simultaneously. (1015674) Issue The Threat Intelligence Exchange server might hang when it is shut down. (1013018) The server now stops when it is shut down. Issue Password characters used in the Postgress account creation should support all keyboard characters. (1006476) 4

Resolution The Postgress account password can now contain all printable characters found on a standard keyboard (ASCII characters 33-126). See the New Features topic for details. Issue The maximum number of files or certificates are not being displayed on the TIE Reputations page. (1016059) Issue When a firewall blocks access to the configured Global Threat Intelligence (GTI) URL, the initialization takes a long time and delays the response from the server, which cause TIE clients to time out into offline mode. (1010773) Issue Add reputation information from Advanced Threat Defense to the Threat Intelligence Exchange database. (1010688) See the New Features topic for details. Issue When accessing file information in VirusTotal, the current date information does not display. (1016441) Data Exchange Layer resolved issues Issue Changes made to the Published System Name in the Server Settings DXL Topology page are not saved when the user clicks Save. (1012958) Resolution Clicking Save now saves all changes made to the DXL Topology page. Issue An upgrade is needed to the OpenSSL version used with Threat Intelligence Exchange 1.0. (1014885) Resolution The latest version of OpenSSL v1.0.1j is included with this release of Threat Intelligence Exchange. Issue If you deployed the Data Exchange Layer client on a system using CentOS 6.6 (32 bits), the yum database is corrupt. (1021442) Issue Changes to the McAfee Agent GUID do not trigger a new request for a certificate in the Data Exchange Layer. (1025569) Changes to the McAfee Agent GUID trigger a new request for a Data Exchange Layer certificate. Known issues Known issues For a list of known issues, see this McAfee KnowledgeBase article: KB82702. 5

Upgrading to Data Exchange Layer 1.0.1 If the Threat Intelligence Exchange server version is 1.0.0, and you upgrade the Data Exchange Layer (DXL) extension to version 1.0.1, Java DXL 1.0 clients are unable to receive DXL client policies. If you upgrade the DXL extension to version 1.0.1, you must upgrade the Threat Intelligence Exchange server to version 1.0.1 to get DXL client policies. Product documentation Every McAfee product has a comprehensive set of documentation. Threat Intelligence Exchange Installation Guide Includes information about requirements, and steps for installing the Threat Intelligence Exchange server, the module for VirusScan Enterprise, and the Data Exchange Layer client. Threat Intelligence Exchange Product Guide Includes information about using the Threat Intelligence Exchange server, the module for VirusScan Enterprise and the Data Exchange Layer client. Help All pages in the Threat Intelligence Exchange product user interface have context-sensitive Help that describes each field on the page. Copyright 2015 McAfee, Inc. www.intelsecurity.com Intel and the Intel logo are trademarks/registered trademarks of Intel Corporation. McAfee and the McAfee logo are trademarks/ registered trademarks of McAfee, Inc. Other names and brands may be claimed as the property of others. 0-00