Scribd Logo
Upload

Welcome to Scribd!

  • Module 1: Welcome: Mcafee Confidential © 2020 Mcafee I

    Uploaded by

    ajay kumar
    20 views5 pages

    Original Title

    M00b.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    20 views5 pages

    Module 1: Welcome: Mcafee Confidential © 2020 Mcafee I

    Uploaded by

    ajay kumar

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 5

    Contents

    Module 1: Welcome
    Welcome .................................................................................................................................................................................................1 - 3
    About the Course ................................................................................................................................................................................... 1 - 4
    Course Objectives .................................................................................................................................................................................. 1 - 5
    Course Agenda Day 1 ............................................................................................................................................................................ 1 - 7
    Course Agenda: Day 2 ........................................................................................................................................................................... 1 - 8
    Course Agenda: Day 3 ........................................................................................................................................................................... 1 - 9
    Course Agenda: Day 4 ........................................................................................................................................................................... 1 - 10
    About us .................................................................................................................................................................................................. 1 - 11
    McAfee ACTS ........................................................................................................................................................................................... 1 - 12
    McAfee Support YouTube Channel ...................................................................................................................................................... 1 - 13
    Key Terms and Concepts ...................................................................................................................................................................... 1 - 14
    Resources (Appendix A) ........................................................................................................................................................................ 1 - 16
    Getting Started ....................................................................................................................................................................................... 1 - 17
    Using the Lab Guide .............................................................................................................................................................................. 1 - 18
    Acronyms and Terms in This Course ................................................................................................................................................... 1 - 19
    Threat Center ......................................................................................................................................................................................... 1 - 20
    ServicePortal ........................................................................................................................................................................................... 1 - 21
    Documentation and Articles ................................................................................................................................................................. 1 - 22
    Expert Center.......................................................................................................................................................................................... 1 - 27
    Resources: Idea Exchange on the Community Forums..................................................................................................................... 1 - 28
    Support Notification Service (SNS) ....................................................................................................................................................... 1 - 29
    Security Content Release Notes ........................................................................................................................................................... 1 - 30

    Module 2: Introduction to McAfee® Network Security Platform


    Network Security Platform Overview ..................................................................................................................................................2 - 3
    Module Objectives ................................................................................................................................................................................. 2 - 4
    New Features.......................................................................................................................................................................................... 2 - 6
    Enhanced Features ................................................................................................................................................................................ 2 - 9
    New Features ( NSM Product Registration) ........................................................................................................................................ 2 - 11
    New Features ( MS Office Deep File Inspection) ................................................................................................................................ 2 - 12
    Layers of Protection............................................................................................................................................................................... 2 - 13
    Why a Network IPS is Important .........................................................................................................................................................2 - 14
    Solution Components ............................................................................................................................................................................ 2 - 15
    Attack Detection Framework ................................................................................................................................................................ 2 - 16
    Multiple Detection Engines ................................................................................................................................................................... 2 - 17
    Signature Detection ............................................................................................................................................................................... 2 - 18
    DoS/DDoS Detection ............................................................................................................................................................................. 2 - 19
    Anomaly Detection ................................................................................................................................................................................ 2 - 20
    Advanced Malware Detection .............................................................................................................................................................. 2 - 21
    Traffic Normalization ............................................................................................................................................................................. 2 - 22
    Ten Steps to Using NSM ........................................................................................................................................................................ 2 - 23
    Product Registration .............................................................................................................................................................................. 2 - 25
    Manager Summary Page with Successful Register ............................................................................................................................ 2 - 29

    © 2020 McAfee i McAfee Confidential


    Manager Summary Page with Unsuccessful Register ....................................................................................................................... 2 - 32
    Product Registration Connectivity Error ............................................................................................................................................. 2 - 33
    Introducing Network Security Manager (NSM) UI 2.0........................................................................................................................ 2 - 34
    NSM Functionality .................................................................................................................................................................................. 2 - 36
    Related Security Products ..................................................................................................................................................................... 2 - 56

    Module 3: Planning McAfee® Network Security Platform Deployment


    Module Objectives ................................................................................................................................................................................. 3 - 2
    Choosing a Deployment Option ........................................................................................................................................................... 3 - 3
    Deployment Requirements and Recommendations ......................................................................................................................... 3 - 4
    NSM Server Requirements ................................................................................................................................................................... 3 - 5
    NSM Client Requirements ..................................................................................................................................................................... 3 - 7
    Windows Display and Browser Settings .............................................................................................................................................. 3 - 8
    Virtual Server Minimum Requirements............................................................................................................................................... 3 - 9
    Virtual Machine Requirements ............................................................................................................................................................. 3 - 10
    NSP Sensor Support .............................................................................................................................................................................. 3 - 11
    NSP Server Ports .................................................................................................................................................................................... 3 - 16
    Desktop Firewall Requirements ........................................................................................................................................................... 3 - 19
    Using Anti-Virus Software with the NSM ............................................................................................................................................. 3 - 20
    Wireshark ................................................................................................................................................................................................ 3 - 22
    Single and Central NSM Deployments ................................................................................................................................................ 3 - 23
    Central NSM Deployment ..................................................................................................................................................................... 3 - 24
    Determining Database Requirements................................................................................................................................................. 3 - 25
    Sensor Deployments ............................................................................................................................................................................. 3 - 27
    Determining Sensor Placement ........................................................................................................................................................... 3 - 29
    Determining Number of Sensors ......................................................................................................................................................... 3 - 32
    High Availability and Disaster Recovery .............................................................................................................................................. 3 - 34
    Manager Disaster Recovery (MDR) ...................................................................................................................................................... 3 - 36
    Implementation Process ....................................................................................................................................................................... 3 - 37

    Module 4: Getting Started


    Logging into Manager Interface ........................................................................................................................................................... 4 - 4
    Manager Installation Wizard................................................................................................................................................................. 4 - 5
    Operational Monitors ...........................................................................................................................................................................4 - 7
    Security Monitors ................................................................................................................................................................................... 4 - 8
    Navigating Manager Interface .............................................................................................................................................................. 4 - 10
    Managing Dashboard Monitors ........................................................................................................................................................... 4 - 11
    Setting up Basic Features ...................................................................................................................................................................... 4 - 12
    Configure Telemetry .............................................................................................................................................................................. 4 - 13
    Manager Disaster Recovery (MDR) ...................................................................................................................................................... 4 - 14
    Configuring MDR Pair ............................................................................................................................................................................ 4 - 15
    Configuring Manager for MDR ............................................................................................................................................................. 4 - 16
    Scenarios for MDR Configuration ........................................................................................................................................................ 4 - 18
    Central Manager .................................................................................................................................................................................... 4 - 21
    Defining Trust with Central Manager .................................................................................................................................................. 4 - 22
    Proxy Server ........................................................................................................................................................................................... 4 - 24
    Configuring Proxy Server ...................................................................................................................................................................... 4 - 25

    © 2020 McAfee ii McAfee Confidential


    Module 5: Configuration Manager
    Module goals .......................................................................................................................................................................................... 5 – 2
    IPS/NTBA Event (Alert) Notifications .................................................................................................................................................... 5 - 4
    IPS/NTBA Event Notification Options .................................................................................................................................................. 5 - 5
    Viewing Summary of IPS/NTBA Events ................................................................................................................................................ 5 - 6
    Simple Network Management Protocol (SNMP) ................................................................................................................................ 5 - 7
    Configuring SNMP Notification ............................................................................................................................................................ 5 - 8
    Syslog Alert ............................................................................................................................................................................................. 5 - 10
    Configuring Syslog Notification ............................................................................................................................................................ 5 - 11
    Example Syslog Configuration.............................................................................................................................................................. 5 - 12
    Configuring e-mail Server and Notification ........................................................................................................................................ 5 - 14
    Configuring E-mail Server ..................................................................................................................................................................... 5 - 15
    Configuring e-mail Notification ............................................................................................................................................................ 5 - 16
    Example E-mail Notification Configuration......................................................................................................................................... 5 - 17
    Example Pager Notification Configuration ......................................................................................................................................... 5 - 18
    Configuring Script Notification ............................................................................................................................................................. 5 - 19
    Fault Notification Options ..................................................................................................................................................................... 5 - 21
    Viewing Summary of Fault Notification ............................................................................................................................................... 5 - 22
    Configuring Common Settings for Faults ............................................................................................................................................ 5 - 23
    Access Events Notification .................................................................................................................................................................... 5 - 24
    User Activity ............................................................................................................................................................................................ 5 - 25
    Configuring User Activity: SNMP .......................................................................................................................................................... 5 - 26
    Configuring User Activity: Syslog .........................................................................................................................................................5 - 27

    Module 6: User Management


    Module goals .......................................................................................................................................................................................... 6 – 2
    User Management Overview ................................................................................................................................................................ 6 - 4
    Minimum Account Configuration......................................................................................................................................................... 6 - 5
    Role Assignment Overview ................................................................................................................................................................... 6 - 6
    Viewing Roles and Privileges ................................................................................................................................................................ 6 - 8
    Editing the Default Root Admin User .................................................................................................................................................. 6 - 9
    Editing the Default Root Admin User ..................................................................................................................................................6 - 10
    Adding a New User ................................................................................................................................................................................ 6 - 11
    Verifying User Credentials .................................................................................................................................................................... 6 - 13
    Editing a User ......................................................................................................................................................................................... 6 - 14
    Reset GUI Presentation ......................................................................................................................................................................... 6 - 15
    Deleting a User ....................................................................................................................................................................................... 6 - 16
    Creating a Custom Role......................................................................................................................................................................... 6 - 17
    Assigning Domains and Roles .............................................................................................................................................................. 6 - 20
    Role Assignment .................................................................................................................................................................................... 6 - 22
    Managing My Account ........................................................................................................................................................................... 6 - 24
    GUI Access .............................................................................................................................................................................................. 6 - 25
    Viewing User Activity ............................................................................................................................................................................. 6 - 26
    Configuring Banner Text and Image.................................................................................................................................................... 6 - 27
    Configuring Session Controls ............................................................................................................................................................... 6 - 28
    Configuring Password Controls............................................................................................................................................................ 6 - 29

    © 2020 McAfee iii McAfee Confidential


    Specifying Audit Settings ....................................................................................................................................................................... 6 - 30
    Authentication ........................................................................................................................................................................................ 6 - 31
    Summary of Authentication Configuration......................................................................................................................................... 6 - 32
    LDAP External Authentication .............................................................................................................................................................. 6 - 33
    Configuring LDAP (up to 4 servers) ...................................................................................................................................................... 6 - 34
    Assigning LDAP Authentication ............................................................................................................................................................ 6 - 35
    RADIUS External Authentication .......................................................................................................................................................... 6 - 36
    Configuring RADIUS External Authentication ..................................................................................................................................... 6 - 37
    Assigning RADIUS Authentication ........................................................................................................................................................ 6 - 38
    CAC (Common Access Card) Authentication....................................................................................................................................... 6 - 39
    Enabling CAC (Common Access Card) Authentication....................................................................................................................... 6 - 40
    Check your Learning .............................................................................................................................................................................. 6 - 42

    Module 7: Admin Domains


    Module goals ..........................................................................................................................................................................................… 7 - 2
    Administrative Domains Overview ...................................................................................................................................................... 7 - 4
    Admin Domain’s Hierarchical Structure .............................................................................................................................................. 7 - 5
    Functions under Admin Domain .......................................................................................................................................................... 7 - 6
    How Admin Domains Work .................................................................................................................................................................. 7 - 7
    Managing Admin Domains ................................................................................................................................................................... 7 - 11
    Editing the Root Admin Domain........................................................................................................................................................... 7 - 12
    Adding a Child Admin Domain ............................................................................................................................................................. 7 - 13
    Adding Users to a Child Domain .......................................................................................................................................................... 7 - 17

    Module 8: Sensor Overview


    Module goals .......................................................................................................................................................................................... 8 – 2
    Primary Function of Sensor .................................................................................................................................................................. 8 - 4
    Attack Detection Framework ................................................................................................................................................................ 8 - 5
    Sensor Response Actions ...................................................................................................................................................................... 8 - 6
    Capture.................................................................................................................................................................................................... 8 - 8
    Classify .................................................................................................................................................................................................... 8 - 9
    Inspect ..................................................................................................................................................................................................... 8 - 10
    Respond .................................................................................................................................................................................................. 8 - 11
    Virtualization (Sub-Interfaces) ..............................................................................................................................................................8 - 12
    Secure Socket Layer (SSL) Decryption ................................................................................................................................................. 8 - 13
    Cipher Enhancements ........................................................................................................................................................................... 8 - 16
    Acceleration and Operation.................................................................................................................................................................. 8 - 17
    McAfee Network Security Platform Appliances .................................................................................................................................. 8 - 18
    McAfee NS9500: Performance, Scalability, Protection ...................................................................................................................... 8 - 19
    Virtual IPS-Series Sensor Portfolio ....................................................................................................................................................... 8 - 20
    Heterogenous Support.......................................................................................................................................................................... 8 - 24
    Operating Modes ................................................................................................................................................................................... 8 - 25
    Fail-Close and Fail-Open (in-line only) ................................................................................................................................................. 8 - 28
    Multi-Port Monitoring ............................................................................................................................................................................ 8 - 29
    Interface Groups (Port Clustering) ....................................................................................................................................................... 8 - 30
    High Availability ...................................................................................................................................................................................... 8 - 31
    Network Topologies............................................................................................................................................................................... 8 - 33

    © 2020 McAfee iv McAfee Confidential


    Large Networks: Perimeter, Core, Internal Placement ...................................................................................................................... 8 - 34
    Best Practices ......................................................................................................................................................................................... 8 - 35

    © 2020 McAfee v McAfee Confidential

    You might also like