Scribd Logo
Upload

Welcome to Scribd!

  • Mcafee Data Loss Prevention Appliances: Quick Start Guide

    Uploaded by

    Guruprasad
    16 views8 pages

    Original Title

    NDLP-PD27060 Product document

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    16 views8 pages

    Mcafee Data Loss Prevention Appliances: Quick Start Guide

    Uploaded by

    Guruprasad

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 8

    Quick Start Guide

    Revision A

    McAfee Data Loss Prevention Appliances


    version 11.0

    ®
    This quick start guide provides high-level instructions for setting up a McAfee Data Loss Prevention Prevent (McAfee
    ®
    DLP Prevent) or McAfee Data Loss Prevention Monitor (McAfee DLP Monitor) hardware appliance.

    For complete details, or if you are setting up a virtual appliance, see the McAfee Data Loss Prevention Product Guide.
    For setting up a McAfee DLP appliance at version 9.3.x, see the product guide for your version.

    1 Check your shipment


    Each product ships with all the items needed to install the appliance on a network. Check the contents list to
    verify that you received all these items.

    2 Download product documentation


    a Go to the ServicePortal at https://support.mcafee.com and click the Knowledge Center tab.

    b In the Knowledge Base pane under Content Source, click Product Documentation.

    c Select a product and version, then click Search to display a list of documents.

    d Download these documents.


    • McAfee Data Loss Prevention Product Guide — Information about configuration, maintenance, and
    troubleshooting

    • McAfee Data Loss Prevention Hardware Guide — Information about replacing hardware components
    and re-imaging an appliance

    3 Plan your configuration

    Use the deployment information in the product guide to plan the integration of McAfee DLP products in your
    network.

    a Familiarize yourself with the McAfee DLP deployment options.

    b Complete the deployment checklist.

    1
    4 Identify network ports

    Locate the network ports on your appliance. Unlabeled ports are not used.

    Figure 1 Model 4400 appliance port configuration

    1 Serial port

    2 OOB port

    3 LAN1 port

    4 Remote access port (RMM)

    5 Ethernet port or fiber port *


    • McAfee DLP Prevent — Unused

    • McAfee DLP Monitor — Capture port 1

    6 Ethernet port — Unused

    * If the appliance has a fiber NIC:


    • For McAfee DLP Prevent, the fiber port becomes LAN1.

    • For McAfee DLP Monitor, the fiber port becomes Capture port 1.

    On some 4400 models, the capture ports might be on a slotted NIC instead of on the motherboard.
    In this case, these two ports are swapped over.

    Figure 2 Model 5500 appliance port configuration

    1 Ethernet port or fiber port — Unused

    2 Ethernet port or fiber port *


    • McAfee DLP Prevent — Unused

    • McAfee DLP Monitor — Capture port 1

    2
    3 OOB port

    4 LAN1 *

    5 Serial port

    6 Remote access port (RMM)

    * If the appliance has a fiber NIC:


    • For McAfee DLP Prevent, this fiber port (callout 2) becomes the LAN1 port.

    • For McAfee DLP Monitor, this fiber port (callout 2) becomes Capture port 1.

    Figure 3 Model 6600 appliance port configuration


    1 LAN1

    2 McAfee DLP Prevent — Unused

    McAfee DLP Monitor — Capture port 1

    3 OOB port

    4 Serial port

    5 Remote access port (RMM)

    5 Install the extensions


    Prepare the McAfee ePO server for integration with McAfee DLP Appliance Management.
    For information about manually installing the extensions, see the product guide.

    For details about product features, usage, and best practices, click ? or Help.

    a In McAfee ePO, select Menu | Software | Software Manager.

    b In the left pane, expand Software (by Label) and select Data Loss Prevention.

    c Select the entry for McAfee Network Data Loss Prevention.


    These extensions are included:
    • McAfee DLP

    • Common UI

    • Appliance Management Extension

    • McAfee DLP Appliance Management

    3
    d Click Check In.

    e Select the checkbox to accept the agreement, then click OK.

    6 Configure network information


    For McAfee DLP appliances, configure the DNS server and NTP server. For McAfee DLP Prevent, you must also
    configure a Smart Host.

    For details about product features, usage, and best practices, click ? or Help.

    a In McAfee ePO, select Menu | Policy | Policy Catalog.

    b From the Product drop-down list, select Common Appliance Management.

    c Select the My Default policy.

    d Add the DNS server and the NTP server, then click Save.

    e From the Product drop-down list, select DLP Appliance Management.

    f Select the My Default policy for McAfee DLP Prevent Email Settings.

    g Enter the IP address of the Smart Host, then click Save.

    7 Set up the appliance

    Prepare the appliance for network integration.

    The appliance power supply units and the hard disk can be replaced. Instructions are available in the
    hardware guide.

    By default, each appliance is configured with these IP addresses after installation:

    • McAfee DLP Prevent LAN1 — 10.1.1.108/24


    Use the LAN1 network for SMTP or ICAP traffic. You can also use it for management traffic.

    • McAfee DLP Monitor LAN1 — 10.1.1.108/24


    Use the LAN1 network for management traffic.

    • OOB — 10.1.3.108/24
    (Optional) Use the out-of-band (OOB) network for management traffic including McAfee ePO
    communication.

    McAfee DLP Monitor Capture port 1 is used for analysis traffic. It is not configured with any IP address.

    If your network uses DHCP, the first IP address that the DHCP server assigns to the McAfee DLP
    appliance is used instead. You can manually configure the IP address with the Setup Wizard. The
    appliance does not support using a continuous DHCP configuration.

    The default gateway for the appliance must be on the LAN1 subnet. Configure any routing required on the
    OOB interface using static routes.
    a Install the appliance in a rack.

    b Connect a monitor, keyboard, and mouse to the appliance.

    4
    c Connect the appliance to the network:
    1) McAfee DLP Prevent and McAfee DLP Monitor — Connect the LAN1 interface of the appliance to
    your network.

    2) McAfee DLP Monitor — Connect the Capture port 1 interface to your network tap or SPAN port.

    d (Optional) Connect the OOB interface to another network.


    This is required for McAfee DLP Monitor if you are not using LAN1 for your management traffic.

    8 Install the appliance


    Install the software and run the Setup Wizard.
    a Prepare the appliance for installation.
    • 6600 appliances — Turn on the appliance.

    • 4400 and 5500 appliances


    1 Using the installation ISO file, create or set up the external imaging media. You can perform the
    initial installation using these methods:
    • USB drive

    Use image writing software, such as Launchpad Image Writer, to write the image
    to the USB drive. For more information, see KB87321.

    • USB CD drive

    • (4400 appliances only) Integrated CD drive

    • Virtual CD drive using the remote management module (RMM)

    2 Insert or connect the media to the appliance.

    3 Turn on the appliance.

    4 Before the operating system starts, press F6 for the boot menu and select the external media.

    R3c0n3x is the BIOS password for 4400 appliances.

    b Follow the on-screen prompts.

    When the installation completes, the appliance restarts.

    c Complete the Setup Wizard using the information in the on-screen Help.

    d If the installation fails:


    1 Verify the network connection is working and any configured static routes are correct.

    2 Ping the default gateway and McAfee ePO from the appliance console.

    3 If the problem persists, contact technical support for assistance. Do not perform the installation
    again.
    When you contact technical support, make sure you know the appliance primary serial number. You
    can find the serial number on the product name sticker on the delivery packaging, the sticker on the
    bottom-left of the top panel, or the sticker on the pull-out tray on the front panel.

    5
    The McAfee DLP appliance is installed and registered to McAfee ePO.

    9 Post-setup tasks

    For more information on these tasks, see the product guide.

    McAfee DLP appliances


    1 Configure an evidence server to store the files that trigger a rule.

    2 Configure one or more syslog servers if required.

    3 Enable relevant predefined policies and rules.

    4 Create additional classifications, policies, and rules to detect potential data loss incidents.

    5 Confirm that incidents are recorded in the DLP Incident Manager.

    McAfee DLP Prevent appliances

    For McAfee DLP Prevent appliances that analyze email traffic:


    1 Verify connectivity and mail flow between the mail transfer agent (MTA) server and the McAfee DLP
    Prevent appliance.

    2 Confirm that the X-RCIS-Action: Allow header is added to received email.

    For McAfee DLP Prevent appliances that analyze web traffic, verify connectivity between the web proxy server
    and the appliance.

    McAfee DLP Monitor appliances


    • Generate some traffic that the configured network tap or SPAN can see.

    6
    7
    Copyright © 2017 McAfee LLC
    McAfee and the McAfee logo are trademarks or registered trademarks of McAfee LLC or its subsidiaries in the US and other countries. Other
    marks and brands may be claimed as the property of others.

    8 700-4558A00

    You might also like