Mcafee Mvm2200 User manual

McAfee MVM2200 Appliance

Appliance Guide

TRADEMARKS

McAfee, the McAfee logo, McAfee Active Protection, McAfee AppPrism, McAfee Artemis, McAfee CleanBoot, McAfee DeepSAFE, ePolicy Orchestrator,

McAfee ePO, McAfee EMM, McAfee Enterprise Mobility Management, Foundscore, Foundstone, McAfee NetPrism, McAfee Policy Enforcer, Policy Lab,

McAfee QuickClean, Safe Eyes, McAfee SECURE, SecureOS, McAfee Shredder, SiteAdvisor, SmartFilter, McAfee Stinger, McAfee Total Protection,

TrustedSource, VirusScan, WaveSecure, WormTraq are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States

and other countries. Other names and brands may be claimed as the property of others.

LICENSE INFORMATION

License Agreement

NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS

FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU

HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR

SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR

A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS

SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF

PURCHASE FOR A FULL REFUND.

McAfee Vulnerability Manager Appliance Guide

700-4283A00

McAfee MVM2200 Appliance Guide iii

Contents

Introducing McAfee Vulnerability Manager ..................................................... 5

Audience .......................................................................................................................... 5

Find product documentation ............................................................................................... 5

Before installing the appliance............................................................................................. 5

Network recommendations, hardware specifications, and environment requirements........... 6

Unpacking the appliance................................................................................. 6

MVM2200 front panel description......................................................................................... 7

MVM2200 back panel description......................................................................................... 8

Install the hardware ....................................................................................... 8

Positioning the appliance .................................................................................................... 8

Installing the appliance in a rack ......................................................................................... 9

Connecting the appliance to power and the network .............................................................. 9

Starting the appliance ........................................................................................................ 9

Using the appliance wizard ................................................................................................. 9

Using the Network Security Wizard .................................................................................... 10

Resetting the appliance to factory defaults ......................................................................... 12

Virtual local area network on the appliance......................................................................... 12

Accessing the VLAN properties on the NIC card............................................................. 12

Troubleshooting ........................................................................................... 13

The appliance is not receiving power.................................................................................. 13

The appliance is not communicating with the network.......................................................... 13

McAfee MVM2200 Appliance Guide 5

Introducing McAfee Vulnerability

Manager

McAfee Vulnerability Manager is an agentless network scanner that helps you identify and protect the

assets (systems) on your network. This protection allows managers to monitor and respond to

changing risks in their environment.

Audience

This guide is intended for administrators responsible for adding an MVM2200 to their existing McAfee

Vulnerability Manager deployment.

Find product documentation

McAfee provides the information you need during each phase of product implementation, from

installing to using and troubleshooting.

1Go to the McAfee Product Download (https://secure.mcafee.com/apps/downloads/my-

products/login.aspx) site.

2Type in your grant number, then click Submit.

3Select McAfee Vulnerability Manager.

After a product is released, information about the product is entered into the McAfee online

KnowledgeBase at http://mysupport.mcafee.com.

Before installing the appliance

Before you install the appliance, we recommend that you do the following:

Read the provided safety information.

Make sure that you have selected a suitable location for installing the appliance.

Check that you have all the necessary equipment and components as described in this document.

Familiarize yourself with the appliance NIC ports and connectors as described in this document.

Know the ports and IP address to be used by the appliance.

Know the location or port number of the configuration manager.

Determine a host name for the appliance. Make sure that the name can be resolved from the

enterprise manager server. This is done by adding the name to the hosts file on the enterprise

manager server, or by registering the name in the Domain Name Server (DNS).

Caution

To ensure the safe operation of the appliance, read all documentation before installing.

Appliance power on/off –the push-button on/off power switch on the front panel of the appliance

–does not turn off the AC power. To remove AC power from the appliance, you must unplug the

AC power cord from the power supply or wall outlet.

Unpacking the appliance

Before installing the appliance

McAfee MVM2200 Appliance Guide 6

Warning

The power supplies in your system might produce high voltages and energy hazards, which can

cause bodily harm. Do not remove the cover. Only trained service technicians are authorized to

remove the covers and access any of the components inside the system.

Hazardous conditions –devices and cables: Hazardous electrical conditions might be present on

power, telephone, and communication cables. Turn off the appliance and disconnect

telecommunications systems, networks, modems, and the power cords attached to the appliance

before opening it. Otherwise, personal injury or equipment damage can result.

Avoid injury: Lifting the appliance and attaching it to the rack is a two-person job. The appliance

weighs approximately 15 kg (33 lb).

Network recommendations, hardware specifications, and

environment requirements

This section describes the network recommendations, hardware specifications, and environmental

requirements for the appliance.

Network recommendations

Although the appliance supports both DHCP and static IP address networks, McAfee strongly

recommends that you use static IP addresses.

In addition, McAfee recommends having a DNS server on your network. This allows reverse mapping

between discovered IP addresses and host names, providing better reports and more information

from your scans. It also provides the ability to specify credentials using fully-qualified domain names.

Hardware specifications and environmental requirements

Dimensions

1.70” (43mm) H x 17.25” (438mm) W x 22.25” (565mm) D

Power delivery

Power Supply

350 watt AC power supply, fixed, non-redundant

Environment

Ambient

Temperature

Operating: +10°C to +35°C, with a maximum rate of

change not to exceed 10°C per hour.

Non-operating: -40°C to +70°C

Non-Operational

Humidity

50% to 90%, non-condensing with a maximum wet

bulb of 28°C (at temperatures from 25°C to 35°C)

Unpacking the appliance

Carefully unpack and remove the contents of the shipping box. Verify that you have all of the

components listed. If you do not, contact McAfee Technical Support.

You should have the following:

McAfee Vulnerability Manager 2200 Appliance

Accessory kit, containing:

Unpacking the appliance

MVM2200 front panel description

McAfee MVM2200 Appliance Guide 7

Power cord

Rack mount kit, containing:

Rails (2)

Fastener pack, containing screws

Accessory bag, containing:

Safety Warning document

McAfee Vulnerability Manager 2200 Appliance Installation Guide

USB flash drive –Restore to factory default image

USB flash drive –Hardware diagnostics tool

McAfee Limited Warranty on Hardware document

MVM2200 front panel description

The following illustration shows the location of connectors and indicator lights on the front panel of the

appliance.

Figure 1: MVM2200 front panel

Front panel connectors

USB ports

System ID button (with integrated LED)

NMI Button (recessed, tool required for use)

NIC-1 activity LED

NIC-3 Activity LED (Not used)

Reset button

System status LED

Power button (with integrated LED)

Hard Drive activity LED

NIC-4 activity LED (Not used)

NIC-2 activity LED

Install the hardware

Positioning the appliance

McAfee MVM2200 Appliance Guide 8

MVM2200 back panel description

The following illustration shows the locations of connectors on the back panel of the appliance.

Figure 2: MVM2200 back panel

Back panel connectors

AC power connector

Power supply status LED

NIC 1 and 2

Empty slot for PCI Express add-in

Serial port

Video out

Dual USB 2.0 ports

Dual USB 3.0 ports

Empty slots for IO module external connectors

Install the hardware

This section describes how to attach rails and mount the appliance in a rack.

Positioning the appliance

The appliance must be installed in a suitable location, such as a rack. Since it is designed to be

operated remotely, physical access to the appliance is needed only for initial setup. Initial setup

Install the hardware

Using the appliance wizard

McAfee MVM2200 Appliance Guide 9

requires attaching a single network cable to the back of the appliance. Once the network setup is

finished, physical access to the appliance is necessary only to reset the appliance.

A rack mounting kit is supplied with the appliance so you can install the appliance in a 19-inch rack,

as described in the following rack mounting instructions.

Installing the appliance in a rack

Use the rack mounting kit included with the appliance to install the unit. Follow the rack installation

instructions that are included with the rack mounting kit.

Connecting the appliance to power and the network

Once you have installed the appliance in the rack, connect it to the power source and to your

network. Connect a monitor, keyboard, and mouse, which are required to configure the McAfee

Vulnerability Manager software.

1Plug the AC cord into the back of the appliance, then plug the other end of the cord into an

appropriate power source.

2Connect a network cable to each network interface card (NIC). If only one NIC is required,

connect the network cable to NIC 1. See the MVM2200 back panel description (page 8) for more

information.

3Connect a monitor, mouse, and keyboard to the rear of the appliance.

Note: Once the initial installation and configuration are completed, you can manage the

appliance from a remote computer. To access the appliance using RDP, RDP must be enabled.

Starting the appliance

After the appliance hardware is set up, you can turn on the appliance. The BIOS on the MVM2200 is

password-protected and you have the option of changing it.

1Turn on the power for the appliance using the power button on the front panel.

2If you want to change the BIOS password, press F2 during the boot process. The factory default

BIOS password is MCAFEE. Change the password to one that follows your security guidelines.

Once it’s changed, press F10 to save and reboot.

3During the operating system setup, type a password for the applianceadmin user.

4When the appliance has finished booting, the appliance wizard appears. Follow the wizard to

configure the appliance.

Using the appliance wizard

Once the appliance is turned on and the operating system setup is complete, the setup wizard

appears to guide you through configuring the IP address and port number for the appliance.

After the setup is complete, the appliance appears in the configuration manager as a scan engine. You

can then assign the scan engine to a scan controller.

Install the hardware

Using the Network Security Wizard

McAfee MVM2200 Appliance Guide 10

1From the Welcome screen, click Next.

2From the Restore Appliance Settings screen, select No, then click Next.

3Select a network interface to configure (the appliance has two network interface cards installed).

If you use only one and want to disable the other, select the network interface you want to

disable, then deselect Enable.

4Select dynamic host configuration protocol (DHCP) or static IP addressing, then click Next.

aIf you use DHCP, make sure Obtain IP addressing automatically is selected.

bIf you use a static IP address, deselect Obtain IP addressing automatically, type the IP address,

subnet mask, default gateway, and DNS server information.

5Type in the address (IP address or fully-qualified domain name) for the configuration manager,

then click Next. If the configuration manager uses a custom port number, deselect Use Default

Port, type in the port number used by the configuration manager.

Note: You can type a NetBIOS name, but it only works when the name can be properly resolved.

6Type the database address (IP address, fully-qualified domain name, or host name), then the

Faultline user name and password. Optionally, you can include the SQL port or SQL instance name

with the database address.

7Click Test Credentials to test the Faultline user password and then click Next. If the test fails,

retype the password. Also make sure the database is online and the appliance can connect to it.

8Review the settings for the appliance, then click Apply. The MVM2200 appliance communicates

with the configuration manager. The configuration manager then sends information back to the

appliance, including which product version you are currently using.

9Click Restart Appliance.

Using the Network Security Wizard

Use the Advanced setup in the Network Security Wizard to adjust the system firewall settings, change

service communication ports, and add additional rules for your network security settings.

Caution: If you leave an IP address field blank, the service is open to any host on the network.

1Select Start | All Programs | McAfee | MVM Network Security Wizard | Configure

Network Security.

2On the Welcome screen, click Next.

3Select the Windows Advanced Firewall profiles, ICMP Echo Requests, and Edge Traversal options.

Windows Advanced Firewall profiles –Select the firewall profiles (Domain, Public, Private)

that should be modified by the Network Security wizard.

Allow ICMP Echo Requests –Select this option to allow the appliance to respond to ICMP

echo requests (ping).

Enable Edge Traversal –Select this option to make sure that inbound tunneled traffic is

passed through the firewall. If devices in your McAfee Vulnerability Manager environment

tunnel traffic, select this checkbox.

4Select Advanced, then click Next.

5If a scan controller is installed, select Scan Controller Firewall options, then click Next. The

Scan Controller Firewall allows you to specify host IP address ranges that are permitted to access

the scan controller.

Allow access to the Scan Controller –Allow other systems access to the scan controller.

Allow all hosts –Allow all hosts access to the scan controller.

Install the hardware

Using the Network Security Wizard

McAfee MVM2200 Appliance Guide 11

Allow only these hosts –Allow only the IP addresses specified access to the scan controller.

Type in the IP addresses or address ranges.

Override Default Port –Change the scan controller service port. Type in a port number.

6Select the Remote Desktop Firewall options, then click Next.

Enable Remote Desktop service –Enable the remote desktop service on this system.

Allow all hosts –Allow all hosts remote access to this system.

Allow only these hosts –Allow only the IP addresses specified remote access to this

system. Type in the IP addresses or address ranges.

Override Default Port –Change the remote desktop service port. Type in a port number.

7Create additional firewall rules, then click Next. When you add or edit a firewall rule, you must

click OK to save your settings.

Add –Add a custom firewall rule.

Edit –Edit the selected firewall rule.

Delete –Delete the selected firewall rule.

The following options are available when you create or edit a firewall rule.

Service Name –Type the name of the service.

Protocol –Select the TCP or UDP protocol.

Service Port –Type the port number used by the service.

Allow access to the service –Open this service to other hosts.

Allow all hosts –Allow all hosts access to this service.

Allow only these hosts –Allow only the IP addresses specified access to this service. Type

in the IP addresses or address ranges.

Figure 3: Custom firewall rules

8On the Confirm Settings screen, click Apply to confirm the firewall settings.

9On the Firewall Configuration Complete screen, click Finish to restart the system.

Note: If you selected Advanced and then accepted the default settings, the Network Security

Wizard doesn't prompt you to restart the appliance. If this happens, restart the appliance. Some

changes don't take effect until after the system is restarted.

Install the hardware

Virtual local area network on the appliance

McAfee MVM2200 Appliance Guide 12

10 Log on with the administrator account name and password you created in the previous steps.

Note: McAfee recommends running McAfee Vulnerability Manager Update after upgrading to

make sure you have the latest product updates.

Resetting the appliance to factory defaults

Resetting the MVM2200 to factory defaults overwrites all existing data on the appliance and applies

the factory default (fresh) image, stored on the USB flash drive.

1Connect a keyboard, mouse, and monitor to the appliance.

2Insert the McAfee Vulnerability Manager restore to factory image USB flash drive (2200 W2K8R2

Image) into the USB port and restart the appliance.

3Press F6 to select a boot option, enter the BIOS password, then choose to boot the recovery

image using USB.

4On the system installation screen, click Restore to continue. The restoration process might take

several minutes.

5When the restoration process is complete, system reboots.

6Once the MVM2200 has started, type a password for the “applianceadmin” account, then retype it

to confirm. The system reboots again.

7Once the MVM2200 has rebooted, log on using “applianceadmin” credentials and the password

entered in the previous step. The MVM2200 Setup Wizard appears.

Virtual local area network on the appliance

A virtual local area network (VLAN) allows you to group systems together and allows those systems to

communicate as if they were on the same local area network, even if those systems are not located

on the same physical network. The MVM2200 supports up to 64 VLANs.

There are two types of VLANs:

Tagged VLANs are based on the IEEE 802.1Q specification. Each packet has a four-byte tag

added to the packet header. The switch must support IEEE 802.1Q tagging and be properly

configured. Check your switch documentation for the correct switch configuration.

Untagged or Port-based VLANs are statically configured on the switch. They are transparent to

connected devices.

For additional information on VLANs, visit the Intel Networking website.

Accessing the VLAN properties on the NIC card

You can enter your VLAN information on the VLAN properties tab of the appliance NIC card.

Note: You must be logged on as the console administrator if you are connecting to the appliance

using RDP.

Troubleshooting

The appliance is not communicating with the network

McAfee MVM2200 Appliance Guide 13

1Log on to the appliance.

2Select Start |Control Panel.

3Select Hardware, then select Device Manager.

4Under Network adapters, right-click a network adapter and select Properties.

5Select the VLAN tab, then click New. Type in your VLAN information and select your options.

6Click OK.

Troubleshooting

This section provides information on common issues that you might encounter as you configure and

use the appliance.

The appliance is not receiving power

Check the following:

The appliance is connected properly to a working power outlet, using the supplied power cord. If

the power outlet has a switch, make sure it is on.

The power cord is plugged in to the back of the appliance.

If the appliance is still not receiving power, check the power outlet by plugging other equipment into

it. If the power outlet is working, there is a problem with the appliance or its power cord. Contact your

supplier or McAfee Technical Support.

The appliance is not communicating with the network

Check the following:

The appliance is turned on and its software is running, indicated by the lights on the front display

panel.

The network cables that you are using are undamaged and connected properly to the appliance

ports and your existing network equipment. Ensure that the cables you use are the correct

specification.

You have used the correct LAN ports when connecting the appliance to your existing network

equipment.

There are no IP address conflicts.

If the appliance is still not receiving network traffic, check the network cables and the network ports

on your existing network equipment. If the cables and ports are working, there is a problem with the

appliance. Contact your supplier or McAfee Technical Support.

McAfee Vulnerability Manager Appliance Guide

700-4283A00

Table of contents

Other McAfee Network Hardware manuals

McAfee

McAfee WebShield e500 User manual

McAfee

McAfee EWS-3100-00AA User manual

McAfee

McAfee XC-240 User manual

Popular Network Hardware manuals by other brands

Cisco

Cisco 1230AG - Aironet - Wireless Access Point Configuration guide

Domestia

Domestia DKV-006-002 user manual

Siemens

Siemens SIMATIC NET operating instructions

Paradyne

Paradyne BitStorm 2600 IP DSLAM installation guide

RAIDAGE

RAIDAGE DAGE312UTL-NAS user manual

Rose electronics

Rose electronics RS130 owner's manual

Rittal

Rittal 8617.353 Assembly instructions

DIAMOND MOTION

DIAMOND MOTION MEMO2GO Handling instructions

Corinex

Corinex CXP-GPH installation guide

FiberHome

FiberHome AN5516-04 Quick installation guide

ADTRAN

ADTRAN DDM+ H2TU-C Installation and maintenance practice

Ihse

Ihse kvm-tec media4Kconnect KT-6935 Quick installation

Speco

Speco N4JLN user manual

Ascent Communication Technology

Ascent Communication Technology AON126S Quick reference guide

Stellar Cyber

Stellar Cyber Photon 300D Installation & quick start guide

ADC

ADC Cross-Connect Family FlexDSX Specification sheet

Avid Technology

Avid Technology AirPlay MP Information sheet

Quectel

Quectel LTE Standard Module Series Hardware design

McAfee MVM2200 User manual

Popular Network Hardware manuals by other brands