McAfee DTP-1650-MGRA - Network DLP Manager 1650 Appliance, Data Loss Prevention 9.2.1 Installation guide

  • Hello! I am an AI chatbot trained to assist you with the McAfee DTP-1650-MGRA - Network DLP Manager 1650 Appliance Installation guide. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
Installation Guide
Revision C
McAfee Data Loss Prevention 9.2.1
For use with ePolicy Orchestrator 4.5.0 and 4.6.0 Software
COPYRIGHT
Copyright © 2012 McAfee, Inc. Do not copy without permission.
TRADEMARK ATTRIBUTIONS
McAfee, the McAfee logo, McAfee Active Protection, McAfee AppPrism, McAfee Artemis, McAfee CleanBoot, McAfee DeepSAFE, ePolicy Orchestrator,
McAfee ePO, McAfee EMM, McAfee Enterprise Mobility Management, Foundscore, Foundstone, McAfee NetPrism, McAfee Policy Enforcer, Policy Lab,
McAfee QuickClean, Safe Eyes, McAfee SECURE, SecureOS, McAfee Shredder, SiteAdvisor, SmartFilter, McAfee Stinger, McAfee Total Protection,
TrustedSource, VirusScan, WaveSecure, WormTraq are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States and
other countries. Other names and brands may be claimed as the property of others.
LICENSE INFORMATION
License Agreement
NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS
FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU
HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR
SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A
FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET
FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF
PURCHASE FOR A FULL REFUND.
2
McAfee Data Loss Prevention 9.2.1 Installation Guide
Contents
Preface 5
About this guide .................................. 5
Audience .................................. 5
Conventions ................................. 5
Find product documentation ..............................6
1 Setting up the hardware 7
Adding devices and servers ..............................7
Check the shipment .................................7
Plan your installation ................................ 8
Rack mount the appliances ..............................8
Connect a management console ............................9
Configure McAfee DLP Manager ............................ 10
Select an integration mode for McAfee DLP Monitor ....................11
SPAN port configuration ............................11
Network tap configuration ...........................13
Complete the setup ................................ 14
2 Installing or upgrading the software on 4400 appliances 15
Download the 4400 archive ............................. 15
Boot options ................................... 16
Set up the next boot option .......................... 17
Install a fresh image on 4400 appliances ........................ 17
Upgrade the products on 4400 appliances ........................18
Apply a hotfix ...................................20
Convert an installation to another McAfee DLP product .................. 20
Restoring the drives ................................ 21
3 Installing or upgrading software on 1650 and 3650 appliances 23
Download the 1650 or 3650 archive .......................... 23
Install a fresh image on 1650 or 3650 appliances .....................24
Upgrade the products on 1650 or 3650 appliances .................... 25
Apply a hotfix ...................................26
4 Configuring McAfee DLP appliances and adding servers 29
Configure McAfee DLP appliances using Setup Wizard ...................29
Configure McAfee DLP appliances after installation .................... 35
Add McAfee DLP products to McAfee DLP Manager .................... 35
Configuring McAfee DLP Prevent ........................... 36
MTA requirements for McAfee DLP Prevent .................... 37
Configure McAfee DLP Prevent ......................... 38
Add LDAP servers to McAfee DLP Manager ....................... 39
Add McAfee Logon Collector to McAfee DLP Manager ................... 41
Add syslog servers to McAfee DLP systems ....................... 42
Resynchronize McAfee DLP systems with an NTP server .................. 42
McAfee Data Loss Prevention 9.2.1 Installation Guide
3
Testing the system ................................. 43
5 Installing McAfee DLP Endpoint 45
Verify system requirements ............................. 46
Configure the server ................................ 47
Install McAfee ePolicy Orchestrator .......................... 48
Installing McAfee DLP WCF service ...........................49
Install the McAfee DLP WCF service ....................... 50
Repository folders ................................. 55
Creating and configuring repository folders .................... 55
User and permission sets .............................. 57
Create and define McAfee DLP administrators ................... 57
Create and define permission sets ........................58
DLP permission set options ...........................58
Install the McAfee Data Loss Prevention Endpoint extension ................ 59
Initialize the McAfee DLP Endpoint Policy console .....................60
Upgrade the license .................................62
Check in the McAfee DLP Endpoint package to ePolicy Orchestrator ..............63
Deploy McAfee DLP Endpoint .............................63
Define a default rule ............................. 63
Deploy McAfee DLP Endpoint with ePolicy Orchestrator 4.6 .............. 64
Verify the installation ............................. 65
Uninstall McAfee DLP Endpoint ............................ 66
6 Integrating McAfee DLP Endpoint into a unified policy system 67
Setting up Unified DLP on ePolicy Orchestrator ..................... 68
Install the network extension ......................... 68
Install the UDLP (host) extension ........................68
Configure McAfee Agent on ePolicy Orchestrator .................. 69
Add an evidence folder on ePolicy Orchestrator ...................69
Connecting McAfee DLP Manager and the ePolicy Orchestrator server ............ 70
Gather ePolicy Orchestrator registration information ................ 70
Add an ePolicy Orchestrator database user .................... 70
Register McAfee DLP Manager on ePolicy Orchestrator server .............71
Register ePolicy Orchestrator on McAfee DLP Manager ................71
Checking the connection ........................... 72
Configuring McAfee DLP Endpoint on McAfee DLP Manager ................. 72
Generate a global policy for McAfee DLP Endpoint ..................73
Maintaining compatibility with installed McAfee clients ............... 73
Add an Agent Override Password ........................ 74
Set the manual tagging option ......................... 74
Installation and configuration complete .........................75
Index 77
Contents
4
McAfee Data Loss Prevention 9.2.1 Installation Guide
Preface
This guide provides the information you need to install your McAfee product.
It contains all of the necessary information for installing McAfee
®
Data Loss Prevention software,
including detailed steps and verification of the installation and configuration process in both the new
hardware platform and legacy appliances. It also includes integration with McAfee
®
ePolicy
Orchestrator
®
and McAfee
®
Data Loss Prevention Endpoint to configure a unified policy installation.
When the process is completed, the user will have a fully functional McAfee DLP hardware and
software implementation that is properly configured.
Contents
About this guide
Find product documentation
About this guide
This information describes the guide's target audience, the typographical conventions and icons used
in this guide, and how the guide is organized.
Audience
McAfee documentation is carefully researched and written for the target audience.
The information in this guide is intended primarily for:
Administrators — People who implement and enforce the company's security program.
Security officers — People who determine sensitive and confidential data, and define the
corporate policy that protects the company's intellectual property.
Conventions
This guide uses these typographical conventions and icons.
Book title, term,
emphasis
Title of a book, chapter, or topic; a new term; emphasis.
Bold Text that is strongly emphasized.
User input, code,
message
Commands and other text that the user types; a code sample; a displayed
message.
Interface text
Words from the product interface like options, menus, buttons, and dialog
boxes.
Hypertext blue A link to a topic or to an external website.
Note: Additional information, like an alternate method of accessing an
option.
McAfee Data Loss Prevention 9.2.1 Installation Guide
5
Tip: Suggestions and recommendations.
Important/Caution: Valuable advice to protect your computer system,
software installation, network, business, or data.
Warning: Critical advice to prevent bodily harm when using a hardware
product.
Find product documentation
McAfee provides the information you need during each phase of product implementation, from
installation to daily use and troubleshooting. After a product is released, information about the product
is entered into the McAfee online KnowledgeBase.
Task
1
Go to the McAfee Technical Support ServicePortal at http://mysupport.mcafee.com.
2
Under Self Service, access the type of information you need:
To access... Do this...
User documentation
1
Click Product Documentation.
2
Select a product, then select a version.
3
Select a product document.
KnowledgeBase
Click Search the KnowledgeBase for answers to your product questions.
Click Browse the KnowledgeBase for articles listed by product and version.
Preface
Find product documentation
6
McAfee Data Loss Prevention 9.2.1 Installation Guide
1
Setting up the hardware
This Quick Start serves as a highlevel road map for setting up your McAfee DLP system. McAfee DLP
Manager is shipped preinstalled; the other products in the suite (McAfee DLP Monitor, McAfee DLP
Discover, and McAfee DLP Prevent) must be installed onsite.
McAfee DLP Monitor must be set up to capture network traffic, so it requires additional configuration
steps.
Contents
Adding devices and servers
Check the shipment
Plan your installation
Rack mount the appliances
Connect a management console
Configure McAfee DLP Manager
Select an integration mode for McAfee DLP Monitor
Complete the setup
Adding devices and servers
The final setup for McAfee Total Protection for Data Loss Prevention depends on your protection
strategy. After you complete setup of all of the appliances, go to the System tab on McAfee DLP
Manager to add the products to be managed and the servers needed to complete the system.
For example, depending on your objectives, you might add McAfee DLP Discover or McAfee DLP
Prevent, which require additional configuration.
If you add McAfee DLP Endpoint to the network product suite, you must install it on McAfee
®
ePolicy
Orchestrator
®
, and add endpoint, evidence, and directory servers.
Check the shipment
Each product ships with all of the material needed to install it on a network. Check each shipment to
verify that all items on the packing list have been received.
Task
1
Refer to your Accessory Kit Content List to ensure that you received the following items:
Regionspecific power cords 2
CAT5 cables 3
Serial cable: RJ45 to RS232 Cisco console cable
1
McAfee Data Loss Prevention 9.2.1 Installation Guide
7
Intel Diagnostic Tool (IDT) USB
Product notes for IDT (CD media)
Safety document
Warranty document
Recovery media
2
If an item is missing or damaged, contact your supplier.
Plan your installation
Before installing, survey your environment and collect configuration information.
For the McAfee DLP Monitor appliance, you will also need a network tap (unless you are planning a
SPAN port configuration).
Task
1
Collect the following information about the network in which McAfee Total Protection for DLP will be
installed.
Host name Secondary DNS server
IP address Domain
Subnet mask NTP server
Default gateway Syslog server
DNS domain Email relay server
Primary DNS server
2
Devise a protection strategy by evaluating the type of information you need to protect. Your
objectives will determine which policies you activate.
3
Determine who will be the primary administrator of the system.
Rack mount the appliances
Each of the McAfee DLP products is shipped on an Intel
®
Server System SR2612UR.
For rack mounting instructions, download the Intel
®
Server System SR2612UR Service Guide from the
Intel download site.
http://download.intel.com/support/motherboards/server/s5520ur/sb/r2612ur_service_guide_14.pdf
For more information, download the Intel
®
Server System SR2612UR Technical Product Specification.
http://download.intel.com/support/motherboards/server/s5520ur/sb/sr2612ur_tps_13.pdf
1
Setting up the hardware
Plan your installation
8
McAfee Data Loss Prevention 9.2.1 Installation Guide
Connect a management console
Connect a laptop to the management port of the McAfee DLP appliance so you can reconfigure it
through a directly connected device. Because McAfee DLP Manager requires additional steps,
reconfigure all other products first.
Before you begin
You will need the list of network parameters you prepared when you planned your
installation.
Figure 1-1 Model 1650 appliance port configuration
1 Ethernet port 0
2 Ethernet port 1 — Management port
3 Ethernet port 2 — Capture port 0
4 Ethernet port 3 — Capture port 1
Figure 1-2 Model 3650 appliance port configuration
1 Ethernet port 0
2 Ethernet port 1 — Management port
3 Ethernet port 2 — Capture port 0
4 Ethernet port 3 — Capture port 1
Figure 1-3 Model 4400 appliance port configuration
1 Ethernet port 0
2 Ethernet port 1 — Management port
3 Ethernet port 3 — Capture port 1 — note reversed configuration
4 Ethernet port 2 — Capture port 0 — note reversed configuration
By default, each appliance is configured with the IP address 192.168.1.2, but a new IP address and
other network parameters are required to integrate it into the network.
Setting up the hardware
Connect a management console
1
McAfee Data Loss Prevention 9.2.1 Installation Guide
9
You must connect a laptop to the management port so you can convey this information to the
appliance. Assign the laptop an IP address that is different, but on the same subnet, so it can access
the management port.
Task
1
Connect a laptop to the management port of the appliance using the supplied Ethernet cable.
2
Change the laptop to an address in the 192.168.1.X/24 IP range — for example, 192.168.1.10.
3
Open a web browser and connect to the DLP appliance.
https://192.168.1.2
The DLP user interface starts.
4
Log on to the McAfee DLP appliance.
The default logon is admin/mcafee.
The End User License Agreement appears.
5
Select the license agreement checkbox and click I Accept.
The Setup Wizard starts.
6
On the Network Configuration page, enter all of the IP addresses, and the host and domain names
needed to integrate the appliance into the network.
If you are configuring a McAfee DLP Manager, skip to the next topic.
7
Advance through the Setup Wizard pages to the Review page.
The interim pages will be completed only on the McAfee DLP Manager appliance.
8
Click Submit, then Exit Wizard.
When this step is complete, the appliance will have a new IP address and will be integrated into the
network. Restarting is not necessary.
If you have configured McAfee DLP Discover or McAfee DLP Prevent appliances, setup is complete. If
you are configuring McAfee DLP Manager, proceed to the next step. If you are configuring McAfee DLP
Monitor, proceed to the following step.
Configure McAfee DLP Manager
When you configure McAfee DLP Manager, you must provide additional information after the network
configuration is completed.
Before you begin
You must have completed the network settings required on the Network Configuration page of
the Setup Wizard.
Task
1
On the Time Configuration page, change the time zone.
2
Select Manual to set NTP to local time.
On this first configuration, you will not yet be able to set the NTP server because the default IP
address (192.168.1.2) will not allow it to be located. The NTP server can be defined only when the
system is restarted and integrated into the network.
1
Setting up the hardware
Configure McAfee DLP Manager
10
McAfee Data Loss Prevention 9.2.1 Installation Guide
3
On the Policy Activation page, select the checkboxes of the policies that will generate incidents that
are relevant to your protection strategy.
If you are in a region that is not listed, you will be able to activate policies that are directly relevant
to your location after the system is installed.
4
On the Administrator Setup page, enter the email address of the primary administrator and change the
password from the default.
5
On the Email and Email Server Setting page, enter the IP address or host name of the email server.
6
On the Review page, verify your settings, click Cancel, or click Previous to change them.
7
When you have confirmed your settings, click Submit, then Exit Wizard.
At this point, the McAfee DLP Manager setup is almost complete. After all other products are
integrated into the network, sync McAfee DLP Manager to the network by completing the final step
in this document.
Select an integration mode for McAfee DLP Monitor
McAfee DLP Monitor must be physically integrated into the network so it can capture traffic. There are
two integration modes: use of a mirror (SPAN) port on a LAN switch, or placement of a network tap
between the network and the appliance.
SPAN port configuration
A SPAN (Switched Port Analyzer) port configuration enables monitoring by transparently copying traffic
from source ports to the destination port to which McAfee DLP Monitor is connected.
If two capture ports are used, two traffic sources (for example, different subnets) must be used.
Certain switch models permit the use of a “remote SPAN”, or “RSPAN” capability, which allows ports
from multiple switches to be mirrored to the port to which McAfee DLP Monitor is connected. If you
want to mirror multiple ports on multiple switches to your DLP appliance, contact the switch vendor for
details on configuring RSPAN.
Figure 1-4 Span port configuration
1 Capture ports
2 WAN router traffic mirrored to McAfee DLP Monitor port
3 LAN
4 LAN switch
5 WAN
Setting up the hardware
Select an integration mode for McAfee DLP Monitor
1
McAfee Data Loss Prevention 9.2.1 Installation Guide
11
This method requires a change on the LAN switch, but no downtime is required because network
traffic is not disrupted.
With this configuration, some packets might be dropped under heavy loads. As a result, the number of
packets seen by McAfee DLP Monitor might not match the number seen by the ports being monitored.
Integrate the appliance using a SPAN port
Task
1
Connect McAfee DLP Monitor to a network switch using a console cable or network connection
(such as Telnet or SSH).
Note the port used to connect the appliance to the LAN switch, and the port used by the WAN
router.
2
Apply the appropriate SPAN port configuration.
3
Using interface show commands on the switch, verify that traffic is being received on the switch
port to which McAfee DLP Monitor is connected.
4
Save the configuration on the switch.
Common configuration
If a SPAN port is configured on a Cisco switch, the WAN router would be connected to
interface "GigabitEthernet1/0/1". The DLP appliance would be connected to interface
"GigabitEthernet1/0/2".
Switch: configure terminal
Switch(config)# interface GigabitEthernet1/0/2
Switch(configif)# port monitor GigabitEthernet1/0/1
Switch(configif)# end
Switch# show port monitor
Monitor Port Port being monitored
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑ ‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
GigabitEthernet1/0/2 GigabitEthernet1/0/1
Switch# write memory
1
Setting up the hardware
Select an integration mode for McAfee DLP Monitor
12
McAfee Data Loss Prevention 9.2.1 Installation Guide
Network tap configuration
A network tap configuration enables monitoring by injecting a tap in between two network devices
(generally the LAN switch and the WAN router) using additional cabling, then connecting the tap to
McAfee DLP Monitor.
The network tap captures traffic through a tap that is attached to the LAN switch and WAN router
through two network ports. Traffic from these ports flows directly to the capture ports on McAfee DLP
Monitor.
In environments where there is a firewall or a series of devices separating the LAN switch from the WAN
router, the network tap should be installed between the LAN switch and the first device.
Figure 1-5 Network tap configuration
1 Capture ports
2 Analyzer ports
3 Network tap
4 LAN
5 LAN switch
6 Router
7 WAN
This method requires physical disconnection and reconnection of network cables, so it disrupts traffic.
A service window is required.
With this configuration, full traffic capture is done even under heavy load conditions.
Network tap types
Network taps are available in copper or fiber media.
Regeneration taps for both types can be used to extend monitoring to multiple ports. When these taps
are used, signals are regenerated before sending a copy of the packets to the monitor port.
Table 1-1 Network tap types
Network tap type Description
Copper and copper
regenerative
These taps use twisted pair copper cabling (preferably CAT6 twisted
pair).
Fiber and fiber regenerative These taps use multimode fiber cabling with an LC connector on one
end (which connects to a capture port on the appliance) and an SC
connector on the other (which connects to a port on the tap).
Setting up the hardware
Select an integration mode for McAfee DLP Monitor
1
McAfee Data Loss Prevention 9.2.1 Installation Guide
13
Integrate the appliance using a network tap
Task
1
Disconnect the cable between your WAN router and your LAN switch.
2
Connect Monitor Port A of the network tap to Capture Port 0 on McAfee DLP Monitor.
3
Connect Monitor Port B of the network tap to Capture Port 1 on McAfee DLP Monitor.
4
Connect Network Port A of the network tap to a router inside the firewall.
5
Connect Network Port B of the network tap to the LAN switch.
Complete the setup
Add the NTP server to sync McAfee DLP Manager to the network.
Task
1
Open a web browser and enter the assigned IP address in the address bar to restart McAfee DLP
Manager.
2
Click the System tab and select the Configure link.
3
Scroll down to the Time section and enter the NTP server.
pool.ntp.org
4
Click Time at Server to verify the current time.
5
Click Update.
Configuration is complete. If you want to integrate the DLP system into McAfee
®
ePolicy Orchestrator
®
4.5 or 4.6, you can do it now.
1
Setting up the hardware
Complete the setup
14
McAfee Data Loss Prevention 9.2.1 Installation Guide
2
Installing or upgrading the software on
4400 appliances
A McAfee DLP installation on the 4400 contains two released images, each of which contains an
operating system (except for the kernal) and DLP software.
Primary and secondary images are initially duplicate installations. When the system is upgraded, the
primary and secondary disks can contain different versions of the same product.
The system automatically boots from the latest installed version.
Contents
Download the 4400 archive
Boot options
Install a fresh image on 4400 appliances
Upgrade the products on 4400 appliances
Apply a hotfix
Convert an installation to another McAfee DLP product
Restoring the drives
Download the 4400 archive
To prepare for installation on the 4400, download the software from the Service Portal.
Before you begin
Locate the grant number you received after purchasing the product.
McAfee DLP Manager is preinstalled on the model 4400 appliance. Install the other McAfee DLP
products as needed.
Downloadable archives all have legacy names preceded by i, although the product names have
changed. In particular, note that McAfee DLP Monitor is also known as iguard.
Task
1
Open the McAfee support page by typing support.mcafee.com into the address bar of a web
browser.
2
From the Products & Solutions menu, select Product Downloads, or locate and click the link under the
Corporate Support heading.
3
In the Download My Products field, enter your grant number.
4
Scroll down the page, then select the McAfee Network DLP product.
2
McAfee Data Loss Prevention 9.2.1 Installation Guide
15
5
From the product page, select the software version, and confirm acceptance of the license
agreement.
The downloads page appears.
6
In the Software Downloads tab, select and save the appropriate *.tgz file to your Windowsbased
computer.
The software is saved in the Downloads folder.
Boot options
Unlike the legacy DLP appliances, the model 4400 hardware platform runs the McAfee Linux Operating
System (MLOS). It contains a boot loader package that allows users to switch between installations.
McAfee DLP uses Gnu GRUB (GRand Unified Bootloader) to install the primary and secondary images
on the model 4400 appliances.
Figure 2-1 GRand Unified Bootloader
The default Disk Boot option is used only to boot the operating system of the appliance.
During the upgrade process, the configuration data in the /data directory and the kernel/boot loader
information in the boot directory are copied over to the new installation.
Table 2-1 Boot options
Option Definition
McAfee NDLP Disk Boot
Reboots the system from the operating system disk. Does not reinstall
the operating system or the product software.
McAfee NDLP Primary Image
Install
Loads the primary image to the system. Replaces the existing operating
system and product software, but retains the data in the /data and /
boot directories.
McAfee NDLP Secondary Image
Install
Loads the secondary image to the system. Replaces the existing
operating system and product software, but retains the data in the /data
and /boot directories.
2
Installing or upgrading the software on 4400 appliances
Boot options
16
McAfee Data Loss Prevention 9.2.1 Installation Guide
Set up the next boot option
After you install an image, the system automatically assigns the next boot to the image that was
installed. In rare instances, you might want to override that assignment by configuring the next boot
to a different disk.
Using this command has the same effect as changing the boot option using the GRub menu.
Take this step only if you have a specific need that cannot be addressed by the current configuration.
Task
1
Log on to the appliance as root.
2
Go to the installation directory.
# cd /data/install
3
Run the setnextboot script to select one of three boot options: primary, secondary, or boot from
the operating system on the appliance.
# ./setnextboot [reboot_only | pri | sec]
The script sets up the selected option. When the option is set, a message appears stating which
image will boot next.
4
Restart the system.
Install a fresh image on 4400 appliances
To install a fresh image, install on both primary and secondary disks.
Before you begin
Download the product archive and copy it to the appliance.
Task
1
Log on to the appliance as root.
2
Copy the archive to the appliance.
If you downloaded the archive to a Windowsbased computer, use WinSCP.
If you are copying the archive from a Linux server, use the SCP command scp rp <package
number> root@<name or ip address>:<directory>
3
Make an installation directory.
# mkdir /data/install
4
From the directory you downloaded the archive to, extract the contents of the archive, using the C
option to expand it into the /data/install directory.
# tar xvzf ndlp_<product>.tgz C /data/install
5
Go to the /data/install directory.
# cd /data/install
Installing or upgrading the software on 4400 appliances
Install a fresh image on 4400 appliances
2
McAfee Data Loss Prevention 9.2.1 Installation Guide
17
6
Run the installation script.
Before you type in the command, run pwd to establish that you are in the correct product directory.
You must be sure that you are running the updated scripts in the upgrade archive that you just
downloaded and extracted.
iGuard was the original name of McAfee DLP Monitor, but the archives have not been renamed.
# ./install_new_full <product> .
The product image installs on the primary and secondary disks.
7
Restart the system.
# reboot
Restarting the system might take 10–15 minutes.
8
Log on to the McAfee DLP device as root, go to the installation directory, and verify the installation
with the command:
# cat /data/stingray/etc/version
If the Release field contains 9.2.1, installation is complete.
Upgrade the products on 4400 appliances
To upgrade a product on the 4400 appliance, you must install the new image on the disk that is not
used by the previous installation. This ensures that the original image can still be accessed after the
upgrade is complete. The system automatically boots from the latest image.
Before you begin
Download the product archive and copy it to the appliance.
Stop all scans and search tasks before upgrading, and wait until they are completely stopped before
upgrading.
If you want to do a backup before upgrading to 9.2.1 on a 4400 appliance that is running McAfee Data
Loss Prevention Manager 9.2.0 or one of the standalone McAfee DLP appliances, you must first apply
Hotfix 754037_45668_01.
Without a backup, the data, settings, and configuration on your 4400 might be lost if there is a system
failure.
The install_to_pri and install_to_sec scripts install the upgrade. After the process runs, the
existing configuration and database are copied to the new image.
If you use the wrong script, you will write over your existing installation.
Task
1
Log on as root to the model 4400 appliance.
2
Installing or upgrading the software on 4400 appliances
Upgrade the products on 4400 appliances
18
McAfee Data Loss Prevention 9.2.1 Installation Guide
2
Copy the archive to the appliance.
If you downloaded the archive to a Windowsbased computer, use WinSCP.
If you are copying the archive from a Linux server, use the SCP command scp rp <package
number> root@<name or ip address>:<directory>
3
Make an installation directory.
# mkdir /data/install
4
Find out which version is currently installed.
# cat /data/stingray/etc/version
5
Run the system_info utility to determine whether the system is running the product from the
primary or secondary image, so that you can decide where to install the update.
# /data/stingray/ksh/system_info
Install the update on the disk that is not used. For example, if system_info returns the message
"The system is currently running <product> from the primary image," install the update on the
secondary disk with install_to_sec.
6
From the directory you downloaded the archive to, extract the contents of the archive, using the C
option to expand it into the /data/install directory.
# tar xvzf ndlp_<product>.tgz C /data/install
7
Go to the /data/install directory.
# cd /data/install
8
Run the installation script.
Before you type the command, run pwd to establish that you are in the correct product directory. You
must be sure that you are running the updated scripts in the upgrade archive that you just
downloaded and extracted.
iGuard was the original name of McAfee DLP Monitor, but the archives have not been renamed, and
each product name is preceded by "i" to maintain the original naming convention.
# ./install_to_pri <product> .
or
# ./install_to_sec <product> .
The product image installs on the primary or secondary disk. When the upgrade is complete, a
message appears stating which image will boot next.
9
Restart the system.
# reboot
Restarting the system might take 10–15 minutes.
10
Log on to the McAfee DLP device as root, go to the installation directory, and verify the installation
with the command:
# cat /data/stingray/etc/version
If the Release field contains 9.2.1, installation is complete.
11
Install Hotfix 793756_46026 on all devices.
Installing or upgrading the software on 4400 appliances
Upgrade the products on 4400 appliances
2
McAfee Data Loss Prevention 9.2.1 Installation Guide
19
Apply a hotfix
Apply a hotfix by running a script that installs the hotfix.
Before you begin
Download the product hotfix archive and copy it to the appliance.
Task
1
Log on to the appliance as root.
2
Copy the archive to the appliance.
If you downloaded the archive to a Windowsbased computer, use WinSCP.
If you are copying the archive from a Linux server, use the SCP command scp rp <hotfix
_package> root@<name or ip address>:<directory>
3
Make an installation directory.
# mkdir /data/hotfix
4
From the directory you downloaded the archive to, extract the contents of the archive, using the C
option to expand it into the /data/hotfix directory.
# tar xvzf hotfix_xxxxxx_yyyy_zz.tar.gz C /data/hotfix
5
Go to the /data/hotfix directory.
# cd /data/hotfix/xxxxxx
6
(Optional) Open the README file to see the hotfix details.
7
Run the installation script.
# ./install_hotfix
8
Restart the Stingray service.
# service stingray restart
Convert an installation to another McAfee DLP product
The 4400 appliance ships with McAfee DLP Manager, but that installation can be converted to another
Data Loss Prevention product. However, only one product can be installed on the appliance, so the
primary and secondary images must both be installed with that product.
Before you begin
Download the product archive and copy it to the appliance.
Task
1
Log on to the appliance as root.
2
Go to the installation directory.
# cd /data/install
2
Installing or upgrading the software on 4400 appliances
Apply a hotfix
20
McAfee Data Loss Prevention 9.2.1 Installation Guide
/