Denon M-2750 - Network Security Platform Installation Guide Page 7
- Page / 15
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
Network Security Platform v6.0 Page 7
700-2360F00
Release Notes
Feature usage: When you select this option, feature usage information from your setup will be sent to McAfee Labs.
If you chose to skip enabling GTI participation during your first login, then you can also configure these options from the
Manager Resource Tree under Integration > Global Threat Intelligence.
For details, see Integration Guide.
Setting the Scanning Exceptions
With this release of 6.0, Network Security Platform supports configuring scanning exceptions from the Manager to
bypass IPS inspection of traffic from a configured VLAN, TCP, or UDP port. The scanning exceptions configurations can
be enabled/disabled at the Sensor level. If either the source or destination matches the specified value, scanning will be
bypassed.
Earlier this feature was supported using the following Sensor CLI commands:
layer2 forward tcp <enable | disable><0-65535>[<0-65535>]
layer2 forward udp <enable | disable><0-65535>[<0-65535>]
layer2 forward vlan <enable|disable> <0-4095> [<0-4095>]
layer2 forward vlan <enable|disable> <0-4095>[<0-4095>] <interface <all|interfaceA-interfaceB>>
layer2 forward clear
Note the following:
Scanning exceptions is supported only in the following M-Series sensor models: M-8000, M-6050, M-4050, M-3050,
and M-2750.
Scanning exceptions rules can be configured on ports running in inline mode. Once set, these rules take
precedence over ACLs.
Fail-over ports and M-8000 interconnect ports cannot be configured for scanning exceptions.
In a fail-over pair, scanning exception rules are applied to both the Sensors. On creation of a fail-over pair, the
Primary Sensor rules are copied to the Secondary Sensor.
With this release, layer2 forwarding is supported from the Manager. A minimum Sensor software version of 6.0.7.x
or above is required to support this feature in the Manager. On upgrade of the Sensor software version to 6.0.7.x,
the Manager copies and stores the existing rules from the Sensor. It occurs only once for handling the old rule
configured in the Sensor through the CLI. After upgrade, you cannot configure scanning exceptions on the Sensor
through the CLI.
For details, see IPS Configuration Guide.
Policy Editor UI Enhancements
The UI for the IPS Settings > Policies > IPS Policies page has been enhanced to simplify access and manipulation of
attack definitions with options such as sorting, group by, and filter management. Note the following changes:
The Add button in the IPS Policies page has been renamed to New. When you click New, the Policy Details window
is displayed. The Policy Details window has two tabs namely, Properties and Attack Definitions.
From the IPS Policies page, you can select an attack and double-click or use the right-click menu to edit, bulk edit,
or enable/disable an attack.
You can add a single attack set or different attack sets for Inbound/Outbound attacks. On clicking “Calculate Attack
Definitions”, the attacks are loaded into the Attack Definitions tab of the Policy Details page. Attacks from both
Inbound/Outbound and across all the categories are displayed.
A new option called Filter Management is available to filter and view attacks for a selected policy.
A Quick Filter option is also provided to search attacks. When you enter the search criteria and click “Save”, the
Quick Filter is converted to an Advanced Filter. The Advanced Filter option enables the user to search attacks based
on several complex criteria.
A Group By option is supported to group attacks based on specific parameters. Drilldown option is also provided.
Data in Columns like Responses and Notifications are displayed as icons.
The Applications column provides a count of applications relevant for a particular attack.
© 2020, manymanuals.com. All rights reserved. | 0.519 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals