Install & Upgrade
Before you begin installing or upgrading McAfee Network Security Platform, refer to the version-specific installation or upgrade guide. We recommend that you review the installation guide and release notes to understand the prerequisites, specifications, and requirements for a successful installation. These guides also provide the upgrade path and upgrade matrix from one version to next. We always recommend using the latest available releases to stay up to date on product efficacy, fixes, and feature functionality.
All product software, release notes, and documentation are available on the Product Downloads page.
For the latest versions of McAfee Network Security Manager, Sensor, McAfee Network Threat Behavior Analysis (NTBA), and signature set software, see current McAfee Network Security Platform software version information.
Ensuring that you have the right ports open for proper initialization and communication between your peer devices and McAfee Network Security Platform is a critical step in the installation process:
Refer to the relevant guide for installation and upgrade instructions:
- McAfee Network Security Platform 9.1 Installation Guide
- McAfee Network Security Platform 9.2 Installation Guide
- Virtual IPS Installation and Upgrade
- Best Practices
- How to upgrade Manager, Sensor, and Signature Set
Signature set updates are a critical part of your installation. The Network Security Sensor will not initialize until you have successfully deployed a signature set to the appliance. For more information on the latest signature set and user-defined signature releases, refer to the following articles:
Policy & Rule Configuration
There are several stages to a successful McAfee Network Security Platform configuration and deployment. It includes selecting sensor and manager operating mode, establishing communication between the manager and sensor, configurating sensors, creating policies, and reporting.
- Configuring the Network Security Sensor
- Configuring the Network Security Manager and Central Manager
- Configuration Best Practices
Refer to the following documentation for details on configuration and setup of your McAfee Network Security Platform deployment:
Troubleshooting
If have an issue during installation, migration, and configuration of the product, logs will need to be collected and sent to McAfee Technical Support for analysis.
Consider the following when beginning the troubleshooting process:
- Were there recent physical changes to your network setup?
- Is another device placed in the sensor’s position in network receiving traffic?
- If the sensor is in Layer 2 mode, are your network services still affected?
- Check that you are using McAfee-approved GBICs, SFPs, and XFPs with your sensor. View the list of approved hardware.
Detailed troubleshooting scenarios with errors and fault information are available as part of the product version-specific guides:
- McAfee Network Security Platform 9.1 Troubleshooting Guide
- McAfee Virtual Network Security Platform Troubleshooting Guide
Frequently used troubleshooting articles by topic:
Sensor
- How to troubleshoot continuous Sensor reboots resulting in bad health
- How to troubleshoot Sensor latency issues
Manager
- How to collect information to troubleshoot issues related to McAfee Network Security Manager high use of CPU or memory
- McAfee Network Security Manager login fails with no error messages displayed
- How to enable Solr debugging for McAfee Network Security Manager
For more information on McAfee Network Security Platform hardware appliances and accessories, refer to the following guides:
- McAfee Network Security Platform Manager Appliance(Linux) Product Guide
- McAfee Network Security Platform NS-Series Sensor Product Guide
- McAfee Network Security Platform M-Series Product Guide
- McAfee Network Security Platform Fail Open Kit Product Guide
Customers looking to migrate from the Windows Network Security Manager Appliance to the McAfee Network Security Manager Linux appliance should refer to the Windows to Linux Manager Migration Guide.
Supplemental Documentation
Known Issues
- McAfee Network Security Platform 9.1.x Known Issues (KB88813)
- McAfee Network Security Platform 9.2.x Known Issues (KB90337)
FAQ
- McAfee Network Security Platform FAQ (KB75269)
- How to reset the McAfee Network Security Manager MySQL admin password
- How to reset the root password for the MySQL database component of McAfee Network Security Manager
Additional Reference Guides
Root Certificate Expiration
The McAfee product line uses TLS for secure communication. Two certificates validate McAfee TLS chains, including a primary expiring in 2038 and a secondary expiring on May 30, 2020. If either certificate, or both, are present in your environment, TLS will function correctly prior to May 30, 2020. After May 30, 2020, only the primary certificate will be valid. Out of an abundance of caution McAfee is informing customers of this impending event.
Generally, certificates are auto-updated through operation systems and customers will not be impacted. However, in environments where automatic management of root certificates is disabled and the primary certificate has not been manually deployed, customers will potentially be impacted. KB92937 provides information on how to verify and install the primary certificate.
Failure to have a valid certificate will cause product issues including reduced detection efficacy.
The primary certificate that needs to be validated is in a customer's environment as below:
Subject : CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, S=New Jersey, C=US
Thumbprint : 2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E
Expiration : 2038-01-18
Subscribe to KB92937 to receive updates.