Installation Guide
COPYRIGHT
Copyright © 2012 McAfee, Inc. Do not copy without permission.
TRADEMARK ATTRIBUTIONS
McAfee, the McAfee logo, McAfee Active Protection, McAfee AppPrism, McAfee Artemis, McAfee CleanBoot, McAfee DeepSAFE, ePolicy Orchestrator, McAfee ePO, McAfee EMM, McAfee Enterprise Mobility Management, Foundscore, Foundstone, McAfee NetPrism, McAfee Policy Enforcer, Policy Lab, McAfee QuickClean, Safe Eyes, McAfee SECURE, SecureOS, McAfee Shredder, SiteAdvisor, SmartFilter, McAfee Stinger, McAfee Total Protection, TrustedSource, VirusScan, WaveSecure, WormTraq are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other names and brands may be claimed as the property of others.
LICENSE INFORMATION License Agreement
Contents
Preface 5
About this guide ... 5
Related documents ... 5
Audience ... 5
Conventions ... 5
What’s in this guide ... 6
Finding product documentation ... 6
1 Introducing the McAfee Asset Manager Solution Suite 7 The McAfee Asset Manager Solution Suite ... 7
Architecture ... 7
Installation method... 8
2 Installation 9 Prerequisites ... 9
Install the McAfee Asset Manager Console ... 9
3 Set up the Console 13 Access the McAfee Asset Manager Console ... 13
Configure the McAfee Asset Manager Sensors to report to the Console ... 13
Manage the McAfee Asset Manager Sensors ... 14
Create a new directory ... 14
Preface
This document is provided to assist in the successful installation of the McAfee Asset Manager Console software.
About this guide
The document includes general information about the system, and describes the requirements and procedures for installing the McAfee Asset Manager Console software.
Related documents
McAfee Asset Manager Console User Guide McAfee Asset Manager Sensor User Guide
Audience
McAfee documentation is carefully researched and written for the target audience. The information in this guide is primarily intended for:
Administrators — People who implement and enforce the company's security program.
Users — People who are responsible for configuring the product options on their systems, or
for updating their systems.
Conventions
This guide uses the following typographical conventions and icons. Book title or
Emphasis Title of a book, chapter, or topic; introduction of a new term; emphasis.
Bold Text that is strongly emphasized. User input, Path, or
Code Commands and other text that the user types; the path of a folder or program; a code sample.
Hypertext A live link to a topic or to a website.
Note: Additional information, like an alternate method of accessing an option.
Introducing the McAfee Asset Manager Solution Suite
Finding product documentation
Important/Caution: Valuable advice to protect your computer system, software installation, network, business, or data.
Warning/Danger: Critical advice to prevent bodily harm when using a hardware product.
What’s in this guide
This guide is organized to help you find the information you need.
Chapter 1, The McAfee Asset Manager Solution Suite – Describes the McAfee Asset Manager Solution Suite and its architecture.
Chapter 2, Installation – Describes the prerequisites and procedures for installing the McAfee Asset Manager Console.
Chapter 3, SettUp the Console – Describes how to access the McAfee Asset Manager Console and how to configure the McAfee Asset Manager Sensors to report to the Console.
Finding product documentation
McAfee provides the information you need during each phase of product implementation, from
installation to daily use and troubleshooting. After a product is released, information about the product is entered into the McAfee online KnowledgeBase.
1 Go to the McAfee Technical Support ServicePortal at http://mysupport.mcafee.com. 2 Under Self Service, access the type of information you need:
To access… Do this…
User documentation 1 Click Product Documentation.
2 Select a Product, then select a Version. 3 Select a product document.
KnowledgeBase Click Search the KnowledgeBase for answers to your product questions.
Click Browse the KnowledgeBase for articles listed by product and
1
Introducing the McAfee Asset Manager
Solution Suite
This chapter introduces the McAfee Asset Manager Solution Suite and its architecture. Contents
The McAfee Asset Manager Solution Suite
The McAfee Asset Manager Solution Suite
Total Network Visibility with Real-Time Network, Device, and User Intelligence
McAfee Asset Manager provides a 360° view into the actual state of your network security. It builds and maintains a complete and accurate inventory of ALL devices operating on the enterprise network. Utilizing unique profiling technology, McAfee Asset Manager provides meaningful network, device and user intelligence, thereby reducing ambiguity and enabling better decision making based on accurate and in-depth audit information. Network information is collected continuously to reflect the actual current state of the network. McAfee Asset Manager detects 20%-50% of additional devices residing on an enterprise network, which otherwise would not be accounted for.
McAfee Asset Manager automatically performs security configuration audits based on the asset classification information collected, simplifying the process of conducting network-wide security configuration audits. McAfee Asset Manager provides efficient security compliance tracking and auditing procedures, highlighting the gap between the actual security configurations of devices to industry best practices.
McAfee Asset Manager can integrate with your security ecosystem to enhance the operation of your existing security products and provide total network visibility with real-time network intelligence. The McAfee Asset Manager takes a unique approach and is an agentless solution; it does not require any integration with infrastructure components and is vendor agnostic.
Architecture
The McAfee Asset Manager Solution Suite is a distributed application where Sensors are deployed in different organizational locations and report to a centralized console. A Sensor can be installed as an appliance and as a virtual appliance, and also supports remote deployment.
Introducing the McAfee Asset Manager Solution Suite
The McAfee Asset Manager Solution Suite
The McAfee Asset Manager Sensor and the McAfee Asset Manager Console are software
based-products shipped as an ISO image including an underlying hardened Linux operating system (based on the Debian Linux distribution) and the McAfee Asset Manager application.
The McAfee Asset Manager Console software installation also includes the open source PostgreSQL database, as its database server, and the open source OpenLDAP server, available as another interface to the asset information.
Installation method
The McAfee Asset Manager suite is a software ISO image that can be used to install both the McAfee Asset Manager Sensor and the McAfee Asset Manager Console.
Note Installing both the MAM console and sensor on the same machine is not a supported
2
Installation
This chapter details the minimum hardware platform requirements and describes the installation process.
Contents
Prerequisites
Install the McAfee Asset Manager Console
Prerequisites
Hardware
Physical or virtual appliance with appropriate hardware specification Hardware compatibility with MAM platform in case of a physical appliance
For general sizing guidelines and hardeware requirements, please refer to the "MAM v6.5 General Sizing Guidelines" document.
Install the McAfee Asset Manager Console
This chapter describes how to install the McAfee Asset Manager Console.
The McAfee Asset Manager Console software includes the underlying hardened Linux operating system, the McAfee Asset Manager Console application, a PostgreSQL database, and all required infrastructure tools and components.
Before you begin
Make sure the hardware or virtual machine you use are compatible with the McAfee Asset Manager platform and meet the required prerequisites.
Task
1 Verify that the BIOS Setup is configured to boot from the CD ROM/DVD. 2 Insert the installation CD into the CD-ROM/DVD drive.
Installation
Install the McAfee Asset Manager Console
Note The advanced and Text Install options should only be used by McAfee personnel for
debugging purposes.
The installation begins with the hardware detection process.
When the network hardware detection process is complete, the Welcome to the McAfee Asset Manager
Installer page is displayed.
5 Click Continue to acknowledge formatting the drive prior to the software installation.
Note
Formatting the disk is mandatory for the installation.
6 Set the password for the root user.
The Software selection page is displayed.
7 For the McAfee Asset Manager Console installation, select McAfee Asset Manager Console, then click Continue.
The End User License Agreement is displayed.
8 Read the license agreement carefully, then click Continue. The License confirmation page is
displayed.
9 Select Yes to confirm your agreement to the license terms, then click Continue.
The installation process begins. After a few minutes, the computer ejects the CD and automatically reboots.
When the computer restarts and the system boots for the first time, the Initial IP Configurator screen is displayed.
Note
To navigate within the configuration screens, use the arrow keys, the TAB key, and the
Enter key.
10 Select Yes to allow the installation system to attempt enumerating network settings, enabling the
automatic configuration of key networking parameters. Otherwise select No to continue.
11 When Yes is selected, the network settings are automatically enumerated.
The active NIC configuration screen is displayed (regardless of the selection made).
Note The configuration of the McAfee Asset Manager Console mandates configuring a single
Installation
Install the McAfee Asset Manager Console
14 Press the <TAB> key to select and configure the remaining required network configuration
parameters: IP address, Netmask, default gateway and, if needed, the VLAN ID.
15 Select Next. The DNS Configuration screen is displayed.
16 Type the IP address of your primary DNS server under Primary DNS IP Address. 17 If using a secondary DNS server, type its IP address under Secondary DNS IP Address.
18 Insert the fully qualified domain name of your DNS domain under Fully Qualified Domain Name (FQDN). 19 Select Next. The Time Configuration screen is displayed.
20 In the Time Configuration page, type the IP address or the hostname of your NTP server under NTP Server IP Address/Name.
21 Select either the Time Zone or the Country in which the McAfee Asset Manager Sensor is installed in
order to correctly align the time zone of the McAfee Asset Manager Sensor.
3
Set up the Console
This chapter describes how to access the McAfee Asset Manager Console and how to configure the McAfee Asset Manager Sensors to report to the Console.
Contents
Access the McAfee Asset Manager Console Manage the McAfee Asset Manager Sensors
Access the McAfee Asset Manager Console
The McAfee Asset Manager Console is web-based software that can be accessed using Microsoft Internet Explorer 7.x/8.x/9.x, FireFox (partially), and Google Chrome (partially) browsers. In order to access the web interface, the Java Runtime Environment (JRE) needs to be installed on the client computer. If download is enabled on the machine, JRE will be automatically downloaded and installed when accessing the Console. If not, JRE can be downloaded from the Oracle web site.
Task
1 In a web browser, browse to https://<IP address of the McAfee Asset Manager Console> and press <Enter>. 2 The McAfee Asset Manager Console Login page is displayed.
3 Enter the default user name (Administrator) and password (Password@1) in the designated fields, then
click Login. The McAfee Asset Manager Console application is displayed. Note The first time you log in you are prompted to change the default password.
Configure the McAfee Asset Manager Sensors to report to the
Console
Before the McAfee Asset Manager Console can receive data from a McAfee Asset Manager Sensor, the Sensor must be configured to point to the McAfee Asset Manager Console.
Task
1 Access the McAfee Asset Manager Sensor.
Set up the Console
Manage the McAfee Asset Manager Sensors
3 In the Console Settings area, select Report to Console and configure the following parameters:
IP Address: The IP address of the McAfee Asset Manager Console.
Port: The TCP port to be used to communicate with the McAfee Asset Manager Console. (Do
not change the default value of TCP port 63223.)
4 Click Save.
Manage the McAfee Asset Manager Sensors
Once you have connected all the McAfee Asset Manager Sensors to the Console, you can organize the Sensors into logical groupings within separate directories in the Navigation tree.
You can create directories for this purpose and assign Sensors to the directories in the Topology, Alerts, Configuration, or Audit modules (the settings configured in one of the modules are applied in all modules).
Create a new directory
This section describes how to create a new directory. Task
1 In the Navigation tree, right-click the node in which you want to create a directory folder, then
select New. A new folder entity is added to the tree. Note
A Sensor can be assigned to only one directory at a time.
2 Right-click the new folder and select Rename to name the folder.
Assign a Sensor to a directory
This section describes how to assign a collector to a directory. Task
On the toolbar, click the Open Sensor Pane icon . The Sensor pane is displayed, listing all of the Sensors currently connected to the Console.
3 Select the IP address of the Sensor, and drag and drop the Sensor onto the relevant directory in
