McAfee 1100F, 2150F, 4150F, 2100F Installation Manual

Installation Guide

McAfee® Firewall Enterprise

Hardware Kit for F Model Appliances

This document provides hardware installation instructions for McAfee® Firewall Enterprise (hereinafter Firewall Enterprise) F model appliances.

You can find additional information at the following locations:

• Support — Visit mysupport.mcafee.com to find product documentation, announcements, and support.

• Product updates — Visit go.mcafee.com/goto/updates to download the latest Firewall Enterprise patches.

In this document ...

Before you begin

Install required software

Open the appliance chassis

Determine where the hardware must be installed

Install the hardware

Verify that the hardware is correctly installed

Before you begin

Before you perform the hardware installation procedure, complete the following tasks.

Schedule downtime to perform the upgrade

To install the hardware, you must shut down your appliance. Schedule a sufficient amount of downtime to install the hardware and verify that it is functioning properly.

Take steps to prevent damage from electrostatic discharge

Static electricity can harm delicate components inside your appliance. Take the following steps to prevent damage from electrostatic discharge (ESD).

Caution: To guard against electrical shock, always unplug your appliance from the electrical outlet before opening

the cover.

• Do not remove components from their antistatic packing material until you are ready to install the component in your appliance. Just before unwrapping the antistatic packaging, discharge static electricity from your body by touching the power supply or an unpainted metal surface on the appliance chassis.

McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide 1

Install required software

• Handle all electrostatic-sensitive components in a static-safe area. If possible, use antistatic floor pads and workbench pads.

• Discharge static electricity from your body before you touch any of your appliance's electronic components.

Print this document

During the installation process, you must determine where your new or replacement hardware should be installed. Print this document so that you can record hardware location information in the space provided.

Install required software

If you are installing a network interface card (NIC), perform this task to determine if additional software is required.

1 Examine the NIC to determine if it includes an HE, SE, or HG label near the Ethernet ports.

• If the NIC contains any of these labels, additional software is required. Continue with Step 2.

• If the NIC does not contain any of these labels, no additional software is needed. Continue with Open

the appliance chassis.

2 Determine what software you must install based on you your appliance model.

Table 1 Required software

Appliance model Required software KnowledgeBase article

• 1100F

• 2100F

• 2150F

• 4150F

2150F VX NIC drivers for ESXi KB69043

3 Find the appropriate KnowledgeBase article.

a In a web browser, navigate to mysupport.mcafee.com.

b In the User Login area, enter your credentials, then click OK.

c Click Search the KnowledgeBase.

d In the Ask a Question field, type the article number, then press Enter.

4 Install the required software as described in the KnowledgeBase article.

Hardware hotfix HW02 KB65774

Open the appliance chassis

Caution: Observe standard ESD procedures when handling hardware.

1 Use the Admin Console to shut down the appliance.

2 Disconnect the appliance from electrical power and network cables.

3 If a bezel is attached to the appliance, remove it.

4 Remove the top cover of the appliance.

Note: Break the tamper-evident seal. A replacement seal is included in the hardware kit.

5 Touch the power supply to discharge static electricity.

2 McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide

Determine where the hardware must be installed

Note: If you are replacing a PCI card that is currently installed in your appliance, go to Install the hardware on

page 13.

To determine where the hardware must be installed:

1 Record the location and type of all PCI cards that are currently installed in your appliance. Use the

information in Table 2 to identify each PCI card.

Tip: You might need this information to revert to your original configuration.

Table 2 PCI cards supported by F model appliances

PCI card type Identifying feature

6-port gigabit UTP (copper) NIC Port count and type

6-port gigabit SFP (fiber) NIC Port count and type

2-port 10-gigabit (fiber) NIC Port count and type

6-port 10-gigabit SFP+ (fiber) NIC “Tambora” label

SSL accelerator “CAVIUM NETWORKS” label

IPS engine accelerator

Note: Supported at version 7.0.1.00 or later.

“LSI” label

2 Create a list of all PCI cards that will be installed in your appliance when the installation is complete.

Include:

• PCI cards that you recorded in Step 1

• PCI card(s) that you received with the upgrade kit (identify using the information in Table 2)

3 Based on your appliance model, refer to the appropriate section to determine where the PCI cards that

you listed in Step 2 must be installed in your appliance.

• 1100F hardware configurations on page 4

• 2100F and 2150F hardware configurations on page 5

• 2150F VX hardware configurations on page 9

• 4150F hardware configurations on page 10

McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide 3

Determine where the hardware must be installed

12

1100F hardware configurations

Determine where your PCI cards must be installed in your 1100F appliance.

1 In the first column of Table 3, find the row that corresponds to the list of hardware that you created in

Step 2 on page 3.

Note: If you cannot find your combination of hardware in the table, it is not supported. You might need to

remove one or more of your existing cards to install the upgrade hardware.

2 In Figure 1, record the contents of each PCI slot for your list of hardware.

• 1 – Slot 1 column of Table 3

• 2 – Slot 2 column of Table 3

After you record the contents of each PCI slot, continue with Install the hardware on page 13.

Figure 1 1100F PCI slots

Table 3 1100F supported hardware configurations

Supported hardware configurations

(1) 6-port gigabit UTP NIC 6-port gigabit UTP NIC empty

(2) 6-port gigabit UTP NIC 6-port gigabit UTP NIC 6-port gigabit UTP NIC

• (1) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (1) 6-port gigabit UTP NIC

•(1) SSL accelerator

• (1) 6-port gigabit UTP NIC

• (1) IPS engine accelerator

• (1) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

• (1) 6-port gigabit SFP NIC

• (1) IPS engine accelerator

• (1) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+ NIC

Slot 1 Slot 2

6-port gigabit UTP NIC 6-port gigabit SFP NIC

6-port gigabit UTP NIC SSL accelerator

6-port gigabit UTP NIC IPS engine accelerator

6-port gigabit UTP NIC 2-port 10-gigabit NIC

6-port gigabit SFP NIC IPS engine accelerator

6-port gigabit UTP NIC 6-port 10-gigabit SFP+ NIC

4 McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide

Determine where the hardware must be installed

1

24

3

2100F and 2150F hardware configurations

Determine where your PCI cards must be installed in your 2100F or 2150F appliance.

1 In the first column of Table 4, find the row that corresponds to the list of hardware that you created in

Step 2 on page 3.

Note: If you cannot find your combination of hardware in the table, it is not supported. You might need to

remove one or more of your existing cards to install the upgrade hardware.

2 In Figure 2, record the contents of each PCI slot for your list of hardware.

• 1 – Slot 1 column of Table 4

• 2 – Slot 2 column of Table 4

• 3 – Slot 3 column of Table 4

• 4 – Slot 4 column of Table 4

After you record the contents of each PCI slot, continue with Install the hardware on page 13.

Figure 2 2100F and 2150F PCI slots

Table 4 2100F/2150F supported hardware configurations

Supported hardware configurations

One PCI card

(1) 6-port gigabit UTP NIC empty 6-port gigabit UTP NIC empty empty

Two PCI cards

(2) 6-port gigabit UTP NIC 6-port gigabit UTP NIC 6-port gigabit UTP NIC empty empty

• (1) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (1) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+ NIC

• (1) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

• (1) 6-port gigabit UTP NIC

•(1) SSL accelerator

• (1) 6-port gigabit UTP NIC

• (1) IPS engine accelerator

Three PCI cards

(3) 6-port gigabit UTP NIC 6-port gigabit UTP NIC 6-port gigabit UTP NIC empty 6-port gigabit UTP NIC

• (2) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (2) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+ NIC

Slot 1 Slot 2 Slot 3 Slot 4

empty 6-port gigabit UTP NIC empty 6-port gigabit SFP NIC

empty 6-port gigabit UTP NIC empty 6-port 10-gigabit SFP+

NIC

empty 6-port gigabit UTP NIC 2-port 10-gigabit NIC empty

empty 6-port gigabit UTP NIC SSL accelerator empty

empty 6-port gigabit UTP NIC IPS engine accelerator empty

6-port gigabit UTP NIC 6-port gigabit UTP NIC empty 6-port gigabit SFP NIC

6-port gigabit UTP NIC 6-port gigabit UTP NIC empty 6-port 10-gigabit SFP+

NIC

McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide 5

Determine where the hardware must be installed

Table 4 2100F/2150F supported hardware configurations (continued)

Supported hardware configurations

• (2) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

• (2) 6-port gigabit UTP NIC

•(1) SSL accelerator

• (2) 6-port gigabit UTP NIC

• (1) IPS engine accelerator

• (1) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (1) 6-port 10-gigabit SFP+ NIC

• (1) 6-port gigabit UTP NIC

• (2) 6-port gigabit SFP NIC

• (1) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

• (1) 6-port gigabit SFP NIC

• (1) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

•(1) SSL accelerator

• (1) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (1) IPS engine accelerator

• (1) 6-port gigabit UTP NIC

• (2) 2-port 10-gigabit NIC

• (1) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

•(1) SSL accelerator

• (1) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

• (1) IPS engine accelerator

• (1) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+ NIC

•(1) SSL accelerator

• (1) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+ NIC

• (1) IPS engine accelerator

• (1) 6-port gigabit UTP NIC

•(1) SSL accelerator

• (1) IPS engine accelerator

Four PCI cards

• (3) 6-port gigabit UTP NIC

•(1) SSL accelerator

• (3) 6-port gigabit UTP NIC

• (1) IPS engine accelerator

• (2) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

•(1) SSL accelerator

Slot 1 Slot 2 Slot 3 Slot 4

6-port gigabit UTP NIC 6-port gigabit UTP NIC 2-port 10-gigabit NIC empty

6-port gigabit UTP NIC 6-port gigabit UTP NIC SSL accelerator empty

6-port gigabit UTP NIC 6-port gigabit UTP NIC IPS engine accelerator empty

6-port gigabit SFP NIC 6-port gigabit UTP NIC empty 6-port 10-gigabit SFP+

NIC

empty 6-port gigabit UTP NIC 6-port gigabit SFP NIC 6-port gigabit SFP NIC

empty 6-port gigabit UTP NIC 2-port 10-gigabit NIC 6-port gigabit SFP NIC

empty 6-port gigabit UTP NIC SSL accelerator 6-port gigabit SFP NIC

empty 6-port gigabit UTP NIC IPS engine accelerator 6-port gigabit SFP NIC

empty 6-port gigabit UTP NIC 2-port 10-gigabit NIC 2-port 10-gigabit NIC

empty 6-port gigabit UTP NIC SSL accelerator 2-port 10-gigabit NIC

empty 6-port gigabit UTP NIC IPS engine accelerator 2-port 10-gigabit NIC

empty 6-port gigabit UTP NIC SSL accelerator 6-port 10-gigabit SFP+

NIC

empty 6-port gigabit UTP NIC IPS engine accelerator 6-port 10-gigabit SFP+

NIC

empty 6-port gigabit UTP NIC IPS engine accelerator SSL accelerator

6-port gigabit UTP NIC 6-port gigabit UTP NIC SSL accelerator 6-port gigabit UTP NIC

6-port gigabit UTP NIC 6-port gigabit UTP NIC IPS engine accelerator 6-port gigabit UTP NIC

6-port gigabit UTP NIC 6-port gigabit UTP NIC SSL accelerator 6-port gigabit SFP NIC

6 McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide

Determine where the hardware must be installed

Table 4 2100F/2150F supported hardware configurations (continued)

Supported hardware configurations

• (2) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (1) IPS engine accelerator

• (2) 6-port gigabit UTP NIC

• (2) 2-port 10-gigabit NIC

• (2) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

•(1) SSL accelerator

• (2) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

• (1) IPS engine accelerator

• (2) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+ NIC

•(1) SSL accelerator

• (2) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+ NIC

• (1) IPS engine accelerator

• (2) 6-port gigabit UTP NIC

•(1) SSL accelerator

• (1) IPS engine accelerator

• (1) 6-port gigabit UTP NIC

• (2) 6-port gigabit SFP NIC

•(1) SSL accelerator

• (1) 6-port gigabit UTP NIC

• (2) 6-port gigabit SFP NIC

• (1) IPS engine accelerator

• (1) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (2) 2-port 10-gigabit NIC

• (1) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (1) 2-port 10-gigabit NIC

•(1) SSL accelerator

• (1) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (1) 2-port 10-gigabit NIC

• (1) IPS engine accelerator

• (1) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

•(1) SSL accelerator

• (1) IPS engine accelerator

• (1) 6-port gigabit UTP NIC

• (2) 2-port 10-gigabit NIC

•(1) SSL accelerator

• (1) 6-port gigabit UTP NIC

• (2) 2-port 10-gigabit NIC

• (1) IPS engine accelerator

Slot 1 Slot 2 Slot 3 Slot 4

6-port gigabit UTP NIC 6-port gigabit UTP NIC IPS engine accelerator 6-port gigabit SFP NIC

6-port gigabit UTP NIC 6-port gigabit UTP NIC 2-port 10-gigabit NIC 2-port 10-gigabit NIC

6-port gigabit UTP NIC 6-port gigabit UTP NIC SSL accelerator 2-port 10-gigabit NIC

6-port gigabit UTP NIC 6-port gigabit UTP NIC IPS engine accelerator 2-port 10-gigabit NIC

6-port gigabit UTP NIC 6-port gigabit UTP NIC SSL accelerator 6-port 10-gigabit SFP+

NIC

6-port gigabit UTP NIC 6-port gigabit UTP NIC IPS engine accelerator 6-port 10-gigabit SFP+

NIC

6-port gigabit UTP NIC 6-port gigabit UTP NIC IPS engine accelerator SSL accelerator

6-port gigabit SFP NIC 6-port gigabit UTP NIC SSL accelerator 6-port gigabit SFP NIC

6-port gigabit SFP NIC 6-port gigabit UTP NIC IPS engine accelerator 6-port gigabit SFP NIC

6-port gigabit SFP NIC 6-port gigabit UTP NIC 2-port 10-gigabit NIC 2-port 10-gigabit NIC

6-port gigabit SFP NIC 6-port gigabit UTP NIC SSL accelerator 2-port 10-gigabit NIC

6-port gigabit SFP NIC 6-port gigabit UTP NIC IPS engine accelerator 2-port 10-gigabit NIC

6-port gigabit SFP NIC 6-port gigabit UTP NIC IPS engine accelerator SSL accelerator

2-port 10-gigabit NIC 6-port gigabit UTP NIC SSL accelerator 2-port 10-gigabit NIC

2-port 10-gigabit NIC 6-port gigabit UTP NIC IPS engine accelerator 2-port 10-gigabit NIC

McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide 7

Determine where the hardware must be installed

Table 4 2100F/2150F supported hardware configurations (continued)

Supported hardware configurations

• (1) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (1) 6-port 10-gigabit SFP+ NIC

•(1) SSL accelerator

• (1) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (1) 6-port 10-gigabit SFP+ NIC

• (1) IPS engine accelerator

• (1) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

•(1) SSL accelerator

• (1) IPS engine accelerator

• (1) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+ NIC

•(1) SSL accelerator

• (1) IPS engine accelerator

Slot 1 Slot 2 Slot 3 Slot 4

6-port gigabit SFP NIC 6-port gigabit UTP NIC SSL accelerator 6-port 10-gigabit SFP+

NIC

6-port gigabit SFP NIC 6-port gigabit UTP NIC IPS engine accelerator 6-port 10-gigabit SFP+

NIC

2-port 10-gigabit NIC 6-port gigabit UTP NIC IPS engine accelerator SSL accelerator

IPS engine accelerator 6-port gigabit UTP NIC SSL accelerator 6-port 10-gigabit SFP+

NIC

8 McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide

Determine where the hardware must be installed

1

24

3

2150F VX hardware configurations

Determine where your PCI cards must be installed in your 2150F VX appliance.

1 In the first column of Table 5, find the row that corresponds to the list of hardware that you created in

Step 2 on page 3.

Note: If you cannot find your combination of hardware in the table, it is not supported. You might need to

remove one or more of your existing cards to install the upgrade hardware.

2 In Figure 3, record the contents of each PCI slot for your list of hardware.

• 1 – Slot 1 column of Table 5

• 2 – Slot 2 column of Table 5

• 3 – Slot 3 column of Table 5

• 4 – Slot 4 column of Table 5

After you record the contents of each PCI slot, continue with Install the hardware on page 13.

Figure 3 2150F VX PCI slots

Table 5 2150F VX supported hardware configurations

Supported hardware configurations

(2) 6-port gigabit SFP NIC 6-port gigabit SFP NIC 6-port gigabit SFP NIC empty empty

(3) 6-port gigabit UTP NIC 6-port gigabit UTP NIC 6-port gigabit UTP NIC empty 6-port gigabit UTP NIC

• (3) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

• (3) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+ NIC

Slot 1 Slot 2 Slot 3 Slot 4

6-port gigabit UTP NIC 6-port gigabit UTP NIC 2-port 10-gigabit NIC 6-port gigabit UTP NIC

6-port gigabit UTP NIC 6-port gigabit UTP NIC 6-port 10-gigabit

SFP+ NIC

6-port gigabit UTP NIC

McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide 9

Determine where the hardware must be installed

54321

4150F hardware configurations

Determine where your PCI cards must be installed in your 4150F appliance.

1 In the first column of Table 6, find the row that corresponds to the list of hardware that you created in

Step 2 on page 3.

Note: If you cannot find your combination of hardware in the table, it is not supported. You might need to

remove one or more of your existing cards to install the upgrade hardware.

2 In Figure 4, record the contents of each PCI slot for your list of hardware.

• 1 – Slot 1 column of Table 6

• 2 – Slot 2 column of Table 6

• 3 – Slot 3 column of Table 6

• 4 – Slot 4 column of Table 6

• 5 – Slot 5 column of Table 6

After you record the contents of each PCI slot, continue with Install the hardware on page 13.

Figure 4 4150F PCI slots

Table 6 4150F supported hardware configurations

Supported hardware configurations

Two PCI cards

(2) 6-port gigabit UTP NIC empty empty empty 6-port gigabit UTP

Three PCI cards

(3) 6-port gigabit UTP NIC empty empty 6-port gigabit UTP

• (2) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (2) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

• (2) 6-port gigabit UTP NIC

•(1) SSL accelerator

• (2) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+ NIC

10 McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide

Slot 1 Slot 2 Slot 3 Slot 4 Slot 5

NIC

empty empty 6-port gigabit SFP

empty 2-port 10-gigabit

NIC

SSL accelerator empty empty 6-port gigabit UTP

empty 6-port 10-gigabit

SFP+ NIC

NIC

empty 6-port gigabit UTP

6-port gigabit UTP NIC

NIC

6-port gigabit UTP NIC

Determine where the hardware must be installed

Table 6 4150F supported hardware configurations (continued)

Supported hardware configurations

• (2) 6-port gigabit UTP NIC

• (1) IPS engine accelerator

Slot 1 Slot 2 Slot 3 Slot 4 Slot 5

IPS engine

empty empty 6-port gigabit UTP

accelerator

Four PCI cards

• (3) 6-port gigabit UTP NIC

SSL accelerator empty 6-port gigabit UTP

•(1) SSL accelerator

• (3) 6-port gigabit UTP NIC

• (1) IPS engine accelerator

• (2) 6-port gigabit UTP NIC

IPS engine

empty 6-port gigabit UTP

accelerator

SSL accelerator empty 6-port gigabit SFP

• (1) 6-port gigabit SFP NIC

•(1) SSL accelerator

• (2) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+

SSL accelerator 6-port 10-gigabit

SFP+ NIC

NIC

•(1) SSL accelerator

• (2) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

IPS engine accelerator

empty 6-port gigabit SFP

• (1) IPS engine accelerator

• (2) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+

IPS engine accelerator

6-port 10-gigabit SFP+ NIC

NIC

• (1)IPS engine accelerator

• (2) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

SSL accelerator 2-port 10-gigabit

NIC

•(1) SSL accelerator

• (2) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

IPS engine accelerator

2-port 10-gigabit NIC

• (1) IPS engine accelerator

• (2) 6-port gigabit UTP NIC

•(1) SSL accelerator

IPS engine accelerator

SSL accelerator empty 6-port gigabit UTP

• (1) IPS engine accelerator

(4) 6-port gigabit UTP NIC empty 6-port gigabit UTP

NIC

• (3) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (3) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+

empty 6-port gigabit SFP

NIC

empty 6-port 10-gigabit

SFP+ NIC

NIC

• (2) 6-port gigabit UTP NIC

• (2) 6-port gigabit SFP NIC

• (3) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

• (2) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

empty 6-port gigabit SFP

NIC

empty 2-port 10-gigabit

NIC

empty 2-port 10-gigabit

NIC

• (1) 2-port 10-gigabit NIC

• (2) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+

empty 6-port 10-gigabit

SFP+ NIC

NIC

• (1) 6-port gigabit SFP NIC

• (2) 6-port gigabit UTP NIC

• (2) 2-port 10-gigabit NIC

empty 2-port 10-gigabit

NIC

6-port gigabit UTP

NIC

6-port gigabit UTP

NIC

6-port gigabit UTP

NIC

empty 6-port gigabit UTP

NIC

6-port gigabit UTP

NIC

empty 6-port gigabit UTP

NIC

empty 6-port gigabit UTP

NIC

empty 6-port gigabit UTP

NIC

6-port gigabit UTP NIC

6-port gigabit SFP NIC

6-port gigabit UTP NIC

6-port gigabit SFP NIC

2-port 10-gigabit NIC

6-port gigabit UTP NIC

McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide 11

Determine where the hardware must be installed

Table 6 4150F supported hardware configurations (continued)

Supported hardware configurations

Five PCI cards

• (4) 6-port gigabit UTP NIC

•(1) SSL accelerator

• (4) 6-port gigabit UTP NIC

• (1) IPS engine accelerator

• (3) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

•(1) SSL accelerator

• (3) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+ NIC

•(1) SSL accelerator

• (3) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (1) IPS engine accelerator

• (3) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+ NIC

• (1) IPS engine accelerator

• (2) 6-port gigabit UTP NIC

• (2) 6-port gigabit SFP NIC

•(1) SSL accelerator

• (2) 6-port gigabit UTP NIC

• (2) 6-port gigabit SFP NIC

• (1) IPS engine accelerator

• (3) 6-port gigabit UTP NIC

• (2) 2-port 10-gigabit NIC

• (2) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (2) 2-port 10-gigabit NIC

• (3) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

•(1) SSL accelerator

• (3) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

• (1) IPS engine accelerator

• (2) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (1) 2-port 10-gigabit NIC

•(1) SSL accelerator

• (2) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (1) 6-port 10-gigabit SFP+ NIC

•(1) SSL accelerator

• (2) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (1) 2-port 10-gigabit NIC

• (1) IPS engine accelerator

Slot 1 Slot 2 Slot 3 Slot 4 Slot 5

SSL accelerator 6-port gigabit UTP

NIC

IPS engine accelerator

6-port gigabit UTP NIC

SSL accelerator 6-port gigabit SFP

NIC

SSL accelerator 6-port 10-gigabit

SFP+ NIC

IPS engine accelerator

6-port gigabit SFP NIC

6-port 10-gigabit SFP+ NIC

SSL accelerator 6-port gigabit SFP

NIC

IPS engine accelerator

2-port 10-gigabit NIC

6-port gigabit SFP NIC

2-port 10-gigabit NIC

SSL accelerator 2-port 10-gigabit

NIC

IPS engine accelerator

2-port 10-gigabit NIC

SSL accelerator 2-port 10-gigabit

NIC

SSL accelerator 6-port 10-gigabit

SFP+ NIC

IPS engine accelerator

2-port 10-gigabit NIC

6-port gigabit UTP NIC

6-port gigabit SFP NIC

6-port gigabit UTP NIC

6-port gigabit SFP NIC

6-port gigabit UTP NIC

6-port gigabit SFP NIC

6-port gigabit UTP NIC

12 McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide

Install the hardware

Table 6 4150F supported hardware configurations (continued)

Supported hardware configurations

• (2) 6-port gigabit UTP NIC

• (1) 2-port 10-gigabit NIC

•(1) SSL accelerator

• (1) IPS engine accelerator

• (2) 6-port gigabit UTP NIC

• (3) 2-port 10-gigabit NIC

• (2) 6-port gigabit UTP NIC

• (2) 2-port 10-gigabit NIC

•(1) SSL accelerator

• (2) 6-port gigabit UTP NIC

• (2) 2-port 10-gigabit NIC

• (1) IPS engine accelerator

• (2) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

• (1) 6-port 10-gigabit SFP+ NIC

• (1) IPS engine accelerator

• (2) 6-port gigabit UTP NIC

• (1) 6-port gigabit SFP NIC

•(1) SSL accelerator

• (1) IPS engine accelerator

• (2) 6-port gigabit UTP NIC

• (1) 6-port 10-gigabit SFP+ NIC

•(1) SSL accelerator

• (1) IPS engine accelerator

Slot 1 Slot 2 Slot 3 Slot 4 Slot 5

IPS engine accelerator

2-port 10-gigabit NIC

SSL accelerator 2-port 10-gigabit

IPS engine accelerator

SSL accelerator 6-port 10-gigabit

SSL accelerator 2-port 10-gigabit

2-port 10-gigabit NIC

NIC

2-port 10-gigabit NIC

6-port 10-gigabit SFP+ NIC

SSL accelerator 6-port gigabit SFP

SFP+ NIC

NIC

2-port 10-gigabit NIC

6-port gigabit SFP NIC

NIC

IPS engine accelerator

6-port gigabit UTP NIC

Install the hardware

Note: If you are installing or moving SFP or SFP+ NICs, remove all SFP modules from each card before installing

or moving it. When installation is complete, re-insert the SFP modules into each card.

1 Install the PCI card(s).

• If you are replacing a card, remove it, then install the replacement card in its place.

• If you are installing a new card, install your PCI cards in the PCI slots that you recorded.

Note: You might need to move some or all of the PCI cards that are currently installed in your appliance to

achieve the correct configuration.

2 Replace the appliance cover, then re-attach the bezel.

3 Connect the appliance to power and network cables.

Note: If you added or moved any NICs, the location of your network ports might have shifted.

4 Connect the appliance to a keyboard and a monitor.

McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide 13

Verify that the hardware is correctly installed

To verify that the hardware is correctly installed, follow the procedure that is appropriate for your appliance model.

• Verify hardware installation for models 1100F, 2100F, 2150F, and 4150F on page 14

• Verify hardware installation for model 2150F VX on page 15

Verify hardware installation for models 1100F, 2100F, 2150F, and 4150F

To verify that the hardware is correctly installed:

1 Turn on the appliance.

2 When the login prompt appears, log on directly to the appliance, then run the srole command.

3 Ping a host in your management network to verify that the appliance has connectivity to your

management network.

• If the ping is successful, continue with Step 4.

• If the ping is unsuccessful, perform troubleshooting to resolve the connectivity issue.

• Verify that the management network cable is connected to the correct port on the appliance.

• Verify that the network interface connected to the management network is configured correctly.

4 At your Windows-based management computer, use the McAfee Firewall Enterprise, Virtual Appliance

Admin Console to connect to the appliance.

5 [Conditional] If you installed one or more NICs, verify that the additional network interfaces are detected.

a Select Network | Interfaces, then click the NIC and NIC Group Configuration tab.

b Verify that the number of NICs listed in the NIC or NIC Group column matches the number of installed

network ports.

Tip: To determine which NIC corresponds to a given unconnected port, click Show Status, then note which

interfaces are connected. Connect a network cable to an open port, and refresh the Interface and NIC Status window. The interface that is newly connected corresponds to the port you just connected a cable to.

6 [Conditional] If you installed one or more accelerator cards, verify that each card is detected.

a Select Maintenance | File Editor.

b In the right pane, click Start File Editor. The File Editor appears.

c Select File | Open. The Open File window appears.

d Select Firewall File, type /var/run/dmesg.boot in the File field, then click OK. The dmesg file opens.

e Verify that your accelerator card(s) are detected.

• If you installed an SSL accelerator, find the following text in the dmesg.boot file:

pkp_drv0: <Cavium Networks: Nitrox-Px Device

, Driver Version - 0.99

> mem 0xd58ff000-0xd58fffff irq 40 at device 0.0 on pci9

pkp_drv0: [GIANT-LOCKED]

14 McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide

Verify that the hardware is correctly installed

• If you installed an IPS engine accelerator, find the following text in the dmesg.boot file:

cpp_core0: <LSI Electra Family> mem 0xde700000-0xde7fffff irq 40 at device 0.0 on pci11

cpp INFO at cppInitDevice:119: Reusing device

cpp_core0: [GIANT-LOCKED]

cppInitDriver: success detect CCP device

7 When you have verified that the new hardware is detected, apply the tamper-evident seal from the

hardware kit over the broken seal on the appliance.

Verify hardware installation for model 2150F VX

To verify that the hardware is correctly installed:

1 Turn on the appliance.

2 At your Windows-based management computer, use the VMware vSphere client to connect to the

appliance.

3 Click Inventory, then click the Configuration tab.

4 In the Hardware pane, select Network Adapters.

5 Verify that the number of devices listed in the Network Adapters table matches the number of installed

network ports.

Tip: To determine which network adapter corresponds to a given port, connect the port to an active network,

then examine the Observed IP ranges column of the Network Adapters table.

6 When you have verified that the new hardware is detected, apply the tamper-evident seal from the

hardware kit over the broken seal on the appliance.

McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide 15

Verify that the hardware is correctly installed

For support information, visit mysupport.mcafee.com.

Copyright © 2010 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies.

700-2590A00

16 McAfee Firewall Enterprise Hardware Kit for F Model Appliances Installation Guide

McAfee 1100F, 2150F, 4150F, 2100F Installation Manual

Specifications and Main Features

Frequently Asked Questions

User Manual