McAfee ATD-3000, ATD-6000, ATD-3100, ATD-6100 User Manual
McAfee Advanced Threat Defense 4.6.0 Hardware
Setting up the Advanced Threat Defense
Appliance
Prepare the Advanced Threat Defense Appliance for installation and integration in the network.
Advanced Threat Defense Appliances
Depending on the model, the Advanced Threat Defense Appliance is a 1-U or 2-U rack dense chassis with Intel
Xeon® E5-2600 product family processor.
The Advanced Threat Defense Appliance runs on a pre-installed, hardened Linux kernel 3.6.0 and comes
preloaded with the Advanced Threat Defense software.
Guide
®
The Advanced Threat Defense Appliance is available in the following models:
• ATD-3000 — Standard model is a 1U chassis
• ATD-6000 — High-end model is a 2U chassis
• ATD-3100 — Standard model is a 1U chassis
• ATD-6100 — High-end model is a 1U chassis
The Advanced Threat Defense Appliances are purpose-built, scalable, and exible high-performance servers
designed to analyze suspicious les for malware.
1
The following are the primary functions of the Advanced Threat Defense Appliance:
• Host the Advanced Threat Defense software that analyzes les for malware.
• Host the Advanced Threat Defense web interface.
• Host the virtual machines used for dynamic analysis of suspicious les.
For the performance values related to the appliances, contact Support.
Functions of a Advanced Threat Defense Appliance
The Advanced Threat Defense Appliances are purpose-built, scalable, and exible high-performance servers
designed to analyze suspicious les for malware.
The following are the primary functions of the Advanced Threat Defense Appliance:
• Host the Advanced Threat Defense software that analyzes les for malware.
• Host the Advanced Threat Defense web application.
• Host the virtual machines used for dynamic analysis of suspicious les.
For the performance values related to Advanced Threat Defense Appliances, contact McAfee support.
Before you install the Advanced Threat Defense Appliance
This section describes the tasks that you must complete before you begin to install a Advanced Threat Defense.
• Read all the provided documentation before installation.
• Make sure that you have selected a suitable location for installing the Advanced Threat Defense Appliance.
• Check that you have all the necessary equipment and components outlined in this document.
• Familiarize yourself with the McAfee Advanced Threat Defense Appliance network access card ports and
connectors as described in this document.
• Make sure you have the following information available when you congure the Advanced Threat Defense
Appliance:
• IPv4 address that you want to assign to the Appliance.
• Network mask.
• Default gateway address.
2
Warnings and cautions
Read and follow these safety warnings when you install the Advanced Threat Defense Appliance. Failure to
observe these safety warnings could result in serious physical injury.
Advanced Threat Defense Appliance power on/o — the push-button on/o power switch on the front panel of
the Advanced Threat Defense Appliance does not turn o the AC power. To remove AC power from the Advanced
Threat Defense Appliance, you must unplug the AC power cord from either the power supply or wall outlet for
both the power supplies. If you press the push-button on/o power switch on the front panel of the Advanced
Threat Defense Appliance while the appliance is running, it reboots. If you want to power o the appliance, use
CLI command — shutdown, after the system halts press the power button until the appliance powers o.
The power supplies in your system might produce high voltages and energy hazards, which can cause bodily
harm. Only trained service technicians are authorized to remove the covers and access any of the components
inside the system.
Hazardous conditions — devices and cables: Hazardous electrical conditions might be present on power,
telephone, and communication cables. Turn o the Advanced Threat Defense Appliance and disconnect
telecommunications systems, networks, modems, and both the power cords attached to the Advanced Threat
Defense Appliance before opening it. Otherwise, personal injury or equipment damage can result.
Avoid injury — lifting the Advanced Threat Defense Appliance and attaching it to the rack is a two-person job.
This equipment is intended to be grounded. Ensure that the host is connected to earth ground during normal
use.
Do not remove the outer shell of the Advanced Threat Defense Appliance. Doing so invalidates your warranty.
Do not operate the system unless all cards, faceplates, front covers, and rear covers are in place. Blank faceplates
and cover panels prevent exposure to hazardous voltages and currents inside the chassis, contain
electromagnetic interference (EMI) that might disrupt other equipment and direct the ow of cooling air through
the chassis.
To avoid electric shock, do not connect safety extra-low voltage (SELV) circuits to telephone-network voltage (TNV)
circuits. LAN ports contain SELV circuits, and WAN ports contain TNV circuits. Some LAN and WAN ports both use
RJ-45 connectors. Use caution when connecting cables.
Usage restrictions
The following restrictions apply to the use and operation of Advanced Threat Defense Appliance:
• You should not remove the outer shell of the Advanced Threat Defense Appliance. Doing so invalidates your
warranty.
• The Advanced Threat Defense Appliance is not a general purpose server.
• McAfee prohibits the use of Advanced Threat Defense Appliance for anything other than operating the
Advanced Threat Defense solution.
• McAfee prohibits the
modication or installation of any hardware or software on the Advanced Threat
Defense Appliance that is not part of the normal operation of Advanced Threat Defense.
Unpack the shipment
1
Open the crate.
2
Remove the
3
Verify you have received all parts as listed in Check your shipment on page 4.
rst accessory box.
3
4
Remove the Advanced Threat Defense Appliance.
5
Place the Advanced Threat Defense Appliance as close to the installation site as possible.
6
Position the box with the text upright.
7
Open the top aps of the box.
8
Remove the accessory box within the Advanced Threat Defense Appliance box.
9
Remove the slide rail kit.
10
Pull out the packing material surrounding the Advanced Threat Defense Appliance.
11
Remove the Advanced Threat Defense Appliance from the anti-static bag.
12
Save the box and packing materials for later use in case you need to move or ship the Advanced Threat
Defense Appliance.
Check your shipment
Each product ships with all the items needed to install the appliance on a network.
To verify that you received all the necessary items, verify that you have received the following:
• Advanced Threat Defense Appliance
• Accessories itemized on the Content Sheet
• Set of tool-less slide rails
• Front bezel with key
McAfee Advanced Threat Defense Appliance front and back panels
Figure 1 ATD-3000 and ATD-6000 front panel
Label Description
1 System ID button with integrated indicator light
2 NMI button (recessed, tool required for use)
3 NIC 1 activity indicator light
4
• ATD-3000: NIC 3 activity indicator light
• ATD-6000: Not used
5 System cold reset button
6 System status indicator light
7 Power button with integrated indicator light
8 Hard drive activity indicator light
4
Label Description
9
• ATD-3000: NIC 4 activity indicator light
• ATD-6000: Not used
10 NIC 2 activity indicator light
Figure 2 ATD-3000 Appliance back panel
Label Description
1 Power supply module 1
2 Power supply module 2
3 Management port (NIC 1). This is the eth-0 interface. The set appliance and set mgmtport
commands apply to this interface. For example, when you use the set appliance ip command, the
corresponding IP address is assigned to this interface.
4 NIC 2. This is the eth-1 interface. This interface is disabled by default.
• To enable or disable this interface, use the set intfport command. For example, set intfport
1 enable
• To assign the IP details to this interface use set intfport <eth 1, 2, or 3> ip <IPv4
address> <subnet mask>
For example, set intfport 1 ip 10.10.10.10 255.255.255.0
• You cannot assign the default gateway to this port. However, you can
congure a route on this
interface to route the trac to the desired gateway. To congure a route, use route add network
<IPv4 subnet> netmask <netmask> gateway <IPv4 address> intfport 1
For example, route add network 10.10.10.0 netmask 255.255.255.0 gateway
10.10.10.1 intfport 1. This command routes all
trac from the 10.10.10.0 command to
10.10.10.1 through NIC 2 (eth-1).
5 NIC 3. This is the eth-2 interface. The note described for NIC 2 applies to this interface as well.
6 NIC 4. This is the eth-3 interface. The note described for NIC 2 applies to this interface as well.
7 Video connector
8 RJ45 serial-A port
9 USB ports
10 RMM4 NIC port
5
Label Description
11 I/O module ports/connectors (not used)
12 Add-in adapter slots from riser card 1 and riser card 2
Figure 3 ATD-6000 Appliance back panel
Label Description
1 USB ports
2 USB ports
3 Management port. This is the eth-0 interface. The set appliance and set mgmtport commands
apply to this interface. For example, when you use the set appliance ip command, the
corresponding IP address is assigned to this interface.
4 Additional I/O module ports/connectors. These are the eth-1, eth-2, and eth-3 interfaces respectively.
These interfaces are disabled by default.
• To enable or disable an interface, use the set intfport command. For example, set intfport 1
enable to enable eth-1.
• To assign the IP details to an interface use set intfport <eth 1, 2, or 3> ip <IPv4
address> <subnet mask>
For example, set intfport 1 ip 10.10.10.10 255.255.255.0
• You cannot assign the default gateway to this port. However, you can
interface to route the trac to the desired gateway. To congure a route, use route add network
<IPv4 subnet> netmask <netmask> gateway <IPv4 address> intfport 1
For example, route add network 10.10.10.0 netmask 255.255.255.0 gateway
10.10.10.1 intfport 1. This command routes all
10.10.10.1 through eth-1.
5 Video connector
6 NIC 1 (currently not used)
7 NIC 2 (currently not used)
8 RJ45 serial-A port
9 I/O module ports/connectors (not used)
10 Add-in adapter slots from riser card
11 RMM4 NIC port
12 Power supply module 2
congure a route on this
trac from the 10.10.10.0 command to
6
Loading...