New features

This release of Network Security Platform includes the following new features:

New features for Linux based Manager

Linux based Central Manager support on Appliance

The Linux based Central Manager support on Appliance is introduced for the first time with this release. The Central Manager Appliance runs the McAfee Linux Operating System (MLOS). The operating system is hardened and comes pre-loaded on the appliance with Network Security Central Manager software. The Central Manager is used to manage the Linux based Managers in a single system. Similar to Central Manager running on Windows operating system, it can be used to perform centralized actions like, policy or signature set updates across the Mangers at a time.

Note: The Linux based Central Manager can manage the Linux based Managers only.

For more information about Linux based Central Manager support on Appliance, see McAfee Network Security Platform Manager Appliance (Linux) Installation Guide.

Linux based Manager/Central Manager as a virtual machine

With this release, you can deploy the Linux based Manager/Central Manager as virtual machines in your ESX servers. This Manager can manage all Sensor models. The Central Manager can be used to manage the Linux based Managers for updating policies, signature sets in the Managers. The virtual Manager/Central Manager is an OVA image that deploys a virtual instance of the Network Security Manager/Central Manager running on Linux machine.

For more information about Linux based Manager/Central Manager as a virtual machine, see McAfee Network Security Platform 9.1 Installation Guide.

Manager shell commands for Linux based Manager

For simplicity of usage and security, with this release, Manager shell commands are introduced in the Linux based Manager/Central Manager. The shell commands allows you to configure and view Manager configuration and network information.

For more information on Manager shell commands, see McAfee Network Security Platform Manager Appliance (Linux) Installation Guide.

Upgrade for Linux based Manager

The upgrade patch for upgrading the McAfee Linux Operating System and Manager software version is bundled as an upgrade file (setup.bin) and available in the Download Server. On executing the Linux based Manager upgrade file, the McAfee Linux Operating System and the Linux based Manager software are upgraded simultaneously.

For more information about upgrading the Linux based Manager, see McAfee Network Security Platform Manager Appliance (Linux) Installation Guide.

Compilation of signature set based on core and non-core attributes

With this release, the Manager dynamically compiles signature set based on the core and non-core attributes and pushes signatures to the Sensor based memory capacity of the model. This helps optimize Sensor resources in the latest M-series 9.1.3.13 Sensor version. It also allows improved attack coverage on NS-series 9.1.5.56 Sensor version and Virtual IPS 9.1.7.18 Sensor version leveraging improved memory capability for signature processing. In case of NTBA and virtual NTBA the functioning remains the same and all signature sets are applicable to it.

To view the signature set pushed to a Sensor, go to Policy<Admin Domain Name> Intrusion PreventionPolicy TypesIPS Policies. Double-click on any policy, the Attack Definition tab opens. The Core column displays the availability of any attack definition in the signature set pushed to a Sensor. The display in Core column is Yes for attack definitions applicable for all Sensor models, whereas No for attack definitions applicable only to NS-series and Virtual IPS Sensors running on latest versions.

For more information on signature set, see McAfee Network Security Platform 9.1 Manager Administration Guide.

ePolicy Orchestrator integration with Network Security Platform

With this release, Network Security Platform supports integration with ePolicy Orchestrator version 5.10.0.

For more information about ePolicy Orchestrator integration, see McAfee Network Security Platform 9.1 Integration Guide.

ePolicy Orchestrator integration with Network Threat Behavior Analysis

With this release, Network Threat Behavior Analysis supports integration with ePolicy Orchestrator version 5.10.0 on cloud and on-prem.

For more information about ePolicy Orchestrator integration, see McAfee Network Security Platform 9.1 Network Threat Behavior Analysis Appliance Administration Guide.