McAfee Policy Auditor 6.0.
COPYRIGHT Copyright © 2011 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies.
Contents Introducing McAfee Policy Auditor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Product components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Audience. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Conventions. . . .
Introducing McAfee Policy Auditor ® McAfee Policy Auditor automates the process required to conduct system compliance audits. It measures compliance by comparing the actual configuration of a system to the desired state of a system. This guide provides system requirements for McAfee Policy Auditor software, and information about installing it as a managed product, as well as modifying, repairing, removing, and reinstalling the software.
Introducing McAfee Policy Auditor Conventions • Administrators — People who implement and enforce the company's security program. • Users — People who are responsible for configuring the product options on their system, or for updating the product on their systems. Conventions This guide uses the following typographical conventions. Book title or Emphasis Title of a book, chapter, or topic; introduction of a new term; emphasis. Bold Text that is strongly emphasized.
Pre-Installation Tasks Before installing McAfee Policy Auditor, you need to make sure your system is ready and meets the minimum software and hardware requirements. This section presents information to help plan and prepare your system before installing the software. Contents Preparation for installing the software System requirements Database considerations and support Preparation for installing the software Complete these tasks before installing the McAfee Policy Auditor software.
Pre-Installation Tasks System requirements Supported ePolicy Orchestrator software versions One of these versions of ePolicy Orchestrator software must be installed and working before you install the software: • ePolicy Orchestrator software version 4.5 Patch 5 or greater • ePolicy Orchestrator software version 4.6 Domain controller requirements The server must have a trust relationship with the Primary Domain Controller (PDC) on the network. For instructions, see the Microsoft product documentation.
Pre-Installation Tasks System requirements Browser ePO 4.5 ePO 4.6 Microsoft Internet Explorer 5.5 No No Mozilla Firefox 4.0 No* No* Mozilla Firefox 3.6 Yes (with ePO 4.5 Patch 4 and greater) Yes Mozilla Firefox 3.5 No Yes Mozilla Firefox 3.0 Yes No * McAfee plans to test and provide support for Internet Explorer 9 and Firefox 4 in upcoming patch releases Proxy servers If you are using a proxy, bypass the proxy server: 1 From the Internet Explorer Tools menu, select Internet Options.
Pre-Installation Tasks System requirements Port Default Description Traffic direction Console-to-application server communication port 8443 HTTPS port opened by the ePolicy Orchestrator software Application Server service to allow web browser UI access. Inbound connection to the ePolicy Orchestrator software server. Sensor-to-server communication port 8444 HTTPS port opened by the ePolicy Orchestrator software Application Server service to receive RSD connections.
Pre-Installation Tasks System requirements Distributed repository requirements Distributed repositories host copies of your master repository’s contents. Consider using distributed repositories and strategically placing them throughout your network to ensure that managed systems are updated and to minimize network traffic. As you update your master repository, the ePolicy Orchestrator software software replicates the contents to the distributed repositories.
Pre-Installation Tasks System requirements Operating system X86 support X64 support Other processors HP-UX 11i v2 RISC HP-UX 11i v2 Itanium RISC HP-UX 11i v3 RISC HP-UX 11i v3 Itanium RISC Notes Red Hat Linux AS, ES, WS 4.0 X X 32-bit agent on 64-bit hardware Red Hat Enterprise Linux 5.0, 5.1 X X 32-bit agent on 64-bit hardware Red Hat Enterprise Linux 6.
Pre-Installation Tasks Database considerations and support Component Requirements Network environment Microsoft or Novell NetWare networks. NetWare networks require TCP\IP. Network interface card (NIC) 10 Mbps or higher. Agentless audit support Agentless audits allow you to audit systems that do not have the McAfee Policy Auditor agent plug-in installed. You can audit systems that do not have the agent plug-in by integrating McAfee Policy Auditor with McAfee Foundstone version 6.
Pre-Installation Tasks Database considerations and support Database SQL Server 2005 ePO 4.5 Yes ePO 4.6 Requirements Yes Notes Local database server If the database and McAfee Policy Auditor server are on the same system, McAfee recommends configuring your server to use a using a fixed virtual memory size that is approximately two-thirds of the total memory allotted for SQL Server. For example, if the system has 1 GB of RAM, set 660 MB as the fixed memory size for SQL Server.
Pre-Installation Tasks Database considerations and support Database ePO 4.5 ePO 4.6 Requirements Notes Backward Compatibility if it is not present. Table 2: Additional software considerations Software Notes Internet browser See Browsers supported. MDAC 2.8 If not previously installed, the installation wizard installs automatically. SQL Server 2005 Backward Compatibility If required, the installer prompts you to install it.
Pre-Installation Tasks Database considerations and support The Index Configuration server setting also affects the size of the database. If you use the Minimal Indexing option, the database will be smaller than if you use one of the other options. The ultimate database size cannot be calculated accurately prior to deploying McAfee Policy Auditor, but can be estimated approximately 3 months after beginning a phased rollout.
Pre-Installation Tasks Database considerations and support 1,000 systems Per system per year Frequency 2,000 systems Total audits 5,000 systems 10,000 systems 20,000 systems 50,000 systems Database size (GB) 20 quarterly 80 109 219 547 1,094 2,188 1 monthly 12 16 2 monthly 24 33 5,469 33 82 164 328 820 66 164 328 656 1,641 5 monthly 60 82 164 410 820 1,641 4,102 10 monthly 120 164 328 820 1,641 3,281 8,203 20 monthly 240 328 656 1,641 3,281 6,563 16,
Pre-Installation Tasks Database considerations and support The number of FIM events depends upon the number of files monitored and the frequency of changes to monitored files. The number of events is difficult to predict, but the impact to database storage is minimal. Each FIM event adds approximately 3 kB to the database. If your organization generates one million events per month, the annual database growth is: 3 kB/event × 1,000,000 events/month × 12 months/year × 0.
Pre-Installation Tasks Database considerations and support 59.80 + 3.44 + 38.64 + 49.20 = 151 GB Server requirements This section contains information you need to know before installing the McAfee Policy Auditor software, including hardware and software requirements. Supported ePolicy Orchestrator software versions One of these versions of ePolicy Orchestrator software must be installed and working before you install the software: • ePolicy Orchestrator software version 4.
Installing McAfee Policy Auditor This version of McAfee Policy Auditor requires that you install one or more extensions in ePolicy Orchestrator software depending on the components you have purchased and the version of ePolicy Orchestrator software you are running.
Installing McAfee Policy Auditor Install McAfee Policy Auditor as an extension on ePolicy Orchestrator software b Right-click any of the resources for the McAfee ePO Server group, then click Initiate Failover. The resources should fail and then come back online. Install McAfee Policy Auditor as an extension on ePolicy Orchestrator software Install the software on ePolicy Orchestrator software version 4.5 or 4.6 systems as an extension. Task For option definitions, click ? in the interface.
Installing McAfee Policy Auditor Check in additional agent plug-in packages Check in additional agent plug-in packages When you install McAfee Policy Auditor, it automatically checks in agent plug-in packages for Windows, Mac OSX, and Linux to the Master Repository. If you have Solaris, AIX, or HP-UX systems, you need to separately check in these packages to the Master Repository.
Installing McAfee Policy Auditor Uninstall McAfee Policy Auditor 1 Download the appropriate McAfee Vulnerability Manager extension zip file from the McAfee download site, and store it on your ePolicy Orchestrator server. 2 Unzip the file to a convenient location. Read the release notes and the documentation, then double-click the Setup file to begin the installation. 3 Follow the instructions to complete the installation.
Index browsers supported 7 installation requirements (continued) browsers supported 7 database considerations 12 database storage requirements 14, 15, 18 database storage, file integrity monitoring 16 database storage, file versioning 17 distributed repositories 10 domain controller requirements 6, 18 hardware and networks 10 McAfee Agent support 10 Policy Auditor 6, 18 Policy Auditor agent plug-in support 10 supported operating systems 7 supported virtual software 9 C M A administrator rights 6 agent
Index requirements for installation (continued) supported virtual software 9 T S U ServicePortal, finding product documentation 5 SQL Server, supported versions 12 supported operating systems 7 supported virtual software 9 system requirements 6 uninstall Policy Auditor 22 update content 20 tasks, pre-installation 6 V Vulnerability Manager, install the ePO extension 21 24 McAfee Policy Auditor 6.0.
