EasyManua.ls Logo

McAfee NS Series - About Network Security Sensors; Functions of an NS-series Sensor

McAfee NS Series
41 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
1
About Network Security Sensors
McAfee Network Security Sensors (Sensors) are high-performance, scalable, and exible content processing
appliances built for the accurate detection and prevention of:
Network intrusions
Network misuse
Distributed Denial-of-Service (DDoS) attacks
Sensors are specically designed to handle trac at wire speed, eciently inspect and detect intrusions with a
high degree of accuracy, and exible enough to adapt to the security needs of any enterprise environment.
When deployed at key network access points, the Sensor provides real-time trac monitoring to detect
malicious activity and respond to the malicious activity as congured by the administrator.
After you deploy a Sensor successfully, you congure and manage it using the McAfee
®
Network Security
Manager (Manager). The process of conguring a Sensor and establishing communication with the Manager is
described in subsequent chapters of this guide. For the details about the Manager, see the McAfee Network
Security Platform Manager Administration Guide.
Contents
Functions of an NS-series Sensor
Deployment of an NS-series Sensor
Functions of an NS-series Sensor
The NS-series Sensors are a third-generation hardware platform for McAfee
®
Network Security Sensor (Sensor)
designed for high bandwidth links, to provide Next Generation IPS (NGIPS) capability, providing high aggregate
throughput across various Sensor models. The NS9500 Sensor is a 1RU unit providing an aggregate throughput
up to 30 Gbps.
The primary function of a Sensor is to analyze trac on selected network segments and to respond when an
attack is detected. The Sensor examines the header and data portion of every network packet, looking for
patterns and behavior in the network trac that indicate malicious activity. The Sensor examines packets
according to user-congured policies, or rule sets, which determine what attacks to watch for, and how to
respond with countermeasures if an attack is detected.
If an attack is detected, a Sensor responds according to its congured policy. Sensor can perform many types of
attack responses, including generating alerts and packet logs, resetting TCP connections, "scrubbing" malicious
packets, and even blocking attack packets entirely before they reach the intended target.
1
McAfee Network Security Platform
5

Table of Contents

Related product manuals