Version 5.2 Sourcefire 3D System Installation Guide 27
CHAPTER 2
UNDERSTANDING DEPLOYMENT
The Sourcefire 3D System can be deployed to accommodate the needs of each
unique network architecture. The Defense Center provides a centralized
management console and database repository for the Sourcefire 3D System.
Devices are installed on network segments to collect traffic connections for
analysis.
Devices in a passive deployment monitor traffic flowing across a network using a
switch SPAN, virtual switch, or mirror port to collect data about the nature of the
traffic traversing your network. Devices in an inline deployment allow you to
monitor your network for attacks that might affect the availability, integrity, or
confidentiality of hosts on the network. A device can be deployed in an inline,
switched, routed, or hybrid (Layer 2/Layer3) environment.
To learn more about your deployment options, see the following sections for
more information:
• Understanding Deployment Options on page 28 provides some factors to
consider when designing your deployment.
• Understanding Interfaces on page 28 explains the different between
interfaces and how they function in your deployment.
• Connecting Devices to Your Network on page 32 describes how to use a
hub, span, and network tap in your deployment.
• Deployment Options on page 36 describes a basic deployment and
identifies the primary functional locations within it.
• Deploying with Access Control on page 43 describes the advantages of
using access control in an inline deployment.
To Next Page
Loading...