EasyManua.ls Logo

Trellix NS Series - Ns5 X00 Sensors; About Sensors; Functions of NS-Series Sensors

Default Icon
309 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
NS5x00 Sensors
:
About Sensors
Sensors are high-performance, scalable, and exible content processing appliances built for accurate detection and prevention
of:
Network intrusions
Network misuse
Distributed Denial-of-Service (DDoS) attacks
Sensors are specically designed to handle trac at wire speed, eciently inspect and detect intrusions with a high degree of
accuracy, and are exible enough to adapt to the security needs of any enterprise environment. When deployed at key network
access points, the Sensor provides real-time trac monitoring to detect malicious activity and respond to such activity based on
the responses congured by the administrator.
After you deploy a Sensor successfully, you congure and manage it using the Manager. The process of conguring a Sensor
and establishing communication with the Manager is described in the subsequent chapters of this guide. For details about the
Manager, see the Manager Administration section in Trellix Intrusion Prevention System Product Guide.
:
Functions of NS-series Sensors
The NS-series Sensors are a third-generation hardware platform Sensors designed for high bandwidth links to oer Next
Generation IPS (NGIPS) capability and provide high aggregate throughput across various Sensor models. The following models
are supported.
NS5200 - The NS5200 Sensor is a 1RU unit providing an aggregate throughput of 1 Gbps
NS5100 - The NS5100 Sensor is a 1RU unit providing an aggregate throughput of 600 Mbps
The primary function of a Sensor is to analyze trac on selected network segments and to respond when an attack is detected.
The Sensor examines the header and data portions of every network packet, looking for patterns and behavior in the network
trac that indicate malicious activity. The Sensor examines packets according to user-congured policies, or rule sets, which
determine what attacks to watch for, and how to respond with countermeasures if such an attack is detected.
If an attack is detected, a Sensor responds according to its congured policy. The Sensor can perform many types of attack
responses, including generating alerts and packet logs, resetting TCP connections, "scrubbing" malicious packets, and even
blocking attack packets entirely before they reach the intended target.
:
Trellix Intrusion Prevention System NS-series Sensor Product Guide
| NS5x00 Sensors6
232

Table of Contents