McAfee IIP-M65K-ISAA Product Guide - Page 7

1 Overview This chapter provides an overview of McAfee® Network Security Sensors in general and the M-6050 Sensor model in particular. Contents About Network Security Sensors Functions of a Sensor Network topology considerations M-6050 key features M-6050 physical description About Network Security Sensors McAfee Network Security Sensors (Sensors) are high-performance, scalable, and flexible content processing appliances built for the accurate detection and prevention of: • network intrusions • network misuse • Distributed Denial-of-Service (DDoS) attacks Sensors are specifically designed to handle traffic at wire speed, efficiently inspect and detect intrusions with a high degree of accuracy, and flexible enough to adapt to the security needs of any enterprise environment. When deployed at key network access points, the Sensor provides real-time traffic monitoring to detect malicious activity and respond to the malicious activity as configured by the administrator. After you deploy a Sensor successfully, you configure and manage it using the McAfee® Network Security Manager (Manager). The process of configuring a Sensor and establishing communication with the Manager is described in the subsequent chapters of this guide. For the details about the Manager, see the Getting Started Guide. Functions of a Sensor The primary function of a McAfee® Network Security Sensor (Sensor) is to analyze traffic on selected network segments and to respond when an attack is detected. The Sensor examines the header and data portion of every network packet, looking for patterns and behavior in the network traffic that indicate malicious activity. The Sensor examines packets according to user-configured policies, or rule sets, which determine what attacks to watch for, and how to respond with countermeasures if an attack is detected. McAfee® Network Security Platform M-6050 Sensor Product Guide 7