McAfee IIP-M80K-ISAA User Guide - Page 7
Overview, About Network Security Sensors, Functions of a Sensor - appliance
View all McAfee IIP-M80K-ISAA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 7 highlights
1 Overview This chapter provides an overview of McAfee® Network Security Sensors in general and the M-8000 Sensor model in particular. Contents About Network Security Sensors M-8000 key features M-8000 physical description About Network Security Sensors McAfee Network Security Sensors (Sensors) are high-performance, scalable, and flexible content processing appliances built for the accurate detection and prevention of: • network intrusions • network misuse • Distributed Denial-of-Service (DDoS) attacks Sensors are specifically designed to handle traffic at wire speed, efficiently inspect and detect intrusions with a high degree of accuracy, and flexible enough to adapt to the security needs of any enterprise environment. When deployed at key network access points, the Sensor provides real-time traffic monitoring to detect malicious activity and respond to the malicious activity as configured by the administrator. After you deploy a Sensor successfully, you configure and manage it using the McAfee® Network Security Manager (Manager). The process of configuring a Sensor and establishing communication with the Manager is described in the subsequent chapters of this guide. For the details about the Manager, see the Getting Started Guide. Functions of a Sensor The primary function of a McAfee® Network Security Sensor (Sensor) is to analyze traffic on selected network segments and to respond when an attack is detected. The Sensor examines the header and data portion of every network packet, looking for patterns and behavior in the network traffic that indicate malicious activity. The Sensor examines packets according to user-configured policies, or rule sets, which determine what attacks to watch for, and how to respond with countermeasures if an attack is detected. If an attack is detected, a Sensor responds according to its configured policy. Sensor can perform many types of attack responses, including generating alerts and packet logs, resetting TCP connections, "scrubbing" malicious packets, and even blocking attack packets entirely before they reach the intended target. McAfee® Network Security Platform M-8000 Sensor Product Guide 7