McAfee IIP-M80K-ISAA User Guide - Page 7

Overview, About Network Security Sensors, Functions of a Sensor - appliance

Get McAfee IIP-M80K-ISAA - Network Security Platform M-8000 PDF manuals and user guides View all McAfee IIP-M80K-ISAA manuals
Add to My Manuals
Save this manual to your list of manuals

Page 7 highlights

1 Overview This chapter provides an overview of McAfee® Network Security Sensors in general and the M-8000 Sensor model in particular. Contents About Network Security Sensors M-8000 key features M-8000 physical description About Network Security Sensors McAfee Network Security Sensors (Sensors) are high-performance, scalable, and flexible content processing appliances built for the accurate detection and prevention of: • network intrusions • network misuse • Distributed Denial-of-Service (DDoS) attacks Sensors are specifically designed to handle traffic at wire speed, efficiently inspect and detect intrusions with a high degree of accuracy, and flexible enough to adapt to the security needs of any enterprise environment. When deployed at key network access points, the Sensor provides real-time traffic monitoring to detect malicious activity and respond to the malicious activity as configured by the administrator. After you deploy a Sensor successfully, you configure and manage it using the McAfee® Network Security Manager (Manager). The process of configuring a Sensor and establishing communication with the Manager is described in the subsequent chapters of this guide. For the details about the Manager, see the Getting Started Guide. Functions of a Sensor The primary function of a McAfee® Network Security Sensor (Sensor) is to analyze traffic on selected network segments and to respond when an attack is detected. The Sensor examines the header and data portion of every network packet, looking for patterns and behavior in the network traffic that indicate malicious activity. The Sensor examines packets according to user-configured policies, or rule sets, which determine what attacks to watch for, and how to respond with countermeasures if an attack is detected. If an attack is detected, a Sensor responds according to its configured policy. Sensor can perform many types of attack responses, including generating alerts and packet logs, resetting TCP connections, "scrubbing" malicious packets, and even blocking attack packets entirely before they reach the intended target. McAfee® Network Security Platform M-8000 Sensor Product Guide 7

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
1
Overview
This chapter provides an overview of McAfee
®
Network Security Sensors in general and the M-8000
Sensor model in particular.
Contents
About Network Security Sensors
M-8000 key features
M-8000 physical description
About Network Security Sensors
McAfee Network Security Sensors (Sensors) are high-performance, scalable, and flexible content
processing appliances built for the accurate detection and prevention of:
network intrusions
network misuse
Distributed Denial-of-Service (DDoS) attacks
Sensors are specifically designed to handle traffic at wire speed, efficiently inspect and detect
intrusions with a high degree of accuracy, and flexible enough to adapt to the security needs of any
enterprise environment. When deployed at key network access points, the Sensor provides real-time
traffic monitoring to detect malicious activity and respond to the malicious activity as configured by
the administrator.
After you deploy a Sensor successfully, you configure and manage it using the McAfee
®
Network
Security Manager (Manager). The process of configuring a Sensor and establishing communication
with the Manager is described in the subsequent chapters of this guide. For the details about the
Manager, see the
Getting Started Guide.
Functions of a Sensor
The primary function of a McAfee
®
Network Security Sensor (Sensor) is to analyze traffic on selected
network segments and to respond when an attack is detected. The Sensor examines the header and
data portion of every network packet, looking for patterns and behavior in the network traffic that
indicate malicious activity. The Sensor examines packets according to user-configured policies, or rule
sets, which determine what attacks to watch for, and how to respond with countermeasures if an
attack is detected.
If an attack is detected, a Sensor responds according to its configured policy. Sensor can perform
many types of attack responses, including generating alerts and packet logs, resetting TCP
connections, "scrubbing" malicious packets, and even blocking attack packets entirely before they
reach the intended target.
1
McAfee
®
Network Security Platform
M-8000 Sensor Product Guide
7