McAfee M-1250 Deployment Guide - Page 20

CHAPTER 3 Sensor Deployment Modes This section presents suggestions for implementing McAfee® Network Security Platform in a variety of network environments. Flexible deployment options McAfee Network Security Platform offers unprecedented flexibility in McAfee® Network Security Sensor (Sensor) deployment. Sensors can be deployed in a variety of topologies and network security applications, providing industry-leading flexibility and scalability. Most PC-based IDS Sensors on the market today can monitor only one network segment at a time, and only via the SPAN port on a switch. Thus, to monitor a switched environment with multiple segments and multiple switches deployed in a high-availability environment, you would need multiple Sensors. Multi-port Sensor deployment Unlike single-port Sensors, a single multi-port Sensor can monitor many network segments (up to twelve, in the case of the I-3000 or I-4010) in any combination of operating modes-that is, the monitoring or deployment mode for the Sensor-SPAN, Tap, or In-line mode. Additionally, Network Security Platform's Virtual IPS (VIPS) feature enables you to further segment a port on a Sensor into many "Virtual Sensors." This makes deployment easy; not only can you use one Sensor to monitor multiple network segments, but you also can configure the Sensor to run whatever mode best suits each network segment. Supported deployment modes Every port on the Sensor supports the following deployment modes:  SPAN or Hub  Tap  In-line, fail-closed  In-line, fail-open Additionally, Network Security Platform provides features vital to today's complex networks: interface groups (also called port clustering), and high-availability. 13