McAfee M3050 Installation Guide - Page 9
About Network Security Platform, Network Security Platform components - specifications
View all McAfee M3050 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 9 highlights
CHAPTER 1 About Network Security Platform McAfee® Network Security Platform [formerly McAfee® IntruShield®] is a combination of network appliances and software built for the accurate detection and prevention of intrusions, denial of service (DoS) attacks, distributed denial of service (DDoS) attacks, and network misuse. Network Security Platform provides comprehensive network intrusion detection and can block, or prevent, attacks in real time, making it truly an intrusion prevention system (IPS). Network Security Platform components Network Security Platform consists of the following major components: McAfee® Network Security Sensor (Sensor) (on page 1) McAfee® Network Security Manager (Manager), with its Web-based graphical user interface McAfee Update Server (on page 6) About McAfee Network Security Sensor A McAfee® Network Security Sensor is a content-processing appliance built for accurate detection and prevention of intrusions, misuse, and distributed denial of service (DDoS) attacks. McAfee Network Security Sensor (Sensor) are specifically designed to handle traffic at wire speed, inspect and detect intrusions with a high degree of accuracy, and flexible enough to adapt to the security needs of any enterprise environment. When deployed at key network access points, a Sensor provides real-time traffic monitoring to detect malicious activity and respond to the malicious activity as configured by the administrator. Sensors are configured and managed using McAfee Network Security Manager (Manager). The process of configuring a Sensor and establishing communication with the Manager is described in later chapters of this guide. The Manager server is described in detail in the Getting Started Guide. Sensor functionality The primary function of a device is to analyze traffic on selected network segments and to respond when an attack is detected. The device examines the header and data portion of every network packet, looking for patterns and behavior in the network traffic that indicate malicious activity. The device examines packets according to user-configured policies, or rule sets, which determine what attacks to watch for, and how to respond with countermeasures if an attack is detected. 1