Symantec 10521146 Administration Guide - Page 37
About Smart Agents, About FlowChaser, About the 7100 Series appliance node
UPC - 037648268134
View all Symantec 10521146 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 37 highlights
Architecture 37 About management and detection architecture tuned to maximize detection while retaining network performance and reliability. For example, using in-line mode, the sensor tunes itself to minimize latency and maximize throughput across a pair of interfaces. Using interface groups, the sensor correctly adjusts itself to compensate for the fact that a single network session may be conducted using multiple, asymmetric links. Using single monitoring interfaces, the sensor batches process packets to maximize detection coverage. About Smart Agents Symantec Network Security Smart Agents® (Smart Agents) combine an investment in first-generation network intrusion detection products with Symantec Network Security's high speed and zero-day attack detection capabilities. Using Smart Agents as the bridge between Symantec Network Security and other intrusion detection and firewall products, users can centralize management of events and incidents from the Network Security console. Smart Agents enable Symantec Network Security to collect data from third-party hosts and network IDS products in real time. Smart Agents collect event data from external sensors such as Symantec Decoy Server®, as well as from third-party sensors, log files, SNMP, and source APIs. They send this data to be analyzed, aggregated, and correlated with all other Symantec Network Security events. About FlowChaser FlowChaser serves as a data source in coordination with TrackBack, a response mechanism that traces a DoS attack or network flow back to its source, or to the edges of an administrative domain. FlowChaser receives network flow data from multiple devices, such as Network Security sensors and network routers. FlowChaser stores the flow data in an optimized fashion that enhances analysis, correlation, and advanced responses. About the 7100 Series appliance node The Symantec Network Security 7100 Series is a dedicated, scalable appliance designed to monitor and protect multiple network segments at multi-gigabit speeds using Symantec Network Security software. The appliance provides advanced intrusion detection and prevention on enterprise-class networks. The Symantec Network Security 7100 Series runs an optimized, hardened operating system with limited user services to further increase security and performance.