Functions of an NS-series Sensor

The NS-series Sensors are a third-generation hardware platform for McAfee® Network Security Sensor (Sensor) designed for high bandwidth links, to provide Next Generation IPS (NGIPS) capability, providing high aggregate throughput across various Sensor models. The NS9500 Sensor is a 1RU unit providing an aggregate throughput up to 30 Gbps.

The primary function of a Sensor is to analyze traffic on selected network segments and to respond when an attack is detected. The Sensor examines the header and data portion of every network packet, looking for patterns and behavior in the network traffic that indicate malicious activity. The Sensor examines packets according to user-configured policies, or rule sets, which determine what attacks to watch for, and how to respond with countermeasures if an attack is detected.

If an attack is detected, a Sensor responds according to its configured policy. Sensor can perform many types of attack responses, including generating alerts and packet logs, resetting TCP connections, "scrubbing" malicious packets, and even blocking attack packets entirely before they reach the intended target.