Functions of an NS-series Sensor

The NS-series Sensors are a third-generation hardware platform for McAfee® Network Security Sensor (Sensor) designed for high bandwidth links, to provide Next Generation IPS (NGIPS) capability, providing high aggregate throughput across various Sensor models. The following models are supported.

  • NS9300 - The NS9300 Sensor consists of a Primary Sensor and a Secondary Sensor. Each of these is a 2RU unit, providing an aggregate throughput of 40 Gbps.
  • NS9200 - The NS9200 Sensor is a 2RU unit providing an aggregate throughput of 20 Gbps.
  • NS9100 - The NS9100 Sensor is a 2RU unit providing an aggregate throughput of 10 Gbps.

The primary function of a Sensor is to analyze traffic on selected network segments and to respond when an attack is detected. The Sensor examines the header and data portion of every network packet, looking for patterns and behavior in the network traffic that indicate malicious activity. The Sensor examines packets according to user-configured policies, or rule sets, which determine what attacks to watch for, and how to respond with countermeasures if an attack is detected.

If an attack is detected, a Sensor responds according to its configured policy. Sensor can perform many types of attack responses, including generating alerts and packet logs, resetting TCP connections, "scrubbing" malicious packets, and even blocking attack packets entirely before they reach the intended target.