Systems that host sensors

Install sensors on systems that are likely to remain on and permanently connected to the network, such as servers. If you don’t have a server running in a given broadcast segment, install sensors on several workstations to ensure that at least one sensor is always connected to the network.

Tip: To guarantee that your Rogue System Detection coverage is complete, you must install at least one sensor on each broadcast segment of your network. Installing more than one sensor on a broadcast segment doesn't create issues around duplicate messages because the server filters any duplicates. But, additional active sensors on each subnet result in traffic sent from each sensor to the server. Although maintaining as many as 10 sensors in a broadcast segment typically does not cause bandwidth issues, we recommend that you do not maintain more sensors on a broadcast segment than needed to guarantee coverage.

DHCP servers

If you use DHCP servers in your network, you can install sensors on them. Sensors installed on DHCP servers provide full visibility for covered subnets, which are subnets where the DHCP servers assign IP addresses to endpoints directly or through relay agents. Using sensors on DHCP servers can reduce the number of sensors you must install and manage on your network to ensure coverage. But, it does not eliminate the need to install sensors to network segments that are not directly covered by the DHCP servers.

Tip: Installing sensors on DHCP servers can improve coverage of your network. But, it is still needed to install sensors on broadcast segments that use static IP address.