Download McAfee M3050 - Network Security Platform Installation guide
Transcript
McAfee® Network Security Platform 6.0 Determining optimal Sensor location Figure 2: Determining optimal sensor location - After The key is to ensure the redundant Sensors will be scanning the same traffic at the same point in the network. If you were to instead place one Sensor outside the firewall on one path and the other Sensor inside the firewall on the other path, the outcome is what developers like to refer to as “undefined.” That is, there is no telling what false positives and false negatives, and even instability, such a setup might produce. Redundant Sensors on a single path Sensor failover is typically straightforward to implement in the more complicated environments because Network Security Platform was engineered to seamless slip onto networks with existing, redundant paths. The irony is that introducing a Sensor failover Pair onto a network with a single path often requires some additional thought: A pair of Sensors can run in parallel on a network that otherwise has no or little redundancy. For example, you might “sandwich” a pair of Sensors between a pair of switches and use STP to control the failover process. The drawback to relying on STP, however, is that you inherently complicate the Layer 2 infrastructure and STP convergence typically takes between 12 and 50 seconds; so it's not ideal. 8