19
Introduction
About the Symantec Network Security foundation
■
Policy-Based Detection
: Predefined policies speed deployment by allowing
users quickly configure immediate response to intrusions or
denial-of-service attacks based on the type and the location of the event
within the network. Independently configurable detection settings make it
easy for users to create granular responses. Using the robust policy editor,
users can quickly create monitoring policies that are customized to the
needs of their particular environment. Policies can applied at the cluster,
node, or interface level for complete, scalable control.
■
Role-based Administration
: Symantec Network Security provides the ability
to define administrative users and assign them roles to grant them varying
levels of access rights. Administrative users can be assigned roles all the
way from full SuperUser privileges down to RestrictedUser access that only
allows monitoring events without packet inspection capabilities. All
administrative changes made from the Network Security console are logged
for auditing purposes.
■
TrackBack and FlowChaser
: Symantec Network Security incorporates
sophisticated FlowChaser technology that uses flow information from both
Network Security software nodes and 7100 Series appliance nodes, and from
other network devices to trace attacks to the source.
■
Cost-effective Scalable Deployment
: A single Network Security software node
or 7100 Series appliance node can monitor multiple segments or VLANs.
Each node can be configured to monitor up to 12 Fast Ethernet ports or 6 to
8 Gigabit Ethernet ports. As the network infrastructure grows, network
interface cards can be added to the same node to support additional
monitoring requirements.
■
High Availability Deployment
: Network Security software nodes and 7100
Series appliance nodes can be deployed in a High Availability (H/A)
configuration to ensure continuous attack detection without any loss of
traffic or flow data in your mission-critical environment.
■
Centralized Cluster Management
: A Symantec Network Security deployment
can consist of multiple clusters, each cluster consisting of up to 120 nodes,
and an entire Network Security cluster can be securely and remotely
managed from a centralized management console. The Network Security
console provides complete cluster topology and policy management, node
and sensor management, incident and event monitoring, and drill-down
incident analysis and reporting.
■
Enterprise Reporting Capabilities
: Symantec Network Security provides
cluster-wide, on-demand, drill-down, console-based reports that can be
generated in text, HTML, and PDF formats and can also be emailed, saved,
or printed. In addition, Symantec Network Security provides cluster-wide
Summary of Contents for 10521146 - Network Security 7120
Page 1: ...Symantec Network Security Administration Guide...
Page 12: ...12 Contents Index...
Page 14: ...14...
Page 70: ...70...
Page 110: ...110 Populating the topology database Adding nodes and objects...
Page 158: ...158 Responding Managing flow alert rules...
Page 188: ...188...
Page 242: ...242 Reporting Playing recorded traffic...
Page 268: ...268 Managing log files Exporting data...
Page 316: ...316 Advanced configuration Configuring advanced parameters...
Page 318: ...318...
Page 338: ...338 SQL reference Using MySQL tables...
Page 366: ...366 Glossary...
Page 392: ...392 Index...