Chapter
2
Architecture
This chapter includes the following topics:
■
About Symantec Network Security
■
About the core architecture
■
About management and detection architecture
About Symantec Network Security
This chapter describes the underlying architecture of both the Symantec
Network Security core software and the Symantec Network Security 7100 Series
appliances. It describes how the components work together to gather attack
information, analyze behavior, and initiate effective responses.
The Symantec Network Security software and the Symantec Network Security
7100 Series appliance employ a common core architecture that provides
detection, analysis, storage, and response functionality. Most procedures in this
section apply to both the 7100 Series appliance and the Symantec Network
Security 4.0 software. The 7100 Series appliance also provides additional
functionality that is unique to an appliance. Each section describes this
additional functionality in detail.
About the core architecture
Symantec Network Security’s challenges are to detect malicious or
unauthorized behavior, to analyze the behavior, and to determine an
appropriate response. Symantec Network Security provides a three-pronged
approach to meet this challenge: detection, analysis, and response. The
following diagram describes this basic approach:
Summary of Contents for 10268947 - Network Security 7160
Page 1: ...Symantec Network Security User Guide...
Page 18: ...18 Introduction Finding information...
Page 34: ...34 Architecture About management and detection architecture...
Page 46: ...46 Getting Started About deploying node clusters...
Page 64: ...64 Topology Database Viewing objects in the topology tree...
Page 124: ...124 Log Files About log files...
Page 134: ...134 Index...