Benefits of the Insight Network Sensor
The Insight Network Sensor comes with several benefits to ensure that your deployment provides value as seamlessly as possible.
Passive Monitoring
Per your deployment method of either a mirror port or a network Test Access Point (TAP), the network sensor only monitors copies of network packets as opposed to the actual packets themselves. Given its nature as a passive, non-inline component, the network sensor itself does not impact the performance of your network and the communication between your switch and its connected endpoints. This makes the network sensor the most unobtrusive data collection component that Rapid7 offers.
Works on Any Network
The network sensor’s monitoring capabilities are vendor agnostic. Regardless of your chosen network infrastructure manufacturer, the network sensor can passively analyze any environment that produces raw network traffic without the need for vendor-specific flow technologies.
Efficient Data Collection
While the network sensor is a packet capture tool, it operates without the process load and storage impact that full packet capture variants inherently come with. Instead, the network sensor’s Deep Packet Inspection (DPI) engine generates distilled metadata, telemetry, and diagnostics from the packets it receives to provide your Insight products with actionable information in real time. The network sensor will only store a complete packet when it is needed for investigation reference. Furthermore, the on-premises network sensor host is not responsible for analyzing the data it produces since that task is handled by the Insight platform. Thus, your network sensor host is free to dedicate itself to the efficient generation and transmission of the data that will drive the security features of your Insight products.
Ideal for Sensitive Environments
Network segments in your organization responsible for critical operations can pose a challenge when it comes to security monitoring. The sensitive assets in these segments are often too important to take on the burden of a traditional vulnerability scan with a Scan Engine or additional log generation intended for a Collector. Due to its unobtrusive nature, the network sensor is an ideal candidate to provide some security coverage to these critical systems that would not be feasible otherwise.
One Data Set for Multiple Use Cases
The network sensor does not need to generate multiple types of data sets that are geared towards specific Insight products. Instead, your Insight products use the same data set in different ways. Whether you have a single Insight product or several, the network sensor will only need to generate one data set for their use.
Rapid Time to Value
The network sensor performs its job without needing agents or specialized client software. Additionally, your network will not need to undergo any major adjustments to accommodate a network sensor deployment. All you need to do is install the network sensor package and connect your host machine to your traffic source to get instant visibility on network activity.