The APTS requires a copy of the network traffic through a tap or something comparable. The Sensor therefore needs to reside somewhere close to the connection to the external network.
Alarms are generated in Syslog format. A suitable recipient of Syslog alarms is required.
It is recommended that the sensor has access to NTP to be able to correctly timestamp alarms and for later correlation against other log sources etc.