Key Advantages
Fast, accurate threat prevention
- Stateful traffic inspection
- Predictive threat intelligence via McAfee GTI
- Malware, zero-day, DoS/DDoS, botnets
Performance and availability
- Over 10 Gbps throughput
- Industry-leading reliability
- Fail-over and fail-open Network-wide visibility
- Next-generation application visibility
Behavior-based bot detection
- Flow-based network behavior analysis
Centralized security management
- Scalable network security management
- McAfee ePO software integration
- Host IPS/virus/spyware event visibility Operational simplicity
- Dynamic smart blocking
- Multithreat correlation
- Integrated vulnerability scanning
Inspection of virtual environments
- Inspect inter-VM traffic
- Quarantine malicious VMs
- One console for physical and virtual
Reliable protection for every networked device How intelligent is your network security? Traditional intrusion prevention systems (IPS) are point products fraught with false positives and overwhelming alert logs. Their lack of coordination means valuable hours are lost to redundant management processes. Many PC-based solutions don’t scale under attack, and few offer the control to mitigate patch pressures. That’s why more than 4,500 of the most demanding enterprises and service providers have selected McAfee Network Security Platform to protect their networks and network-connected devices.
Integrated network and system security McAfee Network Security Platform is the perfect fit for enterprises that need real-time security confidence with multi-gigabit performance and integrated, enterprise-wide network and system security. Network Security Platform’s knowledgedriven security empowers you to automatically manage risk and meet compliance—while enhancing operational efficiency and reducing IT effort.
Network Security Platform collaborates with McAfee Vulnerability Manager (formerly McAfee Foundstone), McAfee ePolicy Orchestrator, and McAfee Host Intrusion Prevention. It is also a key component of the McAfee network access control (NAC) solution, McAfee Unified Secure Access. Network Security Platform gives you more of the things that matter to your business—protection, visibility, efficiency, enforcement, and value.
Absolute security confidence Network Security Platform protects all networkconnected devices with a combination of IPS and internal firewall that overlaps and integrates protection and extends firewall defenses to the internal network. It correlates signatures, anomalies, denial of service (DoS), and distributed denial of service (DDoS) information to accurately block attacks before they reach their intended targets. Dynamic threat and vulnerability updates ensure continuous protection.
Network-class platform with multi-gigabit performance Network Security Platform’s quality and performance exceed carrier-class standards and make it the only IPS to hold the NSS Group’s 10-Gbps IPS certification. And you get carrier class reliability with the M-Series, offering beyond 10-Gbps performance with the highest port density on the market.
Mitigate patch anxieties and enforce your policies You are in control. With Network Security Platform, you insulate systems from risk while you validate and deploy patches. You can control traffic and apply unique policies and protections to a network segment, a collection of hosts, or even a single system. It’s flexible, too, so that you can deploy patches when you are ready and set up policy enforcement to meet your organization’s needs. Add the optional NAC add-on software, and turn your IPS into a NAC device that offers both preand post-admission control and identity basedaccess control, along with host quarantine and enforceable access policies.
Industry-proven network security device Surround your enterprise with proven McAfee security, backed by 24/7 research at McAfee Avert Labs. Scale up your protection to carrierclass performance with one integrated network security solution.
Accurate, enterprise-wide threat prevention • Protect your enterprise from known, zero-day, denial of service (DoS), distributed denial of service (DDoS), SYN flood (which sends TCP connections requests faster than a machine can process them), and encrypted attacks, and threats like spyware, Voice over IP (VoIP) vulnerabilities, botnets, malware, worms, Trojans, phishing, and peer-to-peer tunneling • Improve accuracy through use of multiple advanced detection methods, including signature, application, and protocol anomaly; shell-code detection algorithms; and nextgeneration DoS and DDoS prevention • Parse more than 100 protocols and review more than 3,000 high-quality, multi-token, multitrigger signatures with stateful traffic inspection • Get proactive blocking for hundreds of attacks straight out of the box with pre-configured policies • Receive continuous threat updates 24/7 from the global research team at McAfee Avert Labs
McAfee ePolicy Orchestrator (ePO) integration • Get real-time visibility of actionable system host details, including host name, user name, OS, patch level, media access control (MAC) address, last scan date, protection details, and the top host IPS, anti-virus, and anti-spyware events • Synthesize and filter data from multiple tools to create custom reports • Real-time risk-aware network security platform • Integration with McAfee Vulnerability Manager provides auto-import of multiple vulnerability data points and regular or on-demand scans to accurately determine threat relevance
Adaptive rate limiting • Network Security Platform uses real-time, protocol-based rate limiting to apply application, protocol type, and port-based bandwidth controls and improve quality of service • Prioritize business-critical traffic and block unwanted and risky applications
Certification by NSS Group • Network Security Platform is the only network IPS solution that has received the NSS Group’s IPS certification for more10-Gbps
Proven manageability and availability Simple, centralized, web-based management of Network Security Platform appliances and policies includes:
- Fourteen ready-to-use, predefined IPS security policy rule templates
- Integrated user authentication support to external databases, including Radius, LDAP, and TACACS
- McAfee Network Security Manager offers always-on management, automated failover and fail-back, and disaster recovery of critical configuration data
- Network Security Manager software is provided at no cost for managing up to two Network Security Platform appliances
- Network Security Central Manager provides hierarchical management for centralized control of policy viewing, modification, and distribution to support large or geographically dispersed sensor deployments
- High-availability configuration allows transparent Layer 7 stateful failover, avoiding a single point of failure
|