McAfee IPS

McAfee IPS delivers unprecedented levels of security while offering flexible deployment options that allow organizations to optimize investments in network security. McAfee Network Intrusion Prevention products keep your business up, running, and secure with industry-leading protection against hackers, malware, and zero-day exploits of all kinds. While the coverage is comprehensive and the protections are robust, management is easy via a simplified, centralized, web-based console.

McAfee Network Security Manager

McAfee Network Security Manager enables you to configure, deploy, and manage multiple McAfee intrusion prevention systems (IPS) through a single, easy-to-use console.

Learn More How To Buy

McAfee Network Threat Response

McAfee Network Threat Response is a network security solution that specializes in finding that single, all-important security threat: the attack that gets inside the network itself. Network Threat Response is a framework of next-generation detection engines specializing in thwarting advanced persistent threats (APTs), and prioritizes and presents only those security threats that require investigation — cutting analysis time from weeks to minutes.

Learn More How To Buy

McAfee Network Security Platform

McAfee Network Security Platform is a uniquely intelligent security solution that discovers and blocks sophisticated threats in the network. Using advanced threat detection techniques, it moves beyond mere pattern matching to defend against stealthy attacks with extreme accuracy, while its next-generation hardware platform scales to speeds of over 80 Gbps to meet the needs of demanding networks.

With its Security Connected approach to network security management, Network Security Platform streamlines security operations by combining real-time McAfee Global Threat Intelligence feeds with rich contextual data about users, devices, and applications for fast, accurate response to network-borne attacks.

	McAfee M-8000 IPS Real-World Throughput - 10 Gbps Max Throughput - up to 20 Gbps Concurrent Connections - 4,000,000 New Connections per Second - 120,000 Learn More How To Buy
	McAfee M-6050 IPS Real-World Throughput - 5 Gbps Max Throughput - up to 10 Gbps Concurrent Connections - 2,000,000 New Connections per Second - 60,000 Learn More How To Buy
	McAfee M-4050 IPS Real-World Throughput - 3 Gbps Max Throughput - up to 4 Gbps Concurrent Connections - 1,500,000 New Connections per Second - 36,000 Learn More How To Buy
	McAfee M-3050 IPS Real-World Throughput - 1.5 Gbps Max Throughput - up to 2.5 Gbps Concurrent Connections - 750,000 New Connections per Second - 18,000 Learn More How To Buy
	McAfee M-2950 IPS Real-World Throughput - 1 Gbps Max Throughput - up to 1 Gbps Concurrent Connections - 750,000 New Connections per Second - 15,000 Learn More How To Buy
	McAfee M-2850 IPS Real-World Throughput - 600 Mbps Max Throughput - up to 1 Gbps Concurrent Connections - 750,000 New Connections per Second - 10,000 Learn More How To Buy
	McAfee M-2750 IPS Real-World Throughput - 600 Mbps Max Throughput - up to 1 Gbps Concurrent Connections - 250,000 New Connections per Second - 10,000 Learn More How To Buy
	McAfee M-1450 IPS Real-World Throughput - 200 Mbps Max Throughput - up to 300 Mbps Concurrent Connections - 80,000 New Connections per Second - 4,000 Learn More How To Buy
	McAfee M-1250 IPS Real-World Throughput - 100 Mbps Max Throughput - up to 150 Mbps Concurrent Connections - 40,000 New Connections per Second - 20,000 Learn More How To Buy

Overview
Benefits
Features
Model Comparison
Data Sheets

McAfee, the global leader in network intrusion prevention systems (IPS) delivers unprecedented levels of security while offering flexible deployment options that help you optimize network investments. Only McAfee® Network Security Platform provides category-best security effectiveness, scalable in-line performance, and next generation IPS controls that take the guesswork out of security management. Unify network security management across physical and virtual environments, streamline security operations, and protect your business from the latest malware, zero-day attacks, botnets, denial-of-service (DoS) attempts and advanced targeted attacks.

Protect your business

Prevent attacks while reducing downtime
Protect your data and infrastructure
Meet compliance initiatives Protect your systems
Proactive protection for unpatched systems
Proactive protection for zeroday attacks
Context-aware intrusion prevention Protect your network
Application visibility and control
Adaptive rate limiting
Host-specific connection limiting Protect your security investment
Native 10-gigabit Ethernet
Network-grade hardware
Industry-leading useful life

Reliable protection for every networked device

How intelligent is your network security? Traditional intrusion prevention systems (IPS) are point products fraught with false positives and overwhelming alert logs. Their lack of coordination means valuable hours are lost to redundant management processes. Many PC-based solutions don’t scale under attack, and few offer the control to mitigate patch pressures. That’s why more than 4,500 of the most demanding enterprises and service providers have selected McAfee Network Security Platform to protect their networks and network-connected devices.

Integrated network and system security

McAfee Network Security Platform is the perfect fit for enterprises that need real-time security confidence with multi-gigabit performance and integrated, enterprise-wide network and system security. Network Security Platform’s knowledgedriven security empowers you to automatically manage risk and meet compliance—while enhancing operational efficiency and reducing IT effort.

Network Security Platform collaborates with McAfee Vulnerability Manager (formerly McAfee Foundstone), McAfee ePolicy Orchestrator, and McAfee Host Intrusion Prevention. It is also a key component of the McAfee network access control (NAC) solution, McAfee Unified Secure Access. Network Security Platform gives you more of the things that matter to your business—protection, visibility, efficiency, enforcement, and value.

Absolute security confidence

Network Security Platform protects all networkconnected devices with a combination of IPS and internal firewall that overlaps and integrates protection and extends firewall defenses to the internal network. It correlates signatures, anomalies, denial of service (DoS), and distributed denial of service (DDoS) information to accurately block attacks before they reach their intended targets. Dynamic threat and vulnerability updates ensure continuous protection.

Network-class platform with multi-gigabit performance

Network Security Platform’s quality and performance exceed carrier-class standards and make it the only IPS to hold the NSS Group’s 10-Gbps IPS certification. And you get carrier class reliability with the M-Series, offering beyond 10-Gbps performance with the highest port density on the market.

Mitigate patch anxieties and enforce your policies

You are in control. With Network Security Platform, you insulate systems from risk while you validate and deploy patches. You can control traffic and apply unique policies and protections to a network segment, a collection of hosts, or even a single system. It’s flexible, too, so that you can deploy patches when you are ready and set up policy enforcement to meet your organization’s needs. Add the optional NAC add-on software, and turn your IPS into a NAC device that offers both preand post-admission control and identity basedaccess control, along with host quarantine and enforceable access policies.

Industry-proven network security device

Surround your enterprise with proven McAfee security, backed by 24/7 research at McAfee Avert Labs. Scale up your protection to carrierclass performance with one integrated network security solution.

Accurate, enterprise-wide threat prevention

Protect your enterprise from known, zero-day, denial of service (DoS), distributed denial of service (DDoS), SYN flood (which sends TCP connections requests faster than a machine can process them), and encrypted attacks, and threats like spyware, Voice over IP (VoIP) vulnerabilities, botnets, malware, worms, Trojans, phishing, and peer-to-peer tunneling
Improve accuracy through use of multiple advanced detection methods, including signature, application, and protocol anomaly; shell-code detection algorithms; and nextgeneration DoS and DDoS prevention
Parse more than 100 protocols and review more than 3,000 high-quality, multi-token, multitrigger signatures with stateful traffic inspection
Get proactive blocking for hundreds of attacks straight out of the box with pre-configured policies
Receive continuous threat updates 24/7 from the global research team at McAfee Avert Labs

McAfee ePolicy Orchestrator (ePO) integration

Get real-time visibility of actionable system host details, including host name, user name, OS, patch level, media access control (MAC) address, last scan date, protection details, and the top host IPS, anti-virus, and anti-spyware events
Synthesize and filter data from multiple tools to create custom reports
Real-time risk-aware network security platform
Integration with McAfee Vulnerability Manager provides auto-import of multiple vulnerability data points and regular or on-demand scans to accurately determine threat relevance

Adaptive rate limiting

Network Security Platform uses real-time, protocol-based rate limiting to apply application, protocol type, and port-based bandwidth controls and improve quality of service
Prioritize business-critical traffic and block unwanted and risky applications

Certification by NSS Group

Network Security Platform is the only network IPS solution that has received the NSS Group’s IPS certification for more10-Gbps

Proven manageability and availability

Simple, centralized, web-based management of Network Security Platform appliances and policies includes:

Fourteen ready-to-use, predefined IPS security policy rule templates
Integrated user authentication support to external databases, including Radius, LDAP, and TACACS
McAfee Network Security Manager offers always-on management, automated failover and fail-back, and disaster recovery of critical configuration data
Network Security Manager software is provided at no cost for managing up to two Network Security Platform appliances
Network Security Central Manager provides hierarchical management for centralized control of policy viewing, modification, and distribution to support large or geographically dispersed sensor deployments
High-availability configuration allows transparent Layer 7 stateful failover, avoiding a single point of failure

Key Advantages

Fast, accurate threat prevention

Stateful traffic inspection
Predictive threat intelligence via McAfee GTI
Malware, zero-day, DoS/DDoS, botnets

Performance and availability

Over 10 Gbps throughput
Industry-leading reliability
Fail-over and fail-open Network-wide visibility
Next-generation application visibility

Behavior-based bot detection

Flow-based network behavior analysis

Centralized security management

Scalable network security management
McAfee ePO software integration
Host IPS/virus/spyware event visibility Operational simplicity
Dynamic smart blocking
Multithreat correlation
Integrated vulnerability scanning

Inspection of virtual environments

Inspect inter-VM traffic
Quarantine malicious VMs
One console for physical and virtual

Reliable protection for every networked device
How intelligent is your network security? Traditional intrusion prevention systems (IPS) are point products fraught with false positives and overwhelming alert logs. Their lack of coordination means valuable hours are lost to redundant management processes. Many PC-based solutions don’t scale under attack, and few offer the control to mitigate patch pressures. That’s why more than 4,500 of the most demanding enterprises and service providers have selected McAfee Network Security Platform to protect their networks and network-connected devices.

Integrated network and system security
McAfee Network Security Platform is the perfect fit for enterprises that need real-time security confidence with multi-gigabit performance and integrated, enterprise-wide network and system security. Network Security Platform’s knowledgedriven security empowers you to automatically manage risk and meet compliance—while enhancing operational efficiency and reducing IT effort.

Absolute security confidence
Network Security Platform protects all networkconnected devices with a combination of IPS and internal firewall that overlaps and integrates protection and extends firewall defenses to the internal network. It correlates signatures, anomalies, denial of service (DoS), and distributed denial of service (DDoS) information to accurately block attacks before they reach their intended targets. Dynamic threat and vulnerability updates ensure continuous protection.

Network-class platform with multi-gigabit performance
Network Security Platform’s quality and performance exceed carrier-class standards and make it the only IPS to hold the NSS Group’s 10-Gbps IPS certification. And you get carrier class reliability with the M-Series, offering beyond 10-Gbps performance with the highest port density on the market.

Mitigate patch anxieties and enforce your policies
You are in control. With Network Security Platform, you insulate systems from risk while you validate and deploy patches. You can control traffic and apply unique policies and protections to a network segment, a collection of hosts, or even a single system. It’s flexible, too, so that you can deploy patches when you are ready and set up policy enforcement to meet your organization’s needs. Add the optional NAC add-on software, and turn your IPS into a NAC device that offers both preand post-admission control and identity basedaccess control, along with host quarantine and enforceable access policies.

Industry-proven network security device
Surround your enterprise with proven McAfee security, backed by 24/7 research at McAfee Avert Labs. Scale up your protection to carrierclass performance with one integrated network security solution.

Accurate, enterprise-wide threat prevention
• Protect your enterprise from known, zero-day, denial of service (DoS), distributed denial of service (DDoS), SYN flood (which sends TCP connections requests faster than a machine can process them), and encrypted attacks, and threats like spyware, Voice over IP (VoIP) vulnerabilities, botnets, malware, worms, Trojans, phishing, and peer-to-peer tunneling
• Improve accuracy through use of multiple advanced detection methods, including signature, application, and protocol anomaly; shell-code detection algorithms; and nextgeneration DoS and DDoS prevention
• Parse more than 100 protocols and review more than 3,000 high-quality, multi-token, multitrigger signatures with stateful traffic inspection
• Get proactive blocking for hundreds of attacks straight out of the box with pre-configured policies
• Receive continuous threat updates 24/7 from the global research team at McAfee Avert Labs

McAfee ePolicy Orchestrator (ePO) integration
• Get real-time visibility of actionable system host details, including host name, user name, OS, patch level, media access control (MAC) address, last scan date, protection details, and the top host IPS, anti-virus, and anti-spyware events
• Synthesize and filter data from multiple tools to create custom reports
• Real-time risk-aware network security platform
• Integration with McAfee Vulnerability Manager provides auto-import of multiple vulnerability data points and regular or on-demand scans to accurately determine threat relevance

Adaptive rate limiting
• Network Security Platform uses real-time, protocol-based rate limiting to apply application, protocol type, and port-based bandwidth controls and improve quality of service
• Prioritize business-critical traffic and block unwanted and risky applications

Certification by NSS Group
• Network Security Platform is the only network IPS solution that has received the NSS Group’s IPS certification for more10-Gbps

Proven manageability and availability
Simple, centralized, web-based management of Network Security Platform appliances and policies includes:

Fourteen ready-to-use, predefined IPS security policy rule templates
Integrated user authentication support to external databases, including Radius, LDAP, and TACACS
McAfee Network Security Manager offers always-on management, automated failover and fail-back, and disaster recovery of critical configuration data
Network Security Manager software is provided at no cost for managing up to two Network Security Platform appliances
Network Security Central Manager provides hierarchical management for centralized control of policy viewing, modification, and distribution to support large or geographically dispersed sensor deployments
High-availability configuration allows transparent Layer 7 stateful failover, avoiding a single point of failure

Sensor Hardware Components	M-2950	M-2850/M-2750	M-1450	M-1250
Performance
Real-World Throughput	1.0Gbps	600 Mbps	200 Mbps	100 Mbps
Max Throughput (UDP 1512 Byte Packets)	Up to 1 Gbps	Up to 1 Gbps	Up to 300 Mbps	Up to 150 Mbps
Maximum Concurrent Connections	750000	750,000 / 250,000	80000	40000
New Connections per Second	15000	10000	4000	2000
Throughput with SSL Decryption (based on 10% SSL traffic)	900 Mbps	550 Mbps	N/A	N/A
Maximum SSL Flow Count	25000	25000	N/A	N/A
SSL Keys Imported	64	64	N/A	N/A
Profiles
Number of Virtual IPS Systems	100	100	32	16
Maximum DoS Profiles	5000	300	120	100
ACL Rules	1000	400	100	50
Ports
Gigabit Ethernet Fixed Copper Ports	8	8/-	8	8
Gigabit Ethernet SFP Ports	12	12/10	-	-
10 Gigabit Ethernet	-	-	-	-
Dedicated Response Ports (GigE)	1	1	1	1
Dedicated Management Ports ( GigE)	1	1	1	1
Ports with Built-in Fail-Open Capabilities	8	8/-	8	8
Control Port for External Fail-Open K=Kits	6	6/10	-	-
Physical
Dimentions	2RU Rack mountable 15.88(W) x 3.3(H) x 24.5(D)	2RU Rack mountable 15.88(W) x 3.3(H) x 24.5(D)	1RU Rack mountable 17.37 (W) x 1.65(H) x 13.5 (D)	1RU Rack mountable 17.37 (W) x 1.65(H) x 13.5(D)
Weight	40 lbs.	40 lbs.	12 lbs.	12 lbs.
Power Consumption	450W	4450w	120W	120w
DC power available	Optional	Optional	No	No
Power	100–240VAC (50/60Hz)
Temperature	0° to 40° C (operating) –40° to 70° C (non-operating)
Relative humidity (non- condensing)	Operational: 10% to 90% Non-operational: 5% to 95%
Altitude	0 to 10000 feet
Safety certification	UL 1950, CSA-C22.2 No. 950, EN-60950, IEC 950, EN 60825, IEC 60825, 21CFR1040 CB license and report covering all national country deviations.
EMI certification	FCC Part 15, Class A (CFR 47) (USA) ICES-003 Class A (Canada), EN55022 Class A (Europe), CISPR22 Class A (Int’l)

	10 Gigabit Ethernet Connectivity
Sensor Hardware Components	M-8000	M-6050	M-4050	M-3050
Performance
Real-World Throughput	10 Gbps	5 Gbps	3 Gbps	1.5 Gbps
Max Throughput (UDP 1512 Byte Packets)	Up to 20 Gbps	Up to 10 Gbps	Up to 4 Gbps	Up to 2.5 Gbps
Maximum Concurrent Connections	4000000	2000000	1500000	750000
New Connections per Second	120000	60000	36000	18000
Throughput with SSL Decryption (based on 10% SSL traffic)	8.8 Gbps	4.4 Gbps	2.7 Gbps	1.3 Gbps
Maximum SSL Flow Count	400000	200000	150000	75000
SSL Keys Imported	64	64	64	64
Profiles
Number of Virtual IPS Systems	1000	1000	1000	1000
Maximum DoS Profiles	5000	5000	5000	5000
ACL Rules	1000	1000	1000	1000
Ports
Gigabit Ethernet Fixed Copper Ports	-	-	-	-
Gigabit Ethernet SFP Ports	16	8	8	8
10 Gigabit Ethernet	12	8	4	4
Dedicated Response Ports (GigE)	1	1	1	1
Dedicated Management Ports ( GigE)	1	1	1	1
Ports with Built-in Fail-Open Capabilities	-	-	-	-
Control Port for External Fail-Open K=Kits	14	8	6	6
Physical
Dimentions	2x 2RU Rack mountable 16.75(W) x 3.05(H) x 30.00(D) each	2RU Rack mountable 16.75(W) x 3.05(H) x 30.00(D)	2RU Rack mountable 16.75(W) x 3.05(H) x 30.00(D)	2RU Rack mountable 16.75(W) x 3.05(H) x 30.00(D)
Weight	90 lbs. (2x47)	47 lbs.	47 lbs.	47 lbs.
Power Consumption	900w (2x450w)	450W	450w	450w
DC power available	Optional	Optional	Optional	Optional
Power	100–240VAC (50/60Hz)
Temperature	0° to 35° C (operating) –40° to 70° C (non-operating)
Relative humidity (non- condensing)	Operational: 10% to 90% Non-operational: 5% to 95%
Altitude	0 to 10000 feet
Safety certification	UL 1950, CSA-C22.2 No. 950, EN-60950, IEC 950, EN 60825, IEC 60825, 21CFR1040 CB license and report covering all national country deviations.
EMI certification	FCC Part 15, Class A (CFR 47) (USA) ICES-003 Class A (Canada), EN55022 Class A (Europe), CISPR22 Class A (Int’l)