A uniquely intelligent approach to network security
|McAfee® Network Security Platform is a uniquely intelligent security solution that discovers and blocks sophisticated threats in the network. Using advanced detection and emulation techniques, it moves beyond mere pattern matching to defend against stealthy attacks with extreme accuracy. This next-generation hardware platform scales to speeds of more than 40 Gbps with a single device to meet the needs of demanding networks. The Security Connected approach to security management streamlines security operations by combining realtime McAfee Global Threat Intelligence (McAfee GTI) feeds with rich contextual data about users, devices, and applications for fast, accurate response to network-borne attacks.|
Protection Against Today’s Stealthy Threats
Your network faces advanced, stealthy attacks that can evade traditional detection methods, leaving your network exposed to crippling breaches and downtime. Unfortunately, most organizations lack the financial and operational resources to implement and manage the combination of tools and technologies required to provide adequate defense. McAfee Network Security Platform is an integrated network security platform that combines intelligent threat prevention with intuitive security management to improve detection accuracy and streamline security operations. It provides industry-leading coverage against advanced threats, malware callbacks, zero-day threats, and denial-ofservice attacks. Built from the ground up for integration with McAfee’s Security Connected Ecosystem, McAfee’s Network Security Platform leverages security data from across the organization and help plug the security gaps often missed by other pieced-together security solutions.
Unparalleled threat prevention
McAfee Network Security Platform is based on a next-generation inspection architecture designed to perform deep inspection of network traffic while maintaining line-rate speeds. It uses a combination of advanced inspection technologies—including full protocol analysis, threat reputation, behavior analysis, and advanced malware analysis to detect and prevent both known and zero-day attacks on the network.
Comprehensive malware defense
Getting your hands on the data you need has never been easier. McAfee offers real-time integration with McAfee ePO software and McAfee Enterprise Security Manager for real-time correlation of network events across all relevant sources. Through integration with McAfee ePO software and McAfee Enterprise Security Manager, McAfee Network Security Platform gets an accurate view of threats as they relate to devices and users and which ones present the greatest risk to the organization. The solution incorporates device details, user information, endpoint security posture, vulnerability assessments, and other rich information to help organizations understand threat severity and business risk factors.
Performance and scalability
Get the best of both worlds—security and high performance. McAfee Network Security Platform combines a single-pass, protocol based inspection architecture with purpose built, carrier-class hardware to achieve real world inspection of more than 40 Gbps in a single device. Its ultra-efficient architecture preserves performance regardless of security settings, while other intrusion prevention system (IPS) solutions can experience up to 50% reduction in throughput with security over- performance policies.
Visibility and control
Make informed decisions about the applications and protocols on your network. McAfee Network Security Platform is the first and only IPS solution to combine advanced threat prevention and application awareness into a single security decision engine. We correlate threat activity with application usage, including layer 7 visibility of more than 1,500 applications and protocols, to allow you to make more informed decisions about which applications you allow on your network. In addition to application identification, McAfee Network Security Platform provides user and device visibility. It prioritizes risky hosts and users, including active botnets, through the identification of anomalous network behavior.
Intelligent security management
Make the most of your security investment through intelligent network security management. McAfee Network Security Manager offers scalable web-based management from two to several hundred network security appliances. It offers intuitive progressive disclosure workflows that guide administrators to relevant alerts as well as easy-to-use security dashboards that automatically prioritize events based on alert severity and relevancy. McAfee Network Security Platform integrates with McAfee ePO software to give your organization a consolidated view of risk and compliance across the entire enterprise, including up-to-the-minute assessments of at-risk infrastructure based on system vulnerabilities, network defenses, and endpoint security levels.
Unparalleled Advanced Threat prevention
- Signature-less, advanced malware analysis.
- Advanced botnet and malware callback detection.
- Behavior-based analysis and DDoS protection.
- Integration with McAfee Advanced Threat Defense.
- Real-time threat sharing with McAfee Threat Intelligence Exchange (TIE).
- Endpoint context via ePolicy Orchestrator® (McAfee ePO™).
- Endpoint process correlation via Endpoint Intelligence Agent.
- Data Sharing and Quarantine with McAfee Enterprise Security Manager (SIEM).
- Host Risk Analysis via McAfee Vulnerability Manager.
- Predictive malware detection via McAfee GTI.
Performance and availability
- Next Generation Architecture.
- Up to 40 Gbps throughput.
- Unrivaled SSL inspection performance.
- Industry-leading reliability.
- Active-active and active-passive availability.
Intelligent security management
- Intelligent alert correlation and prioritization.
- Robust malware investigation dashboards.
- Preconfigured investigation workflows.
- Scalable web-based management.
Visibility and control
- Application identification.
- User identification.
- Device identification.
Advanced threat prevention
- McAfee Gateway Anti Malware (GAM) Emulation engine.
- Adobe Flash behavioral analysis engine.
- Advanced evasion protection.
- Mobile threat reputation and cloud analysis.
Botnet and malware callback protection
- DNS/DGA Fast flux callback detection.
- DNS Sinkholing.
- Heuristic bot detection.
- Multiple attack correlation.
- Command and control database.
Advanced intrusion prevention
- IP defragmentation and TCP stream reassembly.
- McAfee, user-defined, and open-source signatures.
- Host quarantine and rate limiting.
- Inspection of virtual environments.
DoS and DDoS prevention
- Threshold and heuristic-based detection.
- Host-based connection limiting.
- Self-learning, profile-based detection.
- File reputation.
- IP reputation.
- Active-active and active-passive with stateful failover.
- External fail-open (active).
- Built-in fail-open.
Protocol tunneling support
- V4-in-V4, V4-in-V6, V6-in-V4, and V6-in-V6 tunnels.
- Q-in-Q Double VLAN.
McAfee Network Security Manager
- Tiered management (up to 1,000 sensors).
- User authentication (Radius and LDAP).
- Automated failover and fail-back.
- Disaster recovery of critical configuration data.
- Centralized, hierarchical policy management.