McAfee Enhances Network Security PlatformBy Nathan Eddy | Print
The latest release of Network Security Platform includes enhanced botnet control and traffic redirect capabilities.
Security specialist McAfee announced enhancements to its Network
Security Platform, including enhanced botnet control through reputation
intelligence, virtual network inspection and a traffic analysis port
for network monitoring, forensics and other advanced analysis engines.
In addition, real-time, reputation-based intelligence through McAfee
Global Threat Intelligence provides Network Security Platform users
with additional context for enforcing network security policies.
The latest release of Network Security Platform includes enhanced botnet control, where file and network connection reputation feeds from cloud-based Global Threat Intelligence allows the Network Security Platform to perform in-line botnet prevention based on over 60 million malware samples and the reputation of hundreds of millions of network connections based on over two billion IP reputation queries each month. This external intelligence is designed to provide vital context for faster, more accurate detection and prevention.
Traffic redirect capabilities allow arbitrary network traffic to be subjected to additional inspection by McAfee and third party products, including data loss prevention, network forensics and advanced malware analysis tools, while virtual network inspection enables the Network Security Platform sensors to examine inter-virtual machine traffic on virtual environments and provide attack detection for virtual data center environments. Network Security Platform can inspect traffic both within virtual environments and between virtual and physical environments.
"Our customers need more than just signature-based IPS," said Rees Johnson, senior vice president and general manager of network security for McAfee. "McAfee Network Security Platform goes well beyond traditional Network IPS with the addition of McAfee Global Threat Intelligence, support for virtual environments, and the ability to correlate across endpoint and network products."
In the most recent Gartner Magic Quadrant for Network IPS1, the research firm stated as vulnerability research has improved, the gap between vulnerability exploitation and IPS signatures to protect that vulnerability has closed, and future protection improvements of significance will come from bringing intelligence into the IPS from external sources instead – points the IPS does not normally have visibility within.
"When building out Savvis’ enterprise cloud offerings, it was imperative that we base our cloud architecture on a strong security foundation with the right tools to provide customers peace of mind as they begin leveraging new cloud technologies in the data center," said Ken Owens, Savvis, technical vice president for security and virtualization technologies. "Bringing together two best-of-breed solutions like Reflex and McAfee to meet the unique, dynamic security and management challenges in both the physical and virtual infrastructure will go a long way in helping accelerate the adoption of virtualization and cloud technology."