McAfee Network Security Platform

McAfee Network Security Platform

A uniquely intelligent intrusion prevention security solution that discovers and blocks sophisticated threats in the network

Next Steps:

Overview

McAfee Network Security Platform is an intelligent intrusion prevention system (IPS) solution that discovers and blocks sophisticated threats in the network. Using multiple, advanced signature-less detection techniques such as Advanced Threat Defense, real-time emulation, and endpoint integration, it moves beyond mere pattern matching to offer advanced network intrusion detection that defends against unknown stealthy attacks with extreme accuracy. The next-generation hardware platform scales to speeds of over 40 Gbps, ensuring performance is available to meet the needs of demanding networks.

With its Security Connected approach to security management, Network Security Platform organizes multiple security technologies to collectively tackle elusive and evasive attacks that are missed when only one approach is used in an intrusion detection system (IDS). This intelligent application of behavioral heuristics with real-time McAfee Global Threat Intelligence feeds accurately identifies and prevents malicious attacks for which no signature exists.

All security and management information is displayed in a correlated format that reduces the time needed and human error in detecting network intrusions. Tasks are energized when details are prioritized, so only the needed IPS/IDS data is progressively disclosed precisely when it is needed. Time saved and errors avoided drive down operation costs and free personnel to work on other projects. Network Security Platform streamlines security operations with beyond layer-7 visibility to expose hidden attack patterns for fast, accurate response to network-borne attacks.

AV-Test validates McAfee signature-less blocking at 99.98%.

Read Report

McAfee leads in IPS security and value

Download NSS Labs Report

Features & Benefits

Attain unparalleled network intrusion prevention

Unparalleled intrusion detection and prevention is born from identifying both the known and unknown attack. Leveraging multiple signature-less intrusion detection engines as well as ultra-efficient, vulnerability-based signature detection, this next generation network IPS appliance expertly defends against advanced malware and zero-day attacks with unprecedented accuracy. Advanced signature-less inspection of malware provides comprehensive protection from the unknown attack, while low-touch signature defenses efficiently defend against known threats, all the while keeping administration efforts and operation costs low.

Get an intelligent intrusion detection system

Reduce the expertise needed and time required to monitor and investigate security events, while simplifying the administration of large and complex deployments. Progressive disclosure delivers the right IPS/IDS information when and where you need it through guided drill downs, while hierarchal management scales for the largest deployments.

Leverage global malware protection

Get comprehensive malware coverage by intelligently directing a portfolio of antimalware defenses. Confidently reduce malware security holes, with more defenses than any other vendor, against this newest and deadliest network security attack vector.

Use our Security Connected framework

Improve network security posture, optimizes network security for greater cost effectiveness, and aligns intrusion detection and prevention strategically with business initiatives. Security Connected is McAfee’s integrated approach to network IPS that seamlessly incorporates data and workflows from other security products.

Attain performance and scalability

Get reliable performance so the best intrusion prevention appliance is available under the heaviest loads, as the network grows, or even if segments of the network fail. Achieve high-performance, multi-gigabit throughput even when next-generation features, enabled with stateful fail-over, are available.

Gain visibility and control

Get user and device intelligence that seamlessly integrates into controls, analysis, and reporting in deep applications. This deep visibility uncovers suspicious anomalies that cannot be seen in aggregate, allowing more flexibility to align control policies to the needs of the organization.

Demos / Tutorials

Demos

Network Security Platform is an intrusion prevention appliance that uses multiple detection engines to alert on today’s stealthy malware.

Use event correlation and progressive disclosure workflows to prioritize events, improve detection, and speed investigation.

Network Security Platform uses new advanced intrusion detection capabilities to uncover both known and unknown botnets.

Network Security Platform includes application visibility and control of over 1,100 applications and protocols.

Prevent denial-of-service attempts through connection limiting based on geo-location, IP reputation, and a number of other factors.

McAfee Endpoint Intelligence provides real-time, per-flow endpoint traffic correlation. This solution leverages intelligence in the network and on every Windows host to reveal relationships between endpoint executables and network traffic flows.

Network Security Platform incorporates McAfee Global Threat Intelligence to check the reputation of network communications based on billions of unique file, IP, URL, protocol, and geo-location data around the globe.

Tutorials

Explore the key features of McAfee Network Security Platform and learn more about how it integrates with McAfee Vulnerability Manager and McAfee ePolicy Orchestrator.

Videos

Learn how McAfee Network Security Platform supercharges your security to avoid zero-day threats.

Your IPS needs both signature and signature-less defenses.

Awards / Reviews

NSS Labs
Malware Threat Detection Effectiveness

In testing performed by NSS Labs, McAfee Network Security Platform has the highest security effectiveness rate, blocking more exploits than other IPS vendors.

NSS Labs
NSS Labs issues highly coveted Recommended rating for McAfee Network Security platform

NSS Labs tests the industry's leading Network Intrusion Prevention vendors on dozens of criteria and releases their finding in Product Analysis Reports. Read NSS Labs latest Security Value Map report to see how McAfee has become the leader in security and value as rated by NSS Labs.

CRN
CRN Ranks McAfee in their 2013 Top 25 Best Companies to Partner With

Ranked by IT solution providers (SPs), CRN Research ranks the Top 25 must-have technology suppliers from a list of nearly 230 companies in 12 product categories that SPs need to consider when formalizing their partnerships today and for the future. 1,000 unique SPs of all types and sizes were surveyed.

Gartner
Magic Quadrant for Intrusion Prevention Systems 2013

McAfee is a Leader (again) in Gartner Magic Quadrant for Intrusion Prevention Systems.

Customer Stories

Bank Central Asia

Bank Central Asia implemented McAfee solutions to protect its network, data, and 20,000 endpoints.

Highlights
  • Eased compliance with internal and industry regulations.
  • Resulted in time savings with centralized management.
  • Provided integrated solutions to keep computers, the network, and data protected.

City of Chicago

The City of Chicago’s recently formed Information Security Office (ISO) is charged with overseeing cybersecurity across all areas of the city, including critical infrastructure within the water, aviation, and public safety departments.

Highlights
  • Maximized staff resources.
  • Malware incidents reduced by 2,000%.
  • Centralized management and analysis.
  • Integrated security event logging that captures events throughout the environment.

CSS Corp

CSS Corp has deployed McAfee Network Security Platform sensors protecting network traffic at its gateways globally.

Highlights
  • Provided centralized management, control, and reporting on overall functioning of security environment
  • Ensured compliance with ISO277001 and PCI DSS
  • Contributed to network availability to meet SLAs
  • Maintained comprehensive protection from external and internal security threats

Dongfeng Nissan Passenger Vehicle Co., Ltd.

With robust integration features built into ePO, users can handle data events and achieve stronger monitoring and control easily and quickly through the platform.

Highlights
  • Protected intellectual property

Eagle Rock Energy

Eagle Rock Energy Partners is an energy company focused on upstream activities, including oil and gas drilling, production, and development. Eagle Rock has working oil and gas properties and development opportunities in the midcontinent area, Permian, and southeast regions of Texas, as well as Oklahoma, Arkansas, Southern Alabama, Mississippi, and Louisiana.

Highlights
  • Integrated security architecture paves the way for business expansion.
  • Comprehensive threat detection ensures that security events from every source are noted and logged.
  • The combination of McAfee Web Gateway and McAfee Advanced Threat Defense thwarts inbound threats from the Internet.
  • Intrusion prevention monitors both external and internal activity.

Macquarie Telecom

McAfee solutions offer integrated protection from distributed denial-of service (DDoS) threats at the Macquarie Telecom perimeter.

Highlights
  • Fully integrated security platform easily managed from a central dashboard.
  • Visibility and control for clients over their hosted security environments.
  • Competitive advantage through partnership with a trusted technology provider.

Texas Tech University Health Sciences Center

Texas Tech University Health Sciences Center (TTUHSC) offers programs in medicine, nursing, pharmacy, biomedicine and health sciences.

Highlights
  • Extensible compliance reporting.
  • Block thousands of attacks.
  • Security audits in minutes.
  • Improve visibility and productivity.

News / Events

Resources

Data Sheets

McAfee Network Security Platform (NS-Series)

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Network Security Platform (M-Series)

For a technical summary on the McAfee product listed above, please view the product data sheet.

Virtual Network Security Platform

McAfee Network Security Platform virtual sensor is a full-featured advanced intrusion prevention system (IPS) solution ready for the unique demands of virtual environments. This intelligent security solution discovers and blocks sophisticated threats in virtual networks with unmatched speed, accuracy, and simplicity.

Infographics

SANS Top 20 Critical Controls Poster

The top 20 critical controls for effective cyberdefense.

Get a True Understanding of Malware DNA

McAfee Network Security Platform can amplify existing signature and snort-based technologies to provide a true understanding of malware DNA.

Bury Threats Before They Bury Your Business

Bury threats with McAfee’s Network Security Platform comprehensive signature-less approach to malware detection.

Reports

SANS Report: Critical Security Controls: From Adoption to Implementation

A recent SANS survey provides an in-depth look at the primary industries adopting critical security controls and how they approach implementation.

AV-Test Signature-less IPS Report

Signatures are great for blocking known attacks, but a comprehensive signature-less architecture is needed to block new and unknown attacks. AV-Test validated that McAfee signature-less inspection blocks 99.98% of malware without any signatures enabled. Read the report to learn how McAfee IPS has raised the bar on IPS inspection and enables security beyond the signature.

Data Center IPS Comparative Analysis: Total Cost of Ownership

By using total cost of ownership (TCO) instead of purchase price, it is possible to factor in management of the device via labor costs associated with product installation, maintenance, upkeep, and tuning.

NSS Labs 2014 Comparative Analysis Report for McAfee Network Security Platform NS-9300

NSS Labs Ranks McAfee as a Leader in Security and Value.

NSS Labs 2013 Product Analysis Report for McAfee Network Security Platform NS-9200

NSS Labs Ranks McAfee as a Leader in Security and Value.

Magic Quadrant for Intrusion Prevention Systems 2013

McAfee Is a Leader (Again) in Gartner Magic Quadrant for Intrusion Prevention Systems

Next-Generation Network Security

McAfee and Intel have joined forces to create next-generation network security that detects threats before they reach networks.

McAfee IPS Appliance Test

AV-TEST performed a review of McAfee’s IPS solution for the enterprise to determine malware detection and blocking capabilities.

NSS Labs 2012 Product Analysis Report for McAfee Network Security Platform M-8000

NSS Labs tests the industry's leading Network Intrusion Prevention vendors on dozens of criteria and releases their finding in Product Analysis Reports. In this report, the McAfee Network Security Platform M-8000 is rated on its security effectiveness, performance, management, TCO and overall value.

Solution Briefs

Advanced Threat Defense for Network IPS

Many of today’s unknown, zero-day threats evade traditional signature-based defenses. The addition of third-party sandbox appliances can help, but they have several limitations: high cost of deployment, reliance on a generic virtualized environments, and limited analysis techniques, making the sandbox vulnerable to crafty malware designed to bypass analysis. McAfee Network Security Platform IPS and McAfee Advanced Threat Defense work together to find sophisticated threats, freeze them so they cannot infiltrate, and fix the damage done.

SIEM: Five Requirements that Solve the Bigger Business Issues

McAfee spoke with SIEM users and asked them to tell us about their primary issues with SIEM. This brief lists the top five issues along with corresponding customer case studies and use cases.

McAfee Network Security Platform: Services Solutions for Managed Service Providers (MSP)

With attacks on the rise, IT budgets constrained, and experienced security personnel in short supply, businesses are looking to Managed Service Providers to help fill the gap. McAfee Network Security Platform is uniquely intelligent and purpose-built to offer unmatched protection, performance, and multitenant scale for your intrusion prevention system (IPS) services.

Counter Stealthy Malware

The most menacing type of cyberattack is invisible. Using sophisticated techniques to hide its presence, stealthy malware may operate outside of the OS or move dynamically across endpoints to conceal the attackers’ actions. The risk to enterprises is real, with high-profile attacks such as Operation High Roller impacting companies around the globe. Traditional antivirus or intrusion prevention systems are no match for this new breed of stealthy malware; instead, enterprises need layered security controls that work together to detect the presence and actions of stealthy malware and attackers.

Supercharge Your Security with IPS and SIEM

McAfee Network Security Platform and McAfee Enterprise Security Manager bring together real-time network protection, enterprise-wide situational awareness, and a responsive, investigation platform — in a seamlessly integrated solution that identifies and blocks more threats while ensuring rapid response to successful attacks as they emerge.

White Papers

SANS Survey: Incident Response – How to Fight Back

SANS recently surveyed incident response (IR) teams to get a clearer picture of what they're up against today. The results are in; most organizations lack formalized IR plans, they expressed a need to collect and correlate threat intelligence and SIEM tools are their focus for improving IR capabilities.

The Blended IPS: Leveraging Snort and Optimizing Malware Security

This paper is to present the satisfied Snort user and open source security proponent with an effective way to add advanced malware detection and automated threat blocking to an existing Snort-based intrusion prevention system (IPS).

Conquer the Top 20 Critical Security Controls

Critical Security Controls (CSCs) help organizations break down operational silos by providing a pragmatic blueprint detailing where to focus efforts to achieve the greatest results. This white paper maps the quick wins within the first five CSCs to associated McAfee products, services, and partner solution capabilities — all part of the Security Connected platform.

Signature-less IPS: Secure Beyond the Signature

Learn how the McAfee signature-less intrusion prevention system (IPS) technology is changing the way malware is detected and blocked. Signature-based detection provides an important foundation for intrusion inspection, but a layered signature-less architecture greatly enhances malware detection and reduces the risk. Read about the seven signature-less detection methods McAfee offers and how they are transforming IPS.

Beyond Layer-7 Visibility: A Simpler Path to Endpoint Intelligence

Security products with layer-7 visibility are great. But in order to dramatically improve your understanding of security events, you need to extend your vision to the specific application processes responsible for initiating a connection. It’s something we call Beyond Layer-7 Visibility.

Security Management 2.5 – Replacing Your SIEM Yet?

This paper will walk you through the entire process — from soup to nuts — of evaluating, selecting, and deploying a SIEM. It offers pragmatic advice on how to get it done based on years working through this process as both consumers and vendors of SIEM technology. The process is not always painless, but we are certain it will help you avoid foundering on bad technology and inter-office politics. You owe it to yourself and your organization to ask the right questions and to get answers. It is time to slay the sacred cow of your substantial SIEM investment, and to figure out your best path forward.

The 7 Deadly Threats to 4G - 4G LTE Security Roadmap and Reference Design

This paper provides a detailed review of seven threats that take on unique profiles within 4G networks. It also offers a security reference architecture to efficiently counter these threats with minimal cost or service disruption.

Security Connected from McAfee: Comprehensive, Cost-Effective Security

With federal budgets trending downward and both cyberthreats and mandates heading upward, the question becomes, "Can you get comprehensive cybersecurity that provides real-time threat visibility and protection at a reasonable cost? The answer is yes."

A Prudent Approach to Next-Generation Network Security

According to Enterprise Strategy Group, a prudent approach to next-generation network security requires more hands-on planning, product evaluations, and real-world testing — and less reliance on third-party lab testing and market reports alone.

McAfee Network Security Platform: The Next-Generation Network IPS

This white paper discusses how the McAfee Network Security Platform can help organizations unify network security across physical and virtual environments, streamline security operations, and protect themselves from emerging malware, zero-day attacks, denial-of-service exploits and advanced targeted attacks.

Consolidate Network Security to Reduce Cost and Maximize Enterprise Protection

Learn how McAfee Network Security Platform helps you realize greater consolidation benefits while minimizing project costs and disruption to your production environment.

Combating Advanced Persistent Threats

Learn how to prevent, detect, and remediate APTs.

Defining Next-Generation Network Intrusion Prevention

Gartner defines "network intrusion prevention" as an in-line security control that implements attack detection and mitigation between networks of different trust levels in real time.

Solving Critical Challenges of the Virtualized Data Center

Brocade and McAfee have partnered on a portfolio of offerings that seamlessly blend network innovations and security management to address the challenges of both physical and virtual environments.

Protect Critical Assets with Virtual Patching—Closing the Vulnerability Window Using Predictive Threat Protection

The McAfee virtual patching solution provides a layered approach to security risk management, while adding the ability to apply a virtual patching strategy to your existing change-management process. It combines proven defenses and security insight with real-time Global Threat Intelligence to close the vulnerability window until patching can occur through your regular change-management processes.

The New Era of Botnets

This white paper examines how criminal bots have evolved, looks at the industry that supports their creation and distribution, and predicts where these threats are headed.

Community

Blogs

  • At Intel Security, Protecting Customers Takes Precedence Over Seeking Headlines
    Christiaan Beek - November 21, 2014

    One question I often hear is “When will Intel Security (McAfee) publish a report on the latest threat?” It seems to be a hot trend today for security companies to offer reports with topics such as “Operation X” or “Malware Y,” or to trumpet how many zero-day vulnerabilities they have found. Do we now measure […]

    The post At Intel Security, Protecting Customers Takes Precedence Over Seeking Headlines appeared first on McAfee.

  • White Networks
    Tyson Macaulay - November 14, 2014

    Internet of Things (IoT) needs “white networks” to scale and deliver the assurance we require for machine-things; white as in “clean and pure”. The IoT will contain all the devices on the current internet, plus many new devices used for machine-to-machine and industrial applications and services.  In contrast to a “white network” I would assess […]

    The post White Networks appeared first on McAfee.

  • When Fingerprints Fail (Blog 1 of 4)
    Steve Grossenbacher - November 13, 2014

    We’ll be releasing four blog posts over the next week.  Each blog will contain a repeated clue word to help you solve the puzzle below.  Track all four clues to help solve the final puzzle and a chance to win a Nikon D3200 DSLR camera and 18-55mm lens!.   To enter the contest, after the […]

    The post When Fingerprints Fail (Blog 1 of 4) appeared first on McAfee.

  • Exploit Kits Improve Evasion Techniques
    Rajesh Nataraj KP - November 12, 2014

    Exploit kits are toolkits that malicious developers use to take advantage of client-side vulnerabilities, targeting web browsers and programs that can be accessed through browsers. The most common exploit targets are Java, Flash, PDFs, and Silverlight. Exploit kits use lots of techniques to evade detection by security products. Exploit kits use several common techniques: Code […]

    The post Exploit Kits Improve Evasion Techniques appeared first on McAfee.

  • Farewell to FOCUS 14
    McAfee Enterprise - November 6, 2014

    While the dust in Las Vegas may still be settling from three jam-packed days of security discussions, demos, expert panels, and more, we‘ve brought back with us valuable takeaways and tales from FOCUS 14. During the 7th annual McAfee FOCUS conference, brought to you by Intel Security, we talked with partners about the future of […]

    The post Farewell to FOCUS 14 appeared first on McAfee.