McAfee Network Security Platform

McAfee Network Security Platform

Solution de sécurité dont l'intelligence unique lui permet d'identifier et de bloquer des menaces sophistiquées sur le réseau

Etapes suivantes :

Présentation

McAfee Network Security Platform est une solution de sécurité intelligente qui identifie et bloque les menaces sophistiquées sur le réseau. Grâce à diverses techniques avancées de détection sans signatures telles qu'Advanced Threat Defense, à l'émulation en temps réel et à l'intégration des terminaux, elle va au-delà de la simple mise en correspondance de modèles pour offrir une protection extrêmement précise contre les attaques furtives inconnues. La plate-forme matérielle de nouvelle génération prend en charge des débits supérieurs à 40 Gbit/s afin d'offrir des performances capables de répondre aux besoins des réseaux les plus exigeants.

Fondé sur l'approche Security Connected de la gestion de la sécurité, Network Security Platform est capable d'organiser plusieurs technologies de protection de façon à assurer un blocage collectif des attaques par contournement, difficiles à cerner, qu'une approche unique ne permet pas de détecter. Cette application intelligente d'analyse heuristique comportementale bénéficiant des flux de renseignements McAfee Global Threat Intelligence en temps réel identifie précisément les attaques malveillantes pour lesquelles il n'existe aucune signature.

Toutes les informations de sécurité et de gestion s'affichent sous une forme corrélée, ce qui rend les enquêtes moins longues et moins sujettes aux erreurs humaines. La solution hiérarchise les informations, de façon à ne divulguer que les données nécessaires progressivement et en fonction des besoins, ce qui permet une exécution plus dynamique des tâches. Le temps gagné et les erreurs évitées permettent de réduire les coûts d'exploitation et libère du personnel, qui peut ainsi se consacrer à d'autres projets. Network Security Platform rationalise les opérations de sécurité et offre une visibilité au-delà de la couche 7 afin d'exposer les modèles d'attaques dissimulés pour garantir une réponse rapide et précise aux attaques propagées par le réseau.

AV-Test validates McAfee signature-less blocking at 99.98%.

Read Report

McAfee leads in IPS security and value

Download NSS Labs Report

Fonctions et avantages

Protection inégalée contre les menaces

L'identification des menaces connues et inconnues garantit une prévention des menaces inégalée. Alliant plusieurs moteurs de détection sans signature à des fonctions ultraperformantes de détection des vulnérabilités basées sur les signatures, cette plate-forme IPS de nouvelle génération assure une protection extrêmement précise et efficace contre les logiciels malveillants avancés et les attaques de type « jour zéro ». L'inspection avancée sans signatures des logiciels malveillants offre une protection complète contre les attaques inconnues, tandis que les défenses basées sur des signatures à empreinte réduite bloquent efficacement les menaces connues, tout en simplifiant l'administration et en limitant les coûts d'exploitation.

Gestion intelligente de la sécurité

Réduisez l'expertise et le temps nécessaires pour surveiller et investiguer les événements de sécurité, tout en simplifiant l'administration des déploiements complexes de grande ampleur. La visualisation progressive fournit les informations appropriées au bon endroit et au moment opportun, grâce à un accès guidé aux données de détail. La gestion hiérarchique permet à la solution de s'adapter pour assurer la mise en œuvre de déploiements de grande envergure.

Protection globale contre les logiciels malveillants

Bénéficiez d'une protection complète contre les logiciels malveillants en tirant le meilleur parti d'une gamme complète de défenses antimalware. Réduisez en toute confiance les failles de sécurité propices aux logiciels malveillants grâce à la protection la plus complète du marché contre ce nouveau vecteur d'attaques susceptible de compromettre dangereusement la sécurité du réseau.

Cadre d'implémentation Security Connected

Le cadre d'implémentation Security Connected permet d'améliorer l'état de sécurisation du réseau, d'optimiser les systèmes de protection pour une meilleure rentabilité de l'investissement en sécurité et d'aligner les stratégies de sécurité avec les initiatives d'ordre commercial. Le cadre McAfee Security Connected offre une approche intégrée de la sécurisation du réseau qui rapproche de façon transparente les données et les flux d'autres produits de sécurité.

Performances et évolutivité

Bénéficiez de performances fiables garantissant une sécurisation optimale en cas de charge extrême, d'extension du réseau ou de défaillance de segments du réseau. Profitez d'un débit élevé, de l'ordre du multigigabit, même avec des fonctionnalités de nouvelle génération comprenant un système de reprise automatique dynamique.

Visibilité et contrôle

Obtenez des renseignements sur les utilisateurs et les équipements qui s'intègrent en toute transparence avec les contrôles, les fonctionnalités d'analyse et les applications de génération de rapports détaillés. Cette visibilité approfondie permet d'identifier les anomalies suspectes qui ne sont pas visibles sous forme agrégée, offrant ainsi davantage de flexibilité pour l'alignement des stratégies de contrôle sur les besoins de l'entreprise.

Démonstrations et didacticiels

Démonstrations

Network Security Platform is an intrusion prevention appliance that uses multiple detection engines to alert on today’s stealthy malware.

Use event correlation and progressive disclosure workflows to prioritize events, improve detection, and speed investigation.

Network Security Platform uses new advanced intrusion detection capabilities to uncover both known and unknown botnets.

Network Security Platform includes application visibility and control of over 1,100 applications and protocols.

Prevent denial-of-service attempts through connection limiting based on geo-location, IP reputation, and a number of other factors.

McAfee Endpoint Intelligence provides real-time, per-flow endpoint traffic correlation. This solution leverages intelligence in the network and on every Windows host to reveal relationships between endpoint executables and network traffic flows.

Network Security Platform incorporates McAfee Global Threat Intelligence to check the reputation of network communications based on billions of unique file, IP, URL, protocol, and geo-location data around the globe.

Didacticiels

Explore the key features of McAfee Network Security Platform and learn more about how it integrates with McAfee Vulnerability Manager and McAfee ePolicy Orchestrator.

Vidéos

Learn how McAfee Network Security Platform supercharges your security to avoid zero-day threats.

Your IPS needs both signature and signature-less defenses.

Distinctions et évaluations

NSS Labs
NSS Labs attribue la note « Recommandé » très convoitée à la solution McAfee Network Security Platform

NSS Labs teste les solutions de prévention des intrusions (IPS) réseau des principaux fournisseurs en fonction de dizaines de critères et publie ses conclusions dans des Rapports d'analyse de produit. Lisez le dernier rapport « Security Value Map » publié par NSS Labs et découvrez comment McAfee est devenu le leader dans le domaine de la sécurité et des solutions à grande valeur ajoutée selon la note attribuée par NSS Labs.

CRN
CRN inclut McAfee dans son classement des 25 meilleurs partenaires commerciaux de 2013

Parmi une liste de 230 entreprises dans 12 catégories de produits, CRN Research a établi un classement des 25 fournisseurs de technologies incontournables que les fournisseurs de solutions doivent prendre en considération lors de l'établissement de partenariats actuels et futurs. Au total, 1 000 fournisseurs de solutions de tous types et de toutes tailles ont été interrogés.

Gartner
Magic Quadrant 2013 pour les systèmes de prévention des intrusions

McAfee est (à nouveau) leader du Magic Quadrant de Gartner pour les systèmes de prévention des intrusions.

Témoignages de clients

Bank Central Asia (English)

Bank Central Asia implemented McAfee solutions to protect its network, data, and 20,000 endpoints.

Points forts
  • Eased compliance with internal and industry regulations.
  • Resulted in time savings with centralized management.
  • Provided integrated solutions to keep computers, the network, and data protected.

City of Chicago (English)

The City of Chicago’s recently formed Information Security Office (ISO) is charged with overseeing cybersecurity across all areas of the city, including critical infrastructure within the water, aviation, and public safety departments.

Points forts
  • Maximized staff resources.
  • Malware incidents reduced by 2,000%.
  • Centralized management and analysis.
  • Integrated security event logging that captures events throughout the environment.

CSS Corp (English)

CSS Corp has deployed McAfee Network Security Platform sensors protecting network traffic at its gateways globally.

Points forts
  • Provided centralized management, control, and reporting on overall functioning of security environment
  • Ensured compliance with ISO277001 and PCI DSS
  • Contributed to network availability to meet SLAs
  • Maintained comprehensive protection from external and internal security threats

Dongfeng Nissan Passenger Vehicle Co., Ltd. (English)

With robust integration features built into ePO, users can handle data events and achieve stronger monitoring and control easily and quickly through the platform.

Points forts
  • Protected intellectual property

Eagle Rock Energy (English)

Eagle Rock Energy Partners is an energy company focused on upstream activities, including oil and gas drilling, production, and development. Eagle Rock has working oil and gas properties and development opportunities in the midcontinent area, Permian, and southeast regions of Texas, as well as Oklahoma, Arkansas, Southern Alabama, Mississippi, and Louisiana.

Points forts
  • Integrated security architecture paves the way for business expansion.
  • Comprehensive threat detection ensures that security events from every source are noted and logged.
  • The combination of McAfee Web Gateway and McAfee Advanced Threat Defense thwarts inbound threats from the Internet.
  • Intrusion prevention monitors both external and internal activity.

Macquarie Telecom (English)

McAfee solutions offer integrated protection from distributed denial-of service (DDoS) threats at the Macquarie Telecom perimeter.

Points forts
  • Fully integrated security platform easily managed from a central dashboard.
  • Visibility and control for clients over their hosted security environments.
  • Competitive advantage through partnership with a trusted technology provider.

Mainova AG (English)

McAfee powers network security for energy supplier Mainova AG.

Points forts
  • Delivered complete protection with lower operation cost — only three IT staff members required to monitor IDS/IPS solution
  • Deployed new system within three weeks of installation
  • Simplified and centralized administration of configuration and guidelines for handling threats
  • Precisely identified and blocked threats in real time
  • Provided full transparency when monitoring network traffic

State of Alaska (English)

The State of Alaska saved money by consolidating with McAfee products.

Points forts
  • Saved a projected $3.8 million and improved operational and team efficiency
  • Dramatically improved security posture without increasing headcount
  • Allowed for greater budget predictability with the flexibility to adapt and grow security as needs change

Texas Tech University Health Sciences Center (English)

Texas Tech University Health Sciences Center (TTUHSC) offers programs in medicine, nursing, pharmacy, biomedicine and health sciences.

Points forts
  • Extensible compliance reporting.
  • Block thousands of attacks.
  • Security audits in minutes.
  • Improve visibility and productivity.

Actualités et événements

Ressources

Fiches techniques

McAfee Network Security Platform (M-Series)

Pour un compte rendu technique sur le produit McAfee présenté ci-dessus, veuillez consulter la fiche technique correspondante.

McAfee Network Security Platform (NS-Series)

Pour un compte rendu technique sur le produit McAfee présenté ci-dessus, veuillez consulter la fiche technique correspondante.

Virtual Network Security Platform (English)

McAfee Network Security Platform virtual sensor is a full-featured advanced intrusion prevention system (IPS) solution ready for the unique demands of virtual environments. This intelligent security solution discovers and blocks sophisticated threats in virtual networks with unmatched speed, accuracy, and simplicity.

Virtual Network Security Platform

McAfee Network Security Platform virtual sensor is a full-featured advanced intrusion prevention system (IPS) solution ready for the unique demands of virtual environments. This intelligent security solution discovers and blocks sophisticated threats in virtual networks with unmatched speed, accuracy, and simplicity.

Infographics

SANS Top 20 Critical Controls Poster (English)

The top 20 critical controls for effective cyberdefense.

Get a True Understanding of Malware DNA (English)

McAfee Network Security Platform can amplify existing signature and snort-based technologies to provide a true understanding of malware DNA.

Bury Threats Before They Bury Your Business (English)

Bury threats with McAfee’s Network Security Platform comprehensive signature-less approach to malware detection.

Livres blancs

SANS Survey: Incident Response – How to Fight Back (English)

SANS recently surveyed incident response (IR) teams to get a clearer picture of what they're up against today. The results are in; most organizations lack formalized IR plans, they expressed a need to collect and correlate threat intelligence and SIEM tools are their focus for improving IR capabilities.

The Blended IPS: Leveraging Snort and Optimizing Malware Security (English)

This paper is to present the satisfied Snort user and open source security proponent with an effective way to add advanced malware detection and automated threat blocking to an existing Snort-based intrusion prevention system (IPS).

Conquer the Top 20 Critical Security Controls (English)

Critical Security Controls (CSCs) help organizations break down operational silos by providing a pragmatic blueprint detailing where to focus efforts to achieve the greatest results. This white paper maps the quick wins within the first five CSCs to associated McAfee products, services, and partner solution capabilities — all part of the Security Connected platform.

Signature-less IPS: Secure Beyond the Signature (English)

Learn how the McAfee signature-less intrusion prevention system (IPS) technology is changing the way malware is detected and blocked. Signature-based detection provides an important foundation for intrusion inspection, but a layered signature-less architecture greatly enhances malware detection and reduces the risk. Read about the seven signature-less detection methods McAfee offers and how they are transforming IPS.

Beyond Layer-7 Visibility: A Simpler Path to Endpoint Intelligence (English)

Security products with layer-7 visibility are great. But in order to dramatically improve your understanding of security events, you need to extend your vision to the specific application processes responsible for initiating a connection. It’s something we call Beyond Layer-7 Visibility.

Security Management 2.5 – Replacing Your SIEM Yet? (English)

This paper will walk you through the entire process — from soup to nuts — of evaluating, selecting, and deploying a SIEM. It offers pragmatic advice on how to get it done based on years working through this process as both consumers and vendors of SIEM technology. The process is not always painless, but we are certain it will help you avoid foundering on bad technology and inter-office politics. You owe it to yourself and your organization to ask the right questions and to get answers. It is time to slay the sacred cow of your substantial SIEM investment, and to figure out your best path forward.

The 7 Deadly Threats to 4G - 4G LTE Security Roadmap and Reference Design (English)

This paper provides a detailed review of seven threats that take on unique profiles within 4G networks. It also offers a security reference architecture to efficiently counter these threats with minimal cost or service disruption.

Security Connected from McAfee: Comprehensive, Cost-Effective Security (English)

With federal budgets trending downward and both cyberthreats and mandates heading upward, the question becomes, "Can you get comprehensive cybersecurity that provides real-time threat visibility and protection at a reasonable cost? The answer is yes."

A Prudent Approach to Next-Generation Network Security (English)

According to Enterprise Strategy Group, a prudent approach to next-generation network security requires more hands-on planning, product evaluations, and real-world testing — and less reliance on third-party lab testing and market reports alone.

McAfee Network Security Platform: The Next-Generation Network IPS (English)

This white paper discusses how the McAfee Network Security Platform can help organizations unify network security across physical and virtual environments, streamline security operations, and protect themselves from emerging malware, zero-day attacks, denial-of-service exploits and advanced targeted attacks.

Consolidate Network Security to Reduce Cost and Maximize Enterprise Protection (English)

Learn how McAfee Network Security Platform helps you realize greater consolidation benefits while minimizing project costs and disruption to your production environment.

Combating Advanced Persistent Threats (English)

Learn how to prevent, detect, and remediate APTs.

Defining Next-Generation Network Intrusion Prevention (English)

Gartner defines "network intrusion prevention" as an in-line security control that implements attack detection and mitigation between networks of different trust levels in real time.

Solving Critical Challenges of the Virtualized Data Center (English)

Brocade and McAfee have partnered on a portfolio of offerings that seamlessly blend network innovations and security management to address the challenges of both physical and virtual environments.

Protection des actifs critiques par l'application de patchs virtuels

Limiter l'exposition aux vulnérabilités grâce à une protection prédictive contre les menaces.

The New Era of Botnets (English)

This white paper examines how criminal bots have evolved, looks at the industry that supports their creation and distribution, and predicts where these threats are headed.

Présentations de solution

Advanced Threat Defense for Network IPS (English)

Many of today’s unknown, zero-day threats evade traditional signature-based defenses. The addition of third-party sandbox appliances can help, but they have several limitations: high cost of deployment, reliance on a generic virtualized environments, and limited analysis techniques, making the sandbox vulnerable to crafty malware designed to bypass analysis. McAfee Network Security Platform IPS and McAfee Advanced Threat Defense work together to find sophisticated threats, freeze them so they cannot infiltrate, and fix the damage done.

Solutions SIEM : cinq impératifs pour résoudre les grands défis des entreprises d'aujourd'hui

McAfee spoke with SIEM users and asked them to tell us about their primary issues with SIEM. This brief lists the top five issues along with corresponding customer case studies and use cases.

McAfee Network Security Platform: Services Solutions for Managed Service Providers (MSP) (English)

With attacks on the rise, IT budgets constrained, and experienced security personnel in short supply, businesses are looking to Managed Service Providers to help fill the gap. McAfee Network Security Platform is uniquely intelligent and purpose-built to offer unmatched protection, performance, and multitenant scale for your intrusion prevention system (IPS) services.

Counter Stealthy Malware (English)

The most menacing type of cyberattack is invisible. Using sophisticated techniques to hide its presence, stealthy malware may operate outside of the OS or move dynamically across endpoints to conceal the attackers’ actions. The risk to enterprises is real, with high-profile attacks such as Operation High Roller impacting companies around the globe. Traditional antivirus or intrusion prevention systems are no match for this new breed of stealthy malware; instead, enterprises need layered security controls that work together to detect the presence and actions of stealthy malware and attackers.

Supercharge Your Security with IPS and SIEM (English)

McAfee Network Security Platform and McAfee Enterprise Security Manager bring together real-time network protection, enterprise-wide situational awareness, and a responsive, investigation platform — in a seamlessly integrated solution that identifies and blocks more threats while ensuring rapid response to successful attacks as they emerge.

Rapports

SANS Report: Critical Security Controls: From Adoption to Implementation (English)

A recent SANS survey provides an in-depth look at the primary industries adopting critical security controls and how they approach implementation.

AV-Test Signature-less IPS Report (English)

Signatures are great for blocking known attacks, but a comprehensive signature-less architecture is needed to block new and unknown attacks. AV-Test validated that McAfee signature-less inspection blocks 99.98% of malware without any signatures enabled. Read the report to learn how McAfee IPS has raised the bar on IPS inspection and enables security beyond the signature.

Data Center IPS Comparative Analysis: Total Cost of Ownership (English)

By using total cost of ownership (TCO) instead of purchase price, it is possible to factor in management of the device via labor costs associated with product installation, maintenance, upkeep, and tuning.

NSS Labs 2014 Comparative Analysis Report for McAfee Network Security Platform NS-9300 (English)

NSS Labs Ranks McAfee as a Leader in Security and Value.

NSS Labs 2013 Product Analysis Report for McAfee Network Security Platform NS-9200 (English)

NSS Labs Ranks McAfee as a Leader in Security and Value.

Magic Quadrant for Intrusion Prevention Systems 2013 (English)

McAfee Is a Leader (Again) in Gartner Magic Quadrant for Intrusion Prevention Systems

Next-Generation Network Security (English)

McAfee and Intel have joined forces to create next-generation network security that detects threats before they reach networks.

McAfee IPS Appliance Test (English)

AV-TEST performed a review of McAfee’s IPS solution for the enterprise to determine malware detection and blocking capabilities.

NSS Labs 2012 Product Analysis Report for McAfee Network Security Platform M-8000 (English)

NSS Labs tests the industry's leading Network Intrusion Prevention vendors on dozens of criteria and releases their finding in Product Analysis Reports. In this report, the McAfee Network Security Platform M-8000 is rated on its security effectiveness, performance, management, TCO and overall value.

Communauté

Blogs