Data Center Network Security

Providing full-scale virtualization in a cloud environment

Next Steps:

Overview

The transformation of enterprise data centers by large-scale virtualization and private cloud developments demands an innovative approach to network security, one that combines a comprehensive threat detection model with extremely high levels of inspection efficiency, scalable performance, native integration with key virtualization technologies, and single-console management integration.

The McAfee Data Center Network Security solution includes McAfee Network Security Platform and delivers on the essential requirements for data center networks. Network Security Platform combines advanced threat detection, scalable in-line performance, and next-generation IPS controls that operate seamlessly across physical and virtual environments.

High performance for modern data center network fabrics — Maintain line rate performance in flat, high-capacity network fabrics, even with aggressive security policies and variable, real-world traffic conditions.

Scalable deployment options from 10 to 80 Gbps — McAfee Network Security Platform XC Cluster allows organizations to scale gracefully and incrementally from 10 Gbps of inspection all the way up to 80 Gbps of throughput, and provides 32 million concurrent connections.

Integrated inspection for physical and virtual environments — Inspect traffic and enforce policy on and between virtual machines, regardless of their physical residence. Native access to vCenter tools lets you integrate network security across virtual environments. Network Security Platform includes native inspection of virtual environments through full integration with the VMware vShield API.

Key Benefits

  • Adjust inspection performance as the network grows
    Scale from 10 Gbps all the way to 80 Gbps of IPS inspection under real-world conditions with McAfee Network Security Platform. Its modular deployment options allow organizations to gracefully grow the IPS cluster with network throughput and connection needs.
  • Benefit from identity-aware security
    Network Security Platform features identity-aware policy enforcement that enables accurate, automatic, and consistent application of policy across physical, virtual and cloud environments. Security profiles move dynamically with their virtual machines, and Network Security Platform tracks the physical host residence of every virtual machine.
  • Gain application awareness
    Provide Layer 7 detection and identification of more than 1,100 applications, including granular visibility into sub-applications (e.g., Zynga portfolio of Facebook games and IRC chat in Yahoo mail) with Network Security Platform. For each application, Network Security Platform provides analytics and graphical reporting for essential metrics, including risk rating, aggregate threats, and bandwidth consumed.
  • Spot and stop advanced threats with multi-factor traffic inspection
    Network Security Platform features an efficient inspection architecture that fully characterizes attacks based on a comprehensive and extensible range of detection methods.
  • Leverage integrated security management
    Network Security Platform is tightly integrated with McAfee ePolicy Orchestrator (McAfee ePO) software, enabling a consolidated view of risk and compliance across the enterprise, including up-to-the-minute assessments of at-risk infrastructure based on system vulnerabilities, network defenses, and endpoint security levels.
  • Multi-tenancy features for telcos and service providers
    Create up to 1,000 virtual IPS policies per appliance with granular policy control in each and unique rule-set capability, allowing management of network policies for separate customers or services — including features for mobile service providers.

Products

McAfee Next Generation Firewall
McAfee Next Generation Firewall

McAfee Next Generation Firewall (NGFW) secures enterprises against the most advanced attacks with highly-available, scalable, and flexible cutting-edge protections, all supported by Security Connected, the industry’s broadest and most sophisticated anti-threat ecosystem.

McAfee Total Protection for Data Loss Prevention
McAfee Total Protection for Data Loss Prevention

McAfee Total Protection for Data Loss Prevention (DLP) safeguards intellectual property and ensures compliance by protecting sensitive data wherever it lives – on the network, in storage systems, or at the endpoint, while saving time and money with centralized deployment, management, and reporting.

McAfee Network Security Platform
McAfee Network Security Platform

McAfee Network Security Platform is the industry’s leading next-generation network intrusion prevention system. It protects network-connected devices against advanced, targeted attacks through a combination of sophisticated defenses, including full stack inspection, protocol anomaly detection, advanced behavior analytics, and reputation-based analysis. It delivers integrated visibility and control of over 1,100 network-based applications. It provides hypervisor-aware Intrusion prevention, supports live migration of virtual machines, and scales up to 80 Gbps to meet the performance needs of the world’s most demanding networks.

Resources

Data Sheets

McAfee DLP Endpoint

For a technical summary on the McAfee product listed above, please view the product data sheet.

Network Security Platform XC Cluster

For a technical summary on the McAfee product listed above, please view the product data sheet.

White Papers

Scalable Network Security for the Virtualized Data Center

McAfee Network Security Platform is the only network solution that combines advanced threat detection, scalable in-line performance, and next-generation network intrusion prevention system (IPS) controls that operate seamlessly across physical and virtual environments.

Threats and Risks