Looking to move beyond traditional Network Intrusion Prevention Systems (IPS), McAfee today announced enhancements to its Network Security Platform, including enhanced botnet control through reputation intelligence, virtual network inspection and a traffic analysis port for network monitoring, forensics and other analysis engines.
According to the Gartner Magic Quadrant for Network IPS, Gartner states, “As vulnerability research has improved, the gap between vulnerability exploitation and IPS signatures to protect that vulnerability has closed. Future protection improvements of significance will come from bringing intelligence into the IPS from external sources instead – points the IPS does not normally have visibility within.”
The latest release of McAfee Network Security Platform includes:
• Enhanced botnet control: File and network connection reputation feeds from cloud-based McAfee Global Threat Intelligence allows Network Security Platform to perform in-line botnet prevention based on over 60 million malware samples and the reputation of hundreds of millions of network connections based on over two billion IP reputation queries each month. This external intelligence provides vital context for faster, more accurate detection and prevention.
• Traffic analysis port: Traffic redirect capabilities allow arbitrary network traffic to be subjected to additional inspection by McAfee and third party products, including data loss prevention, network forensics and advanced malware analysis tools.
• Virtual network inspection: Enables the Network Security Platform sensors to examine inter-virtual machine traffic on virtual environments and provide attack detection for virtual data center environments. Network Security Platform can inspect traffic both within virtual environments and between virtual and physical environments, giving organizations the same level of visibility regardless of where the traffic flows.
“Our customers need more than just signature-based IPS,” said Rees Johnson, senior vice president and general manager of network security, McAfee. “McAfee Network Security Platform goes well beyond traditional Network IPS with the addition of McAfee Global Threat Intelligence, support for virtual environments, and the ability to correlate across endpoint and network products.”
As enterprises consolidate data centers, adopt cloud-services, and virtualize critical infrastructure they need a way to unify security management across physical and virtual infrastructures. In partnership with Reflex Systems – a provider of virtualization management solutions – McAfee brings its threat detection and security management to virtual environments.
“Virtualization is becoming a standard part of every enterprise data center infrastructure – be it in-house or in the cloud – and organizations are recognizing that they must extend enterprise-class security and management into the virtual environment,” said Preston Futrell, President and CEO of Reflex Systems.
McAfee and Reflex Systems will offer integrated virtual and physical security and management that enables customers to holistically monitor and understand security issues, apply best practices, and provide comprehensive reporting for compliance purposes across the current and next-generation data center infrastructure.
Read More in SecurityWeek’s Cloud and Virtualization Security Section
