Security specialist McAfee announced enhancements to its Network
Security Platform, including enhanced botnet control through reputation
intelligence, virtual network inspection and a traffic analysis port
for network monitoring, forensics and other advanced analysis engines.
In addition, real-time, reputation-based intelligence through McAfee
Global Threat Intelligence provides Network Security Platform users
with additional context for enforcing network security policies.
The latest release of Network Security Platform includes enhanced
botnet control, where file and network connection reputation feeds from
cloud-based Global Threat Intelligence allows the Network Security
Platform to perform in-line botnet prevention based on over 60 million
malware samples and the reputation of hundreds of millions of network
connections based on over two billion IP reputation queries each month.
This external intelligence is designed to provide vital context for
faster, more accurate detection and prevention.
Traffic redirect capabilities allow arbitrary network traffic to be
subjected to additional inspection by McAfee and third party products,
including data loss prevention, network forensics and advanced malware
analysis tools, while virtual network inspection enables the Network
Security Platform sensors to examine inter-virtual machine traffic on
virtual environments and provide attack detection for virtual data
center environments. Network Security Platform can inspect traffic both
within virtual environments and between virtual and physical
environments.
“Our customers need more than just signature-based IPS,” said Rees
Johnson, senior vice president and general manager of network security
for McAfee. “McAfee Network Security Platform goes well beyond
traditional Network IPS with the addition of McAfee Global Threat
Intelligence, support for virtual environments, and the ability to
correlate across endpoint and network products.”
In the most recent Gartner Magic Quadrant for Network IPS1, the
research firm stated as vulnerability research has improved, the gap
between vulnerability exploitation and IPS signatures to protect that
vulnerability has closed, and future protection improvements of
significance will come from bringing intelligence into the IPS from
external sources instead – points the IPS does not normally have
visibility within.
“When building out Savvis’ enterprise cloud offerings, it was
imperative that we base our cloud architecture on a strong security
foundation with the right tools to provide customers peace of mind as
they begin leveraging new cloud technologies in the data center,” said
Ken Owens, Savvis, technical vice president for security and
virtualization technologies. “Bringing together two best-of-breed
solutions like Reflex and McAfee to meet the unique, dynamic security
and management challenges in both the physical and virtual
infrastructure will go a long way in helping accelerate the adoption of
virtualization and cloud technology.”