Your SlideShare is downloading. ×
Mcafee ips  nsp-2011
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Mcafee ips nsp-2011

1,344
views

Published on

Mcafeee IPS Network Se

Mcafeee IPS Network Se

Published in: Technology

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,344
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
75
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Global Network ProtectionMcAfee Network Intrusion PreventionLuluk KristiawanIT Security Consultant9-Nov-11 Confidential McAfee Internal Use Only
  • 2. Agenda►New Economy, New Challenges►Introducing the McAfee Network Security Platform►Protecting Every Angle2 2/16/11 Confidential McAfee Internal Use Only
  • 3. SECURITY CHALLENGE 2/16/11 Confidential McAfee Internal Use Only
  • 4. Protecting Enterprise Applications Attacks from Every Angle  Web, mail, media, and direct attack vectors. Botnets are public enemy #1.  Web 2.0 Risks  Hundreds of thousands of compromised websites & deliberate malware hosts  Productivity and Continuity  Rapid expansion of new vulnerabilities forcing IT Impact into more out-of-cycle patches  Growth & Scalability  10Gbps requirements becoming real; Appliance sprawl an ops issue  Global Security  “Swivel Chair Integration” inadequate for global Management deployments4 2/16/11 Confidential McAfee Internal Use Only
  • 5. Threat Trends Continue to Accelerate Hundreds of Application Vulnerabilities 2005 2006 2007 2008 2009 5000 DoS Targets/day 400,000 Web Malware Hosts5 2/16/11 Confidential McAfee Internal Use Only
  • 6. “PATCH and PRAY”install the patch and pray it works. 2/16/11 Confidential McAfee Internal Use Only
  • 7. Market PositioningMCAFEE IPS : NETWORKSECURITY PLATFORM 2/16/11 Confidential McAfee Internal Use Only
  • 8. NSP is the Industry’s Leading IPS“The M-8000 offers the highest accuracy and throughput of any product weve tested to date.” McAfee’s Network Security Manager (NSM) was simple to use and flexible, allowing for rapid deployment of devices with effective pre-defined policy choices. Tuning and maintenance is simple and well-thought out. No other vendor can show such sustained excellence in IPS! According to the 2010 NSS Group Summary Report: McAfee Confidential—Internal Use Only
  • 9. McAfee: Uniquely Qualified to Protect Your Network Validated 10G+ performance, 100% accuracy Network IPS Dedicated Security R&D Years of Award Winning 9 2/16/11 Confidential McAfee Internal Use Only
  • 10. The Advantages of ProductMCAFEE IPS : NETWORKSECURITY PLATFORM McAfee Confidential—Internal Use Only
  • 11. Introducing the Network Security PlatformMcAfee Global Threat Intelligence  Cutting-edge Network IPS  World’s most advanced threat Protocol & Network Application Behavior protection platform Behavior  Integration with world-class Security portfolio Evasion & Attacks and Obfuscation Exploit Content, Source, and Web Reputation11 2/16/11 Confidential McAfee Internal Use Only
  • 12. Benefits of the Network Security Platform Vulnerability-based Threat Protection  Best Zero-day vulnerability coverage  Best-in-class protection for all major application vulnerabilities: Adobe, Oracle, Cisco, Microsoft, etc. Best-in-class Protection: Bots to Datacenters  Best Denial of Service protections  Real-time web-borne malware protection  Built-in anti-phishing and P2P  SSL Decryption Architected for High Performance Networks  10G Certified  High density and high-availability M-Series Network  Class-leading virtual systems Security Platform Family support Lifecycle protection 12 2/16/11 Confidential McAfee Internal Use Only
  • 13. Scalability to Protect Your Global Network M-8000 10 Gbps M-6050 5 Gbps M-4050 3 Gbps M-3050 10GE Connectivity1.5 Gbps M-2750600 Mbps M-1450  Beyond 10 Gigabit performance200 Mbps  High-reliability and Scalability M-1250  Highest port-density available100 Mbps  Common Management Console SMB and Branch Office Enterprise Perimeter Enterprise, Data Center Enterprise Core, Service Providers Data Center Service Providers 13 2/16/11 Confidential McAfee Internal Use Only
  • 14. How McAfee Global Threat Intelligence Works Delivering the Most Comprehensive Intelligence in the Market Threat Intelligence Feeds Other feeds Endpoints Appliances Servers Firewalls & analysis McAfee Labs File Reputation Email Reputation Engine Engine Web Reputation Network Reputation Engine Engine Vulnerability InformationePO IPS Firewall Email Web AV AWL DLP Mobile McAfee Confidential—Internal Use Only
  • 15. Why McAfee is Best Positioned to Deliver GTI The Most Robust Telemetry Data in the Market • 2.5B Malware Reputation Queries/Month • 20B Email Reputation Queries/Month • 75B Web Reputation Queries/MonthQueries • 2B IP Reputation Queries/Month • 300M IPS Attacks/Month • 100M Ntwk Conn Rep Queries/Month • 100+ BILLION QUERIES • Malware: 40M Endpoints • Email: 30M NodesNodes • Web: 45M Endpoint and Gateway Users • Intrusions: 4M Nodes • 100+ MILLION NODES, 120 COUNTRIES 15 February McAfee Confidential—Internal Use Only 16, 2011
  • 16. World’s Most Advanced Denial of ServiceProtections Threshold-based Protection  Optimized and simplified to set and forget  Easy to set thresholds  ICMP, TCP SYN, UDP, IP fragments, and other settings Self-learning Profiles  Patented techniques to learn your network behavior and adapt  Self-learning for entire enterprises and target environments  Fully segmented on VIPS16 2/16/11 Confidential McAfee Internal Use Only
  • 17. Simplifying Threat ManagementIntegration with ePO to give real-time system visibility System-Aware IPS with ePO Host Data Simple right-click provides real- time details of Source or Destination IPs Provides hostname, user name, OS, patch level, MAC address, last scan date and other protection policies Top 10 Host Intrusion eventsSystem-Aware IPS Benefits Faster time-to-confidence Visibility Efficiency Relevance Leverages ePO investment 17 2/16/11 Confidential McAfee Internal Use Only
  • 18. Simplifying Risk ManagementIntegration with Vulnerability Manager gain real-time visibility into eventsReal-Time Risk-Aware IPSFeatures• Auto import of Vulnerability Manager scan reports• “Scan now” provides on-demand VM relevancy on a per-host(s) basis Real-Time Risk-Aware IPS Benefits• Improved focus on critical events• Automated, accurate relevance• Real-time update of vulnerability details for specific host(s)• Leverages Foundstone investment 18 2/16/11 Confidential McAfee Internal Use Only
  • 19. Optimized for Real Networks Simplified Network Integration  High Density Perimeter  Highest port density, 10GE support  WAN Edge  Low latency, bump in the wire  WAN Aggregation  High throughput across product models  Virtual systems per branch, internal network  Redundant pair, load sharing  Flexible 10/100/1000/10G and VLAN support Data-Center Ready  High Availability  10Gbps Certified performance  Flexible Fail Open/Closed modes  Up to 1000 Virtual Systems  Dual hot-swappable AC & DC power  10GE Connectivity  Purpose-built HW, no removable media Data Center Branch Site Enterprise Campus M-8000 M-1250 M-3050 19 2/16/11 Confidential McAfee Internal Use Only
  • 20. The ResultUnparalleledProtectionOperationalExcellenceLifecycle Protection McAfee M-Series Network IPS20 2/16/11 Confidential McAfee Internal Use Only