Mcafee ips nsp-2011


Published on

Mcafeee IPS Network Se

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Mcafee ips nsp-2011

  1. 1. Global Network ProtectionMcAfee Network Intrusion PreventionLuluk KristiawanIT Security Consultant9-Nov-11 Confidential McAfee Internal Use Only
  2. 2. Agenda►New Economy, New Challenges►Introducing the McAfee Network Security Platform►Protecting Every Angle2 2/16/11 Confidential McAfee Internal Use Only
  3. 3. SECURITY CHALLENGE 2/16/11 Confidential McAfee Internal Use Only
  4. 4. Protecting Enterprise Applications Attacks from Every Angle  Web, mail, media, and direct attack vectors. Botnets are public enemy #1.  Web 2.0 Risks  Hundreds of thousands of compromised websites & deliberate malware hosts  Productivity and Continuity  Rapid expansion of new vulnerabilities forcing IT Impact into more out-of-cycle patches  Growth & Scalability  10Gbps requirements becoming real; Appliance sprawl an ops issue  Global Security  “Swivel Chair Integration” inadequate for global Management deployments4 2/16/11 Confidential McAfee Internal Use Only
  5. 5. Threat Trends Continue to Accelerate Hundreds of Application Vulnerabilities 2005 2006 2007 2008 2009 5000 DoS Targets/day 400,000 Web Malware Hosts5 2/16/11 Confidential McAfee Internal Use Only
  6. 6. “PATCH and PRAY”install the patch and pray it works. 2/16/11 Confidential McAfee Internal Use Only
  7. 7. Market PositioningMCAFEE IPS : NETWORKSECURITY PLATFORM 2/16/11 Confidential McAfee Internal Use Only
  8. 8. NSP is the Industry’s Leading IPS“The M-8000 offers the highest accuracy and throughput of any product weve tested to date.” McAfee’s Network Security Manager (NSM) was simple to use and flexible, allowing for rapid deployment of devices with effective pre-defined policy choices. Tuning and maintenance is simple and well-thought out. No other vendor can show such sustained excellence in IPS! According to the 2010 NSS Group Summary Report: McAfee Confidential—Internal Use Only
  9. 9. McAfee: Uniquely Qualified to Protect Your Network Validated 10G+ performance, 100% accuracy Network IPS Dedicated Security R&D Years of Award Winning 9 2/16/11 Confidential McAfee Internal Use Only
  10. 10. The Advantages of ProductMCAFEE IPS : NETWORKSECURITY PLATFORM McAfee Confidential—Internal Use Only
  11. 11. Introducing the Network Security PlatformMcAfee Global Threat Intelligence  Cutting-edge Network IPS  World’s most advanced threat Protocol & Network Application Behavior protection platform Behavior  Integration with world-class Security portfolio Evasion & Attacks and Obfuscation Exploit Content, Source, and Web Reputation11 2/16/11 Confidential McAfee Internal Use Only
  12. 12. Benefits of the Network Security Platform Vulnerability-based Threat Protection  Best Zero-day vulnerability coverage  Best-in-class protection for all major application vulnerabilities: Adobe, Oracle, Cisco, Microsoft, etc. Best-in-class Protection: Bots to Datacenters  Best Denial of Service protections  Real-time web-borne malware protection  Built-in anti-phishing and P2P  SSL Decryption Architected for High Performance Networks  10G Certified  High density and high-availability M-Series Network  Class-leading virtual systems Security Platform Family support Lifecycle protection 12 2/16/11 Confidential McAfee Internal Use Only
  13. 13. Scalability to Protect Your Global Network M-8000 10 Gbps M-6050 5 Gbps M-4050 3 Gbps M-3050 10GE Connectivity1.5 Gbps M-2750600 Mbps M-1450  Beyond 10 Gigabit performance200 Mbps  High-reliability and Scalability M-1250  Highest port-density available100 Mbps  Common Management Console SMB and Branch Office Enterprise Perimeter Enterprise, Data Center Enterprise Core, Service Providers Data Center Service Providers 13 2/16/11 Confidential McAfee Internal Use Only
  14. 14. How McAfee Global Threat Intelligence Works Delivering the Most Comprehensive Intelligence in the Market Threat Intelligence Feeds Other feeds Endpoints Appliances Servers Firewalls & analysis McAfee Labs File Reputation Email Reputation Engine Engine Web Reputation Network Reputation Engine Engine Vulnerability InformationePO IPS Firewall Email Web AV AWL DLP Mobile McAfee Confidential—Internal Use Only
  15. 15. Why McAfee is Best Positioned to Deliver GTI The Most Robust Telemetry Data in the Market • 2.5B Malware Reputation Queries/Month • 20B Email Reputation Queries/Month • 75B Web Reputation Queries/MonthQueries • 2B IP Reputation Queries/Month • 300M IPS Attacks/Month • 100M Ntwk Conn Rep Queries/Month • 100+ BILLION QUERIES • Malware: 40M Endpoints • Email: 30M NodesNodes • Web: 45M Endpoint and Gateway Users • Intrusions: 4M Nodes • 100+ MILLION NODES, 120 COUNTRIES 15 February McAfee Confidential—Internal Use Only 16, 2011
  16. 16. World’s Most Advanced Denial of ServiceProtections Threshold-based Protection  Optimized and simplified to set and forget  Easy to set thresholds  ICMP, TCP SYN, UDP, IP fragments, and other settings Self-learning Profiles  Patented techniques to learn your network behavior and adapt  Self-learning for entire enterprises and target environments  Fully segmented on VIPS16 2/16/11 Confidential McAfee Internal Use Only
  17. 17. Simplifying Threat ManagementIntegration with ePO to give real-time system visibility System-Aware IPS with ePO Host Data Simple right-click provides real- time details of Source or Destination IPs Provides hostname, user name, OS, patch level, MAC address, last scan date and other protection policies Top 10 Host Intrusion eventsSystem-Aware IPS Benefits Faster time-to-confidence Visibility Efficiency Relevance Leverages ePO investment 17 2/16/11 Confidential McAfee Internal Use Only
  18. 18. Simplifying Risk ManagementIntegration with Vulnerability Manager gain real-time visibility into eventsReal-Time Risk-Aware IPSFeatures• Auto import of Vulnerability Manager scan reports• “Scan now” provides on-demand VM relevancy on a per-host(s) basis Real-Time Risk-Aware IPS Benefits• Improved focus on critical events• Automated, accurate relevance• Real-time update of vulnerability details for specific host(s)• Leverages Foundstone investment 18 2/16/11 Confidential McAfee Internal Use Only
  19. 19. Optimized for Real Networks Simplified Network Integration  High Density Perimeter  Highest port density, 10GE support  WAN Edge  Low latency, bump in the wire  WAN Aggregation  High throughput across product models  Virtual systems per branch, internal network  Redundant pair, load sharing  Flexible 10/100/1000/10G and VLAN support Data-Center Ready  High Availability  10Gbps Certified performance  Flexible Fail Open/Closed modes  Up to 1000 Virtual Systems  Dual hot-swappable AC & DC power  10GE Connectivity  Purpose-built HW, no removable media Data Center Branch Site Enterprise Campus M-8000 M-1250 M-3050 19 2/16/11 Confidential McAfee Internal Use Only
  20. 20. The ResultUnparalleledProtectionOperationalExcellenceLifecycle Protection McAfee M-Series Network IPS20 2/16/11 Confidential McAfee Internal Use Only
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.