Embed Size (px)
Citation preview
Data Sheet
Key Advantages
Enterprise-wide coverageA single industry-proven device •
provides comprehensive, proactive network and system security
More visibility and enforcement through integration
Integrates with McAfee Vulnerability •
Manager and ePO to give you on-demand visibility to critical host details, threats and risk relevance
Fast, accurate decisionsImprove time-to-protection and •
time-to-confidence with real-time security that’s not just automated, but actionable
Reliable, network-class platforms; next-generation network protection
Performance from 100 Mbps to •
beyond 10 GbpsHighest port density•
Operational efficiencyCollaboration between McAfee •
network, system, risk, and management products saves time and IT resources
Ease of DeploymentUsing the NSM appliance and built-in •
installation wizards, installing the NSP takes a few minutes. The ports on the appliance are configured as in-line by default with a well tuned default policy applied that is ready to block critical threats.
Comprehensive support for encapsulation
IPv6 •
MPLS•
GRE•
Q-in-Q Double•
High availabilityLayer 2 Fail-open•
Hardware Fail-open•
Fail-over•
Reliable Protection for Every Networked DeviceHowintelligentisyournetworksecurity?Traditionalintrusionpreventionsystems(IPS)arepointsolutionsfraughtwithfalsepositivesandoverwhelmingalertlogs.Theirlackofcoordinationmeansvaluablehoursarelosttoredundantmanagementprocesses.ManyPC-basedsolutionsdon’tscaleunderattack,andfewofferthecontroltomitigatepatchpressures.
That’swhymorethan4,500ofthemostdemandingenterprisesandserviceprovidershaveselectedMcAfeeNetworkSecurityPlatformtoprotecttheirnetworksandnetwork-connecteddevices.
Integrated Network and System SecurityMcAfeeNetworkSecurityPlatformistheperfectfitforenterprisesthatneedreal-timesecurityconfidencewithmulti-gigabitperformanceandintegrated,enterprise-widenetworkandsystemsecurity.NetworkSecurityPlatform’sknowledge-drivensecurityempowersyoutoautomaticallymanageriskandmeetcompliance—whileenhancingoperationalefficiencyandreducingITeffort.
NetworkSecurityPlatformcollaborateswithMcAfeeVulnerabilityManager(formerlyMcAfeeFoundstone®)McAfeeePolicyOrchestrator®(ePO™),HostIntrusionPrevention,andisakey
componentofMcAfee’sNACsolution,UnifiedSecureAccess,givingyoumoreofthethingsthatmattertoyourbusiness—protection,visibility,efficiency,enforcement,andvalue.
Absolute Security ConfidenceNetworkSecurityPlatformprotectsallnetwork-connecteddeviceswithacombinationofIPSandinternalfirewallthatoverlapsandintegratesprotectionandextendsfirewalldefensestotheinternalnetwork.Wecorrelatesignatures,anomalies,denialofservice(DoS)anddistributeddenialofservice(DDoS)informationtoaccuratelyblockattacksbeforetheyreachtheirintendedtargets.Dynamicthreatandvulnerabilityupdatesensurecontinuousprotection.
Network-class Platform with Multi-gigabit PerformanceTheNetworkSecurityPlatformportfolioofpurpose-builtappliancesdeliverscost-effective,high-performancereliabilityforlocationsfrombranchofficestothenetworkcore.NetworkSecurityPlatformissimpletosetupandeasytouse.Policytemplatescanbesetupinamatterofminutesandefficientlymanagedandupdatedthroughacentralized,browser-basedconsole.
McAfee Network Security Platform The industry’s most advanced and proven intrusion prevention solution
Fastertimetoprotection.Fastertimetoresolution.Fastertimetoconfidence.McAfee®NetworkSecurityPlatform(formerlyMcAfeeIntruShield®)deliversknowledge-drivensecuritythat’sintegrated,automated,andactionable.OnlyNetworkSecurityPlatformcombinesnetworkandsystemsecurityinfrastructureforproactiveenterprise-wideprotection.Installitandstartblockingthreatsrightaway.Onceathreatisblocked,youhavewidevisibilitytoinvestigatetheissuequicklyandthoroughly.Manageriskandenforcecompliance—withlesseffort.Ourintelligentsecurityandreliablenetwork-classplatformsgiveyouabsoluteconfidenceinyoursecurity.
Network Security Platform
Real-time business protectionPrevent attacks while reducing •
costs and downtimeProtect your data and infrastructure•
Meet compliance initiatives •
Protect your systemsProactive protection for •
unpatched systemsProactive protection for •
zero-day attacksSystem-aware IPS with McAfee •
ePO integrationHost IPS/virus/spyware event visibility•
Protect your networkNext-generation 10 Gigabit •
EthernetIPv6 protection•
Adaptive rate limiting•
Comprehensive infrastructure •
protection
Regulatory and policy complianceReal-time vulnerability awareness •
and compliance reportingRisk-aware IPS with McAfee •
Vulnerability Manager integrationBehavior-driven host quarantine•
Enforce internal and regulatory •
policy
NetworkSecurityPlatform’senviablequalityandperformanceexceedcarrier-classstandardsandmakeittheonlyIPStoholdtheNSSGroup’sMulti-GigabitIPScertification.Andyougetcarrier-classreliabilitywiththeM-Series,offeringbeyond10Gbpsperformancewiththehighestportdensityonthemarket.
Mitigate Patch Anxieties and Enforce Your PoliciesYouareincontrol.WithNetworkSecurityPlatform,youinsulatesystemsfromriskwhileyouvalidateanddeploypatches.Youcancontroltrafficandapplyuniquepoliciesandprotectionstoanetworksegment,acollectionofhosts,orevenasinglesystem.It’sflexible,too,sothatyoucandeploypatcheswhenyouarereadyandsetuppolicyenforcementtomeetyourorganization’sneeds.
AddtheoptionalNACAdd-onsoftwareandturnyourIPSintoaNACdevicethatoffersbothpre-andpost-admissioncontrol,identitybased-accesscontrol,alongwithhostquarantineandenforceableaccesspolicies.
Industry-proven Network Security DeviceSurroundyourenterprisewithprovenMcAfeesecurity,backedby24/7researchatMcAfeeAvert®Labs.Scaleupyourprotectionstocarrier-classperformancewithoneintegratednetworksecuritysolution.
Accurate, Enterprise-wide Threat Prevention Protectyourenterprisefromknown,zero-day,•
DoS,DDoS,SYNflood,andencryptedattacks,andthreatslikespyware,VoiceoverIP(VoIP)vulnerabilities,botnets,malware,worms,Trojans,phishing,andpeer-to-peertunnelingImproveaccuracythroughuseofmultiple•
advanceddetectionmethods,includingsignature,application,andprotocolanomaly;shell-codedetectionalgorithms;andnext-generationDoSandDDoSpreventionParseover100protocolsandreviewover3,000•
high-quality,multi-token,multi-triggersignatureswithstatefultrafficinspectionGetproactiveblockingforhundredsofattacks•
straightoutoftheboxwithpre-configuredRecommendedforBlockingpoliciesReceivecontinuousthreatupdates24/7from•
theglobalresearchteamatMcAfeeAvertLabs
McAfee ePolicy Orchestrator (ePO) IntegrationGetreal-timevisibilityofactionablesystem•
hostdetails,includinghostname,username,OS,patchlevel,MACaddress,lastscandate,protectiondetails,andthetophostIPS,anti-virus,andanti-spywareeventsSynthesizeandfilterdatafrommultipletools•
tocreatecustomreports
Real-time Risk-aware Network Security PlatformIntegrationwithMcAfeeVulnerabilityManager•
providesauto-importofmultiplevulnerabilitydatapointsandregularoron-demandscanstoaccuratelydeterminethreatrelevance
Adaptive Rate Limiting NetworkSecurityPlatformusesreal-time,•
protocol-basedratelimitingtoapplyapplication,protocoltype,andport-basedbandwidthcontrolsandimprovequalityofservicePrioritizebusiness-criticaltrafficandblock•
unwantedandriskyapplications
Certification by NSS GroupNetworkSecurityPlatformistheonlynetwork•
IPSsolutionthathasreceivedtheNSSGroup’sMulti-GigabitIPScertification
Proven Manageability and AvailabilitySimple,centralized,web-basedmanagementofNetworkSecurityPlatformappliancesandpoliciesincludes:
Fourteenready-to-use,predefinedIPS•
securitypolicyruletemplatesIntegrateduserauthenticationsupportto•
externaldatabases,includingRadius,LDAP,andTACACSMcAfeeNetworkSecurityManager(formerly•
McAfeeIntruShieldSecurityManager)offersalways-onmanagement,automatedfailoverandfail-back,anddisasterrecoveryofcriticalconfigurationdataNetworkSecurityManagersoftwareisprovided•
atnocostformanaginguptotwoNetworkSecurityPlatformappliancesNetworkSecurityCentralManager(formerly•
McAfeeIntruShieldCommandCenter)provideshierarchicalmanagementforcentralizedcontrolofpolicyviewing,modification,anddistributiontosupportlargeorgeographicallydispersedsensordeploymentsHigh-availabilityconfigurationallowstransparent,•
Layer7,statefulfailover,avoidingasinglepointoffailure
Data Sheet McAfee Network Security Platform
Network Security Platform Specifications
10 Gigabit Ethernet Connectivity
Sensor Hardware Components
M-8000 M-6050 M-4050 M-3050 I-4010 I-4000
I-3000 I-2700 I-1400 I-1200
Network location Core Core Core Core Core Core Perimeter Branchoffice/perimeter
Branchoffice
Performance throughput Upto10Gbps Upto5Gbps Upto3Gbps Upto1.5Gbps Upto2Gbps Upto1Gbps Upto600Mbps Upto200Mbps Upto100Mbps
Maximumconcurrentconnections 4,000,000 2,000,000 1,500,000 750,000 1,000,000 500,000 250,000 80,000 40,000
Ports
GigabitEthernetdetectionports 16 8 8 8 12/4 12 2 — —
10GigabitEthernet 12 8 4 4 — — — — —
FastEthernet(FE)detectionports — — — — — — 6 4 2
Dedicatedresponseports 1GigE 1GigE 1GigE 1GigE 2FE 2FE 3FE 1FE 1FE
Dedicatedmanagementports 1GigE 1GigE 1GigE 1GigE 1FE 1FE 1FE 1FE 1FE
Externalfail-opencontrolports 14 8 6 6 6/2 6 1 — —
Consoleandauxports Yes Yes Yes Yes Yes Yes Yes Yes Yes
Built-innetworktaps No No No No No No Yes(forFEports) Yes Yes
Fail-open Optional Optional Optional Optional Optional Optional Yes(forFEports) Yes Yes
Fail-close Yes Yes Yes Yes Yes Yes Yes Yes Yes
Mode of operation
Spanportmonitoring Yes Yes Yes Yes Yes Yes Yes Yes Yes
Tapmode Optional Optional Optional Optional Optional Optional Yes(forFEports) Yes Yes
In-linemode Yes Yes Yes Yes Yes Yes Yes Yes Yes
Portclustering Yes Yes Yes Yes Yes Yes Yes Yes Yes
10Gbps-plussolution Yes Yes — — — — — — —
No.ofvirtualIPSsystems 1,000 1,000 1,000 1,000 1,000 1,000 100 32 16
Trafficmonitoringonactive-activelinks
Yes Yes Yes Yes Yes Yes Yes Yes Yes
Trafficmonitoringonactive-passivelinks
Yes Yes Yes Yes Yes Yes Yes Yes Yes
Monitoringofasymmetrictrafficrouting
Yes Yes Yes Yes Yes Yes Yes Yes Yes
High availability
Redundantpower Yes(optional) Yes(optional) Yes(optional) Yes(optional) Yes(optional) Yes(optional) Yes(optional) No No
Devicefailuredetection Yes Yes Yes Yes Yes Yes Yes Yes Yes
Linkfailuredetection Yes Yes Yes Yes Yes Yes Yes Yes Yes
Physical
Dimensions 2x2RURackmountable
16.75(W)x3.05(H)x30.00(D)each
2RURackmountable
16.75(W)x3.05(H)x30.00(D)
2RURackmountable
16.75(W)x3.05(H)x30.00(D)
2RURackmountable
16.75(W)x3.05(H)x30.00(D)
2RURackmountable
17.44(W)x3.44(H)x23.00(D)
2RURackmountable
17.44(W)x3.44(H)x23.00(D)
2RURackmountable
17.44(W)x3.44(H)x23.00(D)
1RURackmountable
17.32(W)x1.65(H)x10.5(D)
1RURackmountable
17.32(W)x1.65(H)x10.5(D)
Weight 94lbs.(2x47) 47lbs. 47lbs. 47lbs. 47lbs. 47lbs. 47lbs. 17lbs. 15lbs.
Power 100–240VAC(50/60Hz)
Powerconsumption 900w(2x450w) 450w 350w 350w 350w 350w 250w 100w 100w
Temperature 0°to35°C(operating)–40°to70°C(non-operating)
0°to40°C(operating)–40°to70°C(non-operating)
Relativehumidity(non-condensing)
Operational:10percentto90percentNon-operational:5percentto95percent
Altitude 0to10,000feet
Safetycertification UL1950,CSA-C22.2No.950,EN-60950,IEC950,EN60825,IEC60825,21CFR1040CBlicenseandreportcoveringallnationalcountrydeviations.
EMIcertification FCCPart15,ClassA(CFR47)(USA)ICES-003ClassA(Canada),EN55022ClassA(Europe),CISPR22ClassA(Int’l)
Data Sheet McAfee Network Security Platform
McAfee and/or additional marks herein are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners. © 2009 McAfee, Inc. All rights reserved. 5362ds_nts_nsp_sensor_0109
McAfee, Inc. 3965 Freedom Circle Santa Clara, CA 95054 888 847 8766 www.mcafee.com
Data Sheet McAfee Network Security Platform
Sensor Software Components M-8000 M-6050 M-4050 M-3050 I-4000/ I-4010
I-3000 I-2700 I-1400 I-1200
Stateful traffic inspection IPdefragmentationandTCPstreamreassembly
Yes Yes Yes Yes Yes Yes Yes Yes Yes
Detailedprotocolanalysis Yes Yes Yes Yes Yes Yes Yes Yes Yes
Asymmetrictrafficmonitoring Yes Yes Yes Yes Yes Yes Yes Yes Yes
Protocolnormalization Yes Yes Yes Yes Yes Yes Yes Yes Yes
Advancedevasionprotection Yes Yes Yes Yes Yes Yes Yes Yes Yes
Forensicdatacollection Yes Yes Yes Yes Yes Yes Yes Yes Yes
Protocoltunneling Yes Yes Yes Yes Yes Yes Yes Yes Yes
Protocoldiscovery Yes Yes Yes Yes Yes Yes Yes Yes Yes
StackedVLAN Yes Yes Yes Yes Yes Yes Yes Yes Yes
Signature detection User-definedsignatures Yes Yes Yes Yes Yes Yes Yes Yes Yes
Real-timesignatureupdates Yes Yes Yes Yes Yes Yes Yes Yes Yes
Anomaly detection Statisticalanomaly Yes Yes Yes Yes Yes Yes Yes Yes Yes
Protocolanomaly Yes Yes Yes Yes Yes Yes Yes Yes Yes
Applicationanomaly Yes Yes Yes Yes Yes Yes Yes Yes Yes
DoS detection Threshold-baseddetection Yes Yes Yes Yes Yes Yes Yes Yes Yes
Self-learningprofile-baseddetection Yes Yes Yes Yes Yes Yes Yes Yes Yes
MaximumDoSprofiles 5,000 5,000 5,000 5,000 5,000 5,000 300 120 100
Intrusion prevention Stopattacksinprogressinrealtime Yes Yes Yes Yes Yes Yes Yes Yes Yes
Dropattackpackets/sessions Yes Yes Yes Yes Yes Yes Yes Yes Yes
Hostquarantine Yes Yes Yes Yes Yes Yes Yes Yes Yes
InitiateTCPreset,ICMPunreachable Yes Yes Yes Yes Yes Yes Yes Yes Yes
Packetlogging Yes Yes Yes Yes Yes Yes Yes Yes Yes
Automatedanduser-initiatedprevention
Yes Yes Yes Yes Yes Yes Yes Yes Yes
Encrypted attack protection Stopsencryptedattacksinrealtime No No No No Yes Yes Yes No No
Internal firewall Blocksunwantedandnuisancetraffic Yes Yes Yes Yes Yes Yes Yes Yes Yes
Granularsecuritypolicyenforcement Yes Yes Yes Yes Yes Yes Yes Yes Yes
High availability Statefulfailover Yes Yes Yes Yes Yes Yes Yes(forFEports)
Yes Yes
Management Commandlineinterface(console) Yes Yes Yes Yes Yes Yes Yes Yes Yes
Managercommunication Securechannel
Securechannel
Securechannel
Securechannel
Sameforallmodels
Sameforallmodels
Sameforallmodels
Sameforallmodels
Sameforallmodels
