Home

About Us

Analyst Team

News & Events

Resources

Markets We Cover

Solutions & Tools

Who Can Benefit

What is Competitive Response

Custom Solutions

Competitive Intelligence Highlights

Select Coverage Area ▼

Consumer Portal
Consumer Services
Consumer Services U.S.
Consumer Services Europe
- Mobile Broadband Tracker Europe
- Smartphone Plan Tracker Europe
Consumer Devices
- CurrentTrack U.S. - Handsets
- Tablet Tracker U.S.
Business Network and IT Services
Data Center and Cloud Services
Mobility Services
Network Services
Security Services
IP Telephony and UC Services
Wholesale Services
- Global Network Tracker
Small Business Services U.S.

Business Technology and Software
Application Platforms
Collaboration Platforms
Data Center Technology
Enterprise Mobility Technology
Enterprise Networking
Enterprise Security
Unified Communications and Contact Center
Service Provider Infrastructure
Digital Media Infrastructure
Fixed Access Infrastructure
IP Services Infrastructure
Mobile Access Infrastructure
Transport and Routing Infrastructure
- Telecom Vendor Services Tracker
Mobile Ecosystem

Enterprise Security

Client access

Overview

Intelligence Report Summaries

Company Report Summaries

Product Report Summaries

Complimentary Competitive Intelligence

Business Technology
and Software

MARKET SEGMENTS

Application Platforms

Collaboration Platforms

Data Center Technology

Enterprise Mobility Technology

Enterprise Networking

Enterprise Security

Unified Communications
and Contact Center

Complimentary Competitive Intelligence
INTELLIGENCE HIGHLIGHTS
	Business Network and IT Services
	Business Technology and Software
	Consumer Services and Devices
	Service Provider Infrastructure
	Most recent >>
MORE COMPLIMENTARY COMPETITIVE INTELLIGENCE
	Complimentary Advisory Reports
	CurrentCast Podcasts
	Webinar Replays

McAfee Takes Arm’s Length Approach to IPS Support for Virtual Servers

| Apr 14, 2011 | Enterprise Security
| Analyst: Paula Musich

Event Summary

April 12, 2011 - McAfee further extended its Network Security Platform IPS beyond traditional signature-based intrusion prevention by exploiting reputation data gathered in its cloud-based Global Threat Intelligence and by adding the ability to capture and inspect network traffic between VMware-based virtual machines.

Quick Take

Analytical Summary

• Current Perspective: Positive on McAfee’s latest Network Security Platform software update with respect to the overall IPS market, because the integration with McAfee’s Global Threat Intelligence promises to improve the effectiveness and speed with which the IPS sensors can respond to new threats. That will make an already formidable IPS competitor more threatening to rivals. Moderate, however, in virtualization security circles, because McAfee is late compared to big rivals in securing inter-VM traffic, and it is taking an arm’s length approach by relying on Reflex Systems for a hypervisor-resident agent.

• Vendor Importance: Moderate to McAfee overall, because the GTI integration has been expected and in development for some time, and because it’s clear that McAfee is not convinced that there is sufficient enough demand for IPS security specific to virtual machines to warrant development of its own hypervisor-based agent. It relied instead on Reflex Systems, one of the few independent pure play virtualization security vendors left in the market. Still, for McAfee’s network security business unit, this is a fairly significant new IPS release.

• Market Impact: Moderate on the IPS market segment, because an already formidable competitor assured its continued success by continuing to move beyond traditional signature-based scanning to add more context with which to thwart new and more stealthy threats. At the same time, the VMware virtual server support allows the McAfee IPS to compete in the evolving data center against major rivals that have already been serving the needs of the virtualized data center.

CLIENTS ONLY

Competitive Strengths and Weaknesses

Response & Recommendations

Buyer Actions

| Client access - Full report in Enterprise Security | More information

Top

Follow Current Analysis

MCAFEE ENHANCES NETWORK SECURITY PLATFORM

Network Security Solution Extends Interoperability with Third Party Products and Supports Virtual Data Center Environments

Santa Clara, Calif. – April 12, 2011 – McAfee today announced enhancements to its Network Security Platform, reflecting its commitment to unparalleled threat protection, network performance and operational excellence. The latest release of McAfee Network Security Platform includes enhanced botnet control through reputation intelligence, virtual network inspection and a traffic analysis port for network monitoring, forensics and other advanced analysis engines. With this release, McAfee continues to move beyond traditional Network Intrusion Prevention Systems (IPS), by providing a greater level of network intelligence across both physical and virtual environments.

“Our customers need more than just signature-based IPS,” said Rees Johnson, senior vice president and general manager of network security at McAfee. “McAfee Network Security Platform goes well beyond traditional Network IPS with the addition of McAfee Global Threat Intelligence, support for virtual environments, and the ability to correlate across endpoint and network products.”

In the most recent Gartner Magic Quadrant for Network IPS1, Gartner states, “As vulnerability research has improved, the gap between vulnerability exploitation and IPS signatures to protect that vulnerability has closed. Future protection improvements of significance will come from bringing intelligence into the IPS from external sources instead – points the IPS does not normally have visibility within.”

Real-time, reputation-based intelligence through McAfee Global Threat Intelligence provides McAfee Network Security Platform users with additional context for enforcing network security policies, not to mention faster, more accurate threat detection.

The latest release of McAfee Network Security Platform includes:

• Enhanced botnet control: File and network connection reputation feeds from cloud-based McAfee Global Threat Intelligence allows Network Security Platform to perform in-line botnet prevention based on over 60 million malware samples and the reputation of hundreds of millions of network connections based on over two billion IP reputation queries each month. This external intelligence provides vital context for faster, more accurate detection and prevention.

• Traffic analysis port: Traffic redirect capabilities allow arbitrary network traffic to be subjected to additional inspection by McAfee and third party products, including data loss prevention, network forensics and advanced malware analysis tools.

• Virtual network inspection: Enables the Network Security Platform sensors to examine inter virtual machine traffic on virtual environments and provide attack detection for virtual data center environments. Network Security Platform can inspect traffic both within virtual environments and between virtual and physical environments, giving organizations the same level of visibility regardless of where the traffic flows.

As enterprises consolidate data centers, adopt cloud-services, and virtualize critical infrastructure they need a way to unify security management across physical and virtual infrastructures. In partnership with Reflex Systems – a leader in virtualization management solutions – McAfee brings its industry-leading threat detection and security management to virtual environments.

“Virtualization is becoming a standard part of every enterprise data center infrastructure - be it in-house or in the cloud - and organizations are recognizing that they must extend enterprise-class security and management into the virtual environment,” said Preston Futrell, President and CEO of Reflex Systems. “We are pleased to partner with McAfee to help customers seamlessly integrate virtualization security and management into their existing security infrastructure, systems and best-practices.”

Together, McAfee and Reflex Systems will offer integrated virtual and physical security and management that enables customers to holistically monitor and understand security issues, easily apply best practices, and provide comprehensive reporting for compliance purposes across the current and next generation data center infrastructure.

“When building out Savvis’ enterprise cloud offerings, it was imperative that we base our cloud architecture on a strong security foundation with the right tools to provide customers piece of mind as they begin leveraging new cloud technologies in the data center,” said Ken Owens, Savvis technical vice president for security and virtualization technologies. “Bringing together two best-of-breed solutions like Reflex and McAfee to meet the unique, dynamic security and management challenges in both the physical and virtual infrastructure will go a long way in helping accelerate the adoption of virtualization and cloud technology.”

For more information about McAfee Network Security visit http://www.mcafee.com/us/products/network-defense/index.aspx.

About McAfee McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), is the world's largest dedicated security technology company. McAfee delivers proactive and proven solutions and services that help secure systems, networks, and mobile devices around the world, allowing users to safely connect to the Internet, browse and shop the Web more securely. Backed by its unrivaled Global Threat Intelligence, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee is relentlessly focused on constantly finding new ways to keep our customers safe. http://www.mcafee.com

Source: McAfee