Judges: Tim Wilson (Dark Reading), Andrew Braunberg (Current Analysis)
Intrusion prevention systems (IPS) are at a crossroads. In most cases, these products are built around older technology that is signature-based, slow to process, and data-center focused. Our winner in the Best of Interop Security category is rolling out a next-generation IPS that addresses all of these limitations.
The McAfee Network Security Platform XC Cluster operates at 80 Gbps, which is much faster--by one estimate, two to four times faster--than existing IPS options. It also offers granular multi-tenancy options that are purpose-built for cloud and service provider environments. It offers up to 1,000 virtual IPS policies per appliance, with granular policy control in each, making it capable of operating in even the largest provider environments.
The NSP XC Cluster supports a huge database of known attacks, including hundreds of signatures specific to mobile threats, but it also can detect and alert users on zero-day threats and previously unseen exploits. It offers correlated threat alerts with mobile numbers, and it can email mobile users to alert them of potential threats on their phones.
The product also offers security capabilities for cloud and virtual environments. For example, its IntegrationVMware vShield APIs offer native inspection of virtual environments, regardless of whether the environment is a public or private cloud.
Unlike older IPS technology that relies solely on signatures, McAfee is extending its IPS capabilities with new Network Threat Behavior Analysis capabilities that help identify potential threats that might not have been seen before. The new product also leverages network flow data, including layer 7 information to give context to IPS threats. --Tim Wilson