DAILY NEWS AND INFORMATION FOR THE GLOBAL GRID COMMUNITY /    ( Table of Contents )

Breaking News - Networking:

Network Associates Unveils Next-Generation Network, Host IPS

Network Associates Inc announced its next-generation host and network intrusion prevention (IPS) solution, that offers the industry's most comprehensive, accurate and scalable IPS solutions through the introduction of McAfee Entercept 5.0 and McAfee IntruShield 2.1. The new breakthrough capabilities deliver the industry's first encrypted threat protection by a network IPS, integration of firewall functionality in both McAfee IntruShield and McAfee Entercept products, as well as integrated host and network IPS event management.

Through the combination of McAfee Entercept and McAfee IntruShield solutions, Network Associates uniquely offers the industry's most comprehensive protection that proactively defends customer's servers, desktops, network core and edge from the threat of known, zero-day and encrypted attacks. The combined McAfee IPS solution has delivered zero-day protection against all recent outbreaks, an accomplishment unmatched by any other security solution provider in the industry.

"The rapid propagation of worms and viruses seen over the last six months has caused widespread network outages and financial damage to corporations, which has prompted investments in technologies to combat these threats. As enterprises evaluate their IT budgets, they should be looking at technologies that block and prevent intrusions," said Richard Stiennon, vice president of research at Gartner Inc. "Products that combine network and host intrusion prevention and firewall capabilities contribute to a more-secure enterprise."

Next-Generation Network IPS

With the release of McAfee IntruShield 2.1, Network Associates redefines network IPS technology through the introduction of network-based encrypted threat protection and internal firewall integration. These breakthrough features underscore the company's proven technology leadership in anticipating customer needs and delivering leading-edge IPS solutions through innovation, integration and advanced intrusion prevention. Among the features included in the release of McAfee IntruShield 2.1:

• Encrypted Attack Detection and Prevention -- McAfee IntruShield is the first and only network IPS to protect against both clear-text and encrypted attacks. McAfee IntruShield pioneers technology for the decryption and inspection of SSL encrypted traffic, while maintaining the integrity of the encrypted data and encryption keys. Broad signature, anomaly and DoS analysis for both clear-text and encrypted traffic occurs in real time, without service degradation.
• Internal Firewall -- McAfee IntruShield is the industry's first network IPS to deliver internal firewall protection that extends perimeter-grade protection internal to the network. The internal firewall enables security professionals to enforce granular and powerful security policies throughout internal networks such as blocking unwanted or P2P traffic.
• Virtual Firewall - The McAfee IntruShield solution's unique virtualization capabilities now extend to internal firewall functionality as well. The combination of the McAfee IntruShield virtual IPS and virtual internal firewall functionality enables security administrators to uniquely implement "Virtual Perimeter" security. The Virtual Perimeter provides an added layer of protection against attacks that penetrate a perimeter firewall or against attacks that originate internally, and can deliver unprecedented granularity of security policy enforcement with unique policies for an internal LAN segments, a collections of hosts or even individual hosts.
• Host IPS Event Integration -- The McAfee IntruShield Manager integrates host and network IPS event management with a centralized and unified management console for both McAfee IntruShield and McAfee Entercept solutions. Security professionals will have an easy-to-understand, consolidated system-wide view of all security events occurring on both their network and their hosts, enabling them to respond to events faster and better utilizing existing security resources.

"The US Army Reserves maintains a highly secure network environment and the McAfee IntruShield IPS solution is a part of our proactive network security strategy," said Chris Schueler, director of security operations for the US Army Reserves. "We are currently evaluating the IntruShield 2.1 release, with specific interest in the encrypted threat protection and internal firewall capabilities the new technology offers. These features will help provide a more layered security model fortifying the network security defenses of the Army Reserves."

Next-Generation Host IPS

The announcement of the McAfee Entercept 5.0 software introduces the most advanced host intrusion prevention available for enterprise customers, offering the highest levels of zero-day attack protection with the ability to scale across the enterprise. Additionally, the technology offers a unique and powerful blend of signature, behavioral and patented innovative buffer overflow protection to defend against zero-day attacks, which dramatically reduces the urgency of software patch deployments. Key features of McAfee Entercept 5.0 include:

• Firewall Integration -- Integration of key system firewall capabilities enables McAfee Entercept to deliver an added layer of protection between the system and the network or Internet, with fine-grained control to block malicious or unauthorized activities. Integration of firewall functionality enables security administrators to now enforce security policies in addition to protecting systems against known, as well as zero-day attacks.
• Expanded Attack Signatures -- Building on Entercept and its unique and powerful blend of signature and behavioral protection, Entercept 5.0 adds specific signatures that add additional protection hosts against known threats, no matter where the host may travel, inside or outside the network. Entercept Attack Signatures ensure seamless, uninterrupted operation, while alerting to the specific named attack on the host system.
• Enterprise Scalability -- The introduction of McAfee Entercept 5.0 extends the company's lead in providing solutions that meet the needs of the largest enterprises. Optional integration with McAfee ePO in third quarter will enable Entercept agents to be deployed to hundreds of thousands of desktops and servers.
• Extended Management Capabilities -- With the addition of an "At-a-Glance" dashboard to the McAfee Entercept console, users have enterprise-wide visibility into critical aspects of a company's security status, including Agent Deployment status, Most Frequently Attacked Machines and Most Observed Attacks. New functionality also lets users aggregate and screen multiple alerts from the same event type to streamline forensic analysis and management. By simplifying the viewing of security events, it is now easier for security professionals to resolve security events faster, while ensuring optimal security at the server and desktop.
• Audit Trail -- McAfee 5.0 allows an administrator to view a list of all changes done to the security configurations of each system, and shows the name, type, user, action, time and a description of the activity. By providing the ability to view data in an easy-to-understand format, administrators have visibility into changes made over a specific period of time, helping to ensure enforcement of security policies and regulatory requirements.

"As threats continue to proliferate both in the number and speed of attack, implementing a comprehensive, multi-layered IPS solution is critical for today's business environment. Network Associates is the only company to offer a combined solution that protects our customers from the desktop and server level all the way to the core of the network and WAN edge in a single integrated solution," said Parveen Jain, executive vice president of marketing and strategy at Network Associates. "As we continue to push the envelope and define next-generation security for our customers, our breadth of expertise and best-in-class technology significantly reinforces our technology and market leadership position in the IPS market."

With the McAfee Protection-in-Depth strategy, businesses and governments have access to comprehensive, highly accurate and scalable IPS solutions that ensure system and network integrity. By deploying a layered host and network defense platform, enterprises and service providers alike have the ability to protect critical assets and assure business continuity from complex, hybrid threats and zero-day attacks. And, through this combined approach, the McAfee IPS solutions deliver lower total cost of ownership by reducing the number of separate technologies and tools required to secure and manage an organizations business environment.

Network Associates continues to innovate on leading-edge system and network security solutions and deliver the most comprehensive IPS products that protect companies from the desktop to the edge of the network.