Wednesday, April 4, 2012

A Firewall is not an IPS – Even if it is Next Generation

At my core, I’m a technologist.  So, sometimes when I hear certain marketing buzz words, I cringe.  But there is one term that Gartner analysts have coined that actually makes sense in a world of technology that is changing so quickly and profoundly that simple version numbers cannot capture the advancements.  The term is “Next Generation.”  But, while Gartner has very defined criteria for what can be called next gen, the industry may be using it in a way that’s confusing to consumers.

In my experience, there is a misperception between what’s next gen and what’s actually advanced and different technology, and this becomes evident in my conversations with CTOs and IT professionals.  I often hear them justify that their business doesn’t need a network IPS because they have a Next Generation Firewall (NGFW).  This is where marketing can sometimes negatively influence business decisions and ultimately jeopardize business security.

It’s important that technology officers and influencers understand that McAfee solutions truly fit the Gartner definition, which is “the necessary evolution of network IPS to deal with changes in network communications and applications, and changes in the threat landscape. At a minimum, a next-gen IPS will have standard first-generation IPS capabilities plus application awareness, context awareness, content awareness especially providing full stack inspection. 1”

At McAfee, it’s not a marketing shell game.  The McAfee Network Security Platform v7 truly has next-generation network IPS at the core.  With protocol-based inspection, it provides leading protection against advanced malware, zero-day attacks, DDoS attacks, and botnets. The latest release includes new DoS, DDoS prevention capabilities and dozens of new botnet heuristics to more accurately and confidently identify misbehaving systems.

We take great pride in delivering the best network IPS in the market. Our network IPS is built by an army of the best engineers on the planet creating a solution designed to protect your organization against a variety of threats, and a Global Threat Intelligence team with over 500 researchers responsible for creating proactive counter-measures against the latest threats.  It is that precise level of research and deep understanding of the workings of the “underground” that allow us to provide our customers with real-time solutions to protect their people, assets and reputation.  In fact, in the latest NSS report, McAfee had the most effective solution out of the box.

What is the right solution for your business then? If you only need a firewall that simply monitors for threats and enforces policies when they are detected, then a NGFW may be sufficient for your needs.  Further, if you have highly trained engineers that have a deep understanding of the variety of threats, and know how to create signatures to provide ultimate protection, then NGFW or other IPS solutions may work for you as well. However, if you want a solution that can actually prevent increasingly sophisticated attacks with sufficient intelligence and automation to take the guesswork out of attack prevention and resolution, with application visibility and integrated threat-context – out of the box – then what you really need is McAfee Network IPS.

Get the complete picture by taking a minute to download the paper entitled, “Consolidate Network Security to Reduce Cost and Maximize Enterprise Protection” which describes the McAfee integrated solution for application visibility, reputation-based protection, behavior-based threat analysis and advanced malware detection.

1 Gartner, Inc., “Defining Next-Generation Network Intrusion Prevention,” by John Pescatore and Greg Young, Oct 7, 2011.

By Pat Calhoun