As always, we wanted to make sure to keep you in the loop on all current McAfee happenings, especially as it relates to their commitment to enterprise security and NGFW.
As technology has changed the way businesses operate, IT departments have been forced to adapt to what is often a faster-paced and more decentralized approach. Employees expect instant access to corporate resources, no matter where they are in the world or what device they are using. Datacenters continue to become more virtualized, but the majority of datacenters remain a mix of physical and virtual resources.
As a result of these changes, security can often become an afterthought, especially if it inhibits business processes and productivity. Many legacy security solutions were not designed with today’s challenges in mind, leaving organizations at an increased risk of attack.
Threats have become more specialized and advanced. Hackers no longer send a single piece of code to millions of targets; rather, they modify their attacks to exploit particular vulnerabilities (whether they are people or technology based) within a target. Limiting threat vectors through application control and traditional filtering technologies serves to weed out more common threats; however, advanced scanning is becoming table stakes for network security products. Signature-based technologies are not dead, but increasingly, intelligence from multiple sources is being consolidated and correlated to drive threat prevention in real time.
McAfee Next Generation Firewall Solution
McAfee has always been known for its strong endpoint protection products but boasts a very broad portfolio of security technologies, including network security. Its Next Generation Firewall offers a flexible platform to address a variety of use cases and deployment scenarios. Key features include IPS, application control, antivirus, URL filtering, and VPN. All capabilities are inherent in the software, enabling users to turn on needed features depending on network requirements, without bolting on additional technologies. The solution can be deployed as a stateful firewall with VPN termination, full NGFW with IPS and application control, Layer 2 firewall for datacenter deployments, or IPsec VPN gateway for branch office connectivity. A variety of dedicated hardware appliances offer throughput ranging from 100Mbps to 120Gbps. McAfee Next Generation Firewall can also be deployed as software on standard x86 systems or as a virtual appliance on the VMware ESX or KVM platform.
McAfee NGFW continues to score above average in security, as awarded by “NSS Labs Recommended” report for the third year in a row.
NSS Labs performed an independent test of the McAfee NGFA1402 v5.7.1. The product was subjected to thorough testing at the NSS facility in Austin, Texas, based on the Next Generation Firewall (NGFW) methodology v5.4 available on www.nsslabs.com. This test was conducted free of charge and NSS did not receive any compensation in return for McAfee’s participation. For additional information on NGFW technology, refer to the NSS Analysis Brief entitled “What Do CIOs Need to Know About Next Generation Firewalls?”
The McAfee NGF-1402 is rated by NSS at 5,086 Mbps, which is higher than the vendor-claimed performance. (McAfee rates this device at 4.5 Gbps). “The McAfee NGF-1402 v5.7.1 showed good capability of correctly identifying traffic and did not fire IPS alerts on non-malicious content.”
The NSS Labs Security Value Map (SVM) for Firewalls is also attached, showcasing McAfee in top quadrant.
The top quadrant contains those products that are recommended for both security effectiveness and value. These devices provide a very high level of protection, manageability and value for money.
IDC calculated the business value of next generation firewall. IDC conducted direct interviews with eight production McAfee NGFW customers to derive the tangible benefits they are receiving.
According to the report, “On average the organizations in the study were able to leap from being 25% proactive in threat identification to 60%. In addition to limiting the security events; the organization-wide visibility enabled security teams to respond to events 84% quicker. The combination of these capabilities lowered security related downtime by 92%.”
Business Value Highlights:
- Improvement in event response time 84%
- Decrease in security-related downtime 94%
- Reduction in infrastructure costs 30%
- Five-year total business benefits $5.3M
- Five-year ROI: 527%
- Payback period: 6 months
Miercom tested the McAfee NGFW 5206 and gave it the “Miercom Performance Verified Certification” stamp.
Testing showed that, “with Deep Packet Inspection (DPI) applied, the McAfee NGFW 5206 handled sustained throughput over 10 Gbps – one of the highest firewall throughputs we have seen with deep packet inspection enabled.“
Key Findings and Conclusions
- A single McAfee NGFW 5206 can manage up to 120 Gbps (Gigabits per second) of real-time traffic
- With Deep Packet Inspection (DPI) applied, the McAfee NGFW 5206 handled sustained throughput over 10 Gbps – one of the highest firewall throughputs we have seen with DPI enabled
- Testing showed that additional McAfee NGFW 5206 nodes in a cluster can increase aggregate throughput considerably. Adding a second node in a cluster bolsters throughput from 25 to 100 percent, depending on traffic mix and firewall features enabled
- A four-node cluster can boost throughput up to 370 percent – nearly four times a single node’s throughput, tests found
- Testing confirmed that a single McAfee NGFW 5206 node can effectively process over 50,000 new TCP/HTTP connections per second, exceeding the vendor’s published specifications
- McAfee NGFW 5206 had much more consistent throughput performance with security features enabled when compared to other products in this class. Other products tested exhibited 75 percent or more performance degradation for DPI, AntiVirus and application control when enabled
Miercom independently substantiates the throughput performance of the McAfee NGFW 5206 from Intel Security – in standalone mode, as well as the throughput scalability achieved by clustering multiple McAfee NGFW 5206 nodes. McAfee is awarded the Miercom Performance Verified Certification for the impressive throughputs delivered by the McAfee NGFW 5206.
Companies today are facing a difficult dilemma. Unprecedented demand for business growth is driving the introduction of new applications and IT services to support a more productive and mobile workforce scattered across the globe. This creates complexity and constant change as well as a whole wave of issues for IT, which has to ensure the security of these new resources. Companies that had been trying to address this dilemma by employing a wide array of point solutions found that they were unable to keep pace with the constant change and have transitioned to McAfee Next Generation Firewall (NGFW) to provide a corporationwide integrated and scalable security solution.
Organizations using McAfee NGFW are achieving significant IT and business benefits. McAfee customers interviewed by IDC implemented their NGFW solution to ensure the security of their business operations. These McAfee customers are realizing the following benefits:
- Improved user and customer experience
- Proactive IT operations supporting greater innovation
- More reliable business operations driving productivity and revenue
- Enhanced business agility