Detailed instructions for use are in the User's Guide.
[. . . ] Due to the inadequate ability of traditional technology to provide proactive threat detection and prevention, businesses remain vulnerable to sophisticated and highly targeted zero-day and Denial of Service (DoS) attacks, as well as spyware, malware, and Voice over IP (VoIP) threats. Small businesses need to defend their critical network infrastructure by deploying advanced, proactive protection against vulnerability-based threats and attacks. Furthermore, companies of every size are under intense regulatory and audit pressure to ensure the privacy of confidential data and decrease business risk. [. . . ] This allows for continuous protection against the latest threats and vulnerabilities--including spyware, malware, botnets, SYN flood, and VoIP threats--while never requiring hardware upgrades. IntruShield's architecture integrates patented signature, anomaly, DoS, and distributed DoS (DDoS) analysis techniques, enabling highly accurate threat detection and prevention that blocks attacks before they
The McAfee IntruShield IPS Solution
The McAfee IntruShield family of award-wining, nextgeneration IPS appliances enables SMBs and enterprises to reduce business risk by deploying the industry's most comprehensive and proven network IPS solution. Their purpose-built platforms proactively protect endpoints
Data Sheet | McAfee Network Protection Solutions
inflict damage. IntruShield's next-generation technology delivers unparalleled features, including "out-of-the-box" default IPS blocking, pre-configured Recommended for Blocking policies, built-in spyware and VoIP protection, virtual IPS, and an integrated internal firewall. And the IntruShield portfolio of appliances is backed by McAfee-- the largest dedicated security company and the most trusted name in the industry.
k Unrivaled botnet prevention--Industry's only networkbased security solution to provide comprehensive, layered, and proactive blocking of malicious distributed botnets. IntruShield protects against the growing threat of botnets by identifying them as a distinctive category of attack and proactively blocking their installation, communication, and activation through the Internet k VoIP vulnerability protection--IntruShield's integrated VoIP security proactively protects mission-critical VoIP infrastructure and applications by accurately detecting and blocking known, zero-day, and DoS attacks. IntruShield protects against underlying VoIP protocol vulnerabilities while preserving VoIP application and voice-quality integrity k Encrypted attack prevention--Industry's first and only network IPS to securely and proactively protect against both clear-text and encrypted attacks (I-2700). IntruShield's advanced, real-time SSL decryption and inspection technology dramatically increases network security coverage by protecting critical e-commerce infrastructure k IPS and internal firewall--Integrated network IPS and stateful internal firewall capabilities deliver unrivaled internal system protection, network infrastructure protection, and enterprise-wide policy enforcement
Features and Benefits
Comprehensive protection
k Broad threat prevention--IntruShield's purposebuilt intrusion prevention appliances deliver the most comprehensive threat prevention by proactively protecting endpoints and network infrastructure from known, zero-day, and DoS attacks, as well as threats like spyware, VoIP vulnerabilities, malware, botnets, network worms, Trojans, and peer-to-peer applications k Built-in anti-spyware protection--Provides enhanced security by integrating multi-layered protection against spyware, adware, dialers, keyloggers, password crackers, and remote-control programs. IntruShield's spyware protection helps reduce IT costs, prevents potential privacy breaches, and protects confidentiality by proactively preventing the download of these unwanted programs while blocking spyware communication and propagation k Built-in, advanced Web-client protection--Proactively protects Web browsers and desktops from cyberattacks, spyware, botnets, and other forms of malware. It prevents the download of unwanted programs while protecting against unauthorized network access. IntruShield's built-in Web-client protection complements McAfee Perimeter and System Protection Solutions by providing an additional layer of network protection k Next-generation DoS prevention--The industry's most advanced, next-generation DoS-prevention technology delivers comprehensive, real-time protection against sophisticated DoS attacks, cyber-attacks, and cyber extortion. Multi-layered threshold, profile-based, and SYN cookie technology--in combination with IntruShield's unrivaled virtual IPS capabilities--deliver highly granular protection against a broad spectrum of DoS attacks, including DoS, DDoS, and SYN flood attacks k Infrastructure protection--Provides preemptive, zeroday vulnerability protection against threats and attacks that target mission-critical routers, switches, perimeter firewalls, and DNS servers. Provides the only effective means to protect critical network infrastructure during windows of vulnerability
Accurate protection
k Risk-aware intrusion prevention--Risk-aware IPS delivers significant operational efficiencies by providing the ability to intelligently identify and block the most relevant alerts and attacks. Integration with marketleading Foundstone VM solutions automatically identifies and highlights risks. Enables targeted, prioritized risk management by importing and correlating risk assessment information from Foundstone, as well as open-source VA systems such as Nessus k Signature, anomaly, and DoS analysis--IntruShield's unmatched architecture integrates a variety of advanced detection methods--including signature, application, and protocol anomaly, shell-code detection algorithms, and next-generation DoS/DDoS prevention--to deliver the most accurate protection available against today's threats and attacks k Unmatched detection accuracy--IntruShield performs stateful traffic inspection with thorough parsing of over 100 protocols, while leveraging over 3, 000 high-quality, multitoken, multi-trigger signatures to provide the most accurate detection in the industry. IntruShield's unmatched accuracy allows you to confidently block threats and attacks in real time without affecting legitimate traffic
Data Sheet | McAfee Network Protection Solutions
k Backed by McAfee--Proven protection, unmatched security knowledge, and continuous proactive security research from the world's largest dedicated security company. McAfee, the most trusted name in the industry
Scalable and manageable
k Out-of-the-box default blocking--IntruShield is pre-set for Default IPS Blocking, and comes pre-configured with a Recommended for Blocking policy that provides accurate and proactive blocking for hundreds of attacks straight out of the box. Recommended for Blocking signatures are continuously updated by McAfee to provide comprehensive protect ion against new threats k Easy-to-use centralized management--A single management console delivers simple, centralized, Web-based management of IntruShield appliances and policies. [. . . ] Same for all models 100w Same for all models Same for all models
Altitude Safety certification
Same for all models Same for all models
Same for all models Same for all models
EMI certification
Same for all models
Same for all models
Data Sheet | McAfee Network Protection Solutions
Sensor Software Components Stateful traffic inspection IP defragmentation and TCP stream reassembly Detailed protocol analysis Asymmetric traffic monitoring Protocol normalization Advanced evasion protection Forensic data collection Protocol tunneling Protocol discovery Signature detection User-defined signatures Real-time signature updates Anomaly detection Statistical anomaly Protocol anomaly Application anomaly DoS detection Threshold-based detection Self-learning profile-based detection Maximum DoS profiles Intrusion prevention Stop attacks in progress in real time Drop attack packets/sessions Reconfigure firewall Initiate TCP reset, ICMP unreachable Packet logging Automated and user-initiated prevention Encrypted attack protection Internal firewall High availability Management Stops encrypted attacks in real time Blocks unwanted and nuisance traffic Granular security policy enforcement Stateful failover Command-line interface (console) Manager communication
I-2700 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes 300 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes (for FE ports) Yes Secure channel
I-1400 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes 120 Yes Yes No Yes Yes Yes No Yes Yes Yes Yes Same for all models
I-1200 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes 100 Yes Yes No Yes Yes Yes No Yes Yes Yes Yes Same for all models
McAfee, Inc. 3965 Freedom Circle, Santa Clara, CA 95054, 888. 847. 8766, www. mcafee. com McAfee and/or additional marks herein are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. [. . . ]