This report presents the results of ESG Lab’s validation testing of the McAfee Next Generation Firewall. Integrating application control, intrusion detection, and evasion prevention, the product is designed to provide next generation firewall services, leveraging a unified software core to enable the deployment of multiple security services when and where they are needed.
Attacks today incorporate increasingly sophisticated methods of social engineering and client-side software manipulation to exfiltrate data without detection. Some attackers leverage so-called spearphishing to entice employees to give up access information and spread their attacks to other enterprise systems; others use password crackers against compromised applications in order to gain further access rights to the network. The attackers might also set up channels for command and control communications with the compromised systems, as in the case of the Zeus or SpyEye bot infections.
High availability is a must in our current cyberculture, and several advanced features that should be part of your next-generation firewall can help ensure that your network and your enterprise are continually up and running.
URL filtering is a type of content filtering that allows or blocks users from accessing specific websites. The practice has become an essential one on enterprise networks, with the goal of blocking employees from accessing content that would be a detriment to their productivity or the company as a whole. Blocked sites may include those that threaten the security of the organization, have objectionable content, or are bandwidth-intensive enough to strain company resources.
Centralized and accurate network security management is more than a trend—it is quickly establishing itself as the only means of network survival. Old-school point solutions, where each solution served a single purpose at a particular point in the network, are quickly becoming unwieldy, if not impossible, to manage. Larger enterprises may have hundreds of point products throughout their network, and managing them effectively, efficiently, and securely can only be done through a centralized network security management solution. Look for eight key features in your network security management solution to ensure that your network not only survives but thrives.
The need for robust network security is growing, but IT security teams, resources, and budgets are shrinking at many organizations. That doesn’t mean you have to scale down your growth or skimp on key IT security areas, but it does mean you need to optimize your resources, starting with your network firewall team. Resource optimization involves the automation and streamlining of operational processes and management workflows so that your IT team members can be freed up to focus their time, skills, and expertise on priority projects. Furthermore, optimizing your resources helps preserve your budget while eliminating budgetary conflicts and slashing administrative costs.
With networks sprawling to massive proportions and malicious activity hitting hard, fast, and constantly evolving, situational awareness is more vital than ever in keeping your network secure. Situational awareness refers to the continuous monitoring of your network by analyzing bulk data collected from sources across the board. In other words, it delivers a detailed overview of all areas of your network so you know exactly what’s going on through increased visibility and response capabilities.
Advanced evasion techniques, or AETs, are delivery mechanisms used to disguise advanced persistent threats (APTs) and permit them to slip through network security undetected.
AETs work by splitting up malicious payloads into smaller pieces, disguising them, and delivering them simultaneously across multiple and rarely used protocols. Once inside, AETs reassemble to unleash malware and continue an APT attack.
The attacks continue. The breaches occur. Penalties are assessed. While most universities manage to keep pace with the latest digital trends, they have been far less timely when it comes defending their networks and sensitive data against the latest targeted attacks and threats. This lack of protection is evident as recent headlines expose costly data breaches of student records and research, state and federal compliance violations, and a raft of other privacy and security issues that put students, alumni, staff, and the institutions themselves at considerable risk.
When done right, a next generation firewall with plug-and-play capabilities can typically be up and running within a few minutes. Find out how you can quickly deploy hundreds of firewalls remotely with the latest NGFW.
Network availability and survivability in the face of an attack requires specific tools and processes. Are you using RBAC, hierarchical policy management and individual domain control? Find out which eight features you must deploy now.