CISSP CPE: webinar Evaluation next generation IPS
length: 01:00:00
Evaluation next generation IPS
Tyler Carter, Director product marketing McAfee
Evaluation next generation IPS
Mattew Glenn, VP product management McAfee
Vikram Phatak, CEO, NSS Labs
Tyler Carter, Director product marketing McAfee
1. Product analysis: 10 vendors
2. Comparative Analysis Reports:
a. security
b. performance
c. management system
d. TCO (total cost of ownership
3. Security Value Map
Interesting so many vendors are top left corner.
In previous year, NSS show the default security
effectiveness, but this confuses the CEO, resulting budget are not properly allocated.
Right Size not same throughput.
McAfee has very good management platform.
it has application awareness
it has contextual awareness
it has content awareness
NOTE: all screenshot taken during the webinar.
NOTE: all screenshot taken during the webinar.
systemic approach to malware: detect & prevent
full analysis automation: detect, ID root cause,
determine, prevent.
NSS will do 0-day test moving forward.
Audience Question
Q: can we get a copy of this very good presentation?
A: The recording will be made available. We are not planning to send out the slides.
Audience Question
Q: How can we obtain/access the broadcast?
A: You will automatically be sent a link to the recording
after the broadcast, via email.
Audience Question
Q: Within the testing process, and from you info,am I
correct to assume the device are tested against a set of know/signatured set of
exploits. If that is correct within the testing how is the ability to
identified and protected against a anomily that is an important
feature/function of a good Netwotk IPS...Your thoughts on is this testing
showing the ability of each as far as anomily detection and reporting untila
signature is available....
A: Thanks for the question. I'll queue this up for
Q&A at the end.
Audience Question
Q: Can GTI integrate with other SIEM's than McAfee like
ArcSight?
A: Thanks for the question. I'll queue this up for Q&A.
Audience Question
Q: Is GTI a technology tied to the IPS or is this
something separate?
A: GTI is built directly into McAfee Network Security
Platform (our IPS), out of the box. It's
also included in most other McAfee security solutions. With our SIEM, it is
available as a subscription.
Audience Question
Q: We currently have Intrushield is GTI available for
this old product?
A: GTI is available with the M-Series line of
sensors. These were first released in
2008 and are the current model IPS for McAfee.
The original I-Series platform (released in 2003) does not have the
newer GTI features for file and IP reputation.
My question:
Q: question for Vikram: it seems like this is the first
time SonicWall & Palo Alto join the NSS test and doing pretty good, what
your opinion in regards to the "new comers" compare to the
"traditional" vendor such sourcefire & mcafee?
A: Some new interesting technology from new comers and
quite impressive.
Vikram is cautiously optimistic.
Audience Question
Q: In order to benefit from the GTI, we need to provide
the sensors access to the internet which for most of our customers
A: Correct. For
GTI, sensors need an internet connection to the GTI cloud.
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home