McAfee Host Intrusion Prevention

For your business to thrive, your network and systems must stay secure. If it is your charter to maximize protection, minimize downtime, and solve security problems quickly, McAfee's Host Intrusion Prevention system should be an essential tool in your security toolbox.

The Challenge

Your servers house your most valuable information assets and keep your business alive. One of the top challenges is to successfully protect these servers and applications from known and unknown attacks that threaten to disrupt your business. To accomplish this, you must aggressively deploy security technologies throughout your network. But the complexity of the exploits that target the vulnerabilities within your servers and applications continues to rise at an equally aggressive rate. There were more new threats in the first half of January 2008 than in all of 2007. And with more than 32% of exploits released within three days of vulnerability disclosure, organizations are at risk, as the average enterprise takes 32 days to deploy server patches. With a proactive approach to securing your servers and applications, you can rest assured that your confidential data is protected and your business continuity is preserved.

McAfee Host Intrusion Prevention for server

McAfee® Host Intrusion Prevention (Host IPS) monitors and blocks unwanted activity and threats. The server version of Host IPS maintains server uptime and protects corporate assets, such as applications and databases. Host IPS protects servers from known and unknown zero-day threats by combining signature and behavioral intrusion prevention system (IPS) protection with a stateful firewall and application control. McAfee Host IPS reduces patching frequency and urgency, preserves business continuity and employee productivity, protects data confidentiality, and simplifies regulatory compliance.

Features and Benefits

Multi-layered protection provides broad, comprehensive coverage. With the rapid growth of blended threats and profit-motivated cybercrime, organizations need layered protection to defend endpoints against known and unknown zero-day threats and to prevent loss of confidential data.

• Signature protection accurately identifies and blocks known attacks
• Behavioral protection secures endpoints against new, zero-day threats, such as buffer overflow attacks
• Stateful firewall blocks unsolicited inbound traffic, controls outbound traffic, and applies policy rules based on traffic, ports, applications, and locations
• Application control helps you create whitelists and blacklists to specify which applications can or cannot run
• Specialized server protection secures critical servers with customized protections to maintain system uptime and productivity
• Filter HTTP requests to prevent directory traversal, Unicode, and denial-of-service attacks
• Use predefined shielding policies and rules to prevent attacks and data loss
• Examine database queries to prevent attacks, such as SQL injection
• Use predefined shielding policies and rules to ensure normal behavior and prevent data tampering
• Vulnerability shielding automatically updates signatures to protect endpoints against attacks resulting from exploited vulnerabilities
• Signature updates are automatically and regularly downloaded in a similar manner to .DAT file updates for protection assurance

Spend less time collecting data needed to achieve, report, and prove compliance

McAfee Host Intrusion Prevention helps you obtain greater visibility and control to simplify compliance efforts and make reporting and audits less painstaking.

• Gather attack details such as type, vector, source, severity, timestamp, and more-all in clear and easy-to-understand language for prompt reporting, audit, investigation, and response
• Produce compliance reports for auditors and other stakeholders
• Customize dashboards for real-time compliance status