Mcafee INTRUSHIELD 2700, INTRUSHIELD 1200, INTRUSHIELD 1400 DATASHEET

Data Sheet | McAfee Network Protection Solutions

McAfee IntruShield 1200, 1400, and 2700 Network IPS Appliances

Award-winning, next-generation intrusion prevention solution delivering best-in-class proactive
prevention of zero-day and DoS attacks, spyware, malware, botnets, and VoIP threats

No business is immune to security threats, no matter
how large or small. The risks to small and medium­sized businesses (SMBs) and other organizations
continue to grow as the rising number of new
vulnerabilities and the speed and sophistication of
attacks that exploit those vulnerabilities pose an
ever-increasing threat to your business. The rise and
evolution of new hybrid attacks that use multiple
techniques to attack your network infrastructure
means that enterprises of all sizes must constantly
defend themselves against these shifting threats.

Traditional, reactive security technology alone cannot ensure
network availability, integrit y, and data confidentiality. Due
to the inadequate ability of traditional technolog y to provide
proactive threat detection and prevention, businesses remain
vulnerable to sophisticated and highly targeted zero-day and
Denial of Service (DoS) attacks, as well as spyware, malware,
and Voice over IP (VoIP) threats. Small businesses need to
defend their critical network infrastructure by deploying
advanced, proactive protection against vulnerability-based
threats and attacks. Furthermore, companies of every size
are under intense regulatory and audit pressure to ensure the
privacy of confidential data and decrease business risk.

For comprehensive, proactive network protection against a
broad range of today’s threats and attacks, SMBs and other
organizations need to deploy next-generation intrusion
prevention. The proven and award-winning McAfee®
IntruShield® network intrusion prevention system (IPS)
delivers the most comprehensive, accurate, and scalable
threat protection. IntruShield helps SMBs assure the
availability and security of critical network infrastructure
through proactive and comprehensive threat prevention.

The McAfee IntruShield IPS Solution

The McAfee IntruShield family of award-wining, next­generation IPS appliances enables SMBs and enterprises
to reduce business risk by deploying the industry’s most
comprehensive and proven network IPS solution. Their
purpose-built platforms proactively protect endpoints

and critical network infrastructure from known, zero­day, and DoS attacks, as well as threats like spyware, VoIP
vulnerabilities, botnets, ma lware, network worms, Trojans,
and peer-to-peer applications.

IntruShield’s unparalleled technology preemptively
blocks attacks before they reach their intended targets,
while providing absolute accuracy and mission-critical
performance for all network environments. Its integrated
protection and easy-to-manage platform delivers broad
asset protection, maximized business availability, reduced
liability, and security-cost avoidance. And IntruShield’s
powerful policy enforcement, advanced forensics, and
comprehensive reporting capabilities help small and large
businesses comply with audit and regulatory requirements.

IntruShield is the industry’s first risk-aware intrusion
prevention solution, enabling SMBs to deploy prioritized
risk management through intelligent, highly targeted threat
prevention. By integrating with market-leading McAfee
Foundstone® vulnerability management (VM) solutions—as
well as open-source vulnerabilit y assessment (VA) systems
such as Nessus—IntruShield reduces business risk,
increases operational efficiencies, and maximizes security
by providing the ability to identif y and block the most
relevant threats and attacks targeting your network.

IntruShield’s built-in VoIP protection, spy ware prevention,
and advanced Web-client protection maintains business­critical applications, reduces IT costs, and secures
confidential information by blocking spyware, malware,
botnets, and VoIP threats. Its unrivaled ASIC-based
architecture, deep packet inspection, and patented shell­code detection deliver unequaled zero-day protection.

The innovative IntruShield architecture is purpose-built
for long product life cycles, providing continuous next­generation security and feature enhancements. This allows
for continuous protection against the latest threats and
vulnerabilities—including spyware, malware, botnets, SYN
flood, and VoIP threats—while never requiring hardware
upgrades. IntruShield’s architecture integrates patented
signature, anomaly, DoS, and distributed DoS (DDoS)
analysis techniques, enabling highly accurate threat
detection and prevention that blocks attacks before they

Data Sheet | McAfee Network Protection Solutions

inflict damage. IntruShield’s next-generation technology
delivers unparalleled features, including “out-of-the-box”
default IPS block ing, pre-configured Recommended for
Blocking policies, built-in spy ware and VoIP protection,
virtual IPS, and an integrated internal firewa ll. And the
IntruShield portfolio of appliances is backed by McAfee—
the largest dedicated security company and the most
trusted name in the industry.

Features and Benefits

Comprehensive protection

k Broad threat prevention—IntruShield’s purpose-

built intrusion prevention appliances deliver the
most comprehensive threat prevention by proactively
protecting endpoints and network infrastructure from
known, zero-day, and DoS attacks, as well as threats like
spyware, VoIP vulnerabilities, malware, botnets, network
worms, Trojans, and peer-to-peer applications

k Built-in anti-spyware protection—Provides enhanced

security by integrating multi-layered protection against
spyware, adware, dialers, keyloggers, password crackers,
and remote-control programs. IntruShield’s spyware
protection helps reduce IT costs, prevents potential privacy
breaches, and protects confidentiality by proactively
preventing the download of these unwanted programs
while blocking spyware communication and propagation

k Unrivaled botnet prevention—Industry’s only network-

based security solution to provide comprehensive,
layered, and proactive blocking of malicious distributed
botnets. IntruShield protects against the growing threat
of botnets by identify ing them as a distinctive categor y
of attack and proactively blocking their installation,
communication, and activation through the Internet

k VoIP vulnerability protection—IntruShield’s integrated

VoIP security proactively protects mission-critical VoIP
infrastructure and applications by accurately detecting
and blocking known, zero-day, and DoS attacks.
IntruShield protects against underlying VoIP protocol
vulnerabilities while preserving VoIP application and
voice-quality integrity

k Encrypted attack prevention—Industry’s first and

only network IPS to securely and proactively protect
against both clear-text and encrypted attacks (I-2700).
IntruShield’s advanced, real-time SSL decryption and
inspection technology dramatically increases network
security coverage by protecting critical e-commerce
infrastructure

k IPS and internal firewall—Integrated network IPS and

stateful internal firewall capabilities deliver unrivaled
internal system protection, network infrastructure
protection, and enterprise-wide policy enforcement

Accurate protection

k Built-in, advanced Web-client protection—Proactively

protects Web browsers and desktops from cyber­attacks, spy ware, botnets, and other forms of malware.
It prevents the download of unwanted programs while
protecting against unauthorized network access.
IntruShield’s built-in Web-client protection complements
McAfee Perimeter and System Protection Solutions by
providing an additional layer of network protection

k Next-generation DoS prevention—The industry’s most

advanced, next-generation DoS-prevention technology
delivers comprehensive, real-time protection against
sophisticated DoS attacks, cyber-attacks, and cyber
extortion. Multi-layered threshold, profile-based,
and SYN cookie technology—in combination with
IntruShield’s unrivaled virtual IPS capabilities—deliver
highly granular protection against a broad spectrum of
DoS attacks, including DoS, DDoS, and SYN flood attacks

k Infrastructure protection—Provides preemptive, zero-

day vulnerability protection against threats and attacks
that target mission-critical routers, switches, perimeter
firewalls, and DNS servers. Provides the only effective
means to protect critical network infrastructure during
windows of vulnerability

k Risk-aware intrusion prevention—Risk-aware IPS

delivers significant operational efficiencies by providing
the ability to intelligently identify and block the most
relevant alerts and attacks. Integration with market­leading Foundstone VM solutions automatically identifies
and highlights risks. Enables targeted, prioritized
risk management by importing and correlating risk
assessment information from Foundstone, as well as
open-source VA systems such as Nessus

k Signature, anomaly, and DoS analysis—IntruShield’s

unmatched architecture integrates a variety of advanced
detection methods—including signature, application,
and protocol anomaly, shell-code detection algorithms,
and next-generation DoS/DDoS prevention—to deliver
the most accurate protection available against today’s
threats and attacks

k Unmatched detection accuracy—Int ruShield performs

stateful traffic inspection with thorough parsing of over 100
protocols, while leveraging over 3,000 high-quality, multi­token, multi-trigger signatures to provide the most accurate
detection in the industry. IntruShield’s unmatched
accuracy allows you to confidently block threats and
attacks in real time without affecting legitimate traffic