McAfee Network Security Platform (NSP) leads in 2012 Magic Quadrant for Intrusion Prevention System

Gartner just released their 2012 Magic Quadrant for Intrusion Prevention Systems and once again, McAfee Network Security Platform (NSP) leads the pack!  This marks her 7th consecutive placement in the Leaders quadrant for IDS/IPS.  While several factors contributed to our Leadership position, Gartner calls out McAfee’s ‘next-generation network IPS’ capabilities as a driving factor.

 

 

The entire report:

www.mcafee.com/gartner-mq-nips-2012

 

Although keeping things relatively high level, Gartner does make several key statements about McAfee you should be aware of:

• “strong NGIPS capabilities go beyond first-generation IPS”  – no other vendor is singled out with real NGIPS functionality except Sourcefire
• “McAfee was the vendor listed most often in the survey to vendors regarding their greatest IPS competitor” – the fact that other vendors consider McAfee their biggest competitor substantiates our leadership in the market
• “models that range from 100 Mbps to over 80 Gbps throughput”  – this out-paces all other vendors – the next closest competitor (Sourcefire) has half that capacity (40 Gbps), followed by quarter capacity (20 Gbps) from IBM and Stonesoft, with the rest hovering around 10 Mbps

 

Dimension Data: Security questions you should ask your cloud provider

Security questions that you should ask your cloud provider
In order to evaluate the security approach of a cloud provider, enterprises should ask the following questions of their cloud providers:

Network security:
• Do you provide dedicated physical or virtual LANs to your clients?
• How does your data centre architecture contribute to client security?
• Are clients able to define their own authorisation and access control lists?
• How can clients ensure that their networks are secure?

Secure user access:
• How do you provide secure access (SSL-based VPNs) to your clients?
• How do you provide account-based security?
• Do you support role-based access controls?
• Do you support the addition and removal of ACL firewall rules directly in addition to host-level security?
• How do you monitor and report on usage and activities for audit purposes?

Compliance:
• What compliance certifications does your company hold, and how often do you undertake a compliance audit?
• Do you permit clients to audit your security controls?
• How do you address requests for location-specific storage to abide by data sovereignty requirements?
• Can a client’s data be prevented from being moved to a non-compliant location?

Virtual machine security:
• What protocols do you use to secure applications running on a virtual machine?
• How do you secure virtual machines in your cloud?
• How do you isolate one or a logical group of virtual machines from one other?
• Do clients have visibility into their virtual machines and servers running in their cloud and, if so, what monitoring tools do you provide?

Dimension Data Cloud Security : Develope a Secure Cloud Approach

Taking a layered approach to securing the cloud

The solution lies in taking a layered or ‘defense in depth’ approach to enterpriseclass security. An effective hosted cloud service involves much more than migrating sensitive data into an environment, simply
wrapping a virtual perimeter around it and calling it secure. Unfortunately, this is precisely what many public cloud offerings consider ‘security’. Businesses should give thought to how to best secure each layer of the cloud environment, including the infrastructure, operating system, application and network layers. They need an integrated approach that considers networking and security together, in order to provide security for
the overall functionality of the application and data to be migrated to the cloud.

The whitepaper is to be downloadable at http://www.dimensiondata.com/



Cisco ISE (Identity Services Engine)

Cisco Identity Services Engine

http://www.cisco.com/go/ise

Cisco ISE Fundamentals
(Video):

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5712/ps11637/ps11195/ise_fundamentals.html

Product Specifications

There are three hardware options for the Cisco Identity Services Engine.

Cisco Identity Services Engine Appliance 3315 (Small)

Cisco Identity Services Engine Appliance 3355 (Medium)

Cisco Identity Services Engine Appliance 3395 (Large)

(more...)

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5712/ps11637/ps11195/data_sheet_c78-656174.html

Installation Guide: (you may need a partner account)

http://www.cisco.com/en/US/docs/security/ise/1.1.1/installation_guide/ise_ig.pdf