Attacks today incorporate increasingly sophisticated methods of social engineering and client-side software manipulation to exfiltrate data without detection. Some attackers leverage so-called spearphishing to entice employees to give up access information and spread their attacks to other enterprise systems; others use password crackers against compromised applications in order to gain further access rights to the network. The attackers might also set up channels for command and control communications with the compromised systems, as in the case of the Zeus or SpyEye bot infections.
We had the opportunity to review McAfee Next Generation Firewall (McAfee NGFW) to see if it stands up to advanced threats and meets these requirements. We found McAfee NGFW’s interface easy to access and use and its policies simple to create and push to devices. The VPN capabilities worked as advertised, and the ability to create simple rules that automatically create VPN tunnels can help organizations protect data in transit. Its availability and redundancy features were easy to configure and functioned properly, and McAfee NGFW caught the advanced evasion techniques we threw at it, demonstrating a sophisticated application and protocol assembly and interpretation engine that will certainly help organizations defend against advanced attacks in their networks.