New features

This release of Network Security Platform includes the following new features:

Securing Azure public cloud

The public cloud domain has many cloud service providers. Microsoft Azure is one of the upcoming public cloud platforms that is fast gaining the market. Azure is mainly an application platform for the public cloud which helps users create and run applications easily. Since applications can be created on-the-go, security for applications is a primary concern for users. You can deploy Network Security Platform solution in Azure cloud to protect all your applications and data in public cloud.

The Virtual IPS Sensors deployed in Azure environment protect the virtual machines which are a part of a resource group. The Virtual Probe installed on the virtual machines directs the traffic to the Virtual IPS Sensors. The Sensor inspects traffic and an alert is generated in case of an attack. The vNSP Controller deployed in Azure environment establishes the communication channel between the Sensor and the Virtual Probes. Policies are created and enforced on Virtual IPS Sensors and vNSP Clusters through the Network Security Manager thereby giving you the ability to block, send an alert, or drop packets as you would in a physical environment. You can deploy the Manager both on-premises or in Azure cloud.

For more information on deploying the vNSP solution in Azure cloud, see McAfee Network Security Platform 9.2 Virtual IPS Administration Guide.

1 Gbps Sensor throughput in AWS

In earlier release, Virtual IPS Sensor instance in AWS environment had a throughput of 600 Mbps. With release 9.2, the Virtual IPS Sensor instance deployed in AWS environment has a throughput of 1Gbps.

The new Sensor model deployment requires a c4.xlarge instance type with 7.5 GB memory. The Sensor contains 4 logical CPU cores.

For more information, see McAfee Network Security Platform 9.2 Virtual IPS Administration Guide.

Integration with Private Global Threat Intelligence (GTI) Cloud

With this release, Network Security Platform supports integration with McAfee Private Global Threat Intelligence (GTI) Cloud. The Private GTI Cloud offers the option to utilize McAfee’s GTI information in your private cloud environment. You can configure Private GTI Cloud to provide reputation scores to the malware files. Network Security Platform Sensors can be configured to send threat information to the Private GTI Cloud instead of the Public GTI Cloud. File reputation and IP reputation scores is retrieved from the private cloud based on which rules and policies can be configured to prevent attacks.

To configure the GTI Private Cloud, go to Manager<Admin Domain Name>IntegrationGTI.

Telemetry

You can configure the telemetry information sent to the McAfee GTI Cloud. When McAfee GTI Cloud is enabled, information about alerts, features, Sensor version, and Manager version are sent to GTI cloud. You can view the details sent to GTI Cloud from the Manager.

In previous releases, the telemetry information sent to McAfee GTI Cloud could be viewed in the GTI integration page. With release 9.2, telemetry information can be viewed under Manager<Admin Domain Name>SetupTelemetry. The options to configure the information sent to McAfee GTI Cloud remains the same.

When enabled, the show gti config CLI command is enhanced to display the configuration details for Private GTI cloud.

For more information about telemetry, see McAfee Network Security Platform 9.2 Integration Guide.

Device Manager

The Device Manager page provides information about all the devices configured in the Manager. It lists the device information, software, health, status, and so on. NS-series Sensors, M-series Sensors, Mxx30 Sensors, Virtual IPS Sensors, NTBA Appliances, and HIPS devices are displayed in the Device Manager page. It displays the devices configured in an admin domain including the devices configured in the child admin domains. You can view the faults generated for the devices and directly navigate to the System Faults page to view the faults.

Note: The Device Manager page does not display details for XC Cluster devices.

For more information on Device Manager, see McAfee Network Security Platform 9.2 Manager Administration Guide.