This report provides test results for the McAfee IPS-NS9100 v9.1.5.7. During NSS’ 2017 Next Generation Intrusion Prevention System (NGIPS) Group Test, the McAfee IPS-NS9100 v3.9.2.4784 failed to detect 22 HTTP evasions. This affected its placement in the Security Value Map (SVM)™. After working closely with NSS, McAfee rolled out a new version of its software (v9.1.5.7) for the McAfee IPS-NS9100. The updated device was subjected to testing using the NGIPS Test Methodology v3.1, the same methodology used in the NGIPS Group Test. The device produced the same exploit block rate, failed to detect eight evasions, and demonstrated a performance decrease of 7,123 Mbps.

TECHNOLOGY DESCRIPTION:

Next generation intrusion prevention systems (NGIPS) must provide organizations with the ability to identify both the applications and the users on their internal networks. As with their predecessors, NGIPS must protect the enterprise user against threats/exploits. Designed to identify and block attacks against internal computing assets, a good NGIPS can provide temporary protection and relief from the immediate need to patch affected systems. The NGIPS must catch sophisticated attacks while producing as few false positives as possible.

PRODUCT EVALUATED:

NSS Labs performed an independent test of the McAfee IPS-NS9100v9.1.5.7. The product was subjected to thorough testing at the NSS facility in Austin, Texas, based on the Next Generation Intrusion Prevention System (NGIPS) Test Methodology v3.1 available at nsslabstage.wpengine.com. This test was conducted free of charge and NSS did not receive any compensation in return for McAfee’s participation.

PRODUCT TESTED IN THE FOLLOWING AREAS:

Security Effectiveness: Capable of enforcing a specified security policy effectively.
Performance: Measures the performance of a device using various traffic conditions that provide metrics for real-world performance.
Stability and Reliability: Ability of a device to maintain security effectiveness while under normal and excessive utilization and while managing malicious traffic.
Total Cost of Ownership (TCO): Costs associated with overall cost of deployment, maintenance, and upkeep.

As with all NSS Labs group tests, there was no fee for participation. In addition, the test methodology applied is in the public domain to provide transparency and to help enterprises understand the test results.