product
service
Specifications/Technical Information
- McAfee Network Security Platform Technical Information - High Performance Intrusion Prevention IPS
- McAfee Network Security Platform Specifications - High Performance Intrusion Prevention IPS
- McAfee Advanced Threat Defense Technical Information - Malware Detection
- McAfee Advanced Threat Defense Specification - Malware Detection
- McAfee SIEM Knowledge Base - Threat Visibility with Log Analysis
McAfee
McAfee
McAfee Advanced Threat Defense
McAfee Advanced Threat Defenseは高度化するマルウェアに対抗するため、アンチウィルスシグネチャ、ファイルレピュテーション、エミュレーション(Gateway Anti Malware)、サンドボックスなど複数の検知テクノロジーを効果的に活用します。
また、IPS/IDS製品やWeb Gateway製品など他のMcAfee製品とシームレスに連携することで、マルウェアの検知のみでなくリアルタイムでの不正通信防御など、包括的なソリューションを提供します。
※ATD:McAfee Advanced Threat Defense
※NSP:McAfee Network Security Platform
※ePO:McAfee ePolicy Orchestrator
real time down selector
The "Down Selector" engine analyzes the target file before the "Box Engine".
Since the "down selector" engine executes malware analysis processing at high speed, it realizes real-time response and reduces the load by not performing processing in the "Box engine".
* It is possible to set the files detected by the "down selector" engine to be analyzed by the "advanced Box" engine.
Advanced Box
Perform static code analysis in addition to dynamic analysis based on execution behavior
Analysis by custom image
- Perform dynamic analysis in the same terminal environment (OS version, service pack/patch level, application used, etc.) as the one actually used
- Improving the detection rate of targeted malware created to operate only in the target's specific environment
- In order to avoid high load caused by processing on multiple OSs other than the user environment, analysis is performed only on the OS of the user environment to improve the efficiency and speed of processing.
Analysis result report (sample)
