Large enterprise networks are poised at the edge of a quantum evolutionary leap. A major impetus for this is the emergence and proliferation of difficult-to-combat blended threats—spam combined with phishing and rogue web sites. Another key factor is the emergence of high-speed 10-Gigabit Ethernet technology, which is rapidly being adopted as enterprises find themselves at the point of needing to rebuild a network infrastructure that can no longer support their business needs.

The spam quandary
Spam is no longer merely an annoyance and a productivity inhibitor, clogging bandwidth and inboxes, and driving up helpdesk calls. Today’s sophisticated, socially engineered blended threats combine spam, phishing, potentially unwanted programs, dangerous web sites, and data theft. Links in spam messages take victims to rogue web sites that infect machines with Trojans and bots and steal confidential information. Highly engaging, interactive online applications made possible by Web 2.0 are encouraging more active participation by web users and are inspiring hackers to take advantage of this by designing clever spam campaigns to entrap the innocent and unsuspecting.

Over the years, IT security professionals have been banging their heads against the wall trying to solve the spam problem. Adding more email security appliances to already crowded racks in the data center was one way of contending with this mounting threat. The proliferation of products throughout the data center is commonly called "appliance fatigue." You might be suffering from it without even knowing it. Every point product you’ve purchased has a separate console and separate reports—which means your IT team has to learn multiple interfaces, manage each appliance separately, and apply patch updates regularly. Obsolescence is another issue. Appliances and software quickly become outdated in a dynamic threat landscape, and not all vendors are nimble enough nor have the research capabilities to stay on top of emerging threats and issue updates. When you have racks and racks of security appliances, it’s an administrative nightmare. It seems that these attempts to solve the spam problem have created a different problem: spiraling complexity, management issues, and costs that continue to rise.

Add it all up, and you have an enormous drain on IT resources and budgets—and inconsistent protection.

The answer in a box
What’s the alternative? McAfee has a new, consolidated approach to email- and web-borne threats in the same box—McAfee Content Blade Server. Highly efficient, space-saving, and economical, the Content Blade Server protects your infrastructure, reduces appliance fatigue, and frees up space in your data center. The advantages of this compact appliance are many:

• Spend less and reduce administrative overhead by up to 90 percent
The Content Blade Server is less expensive to purchase over a three-year depreciation period than point products from other vendors. Typical competitive solutions for a 50,000-seat enterprise run approximately USD $1.7 million dollars for anti-virus and anti-spam without content filtering. For the same enterprise, The McAfee Content Blade Server, which provides a comprehensive, award-winning anti-spam and anti-virus solution that includes robust content filtering, runs USD $700,000, so there’s a real savings of USD $1 million. McAfee’s flat-rate pricing model has no per-user fees. Product acquisition costs and recurring license and support fees, which burn hundreds of thousands of dollars annually, become a thing of past.

Plus, the centralized, easy-to-manage single appliance goes a long way toward reducing the complexity of your infrastructure and your IT staff workload.

• Save space, cut power costs, and go green
Energy (including cooling and power) and space requirements for data centers constitute a large percentage of IT expenditures. Our solution reduces data center costs by up to 25 percent compared with comparable offerings. Hewlett-Packard and IDC forecast an up to 69 percent reduction in energy consumption over a three-year period for IT organizations that migrate from traditional infrastructures to blade architectures. In addition the Content Blade Server’s built-in workload balancing and automatic fault tolerance require no additional hardware or configuration. All blades operate as if they were a single unit, so there’s less management overhead and no need to purchase or maintain external load balancers or complex failover schemes.

In addition to the cost savings, the Content Blade Server is environmentally friendly. Most large enterprises are moving toward reducing their carbon footprint, and, in fact, it’s written into many corporate policies. As state governments become more environmentally conscious, don’t be surprised if green requirements make their way into regulatory legislation in the near future.

• Advanced technology provides comprehensive coverage and industry-leading catch rates
With the Content Security Blade Server, up to 5,000,000 email messages can be filtered per hour and 50,000 simultaneous web users can be protected with only one unit, so performance needs for large enterprises are met with less equipment. You can turn on the functionality—which includes email security, anti-spam, malware removal, and email content filtering, safe surfing, and URL filtering—when you need it. This translates to simple, more efficient, and more cost-effective security.

As for our accuracy and catch rate for spam and other threats, we meet the recognized leaders in the industry head to head. We’ve discovered that our catch rate is above 98 percent with almost zero false positives. In this playing field, every single percentage point counts.

Let’s take a look at Microsoft, for example. Based on its published email statistics for 2007, if Microsoft suffered a one percent drop in the catch rate of its anti-spam solution, what would happen? A one percent drop in effectiveness would result in an additional 100,000 messages per day—spam messages—getting through to its Exchange servers. If, as the company states, under normal operation, one million messages per day reach its Exchange servers, that 1 percent drop in catch rate results in a 10 percent increase in the message traffic that its Exchange servers need to process and store! And a 10 percent increase in traffic would mean that it might need to add 25 additional Exchange clusters to the 250 it currently operates worldwide with the extra cost of administration and data center resources that would entail.

Rebuilding the behemoth
Another sea change in the network landscape is the fact that some enterprise networks are aging. Many large enterprises today are beginning to realize that their network capacity is being stretched to the breaking point. The idea of converting an outdated network to ultra-high speed 10-Gigabit Ethernet is fast becoming reality; enterprises are eager to make the switch because their current networks just can’t seem to move data around fast enough any more.

Businesses in different industries have different outlooks on the necessity of upgrades. In large organizations in certain sectors where growth is slow and deliberate—think financial institutions, manufacturing operations, and utility companies—a network is built, great pains are taken to stabilize it and maintain it, and it remains untouched until it’s run into the ground. Other types of businesses—communications carriers, Internet service providers (ISPs), and the like—are constantly overhauling their networks. To respond to customer needs and stay competitive, they need to be more nimble, so they are continually upgrading their network capacity and capabilities.

Appliance fatigue and point-product pain
Just as with web and email security, the network security of the past presents the same set of issues—appliance fatigue, management hassles of multiple point products, complexity, and the high cost of acquisition. Companies that are about to make the switch to speedy 10-Gigabit Ethernet networks are looking for a more integrated approach that will take them through a five to 10-year period without having to rip and replace. They’re also looking to increase return on investment, reduce complexity, cut costs, and simplify IT management.

High performance and true 10-Gigabit Ethernet capability
For companies ready to take the plunge, McAfee offers a viable solution—a single appliance that meets performance standards, is easy to manage and upgrade, and is a good investment over the long haul. McAfee Network Security Platforms integrate with other solutions for knowledge-driven security that IT managers can act on. Data gathered from other applications is prioritized, so that decision-making is easier; the most severe threats are always addressed first.

The needs of next-generation 10-Gigabit Ethernet enterprise networks that demand ultra-high-throughput security and no downtime are met with the ASIC-based McAfee M-8000 Network Security Appliance. It offers intelligent, real-time security with 10 Gbps performance. In fact, McAfee M-8000 Network Security Appliance is the only product to surpass the basic certification and achieve the coveted MGIPS+ Enterprise certification for operation in multi-gigabit environments. It also offers the highest port density available today. For branch offices, the McAfee I-1400 Network Security Appliance provides proactive intrusion prevention that protects every device broadly, accurately, and efficiently.

Both are managed by McAfee Network Security Manager, a powerful, hardened, solution that gives security professionals comprehensive, scalable, always-on, policy-based management of network security sensors from a centralized, web-based management console. The graphical user interface (GUI) puts IT administrators in real-time control of all aspects of mission-critical operations.

Best-in-suite solution: McAfee Total Protection for Network
McAfee is one of the few vendors that offers comprehensive protection for the network. We safeguard networks from the perimeter to the core to the endpoints, and all points in between. Unlike security companies that only offer point products, we take a holistic view. In one of our latest offerings, McAfee Total Protection for Network, we’ve taken the best-in-suite concept a step further by offering an integrated solution that combines our web and email solution (Content Blade Server) with intrusion prevention (McAfee Network Security Platforms) for a truly complete, simplified network security solution that will take large enterprises into the coming years comfortably, reliably, and affordably.