Protect Against Advanced Evasion Techniques – Essential design principles

The network security paradigm is currently shifting toward a new reality as advanced hacking methods become more prevalent and harder to detect. An example of such a method is advanced evasion techniques (AETs). Although evasions have been documented extensively in the last 15 years, security vendors have systematically ignored the significance of evasions. Some vendors have even downplayed the threat posed by evasions as being purely theoretical. Yet this debate misses the bigger issue: the risk of network security systems being compromised by AETs continues to grow as more and more cybercriminals actively exploit this vulnerability.

McAfee® Next Generation Firewall addresses this challenge. Combining stream-based inspection with data normalization on multiple protocol layers, McAfee Next Generation Firewall is highly resistant to AETs and offers a novel approach to design and implementation to prevent these evasion techniques.

This paper explains the technical and design principles behind our breakthrough anti-evasion technology.