McAfee IntruShield 2700

McAfee IntruShield 2700

Pros: High capacity, flexibly configured ports

Cons: Unhelpful user interface, pricey

Price: $34,995

Performance: A

Ease of setup: B

Configurability: A-

Value: B

Also reviewed:

Built for speed: The pricey IntruShield 2700 can handle 600 Mbps of network traffic.

The IntruShield 2700 is a big-time IPS, with the highest throughout support of all the devices we tested, at 600 Mbps. The 2U, rack-mountable appliance comes with six 10/100 Ethernet traffic ports that can be configured one-by-one to serve most network protection needs, plus it has two Gigabit traffic ports, three 10/100 response ports, a 10/100 management port and two serial ports (one console and one auxiliary). It even has an external compact flash port for importing/exporting certificate data.

Like the Juniper IDP 200, the IntruShield requires a management server, which connects through the management port. You can run the software on just about any Windows Server 2003 system or buy it prepackaged in the IntruShield Security Manager appliance ($12,995).

You start by establishing a serial connection with the sensor to set up the IP address of the management port, identify the management server, set the sensor name and create a shared secret key for use within the sensor management program.

Then the management server must be connected to the network, and the sensor added to the management program, using the sensor name and shared key created earlier. At this point, you can access the manager from any client machine by browsing to the management server's IP address.

We found the client interface to be clunky, though, with a primary screen that displayed the number of alerts and little else. We had to click around before finding the configuration page we needed. Fortunately, McAfee says it's coming out with a new user interface that looks to be a vast improvement, based on the screenshots they showed us.

The traffic ports can be configured in a variety of ways, which is probably the IntruShield's greatest strength. You can pair any of them for inline mode, set them up with a certain response port, or set them individually as sniffer ports. Once we configured the ports (we only needed to set one pair as pass-through ports), it was easy to adjust the security policies to stop all incoming attacks.

The IntruShield 2700 sells for $34,995, which is pricey even considering its port flexibility. But it does include server management software that supports up to two sensors.

If your agency has a large network and regularly adds or changes subnetworks, the IntruShield 2700 may be worth every penny.

McAfee Inc., Santa Clara, Calif., (888) 847-8766,

About the Author

Greg Crowe is a former GCN staff writer who covered mobile technology.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected