McAfee IntruShield 2700

McAfee IntruShield 2700

Pros: High capacity, flexibly configured ports

Cons: Unhelpful user interface, pricey

Price: $34,995

Performance: A

Ease of setup: B

Configurability: A-

Value: B

Also reviewed:

Built for speed: The pricey IntruShield 2700 can handle 600 Mbps of network traffic.

The IntruShield 2700 is a big-time IPS, with the highest throughout support of all the devices we tested, at 600 Mbps. The 2U, rack-mountable appliance comes with six 10/100 Ethernet traffic ports that can be configured one-by-one to serve most network protection needs, plus it has two Gigabit traffic ports, three 10/100 response ports, a 10/100 management port and two serial ports (one console and one auxiliary). It even has an external compact flash port for importing/exporting certificate data.

Like the Juniper IDP 200, the IntruShield requires a management server, which connects through the management port. You can run the software on just about any Windows Server 2003 system or buy it prepackaged in the IntruShield Security Manager appliance ($12,995).

You start by establishing a serial connection with the sensor to set up the IP address of the management port, identify the management server, set the sensor name and create a shared secret key for use within the sensor management program.

Then the management server must be connected to the network, and the sensor added to the management program, using the sensor name and shared key created earlier. At this point, you can access the manager from any client machine by browsing to the management server's IP address.

We found the client interface to be clunky, though, with a primary screen that displayed the number of alerts and little else. We had to click around before finding the configuration page we needed. Fortunately, McAfee says it's coming out with a new user interface that looks to be a vast improvement, based on the screenshots they showed us.

The traffic ports can be configured in a variety of ways, which is probably the IntruShield's greatest strength. You can pair any of them for inline mode, set them up with a certain response port, or set them individually as sniffer ports. Once we configured the ports (we only needed to set one pair as pass-through ports), it was easy to adjust the security policies to stop all incoming attacks.

The IntruShield 2700 sells for $34,995, which is pricey even considering its port flexibility. But it does include server management software that supports up to two sensors.

If your agency has a large network and regularly adds or changes subnetworks, the IntruShield 2700 may be worth every penny.

McAfee Inc., Santa Clara, Calif., (888) 847-8766,

About the Author

Greg Crowe is a former GCN staff writer who covered mobile technology.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected