Sb Security Connected Solutions Guide
Content
Security Connected Solutions Guide
JANUARY 2011
Bridging Security and Opportunity
Today’s IT ecosystem thrives on its connections. It may link ATM machines, virtual desktops, or personal devices to straight-through applications hosted in the cloud, link employees and partners to business-critical networks and data centers, and link your most sensitive assets to unexpected threats and escalating risk. Your security must help connect these moving parts, without creating friction. Instead of blocking business, security should benefit business—enabling users, services, and profits without sacrificing confidence or compliance. Security should be omnipresent, but not onerous. Effective, but not expensive. Agile, but not fragile. Welcome to a world where security works this way today.
Security Connected from McAfee.
Security Connected
The open McAfee® framework called Security Connected unites the many parts of security infrastructure against the many parts of today’s threats. Weaving in unequalled global threat intelligence, manageability, and industry partnerships, this flexible security platform protects the ubiquity of your IT infrastructure. Instead of competing for your budget and attention, your IT and security investments collaborate for maximum protection and efficiency. You optimize your security to safeguard your business everywhere it goes, in every way it operates, to seize every opportunity.
INTRODUCTION
01
While your business has been innovating, so has the business of cybercrime. From being an occasional headline, cybercrimes are now mainstream news.
• An average of 6,000,000 new botnet
infections are discovered each month1
• A new malicious website is detected
every 30 seconds2
• External agents represented 70 percent
of data breaches and 98 percent of stolen records3
Balancing Risk and Reward
The “do more with less” requirement and competitive climate have spurred investment in IT: desktop virtualization, cloud and social media services, and non-stop access for a dynamic workforce and its myriad devices. Undertakings like these offer efficiencies and competitive advantages—if you can manage risks and maintain compliance. Sometimes we simply have to say “no” to new services, because of the risk, the cost, or the technical constraints. What would it take to say “yes” to these requests? A security environment that gracefully handles
• • •
Complex threats Multidimensional countermeasures Fluid enterprise infrastructure
¹ McAfee Threats Report: Third Quarter 2010. 2 McAfee Labs. 3 2010 Verizon Data Breach Report, http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf
02
INTRODUCTION
McAfee Global Threat Intelligence drew this map of Stuxnet infections.
Threats with multiple components Zeus, Operation Aurora, Mariposa, and Stuxnet—these attacks represent professional operations. Wielding sophisticated tools and taking a long view of the opportunity, cybercriminals run businesses like yours, but without legal, geographical, or moral boundaries. Unlike the simple viruses of yesteryear, today’s cyberthreats employ multiple components and threat vectors—a cocktail of network port scans, phishing email and websites, corrupt Adobe Flash and PDF files, and browser vulnerabilities—to ensure success. For example, the Stuxnet worm took advantage of four separate, unpublished vulnerabilities to ensure a match with its target. It spread through USB devices and network shares and formed a botnet of infected systems that “phoned home” to malicious web servers. Designed to cripple critical infrastructure, Stuxnet now infects thousands of mainstream users around the globe.4 Similarly, Operation Aurora went unnoticed by federating endpoint, web, email, and network tactics with a multi-month timeline.
4
McAfee Threats Report: Third Quarter 2010.
INTRODUCTION
03
Security with islands of products and people Single-vector protections—traditional defense-in-depth layers—provide limited defense against multivector threats. They catch one facet of an attack but miss the big picture of today’s redundant paths. Many do nothing for insider threats where privileged users abuse legitimate access. Similarly, IT administrators from independent web, email, systems, and network organizations view separate parts of the risk picture from siloed management environments. While they might assemble a story from logs and alerts, this after-the-fact event correlation reacts to known threats and patterns. It is unlikely to detect subtle threats that change every use, unfold slowly, or incorporate unknown malware and unpublished vulnerabilities. When something goes wrong, isolated security islands and management environments make it expensive to diagnose, contain the damage, and recover to business as usual. A recent PricewaterhouseCoopers poll found that the cost of responding to the worst incidents has more than tripled since 2008.5
5
PricewaterhouseCoopers, Information Security Breaches Survey 2010, commissioned by Infosecurity Europe.
04
INTRODUCTION
Enterprise ecosystems with assets everywhere Businesses are hard to secure against multivector, fast-paced threats because enterprise IT architectures have evolved from static to fluid, from proprietary to personal. After waves of virtualization and outsourcing, a plethora of new devices accesses a host of services and sensitive data in consolidated data centers, hosted in the cloud, or maintained by third parties. This ubiquitous IT infrastructure has many moving parts, many of them virtual—partners, applications, employees, data centers.
•
If you aren’t providing the mobile devices, how do you ensure compliance with policies or confidentiality of locally stored data? If you can’t lock down the physical server where the data and applications are active, how can you block attacks and maintain required patches? If you spend all your time reacting, who is managing risk and securing the infrastructure required to support new services and business growth?
•
•
INTRODUCTION
05
Connecting the Components
IT infrastructures are often overextended—with islands of separately managed systems. This compounds the complexity of managing security. To combat these challenges, visionary security and risk managers are harnessing separate security components into a coordinated system, a security platform optimized to counter threats, enable compliance, and streamline operations. Working with industry leaders, McAfee has defined an open, proven architecture that helps you construct your optimized security platform: Security Connected.
06
INTRODUCTION
Our technology footprint enables sensors at every layer of the technology stack to communicate, share intelligence, and secure your entire enterprise.
A platform for confidence and compliance A Security Connected platform builds bridges between security islands to close coverage and technology gaps. It connects intelligence about changing threats, anomalies, risks, and priorities with the people and tools that need them. It gives you confidence that you understand the shifting situation and can manage risk. With real-time visibility into risk and events, you can safely link your users to their applications and data, across any network, from any device, in compliance with business and industry policies. The world’s most comprehensive threat intelligence keeps your countermeasures up to date and makes possible self-securing data, web, email, network, and endpoint protections. These systems share shreds of different types of information, collaborating in real time, non-stop, to act instantly as risks change. A platform for “yes” Security Connected also builds in choice and flexibility. Your extensible platform can connect processes and systems from multiple vendors and organizations, elements like IT user directories, Apple iPads, and auditor reports. Leveraging tested integrations and open interfaces, existing infrastructure can mesh with new capabilities to protect your investments as well as your data assets. You can use policies and automation to create efficiencies and enforce rules consistently. This open platform can handle the change required to seize opportunity and deal with necessity. In building security into the way your business operates, your Security Connected platform helps you secure the business without getting in its way.
INTRODUCTION
07
Leverage the Security Connected Platform
The Security Connected architecture takes key elements of security and makes them modular, manageable, and effective.
•
McAfee Global Threat Intelligence™ delivers the industry’s most comprehensive, real-time threat protection, providing deep visibility into current and emerging online dangers so that McAfee products activate countermeasures ahead of threats Network Security combines real-time threat awareness, award-winning intrusion prevention technologies, and an optimized management platform for the world’s most comprehensive network defense Content Security patrols email, web, and data usage both inside and outside the network, whether users are in the office or working remotely. It ensures a productive workforce with critical protections that flex to fit your evolving security architecture. Endpoint Security integrates system security, virtualization security, mobile protection, email security, web safety, and access control to let you guard endpoints against the latest threats with fewer IT resources Security Management provides constant visibility into your security, risk, and compliance profile. With an open platform to integrate existing security administration, McAfee automates protection, diagnosis, and remediation.
•
•
•
•
08
INTRODUCTION
The Security Connected platform from McAfee helps you optimize security as you enable business.
These elements—including over 100 third-party solutions—are united by the open interfaces of the McAfee ePolicy Orchestrator® (McAfee ePO™) management environment. Much more than a dashboard, McAfee ePO brings together data and activities so you can make sense of, mitigate, and report on your changing IT risks. To tailor your platform to your real-world requirements, look to McAfee Support and Services. These experts help you get the most out of your security investments, for optimized protection at optimal efficiency. McAfee Alliances fuse your security platform with your other IT infrastructure, from silicon to satellite, through tested integrations and value-added partnerships. Our consumer products bring McAfee Global Threat Intelligence and robust protection home to secure your loved ones, your identity, and your personal computing environment.
INTRODUCTION
09
WHAT IS YOUR SECURITY PRIORITY?
LOOK HERE FOR HELP
Protecting virtualized environments
– Endpoint Security – Alliances – Endpoint Security – Content Security – Content Security – Endpoint Security – Content Security – McAfee Global Threat Intelligence – Content Security – Network Security – McAfee Global Threat Intelligence – Content Security – Endpoint Security – Network Security – Network Security – McAfee Global Threat Intelligence – Network Security – McAfee Global Threat Intelligence – Security Management – Support and Services – Security Management – Support and Services – Security Management – Alliances
Enabling the consumerization of IT
Safeguarding sensitive data
Leveraging the cloud
Facilitating Web 2.0
Mitigating insider threats
Combating industrialized hacking
Fending off targeted attacks and advanced persistent threats (APTs) Balancing security and ROI
Reducing complexity and chaos
Using security to enable business
Get Connected
McAfee is ready to help you move toward your optimized security environment. Use this guide to navigate our Security Connected resources and start saying “yes” to enabling your business.
10
INTRODUCTION
Table of Contents
Table of Contents
Optimizing your organization’s security means moving from a reactive stance— such as deploying a new point tool to counter each new threat—to a strategic and connected security framework. By integrating protection across the most common threat vectors—file, web, message, and network—McAfee enables you to enhance operational efficiencies without making compromises on security or compliance.
Global Threat Intelligence McAfee Labs™ McAfee Global Threat Intelligence™ Network Security McAfee Firewall Enterprise McAfee Firewall Enterprise Profiler McAfee Network Access Control McAfee Network Security Manager McAfee Network Security Platform McAfee Network Threat Behavior Analysis McAfee Network Threat Response Content Security McAfee Command Line Encryption McAfee Content Security Blade Server McAfee Data Loss Prevention McAfee Device Control McAfee Email and Web Security Appliance McAfee Email Gateway McAfee Encrypted USB McAfee Endpoint Encryption McAfee SaaS Email Archiving McAfee SaaS Email Encryption McAfee SaaS Email Inbound Filtering McAfee SaaS Email Protection McAfee SaaS Email Protection and Continuity McAfee SaaS Total Protection™ McAfee SaaS Web and Email Protection McAfee SaaS Web and Email Security with Archiving
11 13 14 17 20 21 22 23 24 25 26 27 30 31 32 33 34 35 36 37 38 39 40 40 41 42 43 44
McAfee SaaS Web Protection McAfee Security for Email Servers McAfee SiteAdvisor® Enterprise McAfee Web Filtering for Endpoint McAfee SmartFilter® McAfee Total Protection for Internet Gateways McAfee Total Protection for Data McAfee Total Protection for Secure Business McAfee Web Gateway Endpoint Security On-premises Endpoint Suites Comparison Security SaaS Suites Comparison McAfee Application Control (for desktops and servers) McAfee Command Line Encryption McAfee Device Control McAfee Encrypted USB McAfee Endpoint Encryption McAfee Endpoint Protection— Advanced Suite McAfee Endpoint Protection Suite McAfee Endpoint Protection for Mac McAfee Enterprise Mobility Management (McAfee EMM™) McAfee Host Intrusion Prevention McAfee Mobile Security for Enterprise McAfee MOVE AntiVirus McAfee Network Access Control McAfee Policy Auditor McAfee SaaS Endpoint Security Suites
45 46 47 47 48 49 50 51 52 53 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72
continued on back of tab
Table of Contents
McAfee SaaS Total Protection McAfee Security for Email Servers McAfee Security for Microsoft SharePoint McAfee SiteAdvisor Enterprise McAfee Web Filtering for Endpoint McAfee Total Protection for Endpoint— Enterprise Edition McAfee Total Protection for Data McAfee Total Protection for Secure Business McAfee Total Protection for Server McAfee VirusScan® Enterprise McAfee VirusScan Enterprise for Linux McAfee VirusScan Enterprise for Offline Virtual Images McAfee VirusScan Enterprise for Storage McAfee VirusScan Enterprise for use with SAP NetWeaver platform McAfee VirusScan for Mac Security Management McAfee Change Control McAfee Change Reconciliation McAfee Configuration Control McAfee Database Activity Monitoring McAfee ePolicy Orchestrator (McAfee ePO) McAfee Integrity Control McAfee Integrity Monitor for Databases McAfee PCI Certification Service McAfee Policy Auditor McAfee Risk Advisor McAfee Total Protection for Compliance McAfee Vulnerability Manager (With McAfee SECURE™ module option) McAfee Vulnerability Manager McAfee Vulnerability Manager for Databases Support and Services McAfee Corporate Support McAfee Premium Support Offerings McAfee Corporate Technical Support Program Comparison McAfee Solution Services McAfee University Foundstone® Professional Services Foundstone Education
73 74 75 76 76 77 78 79 80 81 82 83 84 85 86 87 90 91 92 93 94 95 96 97 98 99 100 101 102 103 105 107 108 109 110 111 112 113
Alliances McAfee Global Alliances McAfee Global Alliance Partner Directory McAfee Security Innovation Alliance (SIA) McAfee SIA Partner Directory McAfee SIA Sales Teaming Partners McAfee for the Home Integrated Suites for Home Users McAfee AntiVirus Plus 2011 McAfee Family Protection McAfee Family Protection (iPhone/iPod Touch/iPad Edition) McAfee Internet Security 2011 McAfee Internet Security for Mac 2011 McAfee Online Backup McAfee SiteAdvisor LIVE McAfee Total Protection 2011 McAfee WaveSecure
115 117 119 125 126 128 137 139 140 141 142 143 144 145 146 147 148
Global Threat Intelligence
McAfee Global Threat Intelligence
McAfee Global Threat Intelligence from McAfee Labs delivers the industry’s most comprehensive, real-time threat protection. Powered by millions of sensors around the world and a global team of more than 400 researchers, it provides deep visibility into current and emerging online dangers—ensuring that your threat protection is predictive, rather than reactive.
Rely On the Highest Level of Coordinated Security
Today’s threats are more sophisticated and targeted than ever, and they are growing at an unprecedented rate. In 2007, we identified more than 16,000 new pieces of malware per day on average. In 2010, we reached a frightening 60,000 new identifications per day. Malicious URLs have grown almost six-fold in the last two years.1 With the increased threat of criminals mining for data, the efficiency of your security must be a priority.
•
Global Threat Intelligence
McAfee Labs—Backed by a portfolio of more than 480 patents and a network of millions of sensors spanning the Internet, the worldwide research experts at McAfee Labs deliver unparalleled protection against both known and emerging threats through a complete suite of security products, as well as a range of free educational tools and industry outreach McAfee Global Threat Intelligence—Integrated seamlessly into McAfee products, this cloud-based threat intelligence service from McAfee Labs helps protect your organization against cyberthreats across all vectors—file, web, message, and network—reducing your effort while increasing your protection
•
1
McAfee Threats Report: Third Quarter 2010.
About McAfee Labs
Threat intelligence leadership With more than 20 years of security research experience, McAfee Labs is at the forefront of real-time threat intelligence. McAfee Labs began as McAfee AVERT Labs, an industry-leading security research organization focused on identifying and tracking burgeoning malware threats. Through a series of strategic acquisitions and global expansion of the research team, AVERT Labs broadened its threat research scope to cover web, email, and network security, as well as the complete range of emerging vulnerabilities. This broad security research foundation enables today’s McAfee Labs to deliver comprehensive, real-time McAfee Global Threat Intelligence via a complete suite of McAfee security products. Year after year, McAfee ranks at the top of independent security testing organizations’ assessments of security vendors. We are cited most often for our high threat detection and low false positive rates. While testing is an important way to judge a product’s efficacy, the real proof is in our ability to protect against real-world attacks. We see and prevent billions of threats each day. In a recent independent study, we were the only one among top security vendors whose anti-malware engine correctly thwarted what was one of the most significant electronic intellectual property heists in history, Operation Aurora. McAfee Labs highlights
• • • • •
1996: McAfee discovers first locally exploitable kernel vulnerability 1997: McAfee pioneered detection of password-stealing Trojans 1998: McAfee discovers the first polymorphic field virus 1999: McAfee discovers famed Melissa virus 2003/2004: McAfee discovers two of the biggest self-executing worms written: Blaster and Sasser 2004: McAfee develops the world’s first real-time, multi-dimensional online reputation system, McAfee TrustedSource™ 2005: McAfee discovers attackers manipulating Google 2008: McAfee develops world’s first real-time, “in-the-cloud” file reputation system, McAfee Artemis™ 2009: McAfee credited with inventing and defining “global threat intelligence” 2010: McAfee identifies zero-day vulnerability in Microsoft Internet Explorer and names attack “Operation Aurora”
•
• •
•
•
GLOBAL THREAT INTELLIGENCE
13
McAfee Global Threat Intelligence
Comprehensive, cloud-based threat intelligence Not only has the threat growth curve shifted from linear to exponential, but threats have become increasingly sophisticated, evasive, and damaging. With the growth of cyberthreats putting extra pressure on your IT infrastructure and budget, your security needs to work more intelligently. McAfee has the answer: a reputation-based system that has visibility into all types of cyberthreats from around the globe. McAfee uses this visibility to provide the highest level of coordinated security defense, delivering up-to-themoment threat information to guide decisions in real time at each layer in your infrastructure.
•
Protects from both known and emerging cyberthreats, regardless of the source of those threats or where they travel Arms your security infrastructure with shared threat intelligence, enabling security products to act in concert, based on the same robust, real-time information Closes the threat window with instantaneous, often predictive, reputationbased threat intelligence, reducing the probability of attack and the costs of remediation and lost downtime
•
•
How it works McAfee Global Threat Intelligence data comes from multiple sources. Thanks to our large and diverse customer base, we receive queries from more than 100 million McAfee nodes deployed in real world settings around the globe. With each query, our cloud system learns something new about the subject of the query. We combine that insight with data from other threat vectors to understand cyberthreats from all angles. This perspective helps us identify threat relationships, such as malware used in network intrusions, websites embedded in malware code, websites hosting malware, botnet associations, and more. Bidirectional communications connect McAfee products with McAfee Global Threat Intelligence. McAfee products query the cloud, and our cloud renders the latest reputation or categorization intelligence to the products so that they can take action. For example, if McAfee Global Threat Intelligence detects malware, the system will automatically search its database for associations between that malware and URLs hosting it or embedded links in the malware, IP addresses hosting it, messages containing it, and so on. The reputations of these files, messages, websites, and IP addresses will be updated to reflect greater risk. McAfee products can then apply policies to limit interactions with these newly more risky entities. Our ongoing actions protect you, effortlessly.
14
GLOBAL THREAT INTELLIGENCE
Message Web Network Vulnerability Information CLOUD
File
File
Web
Message
Network
THREAT INTELLIGENCE
Endpoint Application Control
Web
Message
Risk and Compliance COUNTERMEASURES IPS
Firewall
The McAfee Global Threat Intelligence framework.
Shared threat intelligence McAfee Global Threat Intelligence enables McAfee products to protect you against cyberthreats across all vectors — file, web, message, and network. Already integrated into your McAfee security products on premises or in the cloud, McAfee Global Threat Intelligence has the broadest threat data, most robust data correlation, and most complete product integration in the market. This gives McAfee unique visibility into online dangers such as botnets, worms, DNS attacks, and even advanced persistent threats. Each product can take appropriate policy-based action when these threats strike. Each product you connect shares intelligence and capability to strengthen the overall effect. Not only do thirteen McAfee product families integrate McAfee Global Threat Intelligence, these products also integrate more threat intelligence services per product than any other security products available today — services like file reputation, web reputation, web categorization, message reputation, and network connection reputation. Multiple threat service mappings per product multiply the accuracy and responsiveness of your protections.
GLOBAL THREAT INTELLIGENCE
15
McAfee Global Threat Intelligence in action On May 7, 2010, McAfee Global Threat Intelligence picked up anomalous activity of a new website based on web and network threat data, and adjusted the reputation of the website accordingly. On June 7, 2010, the malicious website was the source of a widespread iFrame injection attack affecting more than 100,000 legitimate websites. However, McAfee customers with McAfee Global Threat Intelligence were already protected. Availability and activation McAfee Global Threat Intelligence is included in the cost of McAfee products that incorporate this service. In some products, McAfee Global Threat Intelligence is enabled by default. If not, you may enable it easily using your McAfee product administrative interface. To learn more, please visit www.mcafee.com/GTITurnItOn. For organizations that operate environments with limited Internet access, McAfee offers the McAfee Global Threat Intelligence Server, a virtual appliance that consolidates client-to-cloud communications using a set of auditable proxy servers for McAfee-protected clients. McAfee Global Threat Intelligence is also available as a standalone service. Strengths
• •
More than one hundred million McAfee nodes deployed around the globe More than one hundred billion queries each month from all threat vectors — file, web, message, and network The most comprehensive set of threat intelligence services in the market — file reputation, web reputation, web categorization, message reputation, and network connection reputation
•
Tap into this expertise online with free tools, blogs, and research at www.mcafee.com/threatintelligence.
16
GLOBAL THREAT INTELLIGENCE
Network Security
McAfee Network Security
Today’s networks face continuous threats and unauthorized access to resources. Combining real-time threat awareness, award-winning intrusion prevention technologies, and an optimized management platform, McAfee delivers the world’s most comprehensive network defense.
Protect Against Network-Based Threats and Policy Violations
McAfee safeguards networks 24/7 with real-time threat feeds from McAfee Labs, plus a complete range of security functions: intrusion prevention, firewall, network access control, anti-spam, anti-malware, web filtering, and outbound content control. We make ownership easy with integrated solutions and centralized management.
•
Perimeter defense—Firewall and network intrusion prevention technologies enable effective perimeter defense through constant, comprehensive global threat intelligence. Using millions of worldwide network sensors to fully characterize all threats, we provide an unparalleled understanding of how attacks behave and may evolve over time. The result is proactive, unmatched threat protection delivered in real time. Network asset protection—McAfee provides the most precise, high-performance network intrusion prevention technologies in the industry. Our network-class, purpose-built hardware platforms exceed the reliability requirements of even the most critical business applications. By combining zero-day vulnerability coverage with the most comprehensive, proactive threat intelligence feeds, McAfee protects network assets against the latest attacks. User access control—McAfee Network Access Control (NAC) links endpoint and network security with access control and compliance, centrally managed by McAfee ePolicy Orchestrator. McAfee NAC allows you to easily deploy and tailor access controls, resulting in increased security, fewer errors, and network control unmatched in the industry. User activity control—When you identify network activity by end-user application rather than network protocol, your security and network configurations can map directly to conventional, written organizational policies. You gain streamlined configuration management, improved enforcement accuracy, and simplified compliance assessment.
•
•
Network Security
•
Optimize Network Defenses to Match Your Risks
Take your pick from a full range of scalable, hardened appliances and convenient software designed to integrate seamlessly for better manageability and fast incident response. The products grouped below are presented in alphabetical order in the pages that follow. For the latest information, visit www.mcafee.com/networksecurity.
Firewall McAfee Firewall Enterprise — Use this next-generation firewall to restore control and protection to your network by blocking threats and eliminating unwanted traffic McAfee Firewall Enterprise Profiler — Instantly analyze network traffic and firewall rules to slash the time needed to solve firewall-related network or application outages Network intrusion prevention (IPS) McAfee Network Security Platform — Block attacks in real time, before they can cause damage, and protect every network-connected device McAfee Network Security Manager — Configure, deploy, and manage multiple IPS and NAC appliances through a single, easy-to-use console McAfee Network Threat Response — Dig deep into threats and construct forensic analysis to effectively characterize and respond appropriately to malware Network access control McAfee Network Access Control — Mitigate risk to corporate assets posed by systems that don’t comply with your security policies Network behavior analysis McAfee Network Threat Behavior Analysis — Collect traffic and analyze host and application behavior to detect worms, zero-day threats, botnets, and reconnaissance attacks
20
21
24 23 26
22
25
NETWORK SECURITY
19
McAfee Firewall Enterprise
Next-generation firewall with true application control As your business depends more and more on web-enabled applications, those applications have opened up a huge, fast-changing attack surface. First generation firewalls were limited to port, protocol, and IP addresses. The next generation McAfee Firewall Enterprise family lets you confidently discover, control, visualize, and protect new and existing applications. McAfee Firewall Enterprise combines full application visibility and control, reputation-aware threat intelligence, and multivector attack protection to deliver unprecedented protection in a single solution. Since effective security policies for today’s complex Web 2.0 traffic depend on fine-grained understanding that goes far beyond port and protocol, McAfee AppPrism™ offers visibility and control that spans applications and users. Multivector, reputation-aware security We can automatically discover applications running on your network, even port-agile and encrypted applications, and show you who is using them. Then our single policy view puts users, applications, and protections within your control as you construct rules with a minimum of clicks. You can selectively apply broad defenses such as application filters, anti-virus, anti-malware, anti-spam, IPS signatures, URL filtering, and reputation services and manage them all in a logical workflow. These integrated protections apply reputation and global threat intelligence to combat the latest botnets and advanced persistent threats. We can block content and connections based on malicious intent before a new threat is confirmed. Effective security that scales from branch office to data center New software updates are delivered automatically via the Internet, reducing maintenance effort. McAfee ePolicy Orchestrator integration shares firewall health and welfare information with centralized monitoring systems. All this powerful protection is wrapped up in appliances built on the SecureOS® operating system. Our reliability and control will be there as your application demands grow. Strengths
• • • •
Application discovery and control with powerful visualization tools Integrated, in-line inspection and URL filtering Proven in Fortune 500 and ultra-secure government organizations Flexible range of physical, virtual, and multi-firewall offerings, including the option to run on Riverbed Steelhead and Crossbeam X-Series appliances Includes the McAfee Firewall Enterprise Profiler Virtual Appliance and McAfee Firewall Reporter at no extra charge
•
20
NETWORK SECURITY
McAfee Firewall Enterprise Profiler
Intuitive visualization of network traffic and firewall actions in real time Many organizations struggle to understand the traffic traversing their networks, since it travels as generic or encrypted web traffic through port 80 and port 443. This blind spot limits administrator control over network use, hampers security, and sometimes allows firewall rule changes to inadvertently sabotage network applications. McAfee Firewall Enterprise Profiler shines a spotlight on traffic with application discovery, analysis, visualization, and validation, so you gain the visibility needed for effective control and fast resolution of issues. Situational awareness with the right details to guide action Profiler gives network and firewall administrators at-a-glance visibility into user behavior and who is using which applications, along with the threat risk of each application. Its reporting depicts the users, the applications they are using, the bandwidth being consumed (inbound and outbound), the countries involved, and the time of day. With a few simple clicks, you can drill down from the main view to the details needed to understand your network environment, including related user names, groups, roles, and more. Our visualization and analytics provide better understanding of rule usage and facilitate speedy identification of new application threats. For instance, details on recent or increased usage of a risky application like BitTorrent could indicate employees are breaking your acceptable use policy. Profiler can also minimize troubleshooting costs through quick identification and scoping of application outages and validation of fixes after rule changes. Seamless interoperability with existing network infrastructures Profiler receives data over a live feed from McAfee Firewall Enterprise and aggregates this information with flow data from across the network. By leveraging the McAfee ePO asset directory, you can see the full context of an event for faster resolution. A high-level McAfee ePO dashboard showcases the most pressing firewall alerts that likely require administrator intervention. The Profiler virtual appliance is included with the V8 release of McAfee Firewall Enterprise. Large organizations may want to step up to our pre-configured, scalable McAfee Firewall Enterprise Profiler P1000 appliance. Strengths
• • •
Real-time verification of application rollouts Confirms whether or not traffic disruptions are due to firewalls Detailed visuals and drilldowns let you understand root causes and immediately update firewall configurations to restore service
NETWORK SECURITY 21
McAfee Network Access Control
Reduce threats and data loss with unified network access control Visitors and contractors can introduce malware, disrupt your networks, and compromise your systems and data. Employees who self-administer their endpoints can disable or misconfigure security tools and install malicious programs that can threaten data. McAfee Unified Secure Access is the first network access control (NAC) solution to unify endpoint and network security with access control. Unlike many NAC solutions, the integrated McAfee solution secures against threats inside and outside the network while remaining simple, cost-effective, accurate, scalable, and secure. Minimize risk of outbreaks while allowing flexible policies McAfee expands your security posture with adaptive policy technology that combines multiple assessment and control features into one NAC solution. It controls access and protects against broad threats with application-based and identity-based technologies, which control who has access to your specific critical network resources. Further, McAfee protects your investment by leveraging your existing network and system components and taking advantage of integrated management through McAfee ePO. Broad enforcement options McAfee Unified Secure Access includes three main components. Mix and match these options to create a complete solution:
•
McAfee NAC Software supports managed users and offers employee endpoint health assessment both pre- and post-admission McAfee NAC Appliance controls guest and contractor access with a network-based approach and offers identity and application-based network access control McAfee NAC Module for McAfee Network Security Platform adds the functionality of the NAC Appliance to an existing Network Security Platform to incorporate intrusion prevention in network access control decisions
St
ep
licy Po 1:
Ste p2 :D i
Scans for rogue devices, alerts, and reports
•
•
er ov sc
Takes action based on outcome of policy check or behavior
Ste
p 4: R e m e diate
22
NETWORK SECURITY
St
ep
3:
Enf
orce
McAfee supports a continuous lifecycle of access control for compliance.
Defines health, machine/user identity, and application policy
ni St e p 5: M o
Monitors endpoint to ensure ongoing compliance
Checks pre- or post-admission health against policy
to
r
McAfee Network Security Manager
Simple, centralized control for multiple types of McAfee network sensors McAfee Network Security Manager gives you real-time visibility and control over a complete range of McAfee network appliances, including intrusion prevention system (IPS) sensors, network threat behavior analyzers (NBA), and network access control (NAC) appliances. With its plug-and-play operation, easy-to-use functions, and web-based management, McAfee Network Security Manager saves you time, trouble, and operating costs. Real-time control of real-time data Unrivaled simplicity teams up with centralized, real-time security management. McAfee Network Security Manager enables you to configure, deploy, and manage multiple McAfee IPS, NBA, and NAC appliances through a single, easy-to-use console. A single Network Security Manager appliance delivers centralized, web-based management and unrivaled ease-of-use. The stateof-the-art console puts you in control of real-time data to easily manage and monitor all network security appliances and make better decisions, faster. Pre-configured, but flexible, management Pre-installed and pre-configured, this hardened, plug-and-play appliance ensures scalable, real-time, always-on control. The intuitive web-based management interface can handle any situation, from single devices up to large, distributed, enterprise-wide deployments. It delivers comprehensive and in-depth attack information, as well as highly customized graphical reports. When you discover inappropriate traffic, you can move quickly to identify and correct problems on hosts. McAfee ePO integration provides real-time visibility of actionable system host details, including host name, user name, OS, patch level, media access control (MAC) address, last scan date, protection details, and the top host IPS, anti-virus, and anti-spyware events. The central McAfee ePO repository lets you synthesize and filter data from multiple tools to create custom reports. McAfee Network Security Manager and McAfee Network Security Central Manager are available as pre-configured, hardened appliances or software only, providing the flexibility required for small networks, global enterprises, and high-traffic data centers. Secure access to the Network Security Manager empowers remote management of sensors. Strengths
• •
Simple, granular security policy management Easy-to-use, pre-configured templates, recommended-for-block policies, and out-of-the-box blocking Highly flexible and customizable reporting
•
NETWORK SECURITY
23
McAfee Network Security Platform
Advanced, proven intrusion prevention for every networked device McAfee Network Security Platform protects every network-connected device by blocking attacks in real time before they cause damage. This network-class, vulnerability-based intrusion prevention (IPS) appliance offers the highest tested accuracy and throughput in the industry¹ and protects an average of 80 days ahead of threats. We combine IPS, application and protocol anomaly, and behavioral detection to guard against zero-day, DoS, DDoS, known exploits, SYN flood, and encrypted attacks, plus threats like VoIP vulnerabilities, and IM and peer-to-peer tunneling. McAfee Network Security Platform can also quarantine hosts, manage application traffic, and — through optional NAC software — control network policy and enforce compliance. Better protection, better response Enabled by McAfee Global Threat Intelligence, the platform offers real-time malware detection — via file reputation — and reputation and identity analysis — via network connection reputation — to protect against emerging threats. These dynamic updates ensure continuous, current protection. When McAfee detects an issue, such as a host that has become a bot, you can use McAfee ePO to quickly identify the system and take action, viewing host data such as protection details and the top host IPS and anti-malware events. An end to patch fatigue and compliance enforcement woes McAfee helps you insulate systems from risk and enable compliance with the same controls. It gives you the information and time you need to assess and enforce compliance, validate new patches, and deploy patches to the systems that really need them. You can control traffic and apply unique policies and protections to a network segment, a set of hosts, or even a single endpoint. The optional NAC module controls which devices get access to the network, including unmanaged devices belonging to guests and employees, and validates and enforces system health. On-board host quarantine helps you contain threats. Choose from a range of hardened, purpose-built appliances and experience performance from 100Mbps up to true 10Gbps network IPS for 10GbE networks — with 99.999 percent availability — for locations from the network core to the perimeter, edge, and branch office. Strengths
• • •
Industry-leading default and tuned security effectiveness¹ The only IPS to hold the NSS Labs 10-Gigabit IPS certification Carrier-class reliability and the highest port density platforms available
¹ “Intrusion Prevention Systems Individual Product Test Results,” NSS Labs, 2010.
24
NETWORK SECURITY
McAfee Network Threat Behavior Analysis
Network-wide threat visibility and anomaly detection for enterprises Attacks target your weak spots. As your network changes and grows more intricate, threats within your network — anomalous activities, targeted attacks including DDoS, and botnet zombies — require special attention. Gain insight into your evolving risks by seeing the full context of threat events, including the correlation of anomalies with host data and intrusion prevention system (IPS) alerts and forensic-quality threat behavior data. The McAfee Network Threat Behavior Analysis (NTBA) appliance reports unusual network behavior by analyzing traffic from network switches and routers called flow data (like NetFlow) and correlating this data with Layer 7 application information from the McAfee Network Security Platform. A single NTBA sensor efficiently collects traffic from the entire network, or large segments of the network, for cost-effective, network-wide visibility. In real time, it reviews host and application behavior to detect unknown threats including worms, zero-day threats, spam, botnets, and reconnaissance attacks traversing your network. When bandwidth use spikes, instead of poring through logs, you can instantly assess the threat: perhaps a denial-of-service attack, a worm, or innocent video traffic. Maximize Coverage and Value Graphical views help you know with confidence how well you are mitigating risks or pinpoint network segments and threat vectors that need a boost in protection. You can even detect and shut down unauthorized or vulnerable applications through NTBA integration with the McAfee Network Security Platform (IPS), McAfee Network Access Control, and McAfee ePO. Behavior analysis increases the value and utility of your other infrastructure. Comparing live traffic to normal baselines helps you identify and verify unusual network behavior. This appliance is an out-of-band network device, so it is minimally invasive. To reduce management complexity, use the McAfee Network Security Manager to control McAfee NTBA, NAC, and IPS sensors. Integration with McAfee ePO and McAfee Vulnerability Manager helps you enforce policies and act quickly to reduce risk when threats change. Strengths
•
Proactive, behavior-based threat detection to avoid network penetration and disruption of business operations and productivity Supports switches and routers from Cisco, Juniper, and Extreme Networks for cost-effective monitoring of network segments without IPS or firewalls Fully equipped with quad-core processors, RAID disk array, Gigabit Ethernet connectivity, distinct flow capacity, and offline SAN storage
•
•
NETWORK SECURITY
25
McAfee Network Threat Response
Deconstruct, analyze, and respond to previously unknown network malware When targeted attacks threaten your network, use specialized tools to see the threats unique to your environment. McAfee Network Threat Response (NTR) enables security analysts to dig deep into threats, confirm attacks, construct forensic analysis, and effectively characterize and respond to advanced malware, choosing the response most effective for each organization. Analyze unknown threats and targeted attacks This out-of-band appliance captures, deconstructs, and analyzes malware specific to your network. A powerful tool for security analysts, it automatically identifies malware targeting internal network vulnerabilities, detects shellcode, and instantly collects and analyzes a sample to aid remediation. Instead of sifting through thousands of threat alerts, you can rely on NTR: when it discovers both a vulnerability and a means to exploit it in the same stream, it confirms the attack. The McAfee NTR appliance sits inside your network and streamlines the forensic threat analysis process. First, McAfee NTR finds new network activity unique to your network. It detects malware activity in real time, even decoding polymorphic encoders and discovering malware payloads embedded inside otherwise innocuous PDF files. A web dashboard provides visibility into discovered malware. Confirm and characterize attacks For confirmed attacks, McAfee NTR analysis helps you better characterize the malware, how it entered your network, is operating, and trying to spread. We dissect payloads to identify, reverse engineer, and label malware and bots and can recreate the series of packets that attempted to conceal the threat. Finally, McAfee NTR helps you update your security posture by capturing malware and automatically sending samples to the McAfee Global Threat Intelligence network. Updated .DAT files move out to all protected systems within minutes. These shared signatures bring the full power of McAfee Labs research to McAfee NTR. Strengths
•
Ever-expanding SNORT-compatible signature database with support for custom signatures Easy integration with McAfee network security solutions for multi-pass analysis of embedded network threats Streamlined web-based management
•
•
26
NETWORK SECURITY
McAfee Content Security
Guard critical data and protect web and email productivity, whether users are in the office or working remotely. McAfee SaaS and on-premises solutions integrate intelligent and flexible control to weave strong—but manageable— content security into your existing architecture.
Content Security
Let Security Remove Barriers to Business
You can safely embrace Software-as-a-Service, cloud computing, business use of Web 2.0 applications, and employees using personal devices. Simply protect your precious data and crucial email and web services with McAfee Content Management.
•
Data protection—Safeguard regulated and sensitive data from unintended disclosure, unauthorized use, and loss. Using built-in data mining features, strong identification, authentication, and policy-driven security controls, McAfee removes the complexity and manual analysis from data loss prevention, making it easy to identify potential problems and fine-tune policies. Encryption—Protect data across a broad range of devices, preventing information loss and data theft. Powerful encryption technology stops unauthorized access to data and delivers layers of protection for desktops, laptops, network files, mobile devices, virtual disks, and removable media. With McAfee encryption solutions, you can safely exchange information with partners, keep employees productive, and streamline policy enforcement. Email and web protection—Sensitive data can easily escape through email and the web. With powerful inspection of inbound and outbound traffic, McAfee protects against this data loss. We stop spam, phishing attempts, and web-based malware, foiling cybercriminals who combine email and web technologies to install data-stealing code.
•
•
Content Security
Match Protections to Your Business
Our solutions scale from small businesses to large enterprises and fit into your evolving architecture as software, appliances, or SaaS. The products grouped below appear in alphabetical order in the pages that follow.
Data protection McAfee Data Loss Prevention McAfee Device Control McAfee Total Protection for Data Encryption McAfee Command Line Encryption McAfee Encrypted USB McAfee Endpoint Encryption Email and web protection McAfee Content Security Blade Server McAfee Email and Web Security Appliance McAfee Email Gateway McAfee SaaS Email Archiving McAfee SaaS Email Encryption McAfee SaaS Email Inbound Filtering McAfee SaaS Email Protection McAfee SaaS Email Protection and Continuity McAfee SaaS Total Protection McAfee SaaS Web and Email Protection McAfee SaaS Web and Email Security with Archiving McAfee SaaS Web Protection McAfee Security for Email Servers McAfee SiteAdvisor Enterprise McAfee SmartFilter McAfee Total Protection for Internet Gateways McAfee Total Protection for Secure Business McAfee Web Filtering for Endpoint McAfee Web Gateway Check www.mcafee.com/contentsecurity for the latest information. 32 33 50 30 36 37 31 34 35 38 39 40 40 41 42 43 44 45 46 47 48 49 51 47 52
CONTENT SECURITY
29
McAfee Command Line Encryption
Transfer and store your sensitive files securely Your data is the lifeblood of your business. Files with sensitive data need to be protected in transit and in storage for true end-to-end security. Enterprises that routinely exchange sensitive customer information or intellectual property with branch offices, vendors, and business partners need to keep confidential data and applications safe and secure. More than half of all Fortune 500 companies rely on McAfee E-Business Server for secure file transfer and storage. McAfee E-Business Server McAfee E-Business Server incorporates the industry’s strongest encryption algorithms, including Triple-DES CAST, IDEA, AES, Blowfish, and the Twofish Cipher Algorithm. It secures data as it is transmitted over the Internet and throughout your enterprise, eliminating the need for costly solutions such as leased lines and VPNs. By securing data automatically, companies consistently protect sensitive data, reduce labor costs, and eliminate human interaction errors. An application-layer approach to encryption McAfee E-Business Server — a fully integrated application-layer approach to encryption — simplifies the process of ensuring end-to-end data security. Using a simple command-line interface or natively within an application, developers and administrators can protect data throughout its lifecycle: from its point of origin to data processing and storage. You can secure data within automated and batch processes (for file transfer, remote archive, and transactions) and in standard or proprietary applications. Most importantly, you can protect the privacy of data in storage, during access, and in transit over the Internet, providing true end-to-end security. We support the OpenPGP standard, along with most major certificate authorities, so you can securely exchange information with more partners. In addition, because E-Business Server supports self-decrypting archives (SDA), you can even share secure data with partners that do not have encryption. Since these products are transfer protocol independent, companies can easily add encryption into existing processes, independent of their preferred transfer method. Additional configurations for flexible control over data
• • • •
McAfee E-Business Client McAfee E-Business Server for OS/390 McAfee E-Business Server Native APIs McAfee E-Business Server Partner Edition
30
CONTENT SECURITY
McAfee Content Security Blade Server
Highly scalable email and web security Large enterprises require high performance and throughput, of course, but they also have special requirements for availability and manageability. Performance and high availability for your security solutions McAfee Content Security Blade Server is the ultimate platform to host your email and web security solutions. McAfee Content Security Blade Server gives large enterprises and providers the functionality, scalability, and performance they need to implement top-rated email and web security solutions from McAfee. These McAfee solutions on the McAfee Content Security Blade Server bring a new level of protection, performance, and enterprise-class manageability. With plenty of capacity, simply add new blades as your requirements increase. Each blade is automatically installed and configured for its intended purpose (email or web scanning). Go green while reducing operating costs Our security technology plus the HP BladeSystem infrastructure creates an intelligent, integrated web and email security system that takes advantage of the blade server’s inherent capabilities: operational efficiency, scalability, and reliability. The blade enclosure integrates server, storage, networking, and power management into a single solution managed as a unified environment. It automatically responds to fluctuating traffic demands and system status and incorporates wire-speed load balancing for traffic distribution and fault tolerance. And it uses up to 40 percent less power and 40 percent less space when compared to equivalent 1U rack-mounted servers. The McAfee Content Security Blade Server combines many web and email protections and access control features that would otherwise require multiple stand-alone products. You can protect email or web infrastructure separately or cover both with a single system. Combining functionality this way streamlines management and ensures policy enforcement without gaps. Strengths
• •
Choice of eight blade or sixteen blade enclosures Redundant power supplies, fans, and management blades prevent downtime Increase capacity in minutes, without service disruption, by sliding in a new blade Overall system status displayed in convenient at-a-glance dashboard Flexibility to turn on different email and web features when you need them, such as URL filtering, SSL scanning, and content inspection
•
• •
CONTENT SECURITY
31
McAfee Data Loss Prevention
Follow the data — see what you are missing As increasing regulation and corporate standards place more demands on IT to ensure safe data handling, deployment of the necessary protective solutions can seem daunting. Some data loss prevention solutions can be difficult to deploy and expensive to own. McAfee Data Loss Prevention (DLP) simplifies and improves security for your sensitive information by giving you insight about where data is stored, how it is used, and who has access to it. With McAfee DLP, you can protect data consistently, safeguard information sent to third parties, and prove compliance with less effort. While you enjoy the highest levels of data protection, you will be saving time and money with centralized deployment, management, and reporting. A foundation for complete data protection Through our easy-to-own solution and streamlined management platform, McAfee DLP enables you to be proactive about data protection, implementing effective data protection quickly, without disrupting business. Unique analytics keep you ahead of threats, illustrate data flows, and explain your organization’s data use, enabling you to create accurate and effective information protection policies, without months of disruptive trial and error. Real-time network traffic inspection guards sensitive data that you may not realize you possess. McAfee DLP can secure all sensitive data wherever it is stored or used. It integrates with other McAfee products — encryption, email, and web security — for complete data security from the USB drive to the network firewall. To protect your data beyond your network, we offer tight integration with Adobe LiveCycle Rights Management. Pre-integrated solutions deploy in just days Deploying and managing McAfee DLP is simple. Our approach makes it easy to roll out protection quickly and drive down deployment costs. You manage the process through the McAfee ePO platform, a single console that supports a centralized overview and delegated control. Our DLP solution includes:
• • • • • • • •
McAfee Network DLP Discover McAfee Network DLP Monitor McAfee Network DLP Prevent McAfee Network DLP Manager McAfee Host Data Loss Prevention McAfee Device Control McAfee Data Protection Suite for Rights Management McAfee Total Protection for Data
CONTENT SECURITY
32
McAfee Device Control
Fine-grained control over removable media devices on your network USB drives, MP3 players, CDs, DVDs, and other removable media — however useful — pose a real threat to your organization. Their small size and enormous storage capacity make it all too easy for confidential customer data and intellectual property to walk right out the front door and into the wrong hands. Theft is not the only risk; even the most well-intentioned employees accidentally lose devices. Now you can monitor and control data transfer to portable storage devices to improve compliance with data control policies and regulations. McAfee Device Control guards against critical data leaving the corporation through USB flash drives, iPods, CDs, DVDs, Bluetooth and IrDA devices, and other removable storage devices that can connect to desktops and laptops. Targeted, automatic enforcement of detailed device and data policies With wholesale blocking, you frustrate users and constrain productivity. Instead, our granular controls let you specify and categorize which devices may or may not be used and enforce what data can and cannot be transferred to these devices. You quickly and easily configure, deploy, and update policies and agents throughout your environment from the centralized McAfee ePolicy Orchestrator management console. For accurate, reliable control, you can define detailed hardware-based filtering, monitoring, and blocking. Our complete device management lets you enforce devices by any Windows software-based device parameter, including product ID, vendor ID, serial numbers, device class, device name, and more. If you need hardware-based encryption, you can specifically limit use to devices that include approved encryption. This unrivaled protection helps you protect all data, formats, and derivatives even when data is modified, copied, pasted, compressed, or encrypted. Strengths
• • • • •
Fine grained device definitions Content and context-aware protection Centralized policy deployment and management with McAfee ePO Easy upgrade to McAfee Host Data Loss Prevention Visibility, control, and user- and device-level logging to support compliance
CONTENT SECURITY
33
McAfee Email and Web Security Appliance
Inbound security, outbound protection Much more than a spam and malware filter, the McAfee Email and Web Security Appliance combines market-leading email protection with data loss prevention, policy-based controls, and advanced reporting. Powered by McAfee Global Threat Intelligence, the McAfee Email and Web Security Appliance is always armed with the latest, proactive defenses against both known and unknown threats. Highly scalable to meet the demands of the most demanding enterprises, yet easily managed, the McAfee Email and Web Security Appliance provides the highest level of email security available with a perfect blend of simplicity and sophistication. Inbound security Great email security starts with efficiently blocking inbound spam and threats. With the McAfee Email and Web Security Appliance, you do not have to choose between effective spam blocking and low false positive rates; you get them both. With its extremely low rate of false positives, McAfee Email and Web Security Appliance keeps the spam out while delivering legitimate email accurately. Outbound protection Outbound hygiene and content inspection of email are critically important. Infected systems within your network cause your organization to be blacklisted. Sensitive or regulated data leaving via email can also have huge negative implications. McAfee Email and Web Security Appliance inspects outbound traffic, identifying policy-controlled content and stopping outbound messages that could negatively affect your corporate and email reputations. McAfee Global Threat Intelligence Cloud-based sender reputation provided by McAfee Global Threat Intelligence enables the solution to make rapid decisions about the email, identifying threats and unwanted email at the connection, message, and file levels. Reputation scrutiny enables the McAfee Email and Web Security Appliance to more efficiently and accurately block or quarantine email, making the solution extremely effective, with maximum performance. Strengths
• • •
Scalable, high performance email security appliance The most effective spam filter with the lowest false positives Built-in content dictionaries, and document fingerprinting for simplified compliance and data loss prevention Integrated web filtering and anti-virus
•
34
CONTENT SECURITY
McAfee Email Gateway
Comprehensive protection from email-borne threats and email data loss The scale and diversity of email-borne security threats continue to increase. While threats such as spam were once considered merely nuisances, they now seek to steal data and deploy malware. Email is also a primary vector for sensitive data loss. Effective email security should address both inbound and outbound threats while lowering costs and reducing the burden of administration. The industry’s most complete feature set — at no additional cost McAfee Email Gateway integrates comprehensive inbound threat protection with outbound data loss prevention, advanced compliance, encryption, detailed reporting, and simplified administration. Combining these features into a single, easy-to-deploy appliance simplifies fragmented, multivendor security environments and cuts operating costs while strengthening messaging security. Protection from email-borne threats The McAfee Email Gateway identifies and blocks incoming spam with over 99 percent accuracy while providing integrated protection against viruses, malware, phishing, directory harvest, denial of service, and bounceback attacks. It prevents zero hour threats and dramatically reduces the impact of spam surges through dynamic spam classification and threat updates combined with global, multi-protocol reputation intelligence. Simplified compliance, easy administration Sophisticated content scanning technologies, multiple encryption techniques, and granular, policy-based message handling prevent outbound data loss and simplify compliance. Administrators have the flexibility they need to create policies to fit each business, increasing the value and precision of email controls. Upon detection, the gateway supports a wide range of policy-based actions including forced encryption, alerting, re-routing, quarantining, and blocking. Enterprise-class logging and reporting simplify administration and compliance. The gateway integrates with McAfee ePO for centralized reporting and alerting. Strengths
• •
99 percent or better spam detection accuracy Protection against email-borne threats such as malware, phishing, directory harvest, denial of service, and bounceback attacks The industry’s most extensive on-box data loss prevention detects structured and unstructured data to reduce data loss and enable regulatory compliance Gateway-to-gateway encryption with TLS, S/MIME, and OpenPGP included Integrated, on-box encryption for sending encrypted email to end users
•
• •
CONTENT SECURITY
35
McAfee Encrypted USB
Secure mobile devices with built-in access control and encryption USB devices are widely used and convenient because of their small size, huge storage capacity, and high portability. However, with convenience comes risk. These devices, along with the confidential data they contain, are easily lost or stolen. To make the data on these devices unreadable by unauthorized parties, McAfee Encrypted USB drives keep mobile data secure, applying strong encryption and an advanced management platform. Automatic, industry-leading encryption McAfee Encrypted USB drives encrypt data transparently, automatically, and on the fly, with no special training required. Data stored on your USB drives is protected and compliant with company policies, and with industry and government regulations. Our drives protect sensitive information with industry-leading technology: AES-256 encryption and FIPS-140-2 validation. Because of our hardware-based encryption, encryption keys cannot be obtained or copied, because they never leave the USB drive. Advanced management with proof of encryption if lost or stolen Efficient security requires you to extend company security policies and compliance requirements to mobile USB drives in a strategic, comprehensive, and managed way. With McAfee ePolicy Orchestrator (McAfee ePO), you centralize deployment, management, policy administration, monitoring, reporting, and auditing. Extensive auditing and reporting tools allow you to prove that data on devices was encrypted, even if a device is lost or stolen.
McAFEE ENCRYPTED USB BY SANDISK McAFEE ENCRYPTED USB STANDARD McAFEE ENCRYPTED USB BIO McAFEE ENCRYPTED USB HARD DISK NON-BIO McAFEE ENCRYPTED USB HARD DISK
Password Authentication Biometric Authentication AES-256 Bit Hardware Encryption Virtualization Capable (PC-on-a-Stick)1 FIPS 140-2 validated Centralized management via McAfee ePO2 McAfee Anti-Malware Protection
•
•
• •
•
• •
•
•
•
•
•
Optional Optional Optional Optional Optional
•
• •
•
•
•
•
•
•
•
•
1 Third-party software required at additional cost. 2 McAfee Encrypted USB Manager software is optional and provided for non-McAfee ePO customers and digital identity options. 36 CONTENT SECURITY
McAfee Endpoint Encryption
Ironclad security for lost or stolen devices, anytime, anywhere Rarely does a month go by without an organization revealing the loss or theft of a laptop brimming with sensitive data. Piecemeal and full-disk-only encryption solutions leave security holes and complicate management and reporting. With over 6,000 customers around the globe, McAfee is the leading vendor of encryption software. McAfee Endpoint Encryption prevents unauthorized access to sensitive data through industry-leading encryption technology and strong access control. Multiple layers of protection let us cover more data loss scenarios than any other vendor in the marketplace. Heterogeneous device support McAfee Endpoint Encryption provides full-disk and file/folder encryption that supports your mixed, evolving range of devices: desktops, laptops, network files and folders, smartphones, removable media, portable storage devices, and self-encrypting and solid-state drives. Transparent policy enforcement Encryption happens transparently — on the fly — with virtually no system performance degradation. Single sign-on with pre-boot authentication gives users secure yet convenient access to the information needed to do their jobs efficiently. As a result, sensitive data remains protected regardless of how it is stored, used, or transferred, enabling business continuity anytime, anywhere. One management environment for endpoint and data Our solution offers real-time enforcement, tracking, and reporting of encryption status for every device in the environment from a single management console. A common agent and management platform with McAfee endpoint security products helps ensure dramatically lower operational costs and administrative overhead. A single policy architecture for data protection and endpoint security makes it easier to implement and prove compliance as regulations get more stringent. Strengths
•
Supports software-based encryption, plus self-encrypting and solid state drives Consistent administration and policies for any mix of devices in the environment Support for hardware acceleration based on the Intel AES-NI technology Persistent encryption requires no end-user action or file renaming
•
• •
CONTENT SECURITY
37
McAfee SaaS Email Archiving
Limitless storage, powerful e-discovery, no hardware required A business that relies on email can easily generate thousands of new messages every day, constantly jeopardizing its ability to economically and efficiently store email at its site. With hardware-based solutions, such as tape backup, companies must spend hours managing onsite servers to provide continuous maintenance, often with coverage gaps between backups. Secure archival at our site, not yours McAfee SaaS (software-as-a-service) email archiving automatically, safely, and economically stores email for future review and e-discovery on McAfee infrastructure, at our site. It works by securely pulling messages from your mail server journal and storing them using industry-standard 256-bit encryption. Confident responses to e-discovery requests When you need to recover a stored email message in response to an e-discovery request, to demonstrate compliance, or simply as an accurate record of who said what to whom, you need to produce that message as quickly as possible. With the McAfee SaaS email archiving service, you can easily access a single message — or thousands — in seconds, using either simple or advanced search criteria, including user, date range, message content, and even attachment content. Simple online management provides rapid search functionality, data exporting options, and common email configurations to satisfy discovery needs and reduce administration. For example, through our unified management platform, service administrators can easily set up and view multiple saved searches, with unparalleled ease. Strengths
•
Secure, automated email archiving to McAfee data centers helps you manage your Microsoft Exchange database size and reduce your maintenance burden Unlimited in-the-cloud storage allows scalability and helps you easily comply with document retention regulations Easy online management and powerful search tools help you quickly satisfy discovery needs Flexible licensing options minimize maintenance time and capital expenditures Included technical support helps resolve any issues around the clock
•
•
•
•
38
CONTENT SECURITY
McAfee SaaS Email Encryption
Cloud-based encryption to secure confidential information delivery With one innocent click sending one simple email, years of product research, valuable intellectual property, and billions of dollars in account data can be lost. An easy to use, cloud-based encryption solution, McAfee SaaS email encryption helps businesses meet regulatory compliance and ensure secure confidential information delivery. It enables both sender and recipient to communicate securely. As Security-as-a-Service, this cost-effective encryption solution does not need any upfront investment in additional hardware or software. Easy encryption for business users on the go Available only as an add-on to our McAfee SaaS email outbound filtering service, McAfee SaaS email encryption is easy to use, even through mobile devices. Senders simply compose an email and send it. If it matches a policy set by the administrator, we scan and encrypt the content, automatically and transparently, behind the scenes. End users also have the option to initiate encryption proactively by entering “[encrypt]” in either the subject line or the message body to force encryption. To decrypt messages, a recipient can retrieve the message from the web-based message pick-up portal, or they can download a secure message reader, which enables viewing of the message directly through the recipient’s email client. And, when they reply, the message can also be encrypted, providing bidirectional protection. We require no encryption key management, and with our centralized online SaaS management, administrators can manage end-user credentials and pre-configure multiple encryption policies for all user groups. Strengths
•
Cloud-based encryption to comply with regulations and ensure secure confidential information delivery Enables both your senders and recipients to communicate securely and easily, even when using mobile devices Policy-based (passive) or sender-initiated (active) encryption Centralized management is easy-to-use and simple to administer No encryption key management
•
• • •
CONTENT SECURITY
39
McAfee SaaS Email Inbound Filtering McAfee SaaS Email Protection
Block inbound and outbound email-borne attacks in their tracks Deploy this effective, reliable, fully Software-as-a-Service email security outside your network to quickly and accurately prevent over 99 percent of spam, phishing scams, viruses, and other harmful content from entering your network — without installing any hardware or software. Our redundant data centers, with industry-leading availability, work non-stop as a first line of defense to protect your email infrastructure and safeguard your communications and information integrity. Lower infrastructure costs by filtering email in the cloud Compatible with all major email platforms, McAfee SaaS email solutions provide either inbound only, or inbound and outbound protection. It raises the level of your messaging security without capital expenditures, set-up fees, or costly installs. Your email is routed through the McAfee SecurityCenter where it is scanned and cleaned before being delivered, with less than one second of delay in transit. McAfee does all the work of keeping the system up to date with the latest anti-virus and anti-spam signatures and detection methods. Our set-andforget management experience, accessible online, lightens your workload while cutting the burden on your email server and keeping unwanted email from clogging your network. With McAfee SaaS Email Protection, we add insurance to your network and email server so you have full confidence no incoming email is lost during planned or unplanned downtime. Incoming emails are automatically spooled, and upon recovery, unspooled back to your email server. Knowing what goes out is just as important as knowing what goes in Some emails contain confidential information, some contain malware, some are spam sent from an infected machine on your network. McAfee SaaS Email Protection provides the outbound protection needed to rein in these risks and protect your business, whether the sender’s intent is malicious or benign. Strengths
•
Real-time threat checking of inbound or outbound emails in the cloud using McAfee Global Threat Intelligence Centrally managed via the online SaaS management console Enforces corporate email policies while safeguarding users, customers, and partners Disguises your email server to thwart attacks, while we block or quarantine spam, viruses, phishing, directory harvest attacks, mail bombs, and DOS attacks
CONTENT SECURITY
• •
•
40
McAfee SaaS Email Protection and Continuity
Keep your business connected and secured with email protection Email is today’s engine of productivity as thousands of email messages pass through a typical company’s servers every day. With all that email traffic, managing email to reduce spam and to ensure uptime becomes a huge task that continually diverts IT resources from strategic work. Email outage protection guards your business against downtime Protect your users, IT infrastructure, and knowledge assets while ensuring business continuity and compliance with McAfee SaaS Email Protection and Continuity. This suite is a cloud-based solution that blocks unwanted email before it reaches your network, supports outbound email security policies, and ensures email access even when your server is unavailable. In an outage, all inbound and outbound email is filtered via McAfee, and all email is spooled until connectivity is restored. Your users will have “business as usual” access during this period, including the ability to compose, reply to, and delete messages. When connectivity is reestablished, McAfee intelligently synchronizes all sent, received, and deleted email back to the primary system. You achieve this protection and business continuity with no hardware to buy, no software to install, no tapes to change, and no maintenance to perform. Strengths
•
Security-as-a-Service ensures inbound and outbound email availability and email business continuity protection even during a server outage In-the-cloud protection blocks more than 99 percent of spam and malware before it reaches your network Automatic outbound email inspections keep your business compliant with regulatory and workplace requirements Continuous email storage, access, and use Streamlines email management with a web-based portal — no need for tape backups or onsite infrastructure
•
•
• •
CONTENT SECURITY
41
McAfee SaaS Total Protection
Complete email and web protection, endpoint security, and vulnerability scanning Looking for complete protection from the cloud? McAfee SaaS Total Protection offers best-in-class security that leverages the power of cloud computing to deliver comprehensive and cost-effective protection for endpoint, email, web, and network. Integrated, cloud-based security Get a single integrated suite that provides all the benefits from the McAfee SaaS email, endpoint, vulnerability management, and web protection solutions — all hosted by the McAfee management infrastructure. Subscribe to McAfee SaaS solutions, infrastructure, expertise, and 24/7 Gold support to improve your security, cut your capital expenditures, and free your IT staff to focus on other areas critical to your business. Our best-in-class SaaS solution maximizes your protection from the cloud and enables your success with a centralized management console, the McAfee SecurityCenter. The SecurityCenter provides total visibility with 24/7 access to an easy-to-use, online dashboard to view user protection, customize security policies, and generate and download reports. Strengths
•
An integrated Security-as-a-Service suite that eliminates the high costs of onsite hardware maintenance and investments Endpoint protection stops viruses, spyware, hackers, and intrusions and provides web security Inbound and outbound email filtering blocks spam and phishing attacks Email continuity ensures email access even when your server experiences an outage Host-based and cloud-based web filtering blocks online threats and ensures Internet compliance and productivity for users on and off the corporate network Perimeter scanning helps identify potential vulnerabilities or security issues and provides remediation assistance
•
• •
•
•
42
CONTENT SECURITY
McAfee SaaS Web and Email Protection
Fend off blended threats, Web 2.0 malware, and lost productivity Thousands of companies trust McAfee to protect their most critical productivity tools: web and email. McAfee SaaS Web and Email protection combines superior, integrated defenses with convenience and control to help you worry less while your team is more productive. This integration of inbound and outbound filtering and anti-malware blocks spam, strips threats, reduces risky and unproductive surfing, and saves you money. Our experts do all the work, saving you time while enhancing your security. Block hard-to-detect threats before they reach your network By routing your web and email traffic through our data centers, we are able to insert our best security between you and these threats. Our rich scanning infrastructure compares each email and each web page’s active content to our extensive file and URL reputation databases. We assess intent or predicted behavior, and then proactively protect against unknown malware, viruses, worms, Trojans, phishing sites, and targeted attacks. As your users access web pages, we scan outbound requests, blocking connections to risky or policy-controlled sites. We can stop keyloggers phoning home with your sensitive information and strip out objectionable or regulated content, including adult content. With over 100 categories to choose from, our web filtering is unmatched in flexibility, accuracy, and security. We can also enforce Internet use and content policies by applying access rules to web and email traffic. Ensure email availability and protection McAfee SaaS Email Protection blocks over 99 percent of spam and eliminates 90 percent of spam-related costs with a complete, multilayered email defense — and industry-leading low false positive rates. If your network or email server goes down, whether through disaster or design, our service keeps your employees, customers, partners, and suppliers connected 24/7. Strengths
•
Convenient subscription replaces the up-front costs and daily expenses of on-premises security McAfee Global Threat Intelligence protects in real time Complete inbound and outbound web and email protection Reliable email access during planned and unplanned server outages Integrated web management portal speeds start-up and management Web-based dashboards allow easy monitoring, tuning, and reporting Leading anti-malware and anti-virus engines
• • • • • •
CONTENT SECURITY
43
McAfee SaaS Web and Email Security with Archiving
Nonstop security, compliance, and availability for critical applications Let the cloud lighten the burdens of email and web security, email retention, and email continuity. McAfee SaaS Web and Email Security with Archiving combines multiple critical services into a single, convenient subscription. Real-time, reputation-powered email and web controls By scanning each email and each web page’s active content and understanding its intent or predicted behavior, McAfee proactively protects your whole network, even roaming users. We fend off unknown malware, blended threats, phishing sites, and targeted attacks hidden in email and websites. With over 100 categories to choose from, McAfee web filtering is unmatched in flexibility, accuracy, and security. We link policies directly to user groups defined in your directory, automatically applying access rules to all policy-controlled web traffic. Web-based dashboards allow easy visibility into inappropriate Internet use that saps productivity, consumes resources, and can present legal liability. Twenty layers of filtering trap malware and spam before it places your systems and user productivity in jeopardy. Our complete solution shields your network and messaging gateways from email attack and blocks over 99 percent of spam. Automatic engagement and synchronization for seamless continuity Whenever the network is inaccessible, our service keeps your employees, customers, partners, and suppliers connected 24/7. Users browse to our secure, easy-to-use web interface to send, receive, search, and manage emails. The service retains all messages sent or received during the outage, and returns them back to the email server when it becomes available. Secure archival for compliance and data management McAfee SaaS email archiving automatically, safely, and economically stores email at our site for future review and e-discovery. Powerful search tools support quick retrieval of emails, whether to demonstrate compliance or restore a lost message. By providing users easy access to archived emails, you minimize maintenance and gain control of database sizes. Strengths
• • •
Instant startup, no maintenance hassle, and a predictable cost Advanced analytics and reputation services block mutating threats Rolling 60 days of email continuity protection, with options to retain email archives for one or multiple years Built-in encryption during transport and storage Leading anti-malware and anti-virus engines
• •
44
CONTENT SECURITY
McAfee SaaS Web Protection
Comprehensive cloud-based security for a safe, secure network Web 2.0 has opened the door to sophisticated threats specifically designed to evade detection by traditional web security measures. McAfee SaaS Web Protection guards your team against infection, malicious infiltration, lost productivity, and corporate risk. Managed by professionals in cloud security, you gain effective, economical control over threats and undesired Internet use. Complete inbound and outbound protection When you redirect your web traffic to our load-balanced data centers, the traffic is scanned with state-of-the-art security. Traffic that violates your policy is blocked before it can enter your network. Categories can be paired with your unique user communities to set policies against offensive, undesired, and unproductive use of the web. With over 100 categories to choose from, McAfee web filtering is unmatched in flexibility, accuracy, and security — including filtering of anonymizer sites built specifically to bypass filtering engines. Webbased dashboards and forensic analysis capabilities allow easy monitoring, tuning, and reporting for easy control over inappropriate Internet use. For permitted traffic, McAfee SaaS Web Protection uses sophisticated techniques to analyze the nature, intent, and behavior of a web page’s active content. This deep analysis lets us proactively protect against zero-day threats, unknown malware, blended threats, phishing sites, and targeted attacks, and lets us filter objects exhibiting questionable behavior within pages. Proactive reputation-based services updated in real time Instead of depending on static filtering that doesn’t keep up with changing websites and content, hundreds of threat researchers at McAfee Labs develop advanced analytics and reputation services to infer risk and act immediately to protect you. Near-zero latency, industry-leading uptime, and enterprise-class scalability ensure the performance and reliability you need to secure even the most demanding and distributed environments. If you already have on-premises web filtering, McAfee SaaS Web Protection is a great way to add industry-leading anti-malware capabilities, or to secure branch offices and mobile users. Strengths
• • • • • •
Easy to deploy with no hardware or software to buy, install, or maintain Accurate and granular filtering with more than 100 categories for flexibility Users experience secure, transparent browsing with no irritating latency Simplified 24/7 web management of policies and configurations Customizable alerts and dashboards for instant access to the data you need Enforces policies based on existing LDAP or Active Directory users
CONTENT SECURITY 45
McAfee Security for Email Servers
Robust content security for Microsoft Exchange and Lotus Domino servers An important component for comprehensive email security, McAfee Security for Email Servers serves as an additional layer of security by inspecting email on your email server. Because it plugs directly into your email server, McAfee Email Security for Servers can scan and automatically apply policy to internal email that your email gateway never sees. Unbeatable virus and threat detection McAfee Security for Email Servers uses the McAfee scanning engine to detect, clean, and block viruses, worms, Trojans, and other potentially unwanted programs. The cloud-based McAfee Global Threat Intelligence reputation service analyzes email sender addresses and domains, messages, embedded URLs, and file attachments. Reputation analysis helps McAfee Email Security for Servers accurately identify and quarantine undesired messages using minimal system resources, saving critical computing power for your email server’s number one job: delivering email. Content filtering You can filter messages based on size, message content, or attachment content. Many enterprises block or quarantine messages that contain controlled or sensitive contents in the subject, message body, or attachments. McAfee Quarantine Manager McAfee Quarantine Manager is a highly scalable centralized off-box quarantine server. Supporting multiple McAfee products and managed through McAfee ePO, it enables administrators to easily consolidate and manage email quarantines. Role-based administration, granular quarantines, and a brandable user interface offer ultimate control and quarantine flexibility. Manage your security simply Integration with McAfee ePO provides centralized configuration, policy management, and reporting. McAfee ePO automatically pushes out and implements your configuration changes and policy changes. Strengths
• • • •
Prevents viruses and spyware from traversing your internal network via email Protects Windows, Linux, and AIX email servers on 32- and 64-bit platforms Automatically enforces email usage and content policies Works in conjunction with McAfee email appliances to provide comprehensive email security with shared central management and quarantine
46
CONTENT SECURITY
McAfee SiteAdvisor Enterprise McAfee Web Filtering for Endpoint
Worry-free web browsing and blocking for business users While the Internet is a crucial business tool, cybercriminals are making it a dangerous one. Now you can allow employees to surf and search the web safely, using active technology to guide users away from malicious websites and shield them from online threats. Proactive safety information keeps users alert McAfee SiteAdvisor Enterprise lets you avoid restrictive policies that keep your employees from using the web for research and business projects. Your business users will have the freedom to surf online, protected from web-based threats such as spyware, adware, and phishing. Featuring an intuitive color-coded rating system — green, yellow, red, or gray for unrated — and the reputation intelligence of McAfee Global Threat Intelligence, McAfee SiteAdvisor Enterprise provides risk-aware protection at the desktop. Deploy and manage policies with ease Ready to deploy across your organization with McAfee ePO, McAfee SiteAdvisor Enterprise solutions install easily to protect all business users. You can customize the authorization or blocking of website access, view reporting, control messaging, assign actions based on safety ratings, and implement added protection for remote users — all to ensure policy compliance. Integrated URL and content filtering Unmanaged Internet access presents many challenges and introduces unnecessary risk. McAfee Web Filtering for Endpoint integrates with McAfee Site Advisor Enterprise to help organizations manage productivity, reduce legal liability, and improve bandwidth to make employee Internet use efficient and effective. McAfee customers who use McAfee Web Filtering for Endpoint and McAfee Web Gateway can take advantage of this integrated, gateway-aware solution to enforce the appropriate policy intelligently, whether the user is at a corporate office behind the McAfee Web Gateway or outside the network. Strengths
• • • •
Educates users for continuous protection against changing threats Prevents users from browsing to websites hosting malware or exploits Restricts and monitors employee web usage with superior content filtering Centralized management through McAfee ePO makes deployment, management, and reporting easy and efficient
CONTENT SECURITY
47
McAfee SmartFilter
Control and security for today’s web Today’s dynamic web environment offers significant opportunity for increased productivity and collaboration. However, expanded Internet use also often translates into inappropriate use of the web at work and associated productivity drains, legal liability, and significant security challenges for the enterprise. Malicious code and web-borne viruses can enter the network when users visit an infected website — without users even knowing. Comprehensive web filtering powered by McAfee Global Threat Intelligence McAfee SmartFilter software enables organizations to control how the web is used and easily enforce an Internet use policy, while protecting organizations from the viruses, malware, and other security risks associated with employee or student use of the Internet. With McAfee SmartFilter, you gain control. You can understand, filter, monitor, and block Internet use to reduce legal liability, maximize employee productivity, and preserve bandwidth for business. McAfee SmartFilter achieves its control and protection through the combination of reputation and category-based filtering. It incorporates McAfee Global Threat Intelligence web reputation, enabling your company to benefit from information about content sources and risks gathered across the entire Internet. Based on known behaviors, deviations from expected behaviors, and dynamic assessment of security risks, McAfee proactively and reliably detects risky sites hosting spyware, phishing, and malware. Through the millions of URLs McAfee processes each month, McAfee SmartFilter gives you the power to block the ubiquitous security threats of today’s dynamic web world. Safely enable web access in your unique working and learning environments Customizable controls with fine-grained options let you enforce Internet usage policies that match your organization: create unique policies for different users and groups, add categories, create block/allow lists, exempt certain URLs, and more. Strengths
• •
Includes solutions optimized for business and education Predefined filtering policies for over 35 million blockable websites in more than 90 categories Simple installation, centralized management, and precision reporting Comprehensive coverage of all categories for no additional cost
• •
48
CONTENT SECURITY
McAfee Total Protection for Internet Gateways
Comprehensive security for web, email, and data loss prevention Data protection is top of mind for many organizations, and interactive web technologies increase the risk of data loss and downtime. Effective protection patrols email and web interactions that might bring malicious code into your business or attempt to extract sensitive data over your network. Great protection, great value McAfee Total Protection for Internet Gateways protects against malware coming into your enterprise through email and web traffic, while it ensures that sensitive data does not leave in violation of government and corporate regulations. It combines three proven McAfee security solutions — McAfee Web Gateway, McAfee Email Gateway, and McAfee Network DLP Prevent — into one affordable, manageable solution. Inbound and outbound control over malware and sensitive data This combination gives you effective protection against inbound attacks, including web-based, blended, and targeted malware, while it keeps your email free of spam, phishing attacks, or other email-borne threats. Blocking this unwanted traffic increases productivity, frees up bandwidth, and cuts malware cleanup costs. For complete confidence and compliance, the solution includes outbound filtering and blocking. Throughout your entire enterprise, it safeguards both structured and unstructured data, protecting private data like credit card numbers and corporate intellectual property such as financial records, source code, or blueprints. Simplified management for lower total cost of ownership McAfee Total Protection for Internet Gateways bakes in all the efficiencies that are possible with hard-working solutions from a single vendor. Savings start with rapid deployment, policy configuration, testing, and scaling. We make administration easy with a simplified management footprint, nearzero-touch user-based authentication, one support contract, and automated malware and spam protection updates. Moreover, compliance reporting is straightforward, with deep micro-level forensics when you need them. Strengths
•
Number one rated anti-malware protection coupled with better than 99 percent spam detection Identifies and enforces policies on both structured and unstructured data McAfee Global Threat Intelligence protects against emerging threats
• •
CONTENT SECURITY
49
McAfee Total Protection for Data
Industry’s most complete data protection solution With today’s mobile devices and ever-connected work style, protecting confidential customer information — as well as your intellectual property — has to be job one. To secure your confidential data reliably, the McAfee Total Protection for Data suite provides strong encryption, authentication, data loss prevention, and policy-driven security controls. They prevent unauthorized access to your sensitive data — anytime, anywhere, for any device. The suite includes McAfee Endpoint Encryption (full-disk, file and folder, and removable media encryption), McAfee Host Data Loss Prevention, McAfee Device Control, and centralized management by McAfee ePO. Instead of managing separate point solutions, use a single environment to manage your deployment, define security policies, monitor flexible dashboards, generate reports, and maintain your data protection. Enterprise-grade encryption and device control To protect data at rest, full-disk encryption combined with strong access control protects sensitive data on all endpoints. Persistent file and folder encryption transparently encrypts the files and folders you choose, on the fly, before they move through your organization. Host data loss prevention allows you to monitor real-time events and apply centrally managed security policies to control how employees access and use confidential data. You can also monitor and control data transfer to portable devices, such as USB flash disks, iPods, DVDs, and Bluetooth devices. Unlike wholesale blocking of device usage, you can specify and categorize which devices may or may not be used and enforce what data can and cannot be transferred to these devices based on sophisticated content analysis. Improved visibility and efficient, centralized management As your business needs change, we help you understand evolving usage and adjust policies appropriately. Advanced reporting and auditing help your company better meet tough privacy mandates, demonstrate compliance, ensure safe harbor protection, and support prompt and proper audits. Strengths
•
Works even when data is modified, copied, pasted, compressed, or encrypted Enforces policies based on users and groups and synchronizes policies with Active Directory, Novell NDS, and PKI Encrypts files, folders, or devices without end-user action Logs every data transaction with forensic-quality, audit-ready details
•
• •
50
CONTENT SECURITY
McAfee Total Protection for Secure Business
All the critical elements of security a medium-sized company needs Free yourself from the headaches of managing multiple point products from multiple vendors. McAfee Total Protection for Secure Business has it all — the industry’s most comprehensive security in one easy-to-manage suite for endpoints, email, web, and data. It saves time, saves money, and provides a more powerful, integrated defense against the threats medium-sized businesses know about — and the threats you cannot see coming. Smart data, email, and web security, plus compliance In one solution, you get anti-virus, anti-spyware, desktop firewall, and host intrusion prevention, web security, and highly accurate spam detection for effective gateway blocking of malware. To protect your business from data loss, you can encrypt all data on laptops, desktops, and other mobile devices and prevent unauthorized use of removable devices, such as memory sticks. We also help you limit access to dangerous websites, block data-stealing malware, and enforce appropriate data usage policies. Save time and money Let McAfee simplify acquisition and deployment of the protections you need, with one purchase of one package from one trusted, proven vendor, with substantially lower licensing fees and support costs than if purchased separately. It eliminates the compatibility and maintenance issues associated with multiple point products and vendors. Instead, you gain better visibility, control, and comprehensive intelligence on your security posture. Strengths
• • • •
Instant, always-active threat protection from data-stealing threats Encryption and device control to prevent data loss Single, centralized management to streamline management and reporting Easy to choose, purchase, and manage the protections you need
CONTENT SECURITY
51
McAfee Web Gateway
Proactive web security for enabling secure web access As use of the web grows and evolves, solutions designed to block only “known bad” behavior and content — signature-based anti-virus and categoryonly URL filtering — cannot combat the full range of threats. McAfee Web Gateway, an industry-leading anti-malware solution, combines all the gateway security solutions you need to protect your web traffic. Our family of appliances offers reputation-based web filtering powered by McAfee Global Threat Intelligence, SSL scanning of encrypted traffic, data leakage protection, and anti-malware — all in a single appliance that is easy to afford, deploy, and manage. The unmatched anti-malware protection proactively blocks zero-day and blended threats, without waiting for a signature. Our appliances analyze the nature, behavior, and intent of all content and code on requested web pages, providing immediate protection against hidden threats. Fine-grained control stops threats such as infected iFrames, while still enabling access to the site. McAfee Web Gateway extends control to websites and applications as well. You can enable or disable specific functionality on a site, for instance allowing access to social media sites, but disabling access to games available through that site. Powerful safeguards against data loss We scan user-generated content on all key web protocols to prevent confidential or suspicious information from leaking out of your enterprise through social media, blogs, wikis, and other web-based applications and sites. We can even stop infections phoning home. Enterprise-class performance and manageability Our high-performance, enterprise-strength proxy appliances provide the caching, authentication, administration, authorization controls, and built-in clustering and availability required by today’s agile enterprises. Management is easy with web filtering, anti-malware, anti-spyware, SSL scanner, and other protections administered securely from a single point using a single set of policies. View McAfee Web Gateway data in McAfee ePO or take advantage of additional reporting capabilities that offer real-time dashboard views with extensive drilldowns and powerful off-line reporting. You can minimize operational effort — including policy tuning — and support compliance. Strengths
• •
Proactive, layered protection on all traffic, with flexibility and scalability Applies threat intelligence including category, reputation, signatures, and proactive scanning and ends the blind spot of encrypted threats Enables expanded inbound and outbound access without worry of infection or inappropriate content
•
52
CONTENT SECURITY
Endpoint Security
McAfee Endpoint Security
The industry’s broadest suite of integrated solutions protects your endpoint devices with system security, virtualization security, mobile protection, email and web safety, and access control. You can guard against the full spectrum of threats with fewer IT resources.
Endpoint Security
Empower Your Mobile Workforce with the Right Balance of Protection and Access
McAfee Endpoint Security lets you meet the needs of your highly mobile workforce with ironclad security and data protection—anytime, anywhere, on any device. At the same time, you can ensure secure, seamless access to business applications and corporate data. With its intelligent security management and single management console approach, McAfee reduces complexity and minimizes the effort and operational overhead required to manage security.
•
System protection—Obtain a comprehensive defense against today’s advanced threats with the industry’s first and only unified solution for endpoint security, compliance, and access control. McAfee helps you block malware, control employee web activity and network access, ensure IT standards meet compliance requirements, and integrate security management for all endpoints through a centralized console. Virtualization protection—Whether you are managing virtual desktops or deploying virtual servers, we provide innovative options to increase protection and operational efficiencies. McAfee delivers optimized security, compliance, and control with streamlined management to help ensure compliance and reduce costs, allowing you to implement new virtualization security without affecting your existing infrastructure or system performance. Mobile protection—As more personal and mobile devices are used for business-related purposes, their sophistication and diversity present new challenges to IT. As you provide content to these mobile devices, you can protect and manage them, too. McAfee mobile protection solutions defend against emerging mobile threats and deliver secure and scalable device management and provisioning. User access control—McAfee Network Access Control (NAC) links endpoint and network security with access control and compliance, centrally managed by McAfee ePolicy Orchestrator. McAfee NAC allows administrators to easily deploy and tailor access controls, resulting in increased security, fewer errors, and network control unmatched in the industry.
•
•
•
Say “Yes” to Business Initiatives
McAfee endpoint solutions protect devices from servers to smartphones to embedded systems. The products categorized below appear alphabetically in the pages that follow. Check www.mcafee.com/endpointsecurity for the latest information.
Suites managed at your site On-premises endpoint suites comparison McAfee Total Protection for Endpoint — Enterprise Edition McAfee Endpoint Protection — Advanced Suite* McAfee Endpoint Protection Suite* McAfee Total Protection for Secure Business* McAfee Total Protection for Data McAfee Total Protection for Server McAfee Endpoint Protection for Mac* Suites managed through the cloud Security SaaS suites comparison McAfee SaaS Endpoint Security Suites – McAfee SaaS Endpoint Protection Suite – McAfee SaaS Endpoint Protection — Advanced Suite – McAfee SaaS Endpoint and Email Protection Suite McAfee SaaS Total Protection* Individual endpoint products McAfee Application Control (for desktops and servers) McAfee Command Line Encryption McAfee Device Control McAfee Encrypted USB McAfee Endpoint Encryption McAfee Enterprise Mobility Management (McAfee EMM™) McAfee Host Intrusion Prevention McAfee Mobile Security for Enterprise McAfee MOVE AntiVirus McAfee Network Access Control McAfee Policy Auditor McAfee Security for Email Servers McAfee Security for Microsoft SharePoint McAfee SiteAdvisor Enterprise McAfee Web Filtering for Endpoint McAfee VirusScan Enterprise McAfee VirusScan Enterprise for Linux McAfee VirusScan Enterprise for Offline Virtual Images McAfee VirusScan Enterprise for Storage McAfee VirusScan Enterprise for use with SAP NetWeaver platform McAfee VirusScan for Mac*
*Products ideally suited to small and mid-sized businesses. ENDPOINT SECURITY 55
56 77 63 64 79 78 80 65 57 72
73 58 59 60 61 62 66 67 68 69 70 71 74 75 76 76 81 82 83 84 85 86
On-premises Endpoint Suites Comparison
Our integrated, intelligent suites work hard to guard your data, systems, and network, so you can work on other things. Select the suite that meets your needs, then refer to the alphabetical listings that follow for details.
McAFEE TOTAL PROTECTION FOR ENDPOINT ENTERPRISE EDITION McAFEE TOTAL PROTECTION FOR SECURE BUSINESS McAFEE TOTAL PROTECTION FOR SERVER McAFEE ENDPOINT PROTECTION — ADVANCED
McAFEE TOTAL PROTECTION FOR DATA
Single integrated management — on site DATA PROTECTION Full-disk encryption File and folder encryption Device control Data loss prevention for endpoint DESKTOP AND SERVER PROTECTION Anti-virus Anti-spyware Real-time anti-malware Host intrusion prevention for desktop Host intrusion prevention for server Application blocking Multi-platform support Desktop firewall Safe surfing with site blocking Network access control Anti-malware (offline virtual images) Web filtering (host) WEB GATEWAY SECURITY Anti-malware Safe surfing URL filtering EMAIL GATEWAY SECURITY Anti-malware Anti-spam Content filtering EMAIL SERVER SECURITY Anti-malware Anti-spam Content filtering RISK AND COMPLIANCE Agentless policy & vulnerability auditing Agent-based policy auditing Change policy enforcement Integrity monitoring Application whitelisting
• • • • •
McAFEE ENDPOINT PROTECTION
•
•
• •
• • • • • • • • • •
•
• • • •
• • • • • • • • • • •
• • • • • • • • • • • •
•
• •
• • • • • • • • • • • • • • • • • • • • • • • • •
56
ENDPOINT SECURITY
Security SaaS Suites Comparison
Flexible Endpoint Protection Available in three custom suites, McAfee SaaS Suites provide continuous protection against known and unknown threats, automatic security updates and upgrades hosted by McAfee, and around-the-clock technical support. Since McAfee automated protection continuously provides up-to-date reporting information to our SecurityCenter, there’s no need to dedicate IT staff to security maintenance or to invest in additional security management software, on-premises hardware, or technical support. McAfee SaaS Endpoint Security Suites, formerly Total Protection Service suites, offer multivector security options for your endpoints. And our best-of-suite solution, McAfee SaaS Total Protection, adds cloud-based content filtering, email continuity, and risk and compliance functions to keep threats and risks away from your network.
McAFEE SaaS ENDPOINT PROTECTION SUITE Centralized visibility through an online management console Desktop and file server anti-virus and anti-spyware Real-time threat intelligence Desktop firewall to block hackers and intrusions Web security for safe surfing Host-based web filtering to ensure web security even when users are not on the local network Email server protection to scan for viruses and spam on site Cloud-based, inbound email filtering to block unwanted spam and phishing attacks Cloud-based, outbound email filtering to stop viruses and malware Email continuity to enable full disaster recovery Cloud-based web filtering of unwanted websites to ensure compliance and productivity Vulnerability assessment to scan for perimeter weaknesses McAFEE SaaS ENDPOINT PROTECTION ADVANCED SUITE McAFEE SaaS ENDPOINT AND EMAIL PROTECTION SUITE McAFEE SaaS TOTAL PROTECTION
• • • • •
• • • • • • •
• • • • • • • • •
• • • • • • • • • • • •
ENDPOINT SECURITY
57
McAfee Application Control (for desktops and servers)
Reduced risk from unauthorized applications, plus stronger endpoint control Users can unintentionally introduce software that installs malware, creates support issues, and violates software licenses — compromising systems and your overall business. McAfee Application Control offers an effective way to block unauthorized applications and, unlike simple whitelisting, uses a dynamic trust model to avoid labor-intensive lists. As enterprises face an avalanche of unknown software from the web, this centrally managed solution adds a timely control to your systems security strategy, attuned to the operational needs of enterprises. Complete protection from unwanted applications Malicious code takes full advantage of the flexible software and modular code used in Web 2.0. McAfee Application Control extends coverage to Java, ActiveX controls, scripts, batch files, and specialty code to give you greater control over application components. Integration with McAfee Risk Advisor provides assurance that you are protected from new and emerging vulnerabilities. Viable security for remote and legacy systems Patching can be a logistical headache for remote systems and may be impossible for older operating environments that no longer receive vendor updates. McAfee Application Control extends a unique layer of protection to shield hard-to-maintain systems, including legacy Windows NT and 2000 systems. Flexible, affordable, manageable, and secure McAfee Application Control leverages your security investment in the McAfee ePolicy Orchestrator platform. McAfee ePO provides remote deployment, and you can manage and report on large enterprise rollouts from a central location. Dynamic management of whitelists makes it easy to support multiple configurations for different business needs, such as back office servers and multiple desktop images for different user profiles. It runs transparently on endpoints, with very low initial and ongoing operational costs. Strengths
• • • • •
Ensures only trusted applications run on servers and endpoints Trust model and dynamic whitelists save administration time and overhead Comprehensive code protection preserves integrity of critical systems Enhanced visibility into vulnerability shielding via Risk Advisor integration Extends lifespan of legacy systems
58
ENDPOINT SECURITY
McAfee Command Line Encryption
Transfer and store your sensitive files securely Your data is the lifeblood of your business. Files with sensitive data need to be protected in transit and in storage for true end-to-end security. Enterprises that routinely exchange sensitive customer information or intellectual property with branch offices, vendors, and business partners need to keep confidential data and applications safe and secure. More than half of all Fortune 500 companies rely on McAfee E-Business Server for secure file transfer and storage. McAfee E-Business Server McAfee E-Business Server incorporates the industry’s strongest encryption algorithms, including Triple-DES CAST, IDEA, AES, Blowfish, and the Twofish Cipher Algorithm. It secures data as it is transmitted over the Internet and throughout your enterprise, eliminating the need for costly solutions such as leased lines and VPNs. By securing data automatically, companies consistently protect sensitive data, reduce labor costs, and eliminate human interaction errors. An application-layer approach to encryption McAfee E-Business Server — a fully integrated application-layer approach to encryption — simplifies the process of ensuring end-to-end data security. Using a simple command-line interface or natively within an application, developers and administrators can protect data throughout its lifecycle: from its point of origin to data processing and storage. You can secure data within automated and batch processes (for file transfer, remote archive, and transactions) and in standard or proprietary applications. Most importantly, you can protect the privacy of data in storage, during access, and in transit over the Internet, providing true end-to-end security. We support the OpenPGP standard, along with most major certificate authorities, so you can securely exchange information with more partners. In addition, because E-Business Server supports self-decrypting archives (SDA), you can even share secure data with partners that do not have encryption. Since these products are transfer protocol independent, companies can easily add encryption into existing processes, independent of their preferred transfer method. Additional configurations for flexible control over data
• • • •
McAfee E-Business Client McAfee E-Business Server for OS/390 McAfee E-Business Server Native APIs McAfee E-Business Server Partner Edition
ENDPOINT SECURITY
59
McAfee Device Control
Fine-grained control over removable media devices on your network USB drives, MP3 players, CDs, DVDs, and other removable media — however useful — pose a real threat to your organization. Their small size and enormous storage capacity make it all too easy for confidential customer data and intellectual property to walk right out the front door and into the wrong hands. Theft is not the only risk; even the most well-intentioned employees accidentally lose devices. Now you can monitor and control data transfer to portable storage devices to improve compliance with data control policies and regulations. McAfee Device Control guards against critical data leaving the corporation through USB flash drives, iPods, CDs, DVDs, Bluetooth and IrDA devices, and other removable storage devices that can connect to desktops and laptops. Targeted, automatic enforcement of detailed device and data policies With wholesale blocking, you frustrate users and constrain productivity. Instead, our granular controls let you specify and categorize which devices may or may not be used and enforce what data can and cannot be transferred to these devices. You quickly and easily configure, deploy, and update policies and agents throughout your environment from the centralized McAfee ePolicy Orchestrator management console. For accurate, reliable control, you can define detailed hardware-based filtering, monitoring, and blocking. Our complete device management lets you enforce devices by any Windows software-based device parameter, including product ID, vendor ID, serial numbers, device class, device name, and more. If you need hardware-based encryption, you can specifically limit use to devices that include approved encryption. This unrivaled protection helps you protect all data, formats, and derivatives even when data is modified, copied, pasted, compressed, or encrypted. Strengths
• • • • •
Fine grained device definitions Content and context-aware protection Centralized policy deployment and management with McAfee ePO Easy upgrade to McAfee Host Data Loss Prevention Visibility, control, and user- and device-level logging to support compliance
60
ENDPOINT SECURITY
McAfee Encrypted USB
Secure mobile devices with built-in access control and encryption USB devices are widely used and convenient because of their small size, huge storage capacity, and high portability. However, with convenience comes risk. These devices, along with the confidential data they contain, are easily lost or stolen. To make the data on these devices unreadable by unauthorized parties, McAfee Encrypted USB drives keep mobile data secure, applying strong encryption and an advanced management platform. Automatic, industry-leading encryption McAfee Encrypted USB drives encrypt data transparently, automatically, and on the fly, with no special training required. Data stored on your USB drives is protected and compliant with company policies, and with industry and government regulations. Our drives protect sensitive information with industry-leading technology: AES-256 encryption and FIPS-140-2 validation. Because of our hardware-based encryption, encryption keys cannot be obtained or copied, because they never leave the USB drive. Advanced management with proof of encryption if lost or stolen Efficient security requires you to extend company security policies and compliance requirements to mobile USB drives in a strategic, comprehensive, and managed way. With McAfee ePolicy Orchestrator (McAfee ePO), you centralize deployment, management, policy administration, monitoring, reporting, and auditing. Extensive auditing and reporting tools allow you to prove that data on devices was encrypted, even if a device is lost or stolen.
McAFEE ENCRYPTED USB BY SANDISK McAFEE ENCRYPTED USB STANDARD McAFEE ENCRYPTED USB BIO McAFEE ENCRYPTED USB HARD DISK NON-BIO McAFEE ENCRYPTED USB HARD DISK
Password Authentication Biometric Authentication AES-256 Bit Hardware Encryption Virtualization Capable (PC-on-a-Stick) FIPS 140-2 validated Centralized management via McAfee ePO McAfee Anti-Malware Protection
2 1
•
•
• •
•
• •
•
•
•
•
•
Optional Optional Optional Optional Optional
•
• •
•
•
•
•
•
•
•
•
1 Third-party software required at additional cost. 2 McAfee Encrypted USB Manager software is optional and provided for non-McAfee ePO customers and digital identity options. ENDPOINT SECURITY 61
McAfee Endpoint Encryption
Ironclad security for lost or stolen devices, anytime, anywhere Rarely does a month go by without an organization revealing the loss or theft of a laptop brimming with sensitive data. Piecemeal and full-disk-only encryption solutions leave security holes and complicate management and reporting. With over 6,000 customers around the globe, McAfee is the leading vendor of encryption software. McAfee Endpoint Encryption prevents unauthorized access to sensitive data through industry-leading encryption technology and strong access control. Multiple layers of protection let us cover more data loss scenarios than any other vendor in the marketplace. Heterogeneous device support McAfee Endpoint Encryption provides full-disk and file/folder encryption that supports your mixed, evolving range of devices: desktops, laptops, network files and folders, smartphones, removable media, portable storage devices, and self-encrypting and solid-state drives. Transparent policy enforcement Encryption happens transparently — on the fly — with virtually no system performance degradation. Single sign-on with pre-boot authentication gives users secure yet convenient access to the information needed to do their jobs efficiently. As a result, sensitive data remains protected regardless of how it is stored, used, or transferred, enabling business continuity anytime, anywhere. One management environment for endpoint and data Our solution offers real-time enforcement, tracking, and reporting of encryption status for every device in the environment from a single management console. A common agent and management platform with McAfee endpoint security products helps ensure dramatically lower operational costs and administrative overhead. A single policy architecture for data protection and endpoint security makes it easier to implement and prove compliance as regulations get more stringent. Strengths
•
Supports software-based encryption, plus self-encrypting and solid state drives Consistent administration and policies for any mix of devices in the environment Support for hardware acceleration based on the Intel AES-NI technology Persistent encryption requires no end-user action or file renaming
•
• •
62
ENDPOINT SECURITY
McAfee Endpoint Protection — Advanced Suite
Protection against zero-day attacks, and help with compliance A mobile workforce plus increased regulation could equal a security nightmare. Get the McAfee Endpoint Protection — Advanced suite and rest peacefully. This suite puts you in charge with broad protections, compliance controls, and unified management for Microsoft Windows endpoints. Whether you want to keep viruses, hackers, spammers, data thieves, or auditors at bay, this seamless solution has the perfect combination of capabilities and cost savings. Integrated, proactive security combats sophisticated malware and zero-day threats to protect endpoints when they leave your network and protect your network when they return. The built-in McAfee Global Threat Intelligence file reputation service provides real-time, always-on protection based on insight gathered by McAfee Labs. And advanced web access control ensures employee productivity everywhere they travel. Zero-day and vulnerability shielding Integrated intrusion prevention secures Windows workstations and servers from advanced persistent threats. It patrols these endpoints against malware, blocks malicious code from hijacking an application, and provides automatically updated signatures that shield laptops and desktops from attack. Finally, it is safe to implement and test patches on your schedule. Combined with our patented behavioral protection, which prevents buffer overflow attacks, and a stateful desktop firewall, you get the most advanced system vulnerability coverage on the market. Centrally managed for control with lower cost and complexity Centralized policy-based management, network access control, device control, and desktop policy auditing keep endpoints safe and compliant.
FEATURE WHY YOU NEED IT
Single integrated management Device control Host IPS and desktop firewall Anti-malware Anti-spam Safe surf and search Host web filtering Email server security Network access control Policy auditing
Instant visibility into security status and events, efficient control of security and compliance tools Keeps confidential data from leaving the company Zero-day protection against new vulnerabilities, reduced urgency to patch, stops network-borne attacks Blocks code that steals data and sabotages user productivity Improves productivity and limits phishing and malware Helps ensure compliance and reduce risk from web surfing Controls users surfing on or off the corporate network Intercepts malware before it reaches the user inbox Limits malware infections by blocking noncompliant systems Streamlined compliance reporting for HIPAA, PCI, and more
ENDPOINT SECURITY
63
McAfee Endpoint Protection Suite
Secure Windows PCs against real-time malware and unauthorized devices Many enterprise users and small businesses rely on tower-based PCs and traditional desktop systems that never leave the building. These traditional desktops and fixed systems within your LAN probably have layers of gateway or network security to protect them. Since these systems don’t visit wireless hot spots, help kids browse the Internet at night, or get left at airports, they have a lower risk of being compromised, picking up malicious downloads, or being stolen while carrying sensitive data. However, every business user relies heavily on web-enabled applications and email, so even these fixed machines require sophisticated protection against the targeted, real-time malware web and email applications convey. Core controls to protect users and their systems The McAfee Endpoint Protection Suite integrates essential security to block advanced malware, control data loss and compliance risks caused by removable media, and provide safe access to critical email and web applications. We unite these core functions into a single, manageable environment ideal for safeguarding traditional desktops and other systems that have limited exposure to Internet threats. Of course, your email server gets an extra dose of anti-malware, backed up by malware protection on each endpoint itself. Device controls help you restrict use of removable media and portable storage to avoid loss of sensitive and regulated data, essential for small businesses and merchants subject to PCI DSS regulation. The McAfee Endpoint Protection Suite seamlessly integrates proven security to help you manage these risks, delivering both operational efficiencies and cost savings with the convenience of a single solution.
FEATURE WHY YOU NEED IT
Single integrated management Device control Desktop firewall Anti-malware Anti-spam Email server security Safe surf and search
Instant visibility into security status and events, efficient control of security and compliance tools Keeps confidential data from leaving the company Prevents network-based attacks and allows only legitimate network traffic Blocks code that steals data and sabotages user productivity Improves productivity and limits employee exposure to phishing and malware Intercepts malware before it reaches the user inbox Helps ensure compliance and reduce risk from web surfing
64
ENDPOINT SECURITY
McAfee Endpoint Protection for Mac
Say “yes” to Macs in the workplace As more and more business users choose Macs, these systems contain or access the same sensitive data as other PCs. Any Macs running virtualization software face Microsoft Windows threats. And since hackers and cybercriminals now view Macs as a target, you should enforce compliance of Macs to the same high security standards of your Windows-based PCs. Advanced security for Mac endpoints McAfee Endpoint Protection for Mac secures Apple Macintosh endpoints with complete, advanced coverage, including anti-virus, anti-spyware, system firewall, and application protection. It stops malware and other security threats before they can damage or infect Macintosh desktops and laptops and spread throughout your company’s network. McAfee Endpoint Protection for Mac also addresses compliance requirements by ensuring that Macs receive the same level of protection as Microsoft Windows-based PCs. It gives you the confidence to say “yes” to Macs in the workplace while maintaining or even reducing operational costs. Centralized, simultaneous management of Macs and PCs McAfee ePO integration enables you to lower operational management costs by making it easier to manage all endpoints — Macs and PCs — from a single platform. You can bring new Macs onto the network quickly and seamlessly and respond quickly to security incidents, regardless of where they originate. A single view helps you update security settings on distributed endpoints simultaneously, and then confirm compliance using powerful reporting. Critical firewall, data, and application controls We include the most advanced firewall on the market for Apple Macs. Inbound scanning stops network-based attacks, while outbound packet filtering prevents spyware and malware from shipping personal data out to would-be attackers. And you can set rules to control access to specific networks, hosts, or IP addresses. Application lockdown lets you pre-approve applications that can run and freeze configurations to ensure compliance with policies, preserve availability, and thwart cybercriminals. Strengths
• • • •
Proven anti-virus, anti-spyware, application lockdown, and desktop firewall Fast and reliable scanning preserves system performance Familiar, intuitive Mac OS X Aqua interface Supports Mac OS X 10.6 (Snow leopard), 10.5 (Leopard), and 10.4 (Tiger)
ENDPOINT SECURITY
65
McAfee Enterprise Mobility Management (McAfee EMM)
Secure, easy, and scalable mobile access to enterprise applications As enterprises mobilize corporate applications, some sacrifice security and control and risk data loss and noncompliance. McAfee Enterprise Mobility Management (McAfee EMM™) enables you to offer mobile device choice — including Apple iPhones and iPads, Google Android, Windows Mobile, and Symbian — while delivering the same level of control traditionally applied to laptops and desktops. Our approach blends mobile device management with policy-managed endpoint security, network access control, and compliance reporting in a seamless system. Comprehensive, robust management enables you to secure your mobile workforce effectively, ensure persistent policies and configurations, and deliver automatic and real-time compliance management. By leveraging existing data center and network infrastructure, including directory services, we also help drive down support costs and overall cost of ownership. Risk reduction tailored to mobile devices McAfee Enterprise Mobility Management configures mobile devices to comply with corporate security policies and enforces compliance via network access control. Your policies define which devices may access the corporate network and can block modified devices like iPhones and iPads. Non-stop, we monitor access to alert you to unauthorized requests so you can maintain compliance. Take advantage of native device encryption, password authentication, and remote data wipe to reduce the risk to sensitive corporate data if a device is lost or stolen. Fast rollout and a lightweight, productive user experience Once you specify users, policies, and connections, a self-service portal allows users to perform basic help desk services, such as enterprise device activation, unlocking their devices, and device wipe, from any web browser. We automate configuration of Wi-Fi, VPN, and native email sync, minimizing help desk calls. Users have unique credentials to trigger access to their specific application services as well as enforcement of role-based policies. Strengths
•
Scales to let you manage thousands of users and tens of thousands of devices Enables device choice, including access from personally-owned devices Reduces costs with centralized management, over-the-air provisioning of policies and updates, and automation throughout the device lifecycle
• •
66
ENDPOINT SECURITY
McAfee Host Intrusion Prevention
Proactively secure your desktops and servers As an IT manager, one of your top challenges is to protect the IT assets that support your business, fending off known and unknown attacks to guard confidential data and preserve business continuity. McAfee Host Intrusion Prevention (Host IPS) delivers complete protection against new and unknown threats, and proactively prevents emerging attacks through McAfee Global Threat Intelligence. Behavioral protection blocks zero-day attacks that target new vulnerabilities, while signature-based protection identifies known attacks. Both enforce proper system and application behavior. A dynamic, stateful firewall integrates McAfee Global Threat Intelligence network connection reputation to characterize and block newly malicious traffic, protecting you from advanced threats such as botnets and DDOS before these attacks can do damage. The firewall also ensures compliance with application and system access policies. The integrated McAfee ePO agent and management console let you consolidate processes and cut overhead. Relax on “Patch Tuesdays” You can save time, money, and resources on patching, ending the pain of “Patch Tuesdays” and emergency patch cycles. Automatic signature updates and zero-day protection give you advanced vulnerability shielding. You can maintain a high level of protection with complete vulnerability coverage while deploying patches on your schedule, after appropriate testing. For server Host IPS for server can monitor and block unwanted activity and threats to maintain server uptime and protect assets. Host IPS for server contains unique protection engineered specifically for web and database servers, protecting against attacks like directory traversal and SQL injection. Application shielding and enveloping prevent compromise of applications and data and prevent applications from being used to attack other applications, even by a user with administrative privileges. For desktop Managing security and connectivity policies for endpoints can be a real IT headache. Employees can inadvertently introduce worms, spyware, and other threats into your network with their desktops or laptops. These actions compromise data, put employees at risk, and result in lost productivity. Host IPS for desktop uses multiple proven methods — behavioral analysis, signature analysis, and a dynamic, stateful firewall — to keep desktops safe.
ENDPOINT SECURITY
67
McAfee Mobile Security for Enterprise
Proven endpoint security for enterprise mobile devices Malware can interrupt mobile service and disrupt business. Comprehensive mobile protection is essential to protect data integrity and employee productivity from malware attacks. McAfee Mobile Security for Enterprise is a centrally operated anti-malware system that scans and cleans mobile data, preventing corruption from viruses, worms, dialers, Trojans, and other malicious code. Mobile Security for Enterprise protects your mobile devices at the most critical points of exposure, including inbound and outbound emails, text messages, email attachments, and Internet downloads. Complete mobile protection As your users work, the system transparently scans all types of files, including emails, text messages, photos, and videos on Windows Mobile OS smartphones. Our comprehensive anti-malware technology protects data transmitted over wireless carrier data networks, Bluetooth, Wi-Fi, and infrared communications. Instant threat detection Continuous protection detects malware in less than 200 milliseconds without interrupting wireless operations or connectivity. After detection, malicious files are stripped of their payloads. All the while, automatic updates safeguard your devices from the latest threats. Simple, streamlined administration Mobile Security for Enterprise extends centralized management to include your Windows Mobile devices. Through the web-based McAfee ePO console, you can easily configure policies, manage updates, and monitor mobile security status. Using a consistent management platform lowers IT overhead costs and generates operational efficiencies. A consistent policy definition and management environment reduces mobile risk for your enterprise and helps you maintain compliance. Strengths
• • • •
Always-on, real-time protection without interrupting connections Inline cleaning automatically removes infections to maintain device health Designed specifically for mobile threats with a minimal device footprint Regular over-the-air signature updates and alerts if an update fails or a device becomes infected Reduces risk of sensitive data loss that can mean compliance violations
•
68
ENDPOINT SECURITY
McAfee MOVE AntiVirus
Optimize security for virtualized desktops without compromising Virtual desktop infrastructure (VDI) is giving IT great flexibility to support work whenever and where ever. As data is now consolidated within the datacenter, having strong protection against malware is more important than ever. But anti-virus implemented in the traditional manner, within each virtual desktop, can cause much delay and overhead. Realize the full benefits of virtualization without the risk McAfee MOVE AntiVirus (AV) works in conjunction with McAfee VirusScan to optimize security processing in virtualized environments. McAfee MOVE AV enables on-access and .DAT update functions while greatly reducing the infrastructure impact seen with traditional anti-virus deployments. Supporting VMware View and Citrix XenDesktop, McAfee provides AV offloading and security intelligence that results in a sixty percent increase in supportable virtual workloads. Virtualization makes it easier to support a multitude of servers. However, it also can become tricky to capacity plan. With fluid provisioning, having the controls to minimize unintended resource consumption is critical. When loads are high, extra resource consumption can affect all of the services provided on the hypervisor. McAfee provides operational flexibility for virtual servers with AV scanning of offline images and the ability to schedule AV on-demand scanning based on the overall load of the hypervisor. We cut operating costs through common security management for both physical and virtual environments. Reduce resource utilization Security processing can be resource intensive. McAfee MOVE AV optimizes security for virtualized environments, freeing valuable resources for other business operations. Because of hypervisor-aware security management, capacity planning and utilization can now be predictive, improving performance. Security for virtualization — now and in the future McAfee MOVE AV supports the major hypervisor vendors and is fully integrated with McAfee Global Threat Intelligence. You get advanced security from McAfee with the agility to adopt a variety of virtualization implementations. Strengths
•
Removes common hindrances of implementing security in virtualized environments Decouples security management from operations Provides robust security policy and reporting adaptable enough for virtualization deployments
ENDPOINT SECURITY 69
• •
McAfee Network Access Control
Reduce threats and data loss with unified network access control Visitors and contractors can introduce malware, disrupt your networks, and compromise your systems and data. Employees who self-administer their endpoints can disable or misconfigure security tools and install malicious programs that can threaten data. McAfee Unified Secure Access is the first network access control (NAC) solution to unify endpoint and network security with access control. Unlike many NAC solutions, the integrated McAfee solution secures against threats inside and outside the network while remaining simple, cost-effective, accurate, scalable, and secure. Minimize risk of outbreaks while allowing flexible policies McAfee expands your security posture with adaptive policy technology that combines multiple assessment and control features into one NAC solution. It controls access and protects against broad threats with application-based and identity-based technologies, which control who has access to your specific critical network resources. Further, McAfee protects your investment by leveraging your existing network and system components and taking advantage of integrated management through McAfee ePO. Broad enforcement options McAfee Unified Secure Access includes three main components. Mix and match these options to create a complete solution:
•
McAfee NAC Software supports managed users and offers employee endpoint health assessment both pre- and post-admission McAfee NAC Appliance controls guest and contractor access with a network-based approach and offers identity and application-based network access control McAfee NAC Module for McAfee Network Security Platform adds the functionality of the NAC Appliance to an existing Network Security Platform to incorporate intrusion prevention in network access control decisions
St
ep
licy Po 1:
Ste p2 :D i
Scans for rogue devices, alerts, and reports
•
•
er ov sc
Takes action based on outcome of policy check or behavior
Ste
p 4: R e m e diate
70
ENDPOINT SECURITY
St
ep
3:
Enf
orce
McAfee supports a continuous lifecycle of access control for compliance.
Defines health, machine/user identity, and application policy
ni St e p 5: M o
Monitors endpoint to ensure ongoing compliance
Checks pre- or post-admission health against policy
to
r
McAfee Policy Auditor
Get in control, prove compliance by automating the IT audit process These days, it is not enough to be compliant. It is critical to show it with a high degree of accuracy — a daunting and time-consuming task. You spend an inordinate amount of time and effort manually collecting data, mapping IT controls to policy, and auditing devices — especially your mission-critical servers — to identify policy violations and noncompliant systems. You need an efficient and accurate alternative. McAfee Policy Auditor simplifies the process of demonstrating compliance. It automates manual audit processes and increases efficiency. Its proven agent, extensive support for content standards, and transparent integration with McAfee ePolicy Orchestrator mean accurate, efficient audits, every time. By mapping IT controls against predefined policy content, McAfee Policy Auditor enables you to produce consistent and accurate reporting against internal and external policies. Get proactive about compliance McAfee Policy Auditor delivers automated policy auditing of managed assets. You can proactively define, measure, and report on the compliance of information systems based on industry, regulatory, and corporate security policies, as well as standards and frameworks. Predefined templates include ISO 27001, COBIT, FISMA, FDCC, HIPAA, SOX, GLBA, and PCI DSS. Built on open standards and SCAP-validated, it enables you to import authoritative templates, such as FDCC, and audit for compliance to that standard within minutes. Integrated for investment protection Use McAfee Policy Auditor with McAfee ePO to consolidate security management and compliance management, easing agent deployment, management, and reporting. Pair McAfee Policy Auditor with McAfee Vulnerability Manager to run consolidated audits across both managed (agent-based) and unmanaged (agentless) systems. Strengths
• • • • •
Fast, automated import of industry benchmarks through SCAP standard Real-time audit model and blackout window reduce business disruption Automation saves hours and days of tedious tasks Builds confidence with external auditors Enables organizations to prove compliance consistently
ENDPOINT SECURITY
71
McAfee SaaS Endpoint Security Suites
Always-on-guard Security-as-a-Service With IT staff stretched thin and limited budgets, companies are looking for innovative ways to protect their assets and their users without complex and expensive software deployments and maintenance. McAfee SaaS Endpoint Security Suites, formerly McAfee Total Protection Service suites, consolidate endpoint, email, and web security to protect businesses of all sizes against the latest known and unknown threats. Defend all your systems and eliminate the high costs of onsite maintenance and investments with an integrated Security-as-a-Service approach. Enjoy fast deployment and uninterrupted protection that is never obsolete. Simply install the protection onto endpoints, and the software transparently updates over an Internet connection with no maintenance and no disruptions. From the web-based McAfee SecurityCenter console, you can centralize installation, configuration, reporting, updates, and group management. Use the same console to customize reporting, schedule reports, and run virus and vulnerability scans. McAfee Gold Technical Support is included for easy access to trusted experts through phone, chat, and email. Advanced security McAfee SaaS Endpoint Security Suites protect from unknown threats, outbreaks, and online exploits like phishing scams, spyware, and more — without limiting online access. Signature and behavioral-based scanning reduce exposure from unknown threats. McAfee SiteAdvisor software helps users stay safe from malicious websites, and you can customize web policies to filter unwanted websites. For the most complete security, our SaaS Endpoint and Email Protection Suite filters and quarantines inbound and outbound threats from email before the threats reach your network — with no installation required. It also scans the network perimeter for vulnerabilities to help you take action against weaknesses.
McAFEE SaaS ENDPOINT PROTECTION SUITE Centralized online management Desktop and file server anti-virus and anti-spyware Real-time threat intelligence Desktop firewall Web security for safe surfing (McAfee SiteAdvisor) Host web filtering Email server protection Cloud email filtering for inbound and outbound email McAFEE SaaS ENDPOINT PROTECTION ADVANCED SUITE McAFEE SaaS ENDPOINT AND EMAIL PROTECTION SUITE
• • • • •
• • • • • • •
• • • • • • • •
72
ENDPOINT SECURITY
McAfee SaaS Total Protection
Complete email and web protection, endpoint security, and vulnerability scanning Looking for complete protection from the cloud? McAfee SaaS Total Protection offers best-in-class security that leverages the power of cloud computing to deliver comprehensive and cost-effective protection for endpoint, email, web, and network. Integrated, cloud-based security Get a single integrated suite that provides all the benefits from the McAfee SaaS email, endpoint, vulnerability management, and web protection solutions — all hosted by the McAfee management infrastructure. Subscribe to McAfee SaaS solutions, infrastructure, expertise, and 24/7 Gold support to improve your security, cut your capital expenditures, and free your IT staff to focus on other areas critical to your business. Our best-in-class SaaS solution maximizes your protection from the cloud and enables your success with a centralized management console, the McAfee SecurityCenter. The SecurityCenter provides total visibility with 24/7 access to an easy-to-use, online dashboard to view user protection, customize security policies, and generate and download reports. Strengths
•
An integrated Security-as-a-Service suite that eliminates the high costs of onsite hardware maintenance and investments Endpoint protection stops viruses, spyware, hackers, and intrusions and provides web security Inbound and outbound email filtering blocks spam and phishing attacks Email continuity ensures email access even when your server experiences an outage Host-based and cloud-based web filtering blocks online threats and ensures Internet compliance and productivity for users on and off the corporate network Perimeter scanning helps identify potential vulnerabilities or security issues and provides remediation assistance
•
• •
•
•
ENDPOINT SECURITY
73
McAfee Security for Email Servers
Robust content security for Microsoft Exchange and Lotus Domino servers An important component for comprehensive email security, McAfee Security for Email Servers serves as an additional layer of security by inspecting email on your email server. Because it plugs directly into your email server, McAfee Email Security for Servers can scan and automatically apply policy to internal email that your email gateway never sees. Unbeatable virus and threat detection McAfee Security for Email Servers uses the McAfee scanning engine to detect, clean, and block viruses, worms, Trojans, and other potentially unwanted programs. The cloud-based McAfee Global Threat Intelligence reputation service analyzes email sender addresses and domains, messages, embedded URLs, and file attachments. Reputation analysis helps McAfee Email Security for Servers accurately identify and quarantine undesired messages using minimal system resources, saving critical computing power for your email server’s number one job: delivering email. Content filtering You can filter messages based on size, message content, or attachment content. Many enterprises block or quarantine messages that contain controlled or sensitive contents in the subject, message body, or attachments. McAfee Quarantine Manager McAfee Quarantine Manager is a highly scalable centralized off-box quarantine server. Supporting multiple McAfee products and managed through McAfee ePO, it enables administrators to easily consolidate and manage email quarantines. Role-based administration, granular quarantines, and a brandable user interface offer ultimate control and quarantine flexibility. Manage your security simply Integration with McAfee ePO provides centralized configuration, policy management, and reporting. McAfee ePO automatically pushes out and implements your configuration changes and policy changes. Strengths
• • • •
Prevents viruses and spyware from traversing your internal network via email Protects Windows, Linux, and AIX email servers on 32- and 64-bit platforms Automatically enforces email usage and content policies Works in conjunction with McAfee email appliances to provide comprehensive email security with shared central management and quarantine
74
ENDPOINT SECURITY
McAfee Security for Microsoft SharePoint
Powerful protection for your SharePoint servers With so much information shared throughout your business, you need targeted security for your SharePoint document libraries. Otherwise, viruses, worms, Trojans, and other threats can harm them. Know your content and enforce compliance McAfee Security for Microsoft SharePoint provides comprehensive, enhanced security for documents, web content, and files stored on your SharePoint workspaces. It detects, cleans, and removes viruses, as well as banned or inappropriate content, using the lightning-fast McAfee scanning engine. McAfee Security for Microsoft SharePoint offers preset content rules to prevent the spread of inappropriate content. Easy to use and immediately effective, the preset content rules can be run straight out of the box, or you can fine-tune them using advanced custom rule sets. The content management rules can prevent downloads and uploads. They also report details about documents that contain sensitive or offensive information. Scalable management McAfee Security for Microsoft SharePoint leverages your investment in the McAfee ePO platform. Comprehensive, graphical reports detail your security posture and answer the question: “Are all my SharePoint servers protected with the latest engine and virus definition files?” McAfee ePO supports remote deployment and allows large enterprise rollouts to be managed easily from a central location. Actionable monitoring with a graphical dashboard The management dashboard provides an overview of the latest virus detections; graphical data views with charts, detection summaries, product updates, licensing, and version information; details on recently scanned items; and security and vulnerability news. Strengths
• • • • • • •
Advanced anti-virus technology Effective content filtering Centralized management and reporting Preset content rules Microsoft VSAPI support Automatic updating Enhanced quarantine management
ENDPOINT SECURITY
75
McAfee SiteAdvisor Enterprise McAfee Web Filtering for Endpoint
Worry-free web browsing and blocking for business users While the Internet is a crucial business tool, cybercriminals are making it a dangerous one. Now you can allow employees to surf and search the web safely, using active technology to guide users away from malicious websites and shield them from online threats. Proactive safety information keeps users alert McAfee SiteAdvisor Enterprise lets you avoid restrictive policies that keep your employees from using the web for research and business projects. Your business users will have the freedom to surf online, protected from web-based threats such as spyware, adware, and phishing. Featuring an intuitive color-coded rating system — green, yellow, red, or gray for unrated — and the reputation intelligence of McAfee Global Threat Intelligence, McAfee SiteAdvisor Enterprise provides risk-aware protection at the desktop. Deploy and manage policies with ease Ready to deploy across your organization with McAfee ePO, McAfee SiteAdvisor Enterprise solutions install easily to protect all business users. You can customize the authorization or blocking of website access, view reporting, control messaging, assign actions based on safety ratings, and implement added protection for remote users — all to ensure policy compliance. Integrated URL and content filtering Unmanaged Internet access presents many challenges and introduces unnecessary risk. McAfee Web Filtering for Endpoint integrates with McAfee Site Advisor Enterprise to help organizations manage productivity, reduce legal liability, and improve bandwidth to make employee Internet use efficient and effective. McAfee customers who use McAfee Web Filtering for Endpoint and McAfee Web Gateway can take advantage of this integrated, gateway-aware solution to enforce the appropriate policy intelligently, whether the user is at a corporate office behind the McAfee Web Gateway or outside the network. Strengths
• • • •
Educates users for continuous protection against changing threats Prevents users from browsing to websites hosting malware or exploits Restricts and monitors employee web usage with superior content filtering Centralized management through McAfee ePO makes deployment, management, and reporting easy and efficient
76
ENDPOINT SECURITY
McAfee Total Protection for Endpoint — Enterprise Edition
Complete endpoint security designed for medium to large enterprises Providing a secure endpoint environment for your business can be complex. Sophisticated malware and a boundary free workplace make it easy for cybercriminals to steal information and devices. Users expect support for their preferred systems, including Macs and mobile devices, while regulations force increased safeguards for data and documented compliance. All the while, the growing number of security point products increases management costs and complicates response. Protect every endpoint from data, web, email, network, and system-level threats You could patch together a collection of individual products, but you would never achieve the effectiveness and efficiency of McAfee Total Protection for Endpoint — Enterprise Edition. This integrated security suite delivers ironclad protection for all your endpoints, including Windows, Mac, and Linux systems and mobile devices. We secure your systems and data against sophisticated malware, shielding your assets from bots and zero-day attacks with the support of McAfee Global Threat Intelligence. We protect even if the device is lost or stolen, and block noncompliant systems or unauthorized devices that may attempt to access your business-critical systems and sensitive data. This combination of controls is ideal for sophisticated enterprises with users who expect freedom — as well as total protection from the risks their mobility and flexibility entail.
FEATURE WHY YOU NEED IT
Single integrated management Encryption Device control Host IPS and desktop firewall Anti-malware Anti-spam Safe surf and search Host web filtering Email server security Network access control Policy auditing Multiplatform
Instant visibility into security status and events, efficient control of security and compliance tools Safeguards data and minimizes compliance issues Keeps confidential data from leaving the company Zero-day protection against new vulnerabilities, reduced urgency to patch, stops network-borne attacks Blocks code that steals data and sabotages user productivity Improves productivity and limits phishing and malware Helps ensure compliance and reduce risk from web surfing Controls users surfing on or off the corporate network Intercepts malware before it reaches the user inbox Limits malware infections by blocking noncompliant systems Streamlines checks and compliance reporting Protects the full range of endpoints required by mobile and knowledge workers
ENDPOINT SECURITY
77
McAfee Total Protection for Data
Industry’s most complete data protection solution With today’s mobile devices and ever-connected work style, protecting confidential customer information — as well as your intellectual property — has to be job one. To secure your confidential data reliably, the McAfee Total Protection for Data suite provides strong encryption, authentication, data loss prevention, and policy-driven security controls. They prevent unauthorized access to your sensitive data — anytime, anywhere, for any device. The suite includes McAfee Endpoint Encryption (full-disk, file and folder, and removable media encryption), McAfee Host Data Loss Prevention, McAfee Device Control, and centralized management by McAfee ePO. Instead of managing separate point solutions, use a single environment to manage your deployment, define security policies, monitor flexible dashboards, generate reports, and maintain your data protection. Enterprise-grade encryption and device control To protect data at rest, full-disk encryption combined with strong access control protects sensitive data on all endpoints. Persistent file and folder encryption transparently encrypts the files and folders you choose, on the fly, before they move through your organization. Host data loss prevention allows you to monitor real-time events and apply centrally managed security policies to control how employees access and use confidential data. You can also monitor and control data transfer to portable devices, such as USB flash disks, iPods, DVDs, and Bluetooth devices. Unlike wholesale blocking of device usage, you can specify and categorize which devices may or may not be used and enforce what data can and cannot be transferred to these devices based on sophisticated content analysis. Improved visibility and efficient, centralized management As your business needs change, we help you understand evolving usage and adjust policies appropriately. Advanced reporting and auditing help your company better meet tough privacy mandates, demonstrate compliance, ensure safe harbor protection, and support prompt and proper audits. Strengths
•
Works even when data is modified, copied, pasted, compressed, or encrypted Enforces policies based on users and groups and synchronizes policies with Active Directory, Novell NDS, and PKI Encrypts files, folders, or devices without end-user action Logs every data transaction with forensic-quality, audit-ready details
•
• •
78
ENDPOINT SECURITY
McAfee Total Protection for Secure Business
All the critical elements of security a medium-sized company needs Free yourself from the headaches of managing multiple point products from multiple vendors. McAfee Total Protection for Secure Business has it all — the industry’s most comprehensive security in one easy-to-manage suite for endpoints, email, web, and data. It saves time, saves money, and provides a more powerful, integrated defense against the threats medium-sized businesses know about — and the threats you cannot see coming. Smart data, email, and web security, plus compliance In one solution, you get anti-virus, anti-spyware, desktop firewall, and host intrusion prevention, web security, and highly accurate spam detection for effective gateway blocking of malware. To protect your business from data loss, you can encrypt all data on laptops, desktops, and other mobile devices and prevent unauthorized use of removable devices, such as memory sticks. We also help you limit access to dangerous websites, block data-stealing malware, and enforce appropriate data usage policies. Save time and money Let McAfee simplify acquisition and deployment of the protections you need, with one purchase of one package from one trusted, proven vendor, with substantially lower licensing fees and support costs than if purchased separately. It eliminates the compatibility and maintenance issues associated with multiple point products and vendors. Instead, you gain better visibility, control, and comprehensive intelligence on your security posture. Strengths
• • • •
Instant, always-active threat protection from data-stealing threats Encryption and device control to prevent data loss Single, centralized management to streamline management and reporting Easy to choose, purchase, and manage the protections you need
ENDPOINT SECURITY
79
McAfee Total Protection for Server
Improve security while preserving system availability and uptime Many companies have scaled back security on the server because traditional server security solutions introduce latency, hamper server operations, and disrupt critical processes. However, servers are a prime target as hackers pursue valuable, sensitive data. McAfee Total Protection for Server lets you ensure optimal security without compromising availability or uptime. Optimize your security posture Our combination of dynamic whitelisting, change policy management, policy auditing, and on-demand anti-virus helps you ensure only authorized applications can run. Strong change management controls mitigate the risk of targeted attacks, data breaches, and compliance drift. These lightweight security components preserve processing power for critical applications by locking in a trusted state and blocking unauthorized scripts, drivers, and executables. To better manage risk exposure, you acquire complete visibility as well as policy enforcement over data and system access. Any attempt at unauthorized change is detected and flagged with an alert, thwarting attacks like Operation Aurora. Gain operational efficiency and continuous compliance Combined security and compliance functions reduce the number of hours required to manage processes. The ability to assess configuration and management of the system against policy drives down the cost of management. You also trim investments in hardware and separate licenses for application and file server security. We include templates for key regulatory and industry policy standards. Alerting and rich auditable data on server changes help you test and verify compliance with regulations, and reports become routine. Centralized McAfee ePO management makes our flexible configurations easy to set up and maintain and helps you manage and document security throughout your enterprise. Strengths
• • •
Whitelisting and on-demand scanning for maximum protection Prevents execution of all unauthorized code, scripts, and DLLs Defends against memory exploits with memory protection and in-memory scanning Low overhead components minimize CPU impact Simple setup and low initial and ongoing operational overhead Administrators with physical or remote access to the machine cannot override protection
• • •
80
ENDPOINT SECURITY
McAfee VirusScan Enterprise
The ultimate way to keep viruses out of your desktops and servers Enterprises cannot afford to wait for every threat to be identified and a signature file to be released. The time between attack and subsequent identification is critical: the shorter, the better. It’s better yet if your protection technology identifies new, unknown threats. Block multiple threats to protect systems and productivity McAfee VirusScan Enterprise proactively stops and removes malicious software, extends coverage against new security risks, and reduces the cost of responding to outbreaks. By blending advanced anti-virus, firewall, and intrusion prevention technologies, McAfee VirusScan Enterprise covers a broad range of known and unknown threats. It defends your systems against viruses, buffer overflows, and blended attacks, including threats that attempt to write to memory. Advanced analysis and behavior-based threat detection With innovative heuristics and generic detection, it finds even new, unknown viruses concealed in compressed files and can stop rootkits and hidden keyloggers from installing. McAfee VirusScan Enterprise looks for exploits known to target Microsoft applications and services. It will also identify and block threats that take advantage of JavaScript and Visual Basic, as well as HTML text and attachments. Supported by the McAfee Global Threat Intelligence network To dramatically reduce the exposure from new, unknown malware, McAfee VirusScan Enterprise incorporates real-time risk analysis from McAfee Global Threat Intelligence, the most comprehensive threat intelligence in the market. With visibility across all threat vectors — including file, web, message, and network — and a view into the latest vulnerabilities across the IT industry, McAfee correlates real-world data collected from millions of sensors around the globe and provides real-time malware information to McAfee VirusScan Enterprise. Strengths
• • • •
Powered by global threat intelligence across all key threat vectors Cannot be disabled by hackers, malware, or fake anti-virus Centrally managed, monitored, and reported on through McAfee ePO Defends against threats that target Microsoft — especially Windows services, Word, Excel, Explorer, Outlook, and SQL Server Can replace existing anti-virus products remotely, automatically, and with no reboot required in most cases
•
ENDPOINT SECURITY
81
McAfee VirusScan Enterprise for Linux
Always-on protection for Linux systems Though most threats attack Windows systems, malware definitely does target the Linux platform. Unprotected Linux systems may also act as carriers, allowing viruses and malware to disrupt non-Linux operating systems throughout the network. Even after an initial outbreak has been contained, viruses may still be able to execute their payloads and infect the entire network. McAfee VirusScan Enterprise for Linux offers superior protection from the growing numbers of viruses, worms, and other malware targeting Linux systems. Always on the lookout, its unique, Linux-based on-access scanner constantly monitors the system for potential attacks. Supported by the McAfee Global Threat Intelligence network McAfee Global Threat Intelligence offers the most comprehensive threat intelligence in the market. With visibility across all threat vectors — including file, web, message, and network — and a view into the latest vulnerabilities across the IT industry, McAfee correlates real-world data collected from millions of sensors around the globe. It provides real-time malware information to McAfee VirusScan Enterprise for Linux to block threats before signatures become available. Enhanced enterprise management and reporting McAfee ePolicy Orchestrator manages and enforces anti-virus protection and policies. It provides centralized, comprehensive policy management, detailed graphical reporting, and software deployment across your Linux, Windows, and Mac clients, offering better security visibility across your entire infrastructure. Security designed for Linux We offer real-time protection, low processing overhead, and support for most common Linux distributions and include a kernel-scanning cache for efficient processing. Extremely scalable, McAfee VirusScan Enterprise for Linux suits today’s fast-moving, highly adaptive small businesses and global enterprises. Strengths
•
Continuous, on-access scanning, including heuristic scanning to identify and block new variants and unknown threats without the need to patch Archive scanning to discover and block viruses hidden within archived files Automatic updating without system reboots Cross-platform protection to block Windows malware Kernel module versioning for on-access scanning on new kernels without having to recompile modules
• • • •
82
ENDPOINT SECURITY
McAfee VirusScan Enterprise for Offline Virtual Images
Purpose-built security for virtual environments Enterprise applications are easier to provision and deploy on virtualized systems than on physical servers. However, the consequence of easy deployment is virtual machine (VM) proliferation, with more and more VMs created throughout the IT environment. In today’s virtual environments, VMs that are dormant for an extended time miss the latest patches. When these archived VMs activate, their anti-malware security profiles can be precariously out of date and their unpatched vulnerabilities put your entire infrastructure at risk. Updated protection, automatically McAfee has extended its trusted expertise to virtualized environments, with integrated protection for virtual environments. With McAfee VirusScan Enterprise for Offline Virtual Images, your organization can ensure your VMs are secure and also reduce IT effort. We cut operating costs through common security management for both physical and virtual environments. The solution scans, cleans, and updates the anti-malware security profile of dormant VMs — without bringing them online. Automatic, real-time anti-malware updates use McAfee Global Threat Intelligence to maintain the latest threat protection, allowing your IT staff to focus on other issues. Safe archival for compliance Now you can archive safely for longer intervals to support regulatory policies. Periodic automatic scans and updates of offline virtual images will ensure the systems remain protected. Reduced IT overhead and headaches Eventually, when you bring offline VMs back online, McAfee has already scanned, cleaned, and fully secured them with updated signatures, so they no longer threaten the IT environment. Because we automate these processes, we also greatly reduce the intermittent IT burden of bringing VMs back online for security patches, updates, and other routine maintenance. Through McAfee ePO, you monitor, maintain, and report on physical and virtual environments with one console. Strengths
• •
Updates McAfee .DAT signature files without bringing the VM online Integrated with VMware’s VMsafe integration tools for optimal performance and security Facilitates real-time disaster recovery by securing offline virtual machines at secondary sites Reduces migration issues with one solution for VMware, Microsoft, and Citrix environments
•
•
ENDPOINT SECURITY
83
McAfee VirusScan Enterprise for Storage
Unmatched virus protection for network-attached storage environments Network-attached storage (NAS) devices hold a vast amount of business-critical information, accessed and stored constantly by your users. Use McAfee VirusScan Enterprise for Storage to keep viruses away with continuous, on-access scanning that has minimal impact on filer access time. Broad, proactive protection McAfee scans NAS filers to deliver real-time virus protection against a wide range of viruses and other threats, detecting new, unknown viruses and even those hidden in compressed files. It blocks threats before they are stored. Unique on-access scanning technology scans constantly in real-time, while files are accessed, copied, or written to the server. Regular automatic updates from McAfee Labs keep your protection abreast of the latest threats. Automatic remediation Once it finds an infected file, VirusScan for Storage automatically cleans, deletes, or quarantines it. By scanning files as they move to and from your filers, you gain the ultimate in virus protection. Multiple scanners checking multiple filers give you the power of parallel processing for optimal load balancing and flexible failover protection. One management platform McAfee ePolicy Orchestrator makes control and management easy with a single display and detailed graphical reporting. Strengths
•
Continuous, on-access scanning blocks viruses before they are stored and prevents script-type threats, spyware, and unwanted programs One management platform Automatic updates of .DAT files and scanning engines Rapid notification of alerts Works with NetApp filers and Sun Storage devices Enterprise-ready multi-scanner to multi-filer configurations Backed by the 24/7 global research team at McAfee Labs
• • • • • •
84
ENDPOINT SECURITY
McAfee VirusScan Enterprise for use with SAP NetWeaver platform
Extending proven security to mission-critical business applications While anti-malware software is a de facto standard with enterprise clients globally, the vast majority of mission-critical SAP environments remain exposed to potential security threats. With the expanding SAP product portfolio, there are more opportunities to upload external, potentially infected, files to the SAP NetWeaver environment, such as employment resumes, configuration files, and templates. Infected files could potentially corrupt the entire database. We help with the first enterprise-class protection for this critical enterprise asset: McAfee VirusScan Enterprise for use with SAP NetWeaver platform. It supports business continuity for mission-critical SAP environments and helps ensure uploads of infected files do not affect the whole database. Enterprise-class protection McAfee is the only enterprise-class vendor to offer security that scans, quarantines, and remediates sensitive documents, configuration files, templates, and other files before they reach the SAP environment. The product offers real-time (on-access) scanning of any file uploaded or modified in the environment and comes with the flexibility for deployment as a standalone server or as a virtual machine. Enterprise-class manageability Use the same McAfee ePO management platform you use to control other McAfee enterprise products. You get simple, centralized reporting, updates, and auditing. Strengths
•
Real-time (on-access) scanning of any file uploaded or modified in the environment Flexible deployment: standalone or virtual machine SAP certified integration partner Backed by 24/7 global threat intelligence from McAfee Labs
• • •
ENDPOINT SECURITY
85
McAfee VirusScan for Mac
Complete protection for Mac PowerPC and Intel-based systems Leverage the award-winning McAfee scan engine to proactively hunt down and kill Macintosh and Windows viruses, worms, Trojans, and other threats. Automatic virus updating and cleaning protects you against infected Internet downloads, such as spyware, adware, and other unwanted software. Complete, proactive threat protection McAfee VirusScan for Mac uses on-access scanning to search for viruses and malicious threats every time a file is accessed. It automatically detects viral infections as they attempt to infect a system and protects against Macintosh, PC, and Unix-based viruses. In addition, it has the ability to scan Apple Mail messages and attachments for malicious threats. It will also protect your users when they save or open files from shared network drives. McAfee VirusScan for Mac uses heuristic analysis and generic detection that proactively protects against new and previously unknown viruses. The advanced heuristic analysis looks through the code in a file to determine if the actions it takes are typical of a virus. The more virus-like the code found, the more likely the file is to be infected. To reduce the risk of false alarms, we combine our positive heuristics approach with negative heuristics, which searches for those things that are distinctly non-virus-like. Proactive McAfee Global Threat Intelligence technology automatically detects and blocks suspicious files without the need for signatures. Centralized management McAfee ePolicy Orchestrator can administer McAfee VirusScan for Mac for easy policy configuration, deployment, enforcement, reporting, and management across all your endpoints. Strengths
• • • •
Familiar Apple Mac OS X Aqua user interface Fast on-access or convenient on-demand and full-disk scanning Automatic or on-demand one-click updating Universal deployment on either Intel-based or Power PC-based Macintosh systems Kept up to date with 24/7 global threat intelligence from McAfee Labs Centralized management and visibility across Mac, Windows, and Linux clients Supports Mac OS X 10.6 (Snow Leopard), 10.5 (Leopard), and 10.4 (Tiger) Also available as part of comprehensive protection in the McAfee Endpoint Protection for Mac suite
• •
• •
86
ENDPOINT SECURITY
Security Management
McAfee Security Management
McAfee Security Management delivers real-time visibility into your security, risk, and compliance profile. With an open platform to integrate existing security administration, McAfee automates protection, diagnosis, and remediation.
Take the Guesswork Out of Securing Your Enterprise
McAfee Security Management represents the industry’s most comprehensive approach to managing enterprise security. Designed to monitor, manage, and report on your security, risk, and compliance profile, it empowers you with situational awareness, global protection across your heterogeneous infrastructure, and shared intelligence— all in an open platform.
•
Security Management
Consolidated management—McAfee ePolicy Orchestrator is the only enterprise-class, open platform to centrally manage security for systems, networks, data, and compliance. With end-to-end visibility and powerful automation, McAfee slashes incident response times, strengthens protection, and drives down the cost of managing security. Risk management—Your organization can fully understand its risk posture across every meaningful sector of your IT environment, including databases, web applications, systems, and networks. Armed with this new visibility, you can optimize security, mitigate risk, and prioritize security efforts while eliminating manual threat correlation processes. Compliance—McAfee solutions automate compliance reporting and elevate your organization’s adherence to industry standards—including PCI, SOX, and HIPAA—while lowering costs and reducing audit overhead. Through built-in integration with our centralized management console, you can secure continuous integrity monitoring, create and enforce change policies, and easily incorporate revised standards.
•
•
Coordinate Your Security Defenses
McAfee Security Management offers proactive risk management, integration with business operations, and security defenses coordinated across dynamic enterprise infrastructures. Now security goes wherever your employees go. Regardless of the device, application, network, or database, McAfee protection is there.
Security management for systems, networks, data, and compliance McAfee ePolicy Orchestrator (McAfee ePO) Risk management McAfee Risk Advisor McAfee Vulnerability Assessment SaaS (with McAfee SECURE module option) McAfee Vulnerability Manager McAfee Vulnerability Manager for Databases Streamlined compliance McAfee Change Control McAfee Change Reconciliation McAfee Configuration Control McAfee Database Activity Monitoring McAfee Integrity Control McAfee Integrity Monitor for Databases McAfee PCI Certification Service McAfee Policy Auditor McAfee Total Protection for Compliance The above products appear in alphabetical order in the pages that follow. Visit www.mcafee.com/securitymanagement for the latest information.
94 99 101 102 103 90 91 92 93 95 96 97 98 100
SECURITY MANAGEMENT
89
McAfee Change Control
Stay in control with comprehensive change policy enforcement How often has an unapproved or untimely change brought down a key system? Unauthorized or untested changes may cause 80 percent of unplanned system downtime. McAfee Change Control prevents unauthorized changes by providing realtime visibility into modifications and delivering technology-based policy enforcement. McAfee Change Control continuously tracks and validates every attempted change to your IT infrastructure. It improves accountability and eliminates violations that affect compliance or cause outages — while lowering IT costs. Real-time network visibility McAfee Change Control alerts you to changes on servers, databases, and network devices, including switches, routers, and firewalls. It instantly detects changes as they are made, logging modifications in an independent change database. If it blocks an unauthorized change, it immediately makes a record of the attempt. Complete policy enforcement As insider threats rise, many organizations are eager to block unwanted changes and improve accountability for privileged insiders, including employees and outsourced IT contractors. This software lets you enforce change policy according to time window, source, or approved ticket. Improved compliance with SOX and PCI DSS Unauthorized changes can violate policies, leading to costly network outages and material weakness in compliance standards. McAfee Change Control provides categorical management over your complete IT infrastructure, enabling those who process credit card transactions to fulfill and validate PCI and SOX requirements efficiently and cost-effectively. Strengths
•
Real-time visibility and alerting across servers, databases, and network devices Instant file integrity monitoring lets you quickly identify where policies are being challenged Prevents unauthorized changes, violations, and outages before they occur Eliminates costly manual efforts to track and account for changes Easily integrates with change management, data center automation, and configuration management database solutions
•
• • •
90
SECURITY MANAGEMENT
McAfee Change Reconciliation
Automate change policy and ensure effectiveness Most IT organizations recognize the impact of change on their operations and have invested in change management, data center automation, or a service desk. But often a gap remains between actual activity and the documented change management process. McAfee Change Reconciliation operates in concert with McAfee Change Control to correlate changes made on servers to the change tickets documented in existing ticketing systems. It integrates with popular change management systems and configuration management databases to reduce the cost of compliance, increase availability, and improve information technology infrastructure library (ITIL) processes. Cost-effective compliance and change validation McAfee Change Reconciliation verifies deployment of approved changes and identifies, groups, and documents unapproved or unticketed changes, such as emergency changes, with high accuracy. It automatically validates changes corresponding to an approved and implemented request for change (RFC) based on the identifying hostname or configuration item, actual start time, actual end time, and username. After reconciliation, the RFC is updated with detailed information about the change. To help minimize differences between staging and production environments, the software can track changes on staging environments and create a manifest ticket for use in production implementations. Integrations help create closed-loop change management When deployed with McAfee Change Control, McAfee Change Reconciliation can be configured to prevent any unauthorized changes to the infrastructure. For instance, you might allow a change only if there is an approved RFC and the time of change is between the scheduled start and end time. HP uCMDB and BMC Atrium integrations place comprehensive real-time change data into the CMDB. McAfee also integrates with both default and customized installations of HP ServiceManager, HP Release Control, and BMC Remedy and supports integration with custom workflows. Strengths
• • •
Reconciles actual changes to approved, ticketed change requests Automatically creates new tickets for unticketed changes Creates tickets for changes made to staging environment, reconciles the ticket with production environment changes, and offers exception reporting
SECURITY MANAGEMENT
91
McAfee Configuration Control
Get in control and stay in control, with continuous compliance For enterprises that must adhere to multiple compliance standards or strict regulations, constantly maintaining and achieving compliance in dynamic environments is both tricky and expensive. McAfee Configuration Control offers a cost effective means to automate and enforce individualized or standard compliance configurations. Through the three steps of Audit, Control, and Enforcement, you can achieve continuous compliance while dramatically cutting audit preparation, time, and costs. Beyond saving you time and money on audit activity, it goes farther to block unauthorized changes and limits the liability and costs associated with ad hoc changes that may affect performance, availability, or security. Achieve compliant configurations and enforce policy with ease Through unique IT controls and automated assessments, we help you obtain continuous compliance. With a flexible and easy-to-use interface, you can quickly create your own IT compliance standards as well as address external requirements — without being an expert. Alerting with policy enforcement provides the notification of changes that could jeopardize compliance. It also limits changes to predetermined time windows, trusted sources, or approved work tickets. You have control and can stop drift from corporate policy. With this one solution, you meet prescribed compliance requirements for unauthorized change alerting and configuration assessment reporting. Profiles let you focus on what is critical for you to monitor, with dashboards making it easy to keep watch and track. Scheduled, automated audit and compliance reports can provide internally or externally defensible proof of continuous compliance across your environment. Strengths
•
Controls integrity of your systems with continuous tracking and alerting of events that could compromise security or lead to noncompliance Enforces a centralized or enterprise change policy so that only validated, authorized changes are executed Minimizes risk by controlling system change and configurations to ensure the highest level of security, reliability, and compliance Leverages your investment in McAfee ePolicy Orchestrator and other enterprise software
•
•
•
92
SECURITY MANAGEMENT
McAfee Database Activity Monitoring
Automated database protection Organizations store their most valuable and sensitive data in a database, but perimeter protection and basic security provided with the database may not protect this asset from sophisticated hackers or rogue insiders. Research shows that more than 92 percent of records breached involved a database, with more than 87 percent based on exploits requiring significant technical skills.¹ McAfee Database Activity Monitoring automatically finds databases on your network, protects them with a set of pre-configured defenses, and helps you build a custom security policy for your environment — making it easier to demonstrate compliance to auditors and improving protection of critical data assets. Total visibility into database compliance With McAfee Database Activity Monitoring, you gain visibility into all database activity, including local privileged access and sophisticated attacks from within the database. Audit trail reports are available to meet SOX, PCI, and other compliance audit requirements. An audit trail aids post-incident forensic analysis to understand the amount of lost data or malicious activity. Virtual patching protects against extreme database threats Applying missing patches and fixing misconfigurations found by the vulnerability scan will enable you to improve the security posture of your databases immediately. Since database patch deployments require downtime, a luxury not available to most mission-critical databases, McAfee Virtual Patching technology can protect even your unpatched databases against zero-day attacks by blocking attacks that exploit known vulnerabilities. It also shields applications that use older releases of the databases for which patches are no longer provided. McAfee Database Activity Monitoring cost-effectively protects your data from threats by monitoring activity locally on each database server and by alerting or terminating malicious behavior in real time, even when running in virtualized or cloud computing environments. It can also enforce policies by terminating sessions that violate security policy. Strengths
• • •
Protects unpatched databases against zero-day attacks Real-time monitoring alerts can spark immediate response Intrusion prevention terminates suspicious sessions and quarantines malicious users, allowing time for the security team to investigate Monitors threats from all sources, including network and application users, local privileged accounts, and attacks from within the database itself
•
1 Verizon Business Study, 2010.
SECURITY MANAGEMENT
93
McAfee ePolicy Orchestrator (McAfee ePO)
Intelligent security and compliance optimization Over 35,000 customers use McAfee ePolicy Orchestrator to manage nearly 60 million PCs and servers, making it the world’s most deployed and respected security and compliance management technology. A cornerstone of the McAfee Security Management Platform, McAfee ePO brings together information and processes to create intelligent security that is automated and actionable. With McAfee ePO, you can make quick, effective decisions. You can reduce operational costs with advanced reporting and policy assignment functions. Every efficient response improves threat protection and compliance management. Integration for quick problem identification and action To help you get answers about infections and threat events faster, McAfee ePO integrates system, data, network, web, and email protections. It streams threat and vulnerability information into a central management hub for a single, correlated set of threat events. When the integrated display shows you need to investigate, it also helps you respond quickly. From the management dashboard, you can just select a system or group and immediately launch a task. Achieve operational efficiencies and business benefits McAfee ePO unifies security management across the enterprise with an open architecture that streamlines reporting, incident response, and compliance processes. Compared to old-style point solutions, this approach dramatically simplifies installation and maintenance of protections and their rules and policies. It eliminates the system impact of multiple agents and the decision inefficiencies of multiple consoles. When policies need to adjust as threats and regulations change, updates are quick, accurate, and consistent. For the big picture, McAfee ePO correlates threats, attacks, and events across endpoint, network, and gateway protection tiers, and then factors in data usage and compliance information. This consolidation supports more relevant and efficient operational and compliance processes. The savings can be material. According to third party research, customers manage more nodes with less hardware in less time. Open for innovation McAfee ePO has an open architecture that helps advance next-generation security and compliance innovations. Members of the McAfee Security Innovation Alliance (SIA) develop new use cases and integrations to make it easier for you to oversee your infrastructure. For example, a partner might link its real-time monitoring and threat detection with McAfee incident response and compliance reporting. You leverage your McAfee ePO investment for a united view and audit trail of actions.
94 SECURITY MANAGEMENT
McAfee Integrity Control
Protect fixed-function systems from unauthorized applications and changes Vertical segments such as retail, healthcare, and industrial control face a barrage of unknown software from the web and intensifying compliance and regulatory scrutiny. It’s crucial to ensure only trusted applications run on high-value fixed-function devices, such as point-of-service (POS) systems, automated teller machines (ATMs), medical imaging systems, kiosks, and process control systems. Unauthorized applications or changes affect service availability, introduce malware, and present compliance violations and risk. Combining industry-leading whitelisting and change control technology, McAfee Integrity Control provides an effective, lightweight way to block unauthorized applications and changes on fixed-function point-of-service systems and devices. It enables real-time change detection, accountability to validate change activity, and change prevention against unwanted activity. Dynamic whitelisting and policy enforcement with low TCO Our solution blocks unauthorized, vulnerable, or malicious applications that can compromise the integrity of systems. A dynamic whitelisting trust model keeps systems tightly secured, yet allows for authorized updates or changes from administrator-defined trusted sources. The software eliminates the manual, costly support associated with other whitelisting technologies, as it needs no databases, rules, or updates. McAfee Integrity Control also includes change control to block unwanted, out-of-policy changes before they occur. Protection links directly to policy, and you can verify changes against the change source, time window, or approved change ticket. We block changes attempted outside of policy, log the change attempt, and notify administrators. We also catch transient violations, where changes are later reversed. This control slashes change-related outages and policy violations. Monitor file integrity and changes in real time Continuous file integrity monitoring (FIM) watches files and directories for changes to content, permissions, or both. It reduces risk, cuts overhead caused by scan-based monitoring, and is essential for verifying security or meeting compliance requirements such as the Payment Card Industry Data Security Standard (PCI DSS). Strengths
• • • •
McAfee ePO eases agent deployment, management, and reporting Provides data about every change, including the user and program used Transparent operational footprint suits compact, fixed-function systems Eases compliance with PCI regulations
SECURITY MANAGEMENT 95
McAfee Integrity Monitor for Databases
Improved visibility into your database security posture while meeting compliance requirements Compliance regulations demand that organizations have proper controls over sensitive data, including financial information and customer personally identifiable information (PII). This content is typically stored in relational databases, but complex configuration of these systems coupled with difficulty in monitoring privileged access make it a challenge to demonstrate consistent protection. McAfee Integrity Monitor for Databases tests systems for common configuration vulnerabilities, monitors changes to these settings, and helps you build a custom security policy to audit access to your sensitive data — providing visibility into dangerous configuration changes and making it easier to demonstrate compliance to auditors. Saves time and money through fast deployment and an efficient architecture With McAfee Integrity Monitor for Databases, organizations gain visibility into important configuration parameters for database servers, as well as any changes to these settings that could influence data security, capturing the information necessary to meet compliance requirements. McAfee Integrity Monitor for Databases is the easiest, most cost-effective solution to deploy for evaluating and monitoring the security of systems storing sensitive information. It can be up and running quickly, without affecting existing operations or performance, and offers a simple upgrade path to more advanced capabilities as needed. Strengths
•
Deploys on the IT infrastructure you prefer: installed non-intrusively on physical servers, provisioned along with the database on virtual machines, or deployed remotely on cloud servers Minimizes risk and liability with real-time notification of any configuration changes that affect security Tracks activities such as logons, logoffs, user/role creations, password changes, and more, and monitors database schema changes and data changes Centralized deployment and management through McAfee ePO Low overhead operation allows you to monitor comprehensively, without an impact on performance
•
•
• •
96
SECURITY MANAGEMENT
McAfee PCI Certification Service
PCI peace of mind from the world’s largest dedicated security company and PCI-approved scan vendor All organizations that capture, process, or store credit card data must demonstrate proof of compliance with PCI DSS. The McAfee PCI Certification Service provides step-by-step guidance and real-time analysis of compliance status, so that companies can successfully navigate and complete the PCI DSS requirements. Tens of thousands of organizations around the world trust McAfee to audit their PCI compliance. The McAfee PCI Certification Service includes quarterly and on demand scanning, remediation assistance, technical support, the self-assessment questionnaire, and a certificate of compliance. The service is completely web-based, with Software-as-a-Service provisioning and no hardware or software to deploy, install, or maintain. Simple, reliable, and affordable compliance Working directly with Visa International, we developed an accurate, easyto-use service that makes PCI compliance more affordable and more reliable for organizations of all sizes. Merchants can quickly meet all requirements with confidence. Our portal makes it easy to complete your self-assessment questionnaire, review quarterly vulnerability scans, launch on-demand scans to retest as needed, and even generate the necessary PCI compliance reports and documentation. The McAfee PCI Certification Service includes IP address scanning, assistance and recommendations to help you meet requirements, and extensive technical support. This full-service PCI compliance service is suitable for organizations with fewer than 6 million payment card transactions per year (PCI merchant levels 2, 3, and 4). Strengths
• •
Easy-to-use Software-as-a-Service Self-assessment questionnaire selection wizard and unlimited technical support Automatic quarterly scans help you continue to demonstrate compliance Quarterly and on-demand scanning includes dynamic port scanning, port-level network services vulnerability testing, and web application vulnerability testing Generates PCI compliance reports that are ready to submit
• •
•
SECURITY MANAGEMENT
97
McAfee Policy Auditor
Get in control, prove compliance by automating the IT audit process These days, it is not enough to be compliant. It is critical to show it with a high degree of accuracy — a daunting and time-consuming task. You spend an inordinate amount of time and effort manually collecting data, mapping IT controls to policy, and auditing devices — especially your mission-critical servers — to identify policy violations and noncompliant systems. You need an efficient and accurate alternative. McAfee Policy Auditor simplifies the process of demonstrating compliance. It automates manual audit processes and increases efficiency. Its proven agent, extensive support for content standards, and transparent integration with McAfee ePolicy Orchestrator mean accurate, efficient audits, every time. By mapping IT controls against predefined policy content, McAfee Policy Auditor enables you to produce consistent and accurate reporting against internal and external policies. Get proactive about compliance McAfee Policy Auditor delivers automated policy auditing of managed assets. You can proactively define, measure, and report on the compliance of information systems based on industry, regulatory, and corporate security policies, as well as standards and frameworks. Predefined templates include ISO 27001, COBIT, FISMA, FDCC, HIPAA, SOX, GLBA, and PCI DSS. Built on open standards and SCAP-validated, it enables you to import authoritative templates, such as FDCC, and audit for compliance to that standard within minutes. Integrated for investment protection Use McAfee Policy Auditor with McAfee ePO to consolidate security management and compliance management, easing agent deployment, management, and reporting. Pair McAfee Policy Auditor with McAfee Vulnerability Manager to run consolidated audits across both managed (agent-based) and unmanaged (agentless) systems. Strengths
• • • • •
Fast, automated import of industry benchmarks through SCAP standard Real-time audit model and blackout window reduce business disruption Automation saves hours and days of tedious tasks Builds confidence with external auditors Enables organizations to prove compliance consistently
98
SECURITY MANAGEMENT
McAfee Risk Advisor
Take the guesswork out of securing your environment What happens when you face an out-of-cycle patch, such as Stuxnet? Does your team have to scramble to test and apply patches? As you evaluate risks, how do you know where to invest your time and resources? Most organizations rely on error-prone, manual assessments to guide their security efforts. McAfee Risk Advisor takes the guesswork out of protecting critical assets by proactively correlating threat, vulnerability, and countermeasure information. It pinpoints critical assets in need of immediate attention to let you direct security efforts, while demonstrating the positive impact of deployed security products. Its insight pays off in improved operational efficiency, reduced cost, and an optimized security posture. Comprehensive risk assessment, real-time visibility, and patch optimization Through correlation and analysis, McAfee Risk Advisor provides detailed, realtime information about a threat, its severity, and the risk it poses to specific assets. “At Risk” and “Not at Risk” views of all the assets in your environment enable you to see quickly which assets are threatened, then drill down for actionable details. To help reduce the frequency and cost of patching, the dashboard provides recommended countermeasures, links to threat discussion groups and notices, various risk-scoring methods, and a list of affected applications. You learn how threats affect regulatory mandates so you can balance your business objectives with the right amount of security. Simplified management and compliance McAfee Risk Advisor integrates with McAfee ePO for easy, cost-effective management from a single, web-based console. “Not Vulnerable” reports and threats filtered by regulation cut the time it takes to satisfy auditors. Automated threat correlation and real-time updates from McAfee Labs and tight integration with core McAfee products combine to deliver the highest level of security and improve operational efficiencies. Strengths
•
Replaces manual tasks with real-time risk assessment to focus efforts on at-risk assets Reduces the cost and time associated with patching Demonstrates measurable ROI for existing security products Leverages centralized dashboard and integrated, real-time threat updates to improve situational awareness
• • •
SECURITY MANAGEMENT
99
McAfee Total Protection for Compliance
Unified IT policy auditing and risk management For many organizations, keeping pace with new requirements, more controls, and changing guidelines means deploying multiple technologies for managing IT audit cycles and sustaining compliance. McAfee Total Protection for Compliance makes compliance easy with the industry’s first integrated solution for vulnerability management, compliance assessment and reporting, and comprehensive risk management. Using McAfee ePolicy Orchestrator (McAfee ePO) as the single deployment, management, and reporting platform, it integrates McAfee Vulnerability Manager, McAfee Policy Auditor, and McAfee Risk Advisor. Through both agent-based and agentless technology, it audits, assesses, and reports across managed and unmanaged systems, dramatically reducing IT audit time while managing risk more effectively. Comprehensive coverage and proactive risk management The combination of agent and agent-less scans mean we assess every system for compliance with regulations, standards, and best practices. This comprehensive model lets you use the most effective technology for the architecture you have. Leveraging McAfee ePO and McAfee Risk Advisor, you can combine threat, vulnerability, and countermeasure information to proactively pinpoint assets that are at risk to threats. It takes the guesswork out of when and where to focus your security efforts — saving you time and money. If your environment has 3,000 systems, for instance, you can discern the 30 systems that are at risk and vulnerable to a specific threat. McAfee Global Threat Intelligence keeps threat and vulnerability data updated, nonstop. Simplified compliance McAfee Total Protection for Compliance reduces the number of point products needed to achieve the results and reports auditors demand, while eliminating manual processes throughout the risk management and audit lifecycle. For instance, administrators and auditors can use a single workflow and policy environment for policy definition, asset identification, and consolidated reporting. As you prepare for audits, just import industry-standard content and tailor policies and checks for your needs, applying policy benchmarks across many different asset types. Strengths
• •
Accurate risk analysis and prioritization shrink the noncompliance window Deep policy assessments on hosts, plus network audits of policy settings for account, file, network, and system access Assessments and reports for SOX, FDCC, FISMA, HIPAA, PCI DSS, and more
SECURITY MANAGEMENT
•
100
McAfee Vulnerability Assessment SaaS (With McAfee SECURE module option)
The world’s network perimeter security standard Protect the perimeter, and you will defend your organization, brand, and customers from hackers, data breaches, spyware, popups, browser exploits, and phishing. To help organizations around the world achieve this peace of mind, we integrated complementary security technologies into a single service. McAfee Vulnerability Assessment SaaS leverages our widely used vulnerability scanning technology that currently helps protect more than 80,000 sites. We combine this with security data gathered by continuously crawling the web, searching for and identifying sites harboring malicious code, such as browser exploits and spyware. The service helps you identify potential security issues through real-time insight into the security status of your network perimeter, prioritize and delegate your remediation responsibilities, and even demonstrate ROI. It provides transparent objectivity by continually benchmarking and certifying your network perimeter security status to widely adopted independent data security standards including the McAfee SECURE™ certification and PCI. Easy startup and no hardware or software to install or maintain This web-based service runs entirely from our McAfee network. It requires no installation, no hardware purchases, no software development, no security expertise, and no special training to use. McAfee provides automated network security audits combined with an interactive, highly customizable vulnerability management portal. McAfee Vulnerability Assessment SaaS also includes a simplified, easy-to-use system perfectly suited to any organization that needs to successfully and confidently complete the steps necessary for PCI (merchant level 2 – 4) certification. Compliance holds other benefits. As long as you remain compliant with the McAfee SECURE standard, you have the option of promoting your certified security to visitors by displaying the McAfee SECURE trustmark on your site. Strengths
• •
Software-as-a-Service delivery model cuts start-up time and eliminates costs Accurate, customizable daily audits for latest web application and network perimeter vulnerabilities Includes technical and PCI DSS compliance support to ensure the resources you need to certify your PCI DSS compliance Continual benchmarks of your real-time security against the PCI and McAfee SECURE standards, with meaningful reports to guide action Lets you promote your trustworthy status with the McAfee SECURE trustmark
SECURITY MANAGEMENT 101
•
•
•
McAfee Vulnerability Manager
Evaluate 100 percent of your network 100 percent of the time When scanning for vulnerabilities, coverage counts. Protect your business against changing risks with the industry’s most flexible, scalable, and comprehensive solution. Thousands of organizations rely on McAfee Vulnerability Manager, from organizations with a few hundred nodes to one continuously scanning over four million IP addresses. Find and fix fast, with less stress McAfee makes it simple to implement reliable scanning, beginning with installation. Within minutes, you start your first scan and automatically discover assets. Since we integrate directly with enterprise user and asset management tools, you can maintain one repository for asset data and design scans based on groups and other tags. Four times more content checks for comprehensive coverage Our risk-based approach combines thorough, broad scanning coverage with vulnerability, asset data, and countermeasures to help you make informed decisions. We make system and application-level assessments that include database banners, policy settings, registry keys, file and drive permissions, running services, and tests for more than 450 operating system versions. Real-time threat feeds and correlation data help you determine how emerging malware and vulnerabilities affect your risk profile, guiding you to deploy resources efficiently. Support for custom scripts and checks, integrations with McAfee and third party products, and an open programming interface let you merge McAfee Vulnerability Manager into your entire IT security operation. As you work, tailor scans and reports with virtually unlimited flexibility. We present conclusive evidence — such as expected and actual scan results, any systems not scanned, and any failed scans — to show that specific systems are “Not Vulnerable,” an increasing audit requirement. Our portable option lets you scan isolated networks and bring back results for aggregated reporting. Strengths
•
Ultimate flexibility in reporting, scanning, and deployment, including air-gapped networks Unmatched scalability, vulnerability coverage, and scanning accuracy Unrivaled data integration with homegrown and third party applications Unprecedented response to threats via McAfee Global Threat Intelligence Unique capability to prove assets “Not Vulnerable” to threats
• • • •
102
SECURITY MANAGEMENT
McAfee Vulnerability Manager for Databases
Protect your network databases from threats Few assets merit stronger protection than your databases. They are home to your sensitive and regulated data, enabler of your business workflows, and the hub of 24/7 employee and partner activities. McAfee Vulnerability Manager for Databases evaluates risks from all known threat vectors and provides concrete tools and expert recommendations to remediate them. By improving your visibility, McAfee Vulnerability Manager for Databases reduces the likelihood of a damaging breach. It also cuts cost by preparing you for audits. Clear visibility into database vulnerabilities and your risk posture McAfee Vulnerability Manager for Databases automatically discovers databases on your network, determines if the latest patches have been applied, and starts looking for potential problems. It conducts more than 3,000 vulnerability checks — including weaknesses such as weak passwords and default accounts — against databases including Oracle, SQL Server, DB2, and MySQL. Actionable risk evaluation and efficient reporting Some products overwhelm with a myriad of minor threats, drowning you in data and disguising the truly critical issues. Instead, the comprehensive McAfee Vulnerability Manager for Databases inspects from all known threat vectors and organizes the results to expedite processing. It clearly classifies threats into distinct priority levels with relevant remediation recommendations and fix scripts where practical. Use the familiar McAfee ePO platform to get centralized reporting and summary information for thousands of databases from one consistent dashboard. Out-of-the-box regulatory compliance reports allow you to fulfill obligations for PCI DSS and other regulations. Or, you can tailor reports for specific stakeholders such as database administrators (DBAs), developers, and InfoSec users. Strengths
•
Performs more than 3,000 checks, reporting on criteria such as version/ patch level, changed objects, modified privileges, and forensic traces Provides practical remedy advice and solutions Tests and reports on real issues, rather than generating long, cryptic reports Creates outputs based on stakeholder needs to suit audiences including DBAs, developers, and IT security
• • •
SECURITY MANAGEMENT
103
104
SECURITY MANAGEMENT
Support and Services
McAfee Support and Services
If you find yourself constantly reacting to events or mired in day-to-day activities, the McAfee Support and Services team stands ready to help. We work with you to move your Security Connected infrastructure from reactive to compliant, from proactive to optimized. Our experts help prevent issues, train teams, tune installations, and apply best practices. Your organization can reduce its workload and gain back time to manage risk proactively. We can help there, too, with best practice-based program development.
Select the Help That Matches Your Organization
Tailor your technical support to get help fast, and then add in relevant services to be prepared and respond effectively.
•
McAfee Corporate Support—Define your own technical support experience with our à la carte software and hardware support programs. See the comparison chart in this section for details. McAfee Solution Services—Realize the full value of your McAfee solutions. We help you assess, design, implement, and optimize your security—all based on best practices and tools that ensure comprehensive protection, minimize risk, and maximize your return on investment. McAfee University—Learn the real-world skills you need to effectively fight today’s attacks and tomorrow’s threats. McAfee University combines hands-on experience with expert instruction so you can get the most from your McAfee security products. Foundstone® Professional Services, a division of McAfee— Build a strong foundation for long-term security. Drawing from our deep and broad experience, our experts address security issues from both a business and technology perspective to deliver measurable protection for your business. Foundstone Education—Give your in-house security team the tools and methodologies they need to defend your business. Foundstone combines interactive classroom demonstrations with hands-on labs. You leave armed with a real-world understanding of how to address critical security issues.
•
•
•
•
Support and Services
McAfee Corporate Support
Keeping you secure For your business to thrive, your network and systems must remain secure. Today’s threat environment is constantly changing, and your defenses need to adapt to these new threats. Security is not just about the purchase of a product. It is about that product constantly keeping your business protected. To ensure our customers remain secure, McAfee includes McAfee Gold Business Support as standard, constantly providing updates and upgrades to our products, backed up by 24/7 support. Regardless of when you need assistance, McAfee is there to help. We also help minimize the internal costs of supporting security. McAfee emphasizes proactive and pre-emptive support, notifying its customers of new threats and product updates that increase protection and enable best practices. Enterprise customers are encouraged to leverage McAfee Platinum Enterprise support offerings. Additional resources can work directly with your IT team, preventing issues before they occur and remediating complex issues quickly if they do. McAfee Gold Business Support brings big benefits Because threats from other countries occur during their business hours, not yours, McAfee customers can access an expert in less than 5 minutes, around the clock. You will find highly trained and certified security specialists and get the right information, support, service skills, and replacement parts that you need. McAfee support options include:
• • • • • • • • •
Daily product updates for the latest threats Product upgrades Alerts and remediation actions on the latest threats Analysis on latest malware trends Online product evaluation environments Video and best practice guides Automated issue analysis and remediation tools Direct access to McAfee experts regardless of problem severity Unlimited access to support
SUPPORT AND SERVICES
107
McAfee Premium Support Offerings
Tailored solutions to meet your needs As you consider your organization’s risks and support requirements, you can choose from several levels of increasingly personalized attention. Product Specialists Multisite environments with hundreds of employees often invest in McAfee Product Specialists whose higher level of training and experience helps them identify and resolve complex issues faster. Support Account Managers Predictive support from an assigned McAfee Support Account Manager helps you address issues before they become a problem, saving your resources, time, and money. A single McAfee point of contact for case management ensures that you are constantly protected. Resident Resources The deepest understanding of a company’s environment comes from a McAfee expert physically located at your facility. Your onsite expert ensures pre-emptive guidance and rapid hands-on support.
108
SUPPORT AND SERVICES
McAfee Corporate Technical Support Program Comparison
Choose the level of support you prefer Your company is unique. That’s why we offer multiple programs to meet your needs.
PLATINUM ENTERPRISE SUPPORT PLATINUM GLOBAL ENTERPRISE SUPPORT PLATINUM LARGE ENTERPRISE SUPPORT PLATINUM RESIDENT ENTERPRISE SUPPORT
FEATURES AND OFFERINGS Daily product updates (such as .DATs, engines) Product upgrades Malware alerts with remediation analysis Malware analysis service Malware trend podcasts and blogs Chat, web, and phone support with remote desktop control 24/7 phone support (normally under 5 minutes to expert) Automatic diagnostic and remediation tools Best practice videos and guides Online product test environments Product Specialists Direct Access to Specialists for all your products Enhanced escalation strategy Enhanced SMS alerting services Authorized contacts Assigned Support Account Manager Product planning and protection analysis Regular case and business reviews Risk assessments Technical onsite visits Emergency onsite assistance Global Account Management Scheduled calls with McAfee Labs and Product Management
• • • • • • • • • •
GOLD ENHANCED BUSINESS SUPPORT
GOLD BUSINESS SUPPORT
• • • • • • • • • • • • • •
5
• • • • • • • • • • • • • •
10
• • • • • • • • • • • • • •
25
• • • • • • • • • • • • • •
20
• • • • • • • • • • • • • •
Resident Resident
• • • • •
Up to 2
• • • • • • •
• • • • • • • •
• • •
Resident Resident
• •
Look for detailed information on McAfee support programs at www.mcafee.com/support.
SUPPORT AND SERVICES
109
McAfee Solution Services
Quickly realize the full value of your McAfee security solution Deploying new solutions can be challenging for any organization. Whether your company has fifty or five million nodes, McAfee Solution Services can help you improve time to value, maximize your security, and reduce risk. Many customers using our Quickstart program cut support cases by thirty percent — savings that turn into more time for other priorities. We specialize in the deployment and delivery of McAfee solutions, both standalone and integrated. Our worldwide team of architects and consultants works closely with McAfee support and development organizations to apply the full talents of the McAfee organization to your needs. Reduce risk McAfee Solution Services help you avoid system downtime that can damage your bottom line. Investing in the planned deployment of a centralized security solution can not only reduce risk but also minimize your operational costs. Faster time to value Through our proven deployment methodology, customers can reduce delays in product installation resulting from the initial learning curve of new technologies, as well as costly problem diagnosis and remediation. Our experience enables faster product migration so your investments deliver their full value as quickly as possible. Strategize, plan, design, implement, operate, and optimize The six stages of the McAfee methodology leverage the best current security practices including ISO, ITIL, and PCI standards. We help ensure that your security investment supports the best security posture, while minimizing total cost of ownership and risk. As no two organizations have exactly the same environment, McAfee provides a wide range of custom services tuned to each company’s specific needs.
• • • •
Custom services Standard engagements Express packages Security Quickstarts for midsize businesses
For more information on these tailored engagements, please contact McAfee Solution Services: www.mcafee.com/us/services/ solution-services.
110
SUPPORT AND SERVICES
McAfee University
Expert instruction for McAfee security products Learn the real world skills you need to effectively fight today’s attacks and tomorrow’s threats. McAfee University combines hands-on experience with expert instruction, so that you can get the most from your McAfee security products. McAfee University has both online and traditional classroom training programs to suit the needs of any size business. McAfee classroom training McAfee University provides onsite, instructor-led training allowing for a practical, hands-on experience that maximizes the value of your investment in McAfee solutions. McAfee provides this training around the globe, either as “public classes” where any student may register and attend, or as “private classes” given to individual organizations. For more information visit www.mcafeeuniversity.com. McAfee University online training Experience classroom-level training without the need to travel, through McAfee University Online courses. McAfee hosts streaming video and online virtual environments that you launch on demand to fit your schedule. This convenient approach saves time and travel costs while providing the training you need. A wide range of courses is available at the click of a mouse. Visit the online course catalog at www.mcafee.com/university_online. McAfee customer certification program Demonstrate your knowledge and experience on key McAfee products and McAfee Foundstone penetration testing skills by becoming a McAfee Certified Product Specialist or a McAfee Certified Assessment Specialist. Get certified now and help your company stay secure from the latest threats, while increasing your knowledge and expanding your career opportunities. The process is simple. The McAfee Security Certification Program allows you to select a certification track based on either McAfee products (McAfee Certified Product Specialist) or a McAfee Foundstone penetration testing skill area (McAfee Certified Assessment Specialist), in a variety of security-related categories. Graduates of appropriate McAfee or Foundstone courses and other qualified candidates can test at any of 5,000 global testing locations. For more information, email the McAfee Security Certification Program at [email protected].
For more information, contact your McAfee salesperson or email McAfee Training at [email protected]
SUPPORT AND SERVICES
111
Foundstone Professional Services
Trust the experts Foundstone® Professional Services experts help you continuously and measurably protect your most important assets from the most critical threats. Through a strategic approach, Foundstone identifies and implements the right balance of people, process, and technology to manage risk and leverage security investments more effectively. Strategic consulting Fill the gaps in your information security program with trusted advice from McAfee Foundstone. We assess current policies, create new programs that meet compliance goals, and help you cost-effectively prepare for security emergencies.
•
Compliance — Get help meeting ongoing compliance requirements or building policies and procedures to meet evolving regulations Health checks — We evaluate your security status to pinpoint strengths, diagnose weaknesses, and recommend a strategic security road map Data loss prevention (DLP) — Your program can begin with discovery, policy, and procedure development and continue full leverage of tools Incident response and forensics — Our experts can respond quickly to a security breach, minimizing damage and downtime due to an attack. Our Advanced Persistent Threat (APT) health checks can ensure you have not been compromised by these targeted attacks. Program development — We help build policies and processes that tackle network and application vulnerabilities and educate employees enterprise-wide about information security
•
•
•
•
Technology consulting We can detail the immediate threats across your enterprise and recommend appropriate responses without a deluge of irrelevant data. Methodical tests and analysis help guide and optimize security investments.
•
Infrastructure assessments — We identify vulnerabilities and defend areas that present the greatest risk to your business. Foundstone expertise spans from penetration testing to modems, VoIP, and wireless tests. Software and application security services — Threat modeling, code review, and application penetration testing can identify software security problems in the early stages of development when they cost the least to fix. We also bring extensive experience testing devices ranging from mobile phones to tablets, as well as the “apps” that run on them.
•
For more information, visit http://www.mcafee.com/us/services/ mcafee-foundstone-practice.aspx.
112
SUPPORT AND SERVICES
Foundstone Education
Build the knowledge for effective defenses Foundstone provides a comprehensive security training curriculum designed to meet the needs of individuals, Fortune 1000 companies, academic institutions, and government organizations. Courses cover topics such as software security, network security, incident response, and forensics.
•
Ultimate Hacking series — Includes Ultimate Hacking, Ultimate Hacking: Web, Ultimate Hacking: Wireless, Ultimate Hacking: Windows, and Ultimate Hacking: Expert. These hands-on courses serve the goals of serious security practitioners in either offensive or defensive roles. Software Security series — Includes Software Security Essentials, Building Secure Software, and Writing Secure Code (available in C/C++, .NET, and Java). These classes will teach anyone involved in the software development lifecycle how to write secure code and are available in programming language-agnostic or language-specific versions. In-depth, subject-specific classes — Foundstone also offers classes in Forensics and Incident Response, as well as customized classes to fit your needs
•
•
All Foundstone courses combine interactive classroom demonstrations with hand-on lab exercises to reinforce critical security issues with real-world scenarios. This immersive experience arms students with the tools and methodologies to proactively defend against the latest security threats. Our instructors Some of the world’s foremost network security experts and developers of market-leading security technology teach Foundstone education and training courses. Instructors are noted experts, activists, advisors, and influencers on topics of national security, cryptography, privacy, Critical Infrastructure Protection, and Homeland Security issues, measures, and legislation. They have a broad range of expertise through work with leading IT and financial services companies and government agencies and are featured speakers at industry conferences. For more information, visit www.foundstone.com/us/education-overview.asp.
SUPPORT AND SERVICES
113
114
SUPPORT AND SERVICES
McAfee Alliances
In today’s world of sophisticated malware, targeted threats, and multistage attacks, security needs to be smarter, and it needs to be everywhere. Through alliances with the most relevant leaders in IT, McAfee security is being woven into the fabric of computing.
Alliances
Security Connected to Your Business— and Your Customers
Our extensible platform unites advanced security and management technologies with the most influential technology vendors in the world to help you optimize your IT security environment and reduce operational costs.
•
McAfee Global Alliances—Industry-shaping relationships ensure McAfee can help you take advantage of changing market dynamics and the rapid evolution at every technology layer from silicon to satellite McAfee Security Innovation Alliance (SIA)—This partner ecosystem uses cross-product integrations to maximize the value of your existing investments, reduce time to resolution, and lower costs; the “McAfee Compatible” symbol tells you a partner’s solution is integrated, tested, and ready to deploy with McAfee technology McAfee Connected—When you purchase products and services that meet the McAfee Connected specifications, you can reduce testing costs, simplify deployments, and increase overall confidence in your purchase decision McAfee OEM Alliances—McAfee expertise is at your service, placing industry-leading McAfee protection in a broad spectrum of existing and emerging products for endpoints, servers, data, and the network
•
•
•
Our technology footprint enables sensors at every layer of the technology stack to communicate, share intelligence, and secure your entire enterprise.
Alliances
McAfee Global Alliances
Innovative joint solutions and integrated services As technologies expand and evolve, threats change quickly, and security must keep pace. But few individual companies have the security know-how to match their innovations. That’s why leading vendors in every product category, from silicon to satellites, are making McAfee their partner of choice. With our Global Alliances, we work with select partners to create bundled or embedded security that runs seamlessly with each partner’s technology and within their service offerings. Only McAfee delivers industry-leading security in an extensible architecture, so integration is easy and efficient. And because McAfee is a full-spectrum security company, we offer each partner relevant expertise and capabilities in a one-stop security solution. Help where you need it most The Global Alliances program concentrates on seven areas central to an optimized security and compliance architecture:
•
Cloud Computing — McAfee works with leading telecommunication companies and service providers to deliver the industry’s broadest range of SaaS security solutions, including email, web, and endpoint security. Partners choose between a hosted delivery model managed fully by the partner, a co-located delivery model managed in partnership with McAfee, or a fully managed delivery model where McAfee manages the entire process. Through these high-value security services, partners are able to extend additional value to customers and prospects very quickly and affordably.
McAfee alliances help you implement advanced technologies to meet emerging security needs.
S
IO
ut
s
rc ou
in g
MS SP
IT Con sum eri za ti
d ifie tions Un unica m m Co
on
er s
Data Prote and Compl ction ian ce
e Manufactur
G LO B
AL
TH
REAT INTEL
it y
Se
r cu
Co n te
LIG
co Tel
Net
CE EN urit y Sec
mmunications / ISP
ng worki
nt
Network
Security Management
twar
nd
S of
io n
p oi
nt Secu
rit
y
at
E
R AT
EGIC F O C
US
Vi
ua
rt
liz
Cl
s
ou
ST
d
PC
M
an
M o b ilit y
uf
ac t
ure
rs
Sem
ico
u nd
ct
or
s
ALLIANCES
117
•
Data Protection and IT Compliance — In a business world where efficiency is everything, it no longer makes sense to see systems management and data security as separate endeavors. Instead, top systems management vendors and their customers are working with McAfee to build a bridge between systems and security. A systems integration partner, for example, might deliver IT operations solutions that include configuration and patch management and use the McAfee expertise and open architecture to make full-spectrum data protection an integral part of operations. IT Consumerization — With new devices and applications that enable employees to be more productive, and the acceptance of a virtual office work environment, the line between enterprise and personal has become blurred. McAfee solutions coupled with our alliance partner offerings enable companies to adhere to their corporate compliance policies, yet enable the flexibility that their employees desire. Mobility — As you give mobile users access to sensitive data and applications, McAfee mobility partners can help you secure your mobile workforce, ensure persistent policies and configurations, and deliver automatic and real-time compliance management. Turn to them for help conquering mobile enterprise challenges: user expectations of convenience, productivity, and privacy; the array of devices and network configurations that require support; and the risks associated with allowing these devices on your corporate network. Networking — The world’s leading network equipment vendors work with McAfee so you can rest assured that your networking equipment has been tested and qualified for the highest level of security in a proven environment. We offer three levels of integration, from interoperability testing and certification of combined products to bundled networking and security solutions to embedded best-of-breed security solutions built directly into the network equipment architecture. Unified Communications — McAfee helps unified communication partners address the growing need for enhanced security to protect the telepresence environment. These strong protections can also help IT managers in regulated industries from healthcare to financial services to lessen the burden of meeting compliance and reporting requirements. Virtualization — McAfee helps virtualization partners offer you the benefits of virtualization with complete, scalable security. McAfee MOVE provides a common way to develop across the hypervisor vendors, offload resource-intensive actions from the individual virtual machines, and optimize scheduling of these actions based on the state of the hypervisor. McAfee MOVE AV enables virus scanning to protect online and offline VMs. Other McAfee security products protect VM server farms, secure virtualized desktops, assess vulnerabilities, and identify risks as soon as they arise.
•
•
•
•
•
118
ALLIANCES
McAfee Global Alliance Partner Directory
Industry leaders teaming to secure your future McAfee and its Global Alliance partners are ready to provide you with better solutions that work better in your changing environment. Below are some of the relationships that are expanding our security footprint. View a complete, up-to-date list of partners at www.mcafee.com/global_alliances.
Adobe Adobe revolutionizes how the world engages with ideas and information — anytime, anywhere, and through any medium. McAfee and Adobe have a global alliance to jointly deliver new solutions that will offer more comprehensive security and allow customers to expand the reach of data protection beyond the enterprise boundaries. Together, we offer a joint solution that combines McAfee Data Loss Prevention’s (DLP) automated discovery of sensitive data with Adobe LiveCycle Rights Management’s persistent enforcement of sensitive data anywhere, anytime. This solution will help automate data protection for customers by applying a LiveCycle Rights Management policy (DRM) to documents that have been determined to be highly sensitive by the McAfee DLP classification system.
AT&T AT&T and McAfee have created a strategic partnership that allows both companies to utilize and benefit from each other’s leading technologies and services in order to deliver advanced security and application solutions with superior ease-of-use, protection, and cost-effectiveness to meet customers’ challenging business demands. AT&T is providing McAfee with state-of-the-art Global IP networking solutions, enabling McAfee to deliver security solutions and updates to its customers with scalability, reliability, and intelligence. McAfee is providing AT&T with advanced global threat intelligence technologies that help protect customers against the latest threats, enabling AT&T to offer innovative managed security solutions that do not require customers’ capital investment in management, maintenance, or infrastructure.
ALLIANCES
119
BMC BMC and McAfee have joined forces to build the industry’s first truly enterpriseready solution for automated policy compliance, spanning software, patches, service packs (for Microsoft Windows), power settings, configuration settings, remediation of vulnerabilities, and security policy. The integrated solution combines best-in-class technology from McAfee, through McAfee Policy Auditor, coupled with BMC’s proven client management technology: BMC BladeLogic Client Automation.
Brocade The McAfee and Brocade partnership provides an industry-leading networking and threat protection solution for business-critical enterprise environments. Proven to protect against known and emerging threats while meeting compliance and reporting objectives, a Brocade and McAfee solution delivers end-to-end assurance for enterprise networking and security. Brocade and McAfee have collaborated on a set of jointly designed, interoperable, integrated solutions developed specifically to address the networking security needs of enterprise customers from the edge to the core of the data center. These solutions integrate McAfee Firewall Enterprise, McAfee Network Access Control, and McAfee Network Security Platform (IPS) into Brocade’s network infrastructure equipment and management platform. Together, Brocade and McAfee provide an industry-leading networking and threat-protection solution for business-critical enterprise environments.
Citrix Citrix and McAfee have partnered to provide business continuity and regulatory compliance solutions with software created for securing data and applications via centralized IT management. The Citrix Ready program identifies trusted, third-party solutions that add the greatest value in the Citrix Delivery Center infrastructure. As a member of the Citrix Ready program, McAfee makes it easy for customers to identify complementary security products and solutions that can enhance their Citrix environments. Customers can be confident that McAfee system security and vulnerability management products have successfully passed a series of tests established by Citrix and can be trusted to work effectively with XenApp and XenDesktop. Citrix and McAfee collaborated on McAfee MOVE AntiVirus for VDI-based virtual desktops that centralizes all virus scanning and virus signature file updates, offloading processing-intensive actions from the individual VMs.
120
ALLIANCES
Cognizant Technology Solutions Cognizant and McAfee have partnered to provide enterprises the ability to optimize their security and compliance controls while reducing operational effort and costs. Cognizant’s Digital Security Practice provides services for an end-to-end Data Loss Prevention (DLP) solution deployment within an enterprise. This includes a phase-wise approach for assessment and policy definition, product implementation, and DLP policy monitoring service. The McAfee integrated data protection suite allows Cognizant to provide complete data protection for an organization, integrating DLP into encryption, authentication, and policy-based security controls within the enterprise, thus ensuring comprehensive protection based on a suite of products, rather than integrating point solutions. McAfee Governance, Risk, and Compliance (GRC) solutions allow Cognizant to holistically look into the compliance posture of an organization and recommend suitable controls to address gaps at an enterprise risk management level. The suite of solutions helps our customers by speeding implementation and response times.
CrossBeam Systems, Inc. McAfee and Crossbeam have partnered to deliver the most scalable applicationaware firewall in the industry. Designed to help large enterprises optimize and consolidate their security infrastructure, the combined solution, McAfee Firewall Enterprise for Crossbeam, features the McAfee next-generation firewall on the industry-proven Crossbeam X-Series security platform. The X-Series offers an open, high-performance architecture that easily provisions and scales multiple best-in-class security applications to meet the evolving threat landscape. McAfee Firewall Enterprise for Crossbeam delivers carrier-class security performance with scalability up to 40Gbps of real-world inspected traffic throughput as well as self-healing redundancy. The combined solution reduces the cost and complexity of security infrastructure by consolidating networking and security into one platform.
ALLIANCES
121
Dell Dell is a market leading system and services provider whose unique relationships with its customers provide a competitive advantage in the market. Dell’s breadth of products and solutions provide customers a total offering to their computer needs. McAfee and Dell partner together across all markets from innovative offerings geared to the consumer, to security protection capabilities for small and medium business, enterprise, and the public sector. The McAfee and Dell partnership provides customers the highest level of protection and cost efficiency. In the consumer line of PC products, we offer McAfee Security Center, which allows customers to have constant threat protection on their PCs or workstations. Together, McAfee and Dell empower customers to experience the web more safely, protect data, prevent disruptions, and continuously monitor and improve their security.
HP HP and McAfee work together to help organizations get ahead of evolving threats — and stay ahead — by securing more effectively and efficiently. As a team, we’ve applied enterprise expertise and broad security leadership to track down and eliminate the sources of IT risk, cost, and complexity. HP and McAfee offer integrated service delivery, integrated products, integrated management, and integrated reporting. The partnership directly connects the proven HP Converged Infrastructure, including the HP Secure Advantage security portfolio of products and services, to critical McAfee and third party security and compliance processes. By combining HP technologies and services with McAfee, enterprises gain end-to-end solutions that do a better job of addressing critical security challenges, improve risk management, and ease the path to compliance.
Intel McAfee works with Intel’s technology in many key areas: data protection technologies, security management, and system optimization. Intel is a leading technology platform company that develops advanced integrated digital technology platforms for the computing and communications industries. Intel offers products at various levels of integration, providing its customers and partners the flexibility to create advanced computing and communications systems and products. Intel’s products include chips, boards, software, and semiconductor components that are the building blocks integral to computers, servers, and networking and communications products.
122
ALLIANCES
Polycom Polycom and McAfee have partnered to jointly develop and deliver Secure Unified Communications and Collaboration. With security threats on the rise, Polycom and McAfee are taking a proactive approach to further enhance the security features of Polycom’s video, telepresence, and infrastructure solutions. Polycom plans to design solutions that feature McAfee threat protection, shielding Polycom telepresence users, from the desktop to the fully immersive suite, from potential and increasingly sophisticated security threats while making it easier to comply with privacy and confidentiality mandates.
Riverbed McAfee and Riverbed have partnered to deliver best-of-breed WAN optimization and branch office security on a single device. The McAfee Web Gateway Virtual Appliance and the Firewall Enterprise Virtual Appliance solutions can run on the Riverbed Services Platform that resides within the Riverbed Steelhead Appliance. The McAfee Firewall for Riverbed delivers best of breed, next-generation firewall capabilities including application and identity policy control, VPN, web filtering, encrypted filtering, and McAfee Global Threat Intelligence. The McAfee Web Gateway for Riverbed provides market-leading Web 2.0 security including inbound and outbound advanced web filtering, anti-malware, anti-virus, SSL scanning, and McAfee Global Threat Intelligence. With these joint solutions, customers minimize the hardware infrastructure footprint at the branch office and reduce operational overhead.
Verizon Verizon Business and McAfee have formed a global strategic alliance to provide integrated security solutions to businesses and government agencies worldwide. Together, McAfee and Verizon Business now offer a comprehensive portfolio of managed security services (MSS) to enterprises, leveraging the strength of Verizon Business MSS offerings and McAfee technology. Verizon Business also offers the full complement of McAfee enterprise security solutions to its diverse client base through Verizon’s customer premises equipment catalog.
ALLIANCES
123
VMware McAfee and VMware work together to help organizations secure their virtualized data centers and cloud infrastructures. These efforts include supporting VMware security technologies such as vShield, developing products such as McAfee MOVE AV that address specific virtualization security challenges, and ensuring McAfee products are compatible with VMware platforms. By working together, VMware and McAfee are helping customers reduce capital and operating expenses, ensure business continuity, strengthen security, and go green.
Look for our most up-to-date list of partners at www.mcafee.com/global_alliances.
124
ALLIANCES
McAfee Security Innovation Alliance (SIA)
Partnerships that extend the value of intelligent security Today’s security challenges require open, collaborative approaches to detect threats, reduce risk, and ensure compliance. The McAfee Security Innovation Alliance (SIA) technology partnering program
• •
Accelerates the development of interoperable security products Simplifies the integration of these products into complex customer environments Delivers solutions to maximize the value of existing investments, reduce time to problem resolution, and lower operational costs
•
Innovative integrations built on customer-driven use cases improve threat visibility and create powerful new security behaviors and workflows. For example, an SIA partner might link its real-time monitoring and threat detection with McAfee incident response and compliance reporting.
With over 100 vendors in various stages of integration, SIA has become the security industry’s premier technology partnering program.
Leaders leverage our extensible platform While many SIA partners integrate with McAfee ePO, the broad McAfee portfolio allows efficiencies and leverage at other integration points, such as McAfee Encrypted USB, McAfee Firewall Enterprise, and McAfee Vulnerability Manager. McAfee provides developer support and then performs compatibility testing. Validated SIA partner solutions receive the “McAfee Compatible” logo.
ALLIANCES
125
McAfee SIA Partner Directory
Create your trusted technology environment The SIA program enables an open, collaborative approach to detecting threats, reducing risk, and ensuring compliance. SIA partners are screened for leadership and innovation in their respective market segments. Each company begins as an Associate Partner. After completing McAfee integration testing for at least one use case, the partner is promoted to Technology Partner and their integrated product becomes “McAfee Compatible.” Selected Technology Partners that complement the McAfee product portfolio are invited to become Sales Teaming Partners and help large organizations achieve more complete security solutions. The chart below lists the McAfee Security Innovation Alliance Partners at the time this guide went to press, followed on the next few pages by details on our Sales Teaming Partners.
PARTNER MARKET CATEGORIES
ASSOCIATE PARTNERS
TECHNOLOGY PARTNERS
SALES TEAMING PARTNERS
Security Event and Log Management • Bridge security monitoring and incident response • Reduce costs by faster time to problem resolution • Simplify compliance lifecycle Application and Database Security • Manage application security risk • Protect applications against tampering • Secure databases against internal and external threats Theft and Forensics • Augment incident response with powerful forensics • Extend endpoint security to track and recover stolen laptops • Investigate employees suspected of wrongdoing Risk and Compliance • Measure enterprise-wide risk, consolidate reporting • Mitigate risk through targeted policies and controls • Track compliance with security metrics and scorecards
• • • • •
CorreLog NetIQ Novell S21sec Tier-3 Veracode
• •
HP Q1 Labs
• • • • • •
ArcSight eIQnetworks LogLogic LogRhythm NitroSecurity SenSage Application Security, Inc. Arxan Guardium Secerno Absolute Software AccessData HBGary
•
•
Sentrigo
•
• • •
• •
Mandiant Raytheon Oakley
•
•
Allen Corporation Guidance Software
•
• •
• • • • • • • • • • • •
Archer Technologies Courion Cyber-Ark Lieberman Software NetWitness NSSPlus OpenPages Overtis Quest Software Rev2 Networks SignaCert Tiversa
• • •
RedSeal Systems Skybox Security Telos
• • • •
• • •
Agiliance BDNA Centrify ClearPoint Metrics Infoblox Prevari Triumfant
126
ALLIANCES
PARTNER MARKET CATEGORIES
ASSOCIATE PARTNERS
TECHNOLOGY PARTNERS
SALES TEAMING PARTNERS
Authentication and Encryption • Prevent unauthorized access to sensitive data • Reduce risk through strong authentication • Support a range of smart cards and biometric options
• •
• • • • • • • • • • • • • • • • •
•
2e2 Assured Information Security Athena Authenex Avtor Buypass AS Buysec Ceedo Chicony CryptoTech DigitalPersona Hitachi Key Ovation PreciseBiometrics Sagem Orga Spyrus SUNZone SyferLock Toshiba America Information Systems Validity Novell
• • • • • • • • • • • • • • • •
Actividentity AET Aladdin Alcatel-Lucent Charismathics Gemalto HID Global Key Tronic Kobil Luxtrust Oberthur Passfaces SCM Vasco UPEK ZF Electronics
•
• • •
Absolute Identification MXI Security RingCube Voltage Security
Single Sign-On • Secure and seamless single sign-on experience to applications and other resources • Secures information access at the point of initial system boot • Eliminates multiple passwords Other Security, IT, and Services • Centrally protect both physical and virtual infrastructure • Track location and events for wireless assets • Reduce PC power consumption without compromising security • Coordinate data loss prevention with digital vaulting • Turnkey integration services for McAfee customers
•
• • • • • •
ActivIdentity Avencis Evidian Imprivata i-Sprint Passlogix Ciphent Pareto Networks
• •
MXI Security SecureAuth
• • •
• • • • • •
1E Altor Networks Autonomic Software DG Technology ForeScout Intrinsic SEP Software Sipera Systems StillSecure
• •
•
•
• • • •
AirPatrol Corporation AirTight Networks Catbird CommVault Insightix Verdiem
For the most up-to-date information, refer to www.mcafee.com/sia.
ALLIANCES
127
McAfee SIA Sales Teaming Partners
Driving more complete security solutions to large organizations All of the McAfee SIA Sales Teaming Partners highlighted in the next few pages offer proven McAfee Compatible solutions and work with McAfee to help maximize the value of your investments. For the most complete list of partners and their planned or completed integrations, please see the partner directory at www.mcafee.com/sia.
Absolute Identification Absolute ID is an innovative provider of data-centric protection products and services. Absolute ID has integrated its Virtual System on a Stick (ViSoS) with McAfee encrypted USB drives. By combining ViSoS with any standards-based network, users now have the ability to securely collaborate with colleagues, business partners, and supply chains and with the controlled distribution mechanisms inherent in Absolute ID’s ViSoS solution, and to distribute digital data without the risk of piracy or theft.
Absolute Software Corporation Absolute Software provides subscription-based computer theft recovery, IT asset management, and remote data delete solutions for organizations and consumers. Absolute’s McAfee ePO plug-in deploys Computrace agents on McAfee ePO-managed assets and delivers periodic summary reports from these assets into McAfee ePO dashboards. Based on Computrace agent call patterns, these reports help IT asset managers track, identify, and recover stolen laptops and other mobile devices.
AccessData AccessData, a pioneer in the digital forensics industry, provides investigators with the tools to preview, search for, analyze, process, and forensically preserve electronic evidence for the purposes of criminal investigations, internal investigations, incident response, and e-discovery. You can use McAfee ePO to deploy AccessData agents on McAfee ePO-managed assets and view agent coverage reports that include publisher, product, version, and more. McAfee ePO enhances the forensic effort by correlating users in its database with assets or activities under investigation.
128
ALLIANCES
Agiliance Agiliance enables highly scalable, quickly deployable, organization-wide risk, compliance and security management in real time. The McAfee Compatible integration of Agiliance RiskVision with McAfee ePO and McAfee Vulnerability Manager offers a unique, closed-loop risk management solution for risk-based security with exceptional accuracy and coverage. RiskVision is also interoperable with McAfee Policy Auditor, McAfee Risk Advisor, McAfee Endpoint Encryption, and McAfee VirusScan Enterprise.
AirPatrol Corporation AirPatrol’s Wireless Policy Manager (WPM) extends the capabilities of the McAfee ePolicy Orchestrator platform into the wireless regime, giving network administrators the ability to manage, distribute, and enforce wireless network policies from the central McAfee ePO management console. AirPatrol’s WPM secures the wireless interfaces on endpoints and allows IT Administrators to easily enforce common sense rules that govern how employees use their wireless resources. With WPM, organizations can secure their valuable laptops and PCs against today’s wide range of mobile and wireless threats.
AirTight Networks AirTight Networks provides technology to automatically detect, classify, block, and locate current and emerging wireless threats. AirTight will integrate summary reports on wireless security event data from AirTight SpectraGuard Enterprise into McAfee ePO dashboards. The data for these reports will be provided by both SpectraGuard Sensors for WLAN security and SpectraGuard SAFE agents for wireless endpoint protection. SpectraGuard SAFE agents will also report the endpoint wireless vulnerability level and related data to McAfee ePO.
Application Security, Inc. DbProtect allows organizations to secure their most sensitive data from internal and external threats, while ensuring that those organizations meet or exceed regulatory compliance and audit requirements. DbProtect is integrated with McAfee ePO. The integrated solution allows McAfee ePO administrators to deploy DbProtect agents and seamlessly link DbProtect’s real-time database monitoring with McAfee incident response. McAfee ePO administrators can view and report on database vulnerabilities, threats, and events and take corrective action.
ALLIANCES
129
ArcSight ArcSight helps customers comply with corporate and regulatory policy, safeguard their assets and processes, and control risk. ArcSight integrates with McAfee ePO to enable closed-loop security monitoring, log management, and policy enforcement. By passing alerts generated from correlated events into McAfee ePO, the ArcSight SIEM Platform drives the quick detection of security threats, compliance violations, and policy breaches, improving the context for targeted countermeasure, audit, and remediation functions provided by McAfee security solutions.
Arxan Arxan integrates its real-time application security checks and tampering alerts with McAfee ePO. Notifications from GuardIT appear in McAfee ePO dashboards, enabling security administrators to respond immediately with appropriate countermeasures. Administrators can thereby gain greater visibility during the interval between the onset of an application attack and when the application is fully compromised, so they can limit and preempt enterprise risk.
BDNA BDNA’s Discover product scans endpoint computers for installation of McAfee ePO software components, helping customers identify security gaps and bring previously unprotected assets under McAfee ePO security management. This capability significantly shifts the balance of security in favor of defenders by reducing the number of vulnerable assets in dynamic, rapidly evolving enterprise IT infrastructures.
Catbird Catbird brings visibility, control, and policy enforcement to the virtual data center. Catbird’s V-Security product suite provides security, change control, separation of duties, and validation by deploying a virtual appliance inside VMware ESX or Citrix XenServer. Catbird’s solution complements McAfee systems and network security offerings for virtualized environments. With the integration of V-Security, current McAfee ePO customers gain additional visibility into, receive alerts from, and manage policies for their virtual network environments.
130
ALLIANCES
Centrify Centrify DirectControl for Mac OS X integrates with McAfee ePO software, giving IT and desktop managers the ability to centrally deploy DirectControl and integrate Mac systems into Active Directory. Centrify DirectControl for Mac OS X enables centralized user management and authentication including smartcard login, centralized access controls, group management, and administrative rights, as well as extensive controls over user and system configurations via Active Directory Group Policy enforcement. For the first time, a centralized IT team can now manage Mac systems in the same way they manage Windows PCs — using the same familiar Windows tools and processes.
ClearPoint Metrics ClearPoint delivers unified visibility and active performance management for IT security governance, risk, and compliance requirements. ClearPoint offers specifically crafted Metric Apps that leverage data from McAfee ePO and McAfee Vulnerability Manager. Each is designed to securely access McAfee application databases to instantly deliver meaningful indicators that continuously monitor the state, quality, and effectiveness of controls supporting your compliance and risk management programs.
CommVault A singular vision — a belief in a better way to address current and future data management needs — guides CommVault in the development of Singular Information Management solutions for high-performance data protection, universal availability, and simplified management of data on complex storage networks. CommVault Simpana is integrated with McAfee ePO, sending status updates on backup, recovery, and archive events to McAfee ePO dashboards and giving administrators and compliance officers a more complete view of the state of their business-critical information. This resulting enterprise-wide visibility helps organizations meet their end-to-end data security needs.
eIQnetworks eIQnetworks is redefining security and compliance management by fostering collaboration across security, network, data center, and audit teams to more quickly isolate the root cause of security issues and ensure compliance mandates are being enforced. SecureVue uses information from the McAfee Network Security Platform, McAfee ePO, and McAfee Vulnerability Manager, aggregating and correlating not just logs but adding configuration, asset, performance, vulnerability, and network flow data into a single, comprehensive enterprise view. McAfee customers can now also view eIQnetworks’ reports directly on McAfee ePO dashboards for visibility into the organization’s security and compliance environment.
ALLIANCES 131
Guardium Guardium, the database security company, delivers a widely used solution for preventing information leaks from the data center and ensuring the integrity of enterprise data. Guardium’s database security solution has been integrated with McAfee ePO. Critical security information, including database vulnerabilities, policy violations, and database configuration changes can now be displayed in McAfee ePO dashboards. When used together, McAfee ePO and Guardium deliver a more comprehensive security and compliance solution with reduced operational costs.
HBGary HBGary specializes in developing advanced computer analysis products to detect, diagnose, and respond to advanced malware, targeted threats, and other cybercrime activities. HB Gary Digital DNA is integrated with McAfee ePO so that McAfee customers can deploy Digital DNA, scan physical memory for malicious and unauthorized code, and report results to the McAfee ePO console for optimal corrective action.
Infoblox Infoblox’s NetMRI integration with McAfee ePO extends the reach of McAfee risk and compliance management solutions deeper within network infrastructure. By automating the discovery, collection, analysis, storage, and access of network device configuration, change, and compliance information, you can take control of and automate network change while dramatically reducing operational and compliance risks as well as costs. NetMRI sends key alerts such as rogue network changes and compliance violations to McAfee ePO, accelerating the identification and remediation of risks associated with policy violations and access breaches.
Insightix Insightix is an innovator of real-time security intelligence and control solutions. Insightix BSA Visibility updates the McAfee ePO asset database in near real time allowing McAfee ePO to maintain a comprehensive, accurate, and up-to-date inventory of devices, their profiles, and the identities of those using the devices. The integration then provides the single source of truth about the network for effectively managing security, compliance, and risk against all devices.
132
ALLIANCES
LogLogic LogLogic provides an enterprise-class platform for collecting, storing, reporting, and alerting on 100 percent of IT log data from virtually any source. LogLogic intends to provide bilateral integration between its open log management and intelligence platform and McAfee ePO. LogLogic’s integrated analysis applications for compliance, security, and operational excellence will be able to leverage information provided by McAfee ePO and will in turn enhance McAfee ePO analytics with information about user and system behavior.
LogRhythm LogRhythm’s incident detection now drives automated alerting to McAfee ePO, enabling faster remediation and policy enforcement through the broad McAfee portfolio. Alerts appear in actionable McAfee ePO reports to facilitate corrective actions, such as starting a compliance check using McAfee Policy Auditor, running a virus scan with McAfee VirusScan Enterprise, pushing out new signature sets or patches, enhancing endpoint protection with the McAfee Host Intrusion Prevention System, updating security policies, and more.
MXI Security MXI Security provides managed portable security solutions that combine the power of secure storage with identity and access management services. The MXI Security Stealth ZONE platform leverages the industry-leading hardware security features of the McAfee Encrypted USB product line to deliver a superior, secure USB desktop. Any computer can be instantly transformed into a standard IT-managed system while maintaining both performance and security.
NitroSecurity The bidirectional integration of McAfee ePO and NitroView extends McAfee ePO visibility to events, activity, and logs from networks, databases, and applications to identify, track, and remediate security threats, compromised data, and vulnerabilities in real time. McAfee ePO users now have visibility from within McAfee ePO into the underlying network infrastructure, sessions transporting threats, and the location of the offenders. All NitroView correlated security events are visible with a real-time, drill-down view of specific events and individual data fields. Events are summarized, correlated, and analyzed so the user sees a reduced number of prioritized events and can quickly access months and years of data.
ALLIANCES
133
Prevari Prevari provides industry-leading solutions that objectively and quantitatively measure, model, and manage technology risk. McAfee Vulnerability Manager and McAfee Policy Auditor provide organizations with automated methods to quickly and accurately identify technical vulnerability exposures and to audit configuration policy compliance. Using data created by these McAfee solutions, Prevari TRM provides a common language for managing technology risk across the enterprise, aligning technology, compliance, and risk management goals with specific business objectives.
Ringcube RingCube vDesk integrates with McAfee Encrypted USB drives to create a portable desktop virtualization solution for the enterprise. Using vDesk, users can securely access their own corporate desktop from any PC for remote access, disaster recovery, or temporary access by consultants, contractors, and outsources. McAfee Encrypted USB drives ensure that RingCube’s workspaces are protected by the highest two-factor biometric user authentication and the strongest AES 256-bit hardware encryption to prevent data leakage and unauthorized access.
Secerno Secerno DataWall understands the intent of every SQL interaction with a database, allowing Secerno DataWall to deliver accurate alerts, reports, and security policy decisions on the fly. This patented technology integrates with McAfee ePO to allow select database transactions, audit events, or security violations to be displayed in McAfee ePO dashboards, augmenting McAfee incident response and compliance validation. This integration also drives down the cost and complexity of protection and compliance.
SecureAuth SecureAuth for SSO is an integrated strong authentication platform that provides transparent, secure single sign-on (SSO) for on-premise web applications, off premise cloud applications as well as traditional VPN resources, all from a single appliance. Used in conjunction with McAfee Endpoint Encryption, SecureAuth leverages a user’s domain authentication from a McAfee encrypted workstation and then performs an identity translation to local, on-premises, and cloud-based resources. SecureAuth supports regulations such as PCI DSS, HIPAA, and FFIEC.
134
ALLIANCES
SenSage The SenSage log data management solution enables reporting on log data from virtually any McAfee product and publishes eighteen summary reports directly to McAfee ePO dashboards. McAfee ePO users can “click through” the reports and automatically drill into the details for root cause analysis in the SenSage Event Data Warehouse. Through this integration, customers gain a 360-degree view of activity across the network to meet their compliance, security, and root-cause investigation requirements.
Triumfant The integration of Triumfant Resolution Manager (TRM) with McAfee ePO allows customers to view unwanted changes and unexpected conditions detected by TRM through the McAfee ePO console. McAfee ePO users can switch to TRM to view the details of the changes detected, review and execute the synthesized remediation, and execute reports. This integration provides McAfee ePO users additional insight into the security readiness of the endpoint population through Triumfant’s ability to identify and analyze unusual changes to each machine.
Verdiem Verdiem is an enterprise software company focused on PC Power Management and Green IT. Verdiem’s Surveyor has been tested with McAfee ePO and enables enterprises to reduce their operational costs and maximize energy savings of their PC infrastructure, all while keeping their networks secure. IT administrators can deploy Surveyor agents using McAfee ePO and coordinate power management of PCs with scheduled scans and updates. This will enable security updates to run off-hours without affecting end-user productivity.
Voltage Security Voltage Security, Inc. provides innovative security solutions that protect employee and customer data in email, documents, or databases. Voltage SecureMail Gateway integrates with the McAfee Email Gateway for automated and policy driven email encryption and helps organizations fulfill regulatory compliance on their email messaging platforms. By utilizing the two solutions concurrently, organizations can be certain that all inbound or outbound messages are secured per corporate policy and not dependent on individual user action.
Refer to www.mcafee.com/sia for the latest information on these and other SIA partners.
ALLIANCES
135
136
ALLIANCES
McAfee for the Home
McAfee For the Home
McAfee can proactively protect you and your entire family, on your PC, Mac, or mobile device. Award-winning software guards against dangerous websites and online interactions, helps avoid phishing scams, and protects you from hackers, identity thieves, and other cyber hazards. We can even locate or lock a lost device. Our software combines the most effective threat detection with the fastest performance and the lowest impact on your computer and online experience.
McAfee for the Home
Revolutionary Security, Made for You
With thousands of new malware threats surfacing each day, traditional security updates are no longer enough. McAfee consumer software applies McAfee Global Threat Intelligence to instantly detect and block viruses and stop web threats before they damage your home computer or mobile device. Engineered for the fastest performance ever, the software’s innovative design simplifies your security experience while offering essential protection. Specialized software extends our proactive security to your mobile devices, your family, and your identity to help secure all the facets of your digital world. The products grouped below appear alphabetically in the listings that follow. Products for the PC Suites (see next page for comparison chart)
• • •
McAfee AntiVirus Plus 2011 McAfee Internet Security 2011 McAfee Total Protection 2011
Specialty services
• • •
McAfee Family Protection McAfee Online Backup McAfee SiteAdvisor LIVE
Products for Mac
• •
McAfee Internet Security 2011 for Mac McAfee Family Protection for Mac
Products for mobile devices
• •
McAfee Family Protection (iPhone/iPod Touch/iPad Edition) McAfee WaveSecure
Integrated Suites for Home Users
We apply advanced ideas, integrated management, and global threat intelligence to help you protect your family and guard your data, home computer, and network.
McAFEE INTERNET SECURITY
Superb malware detection
Exclusive McAfee Active Protection™ technology instantly analyzes and blocks new and emerging threats in milliseconds, so there’s no gap in your protection Extensive speed enhancements include faster scans and faster updates Schedule security scans and updates so you can work or play without interruptions Monitor threats blocked and check security status at a glance with the easy-to-use security status area Get crucial product alerts that are less intrusive and easier to understand Enjoy safer Internet searching, surfing, and shopping thanks to identification of potentially harmful websites QuickClean eliminates junk files that can hurt PC performance Shred files to prevent future access Advanced identification prevents spam from clogging your inbox Take the hassle out of manually saving files with 1GB or 2GB of remote online storage Manage your children’s online usage more effectively Lock private data in your encrypted vault, so files are safe if your PC is lost, stolen, or hacked Defends your PC from intruders on your home network, blocking access to sensitive files Identifies harmful links in your browser, email, or instant messages, protects against identity theft, and blocks your PC when exposed to potential threats
• • • • • • • •
• • • • • • • • • • •
Faster PC performance No scan interruptions Check status at a glance with completely redesigned home screen Simplified security management with intelligent alerts Enjoy safer web surfing with McAfee SiteAdvisor® Better PC health with QuickClean™ Remove digital files thoroughly Anti-spam and email protection Protect digital files and memories with automatic online backup Child protection with enhanced parental controls Secure valuable files with Anti-Theft File Protection (note: English versions only) Home network defense protection Better protection from dangerous websites with McAfee SiteAdvisor LIVE
McAFEE FOR THE HOME
McAFEE TOTAL PROTECTION
McAFEE ANTIVIRUS PLUS
• • • • • • • • • • • • • •
139
McAfee AntiVirus Plus 2011
Essential, award-winning PC protection for carefree computing With thousands of new viruses created every day, relying on traditional security updates isn’t enough anymore. McAfee AntiVirus Plus instantly detects and blocks viruses, even stopping web-based threats before they download to your PC. Engineered for the fastest performance ever, our innovative design simplifies your experience while offering essential protection. Award-winning anti-virus, firewall, anti-spyware, and online protection McAfee AntiVirus Plus detects, blocks, and removes viruses, spyware, adware, even rootkits — insidious programs designed to tamper with your PC. Leveraging the same real-time global threat intelligence used in our enterprise products, revolutionary McAfee Active Protection™ technology provides the fastest protection against threats to your PC. Unlike the competition, we analyze and block new and emerging threats in milliseconds, so you do not have to wait for regular updates to arrive. With continuous and automatic updates, McAfee helps ensure that you are running the most current security to combat ever-evolving Internet threats. The result: no gap in your protection. In addition, our robust two-way firewall blocks outsiders from hacking into your PC, while it keeps sensitive information from leaking out if the system is compromised. McAfee AntiVirus Plus software also features the McAfee SiteAdvisor site rating system, our powerful safety rating system that lets you know if a site is risky, before you click. Better than ever Our latest release includes dramatic improvements to performance, such as update time and scanning, delivered within a completely redesigned, instantly understandable home screen. A simple color-coded security bar tells you if you can relax, or that specific defenses may need some attention. No guesswork, no stress, just essential protection. And you can now schedule scans and updates to minimize any disruption to your day. Strengths
•
Essential PC protection includes anti-malware, firewall, safe surf and search, and scanning optimization Always-current malware detection with exclusive McAfee Active Protection Reengineered for 8 times faster subsequent scan time Includes 30 days of free phone support (US only) and unlimited email and chat assistance
• • •
140
McAFEE FOR THE HOME
McAfee Family Protection
Keep your children safe as they learn and explore online Children using the Internet are subject to many threats, including access to inappropriate content, cyber bullying, posting of personal information, and risky discussions with strangers. With McAfee Family Protection, parents can have peace of mind as children learn, explore, and enjoy the Internet. McAfee Family Protection is the easiest, most complete way to keep your children safe online. It grows with your children as their Internet interests change and mature and keeps children of all ages safe from exposure to adult content, social networking risks, strangers, and other online threats. Restrict access to objectionable content McAfee Family Protection offers fast, easy set up so you can start protecting your children within minutes. Select websites and other content to block using 35 pre-defined categories and set time limits for Internet use. Our unique YouTube filtering prevents exposure to objectionable content, yet gives children access to appropriate videos. If specific applications are inappropriate, you can prohibit their use. And you can block unknown email addresses, so your children cannot communicate with strangers. Help your children protect their identities and private information Most children do not understand what personal information should or should not be shared. McAfee Family Protection prevents distribution of confidential information through file sharing applications and protects your PC against security threats commonly found in them. If you are on the go, you can be notified instantly by email or text message if your child posts personal information — such as phone number, address, or location — on social network sites, and if they attempt to access inappropriate sites. Monitor, record, and review cyber interactions To help you keep track of what is happening, including cyber bullying and improper dialogue with strangers, you can monitor and record instant message conversations and social networking site activity, including the use of profanity and sexually explicit terms. Usage reports help you understand your children’s online activities and empower you to educate them about proper online behaviors. Strengths
• • •
Fast, simple set up so you can start protecting your children within minutes Lets you permit your children to use the Internet while keeping them safe Protects children of all ages from inappropriate content, social networking risks, strangers, and other online threats
McAFEE FOR THE HOME
141
McAfee Family Protection (iPhone / iPod Touch / iPad Edition)
Protect and locate your children on their mobile devices Mobile devices — like the Apple iPhone, iPod Touch, or iPad — have unrestricted access to the Internet. As your children surf using these devices, they have access to objectionable websites and content. McAfee Family Protection for mobile devices protects your children from exposure to inappropriate mobile Internet content and allows you to monitor their online activities, including their physical device locations. Being able to identify and prevent objectionable activities lets you educate them about online threats, while allowing appropriate Internet use. Safe surf and search As kids explore and search online, they naturally cross borders. McAfee Family Protection helps establish boundaries and automatically blocks inappropriate web pages across different content categories. In addition, it filters inappropriate websites from search results to prevent intentional and unintentional exposure. Knowing where they are In parenthood, there are situations in which knowing where your children are — or have been — can be priceless. McAfee Family Protection allows you to determine the location of your children’s device where it was last used for Internet browsing. Since feature accuracy may vary and may not function in all areas, it cannot be relied on as an emergency locator, yet this feature will help you to raise your children more safely. Comprehensive reporting, everywhere Our online management portal is accessible via the Internet from a PC or mobile device. It allows you to monitor your children’s browsing activities and see the physical device location where your children last went online. You can review a log of all visited and blocked websites, add and remove websites manually, or remotely disable browsing altogether. Packaged as a dedicated secure mobile Internet browser, McAfee Family Protection offers a superior and safe browsing experience. Your children will recognize and love the device’s default browser, Safari. Features include search bar, tabbed browsing, pinch, zoom, resize, landscape view, manage bookmarks, share links via email, animated content, save images, and copy and paste. Strengths
• • •
Immediate protection with a familiar Safari experience Establishes boundaries for mobile web surfing Helps you locate your children through their devices
142
McAFEE FOR THE HOME
McAfee Internet Security 2011
Comprehensive, award-winning PC security to freely explore online For broad, effective online security at home, McAfee Internet Security combines the essential security of McAfee AntiVirus Plus — anti-malware, firewall, and safe search and surf — with anti-spam and email protection, plus data protection and parental controls. Engineered for the fastest PC performance ever, our innovative design simplifies your Internet security experience while offering comprehensive protection. Superb detection of viruses, spyware, and other malware Our system detects, blocks, and removes viruses, spam, phishing attacks, spyware, adware, even rootkits — subtle programs designed to tamper with your PC. Unlike the competition, new and emerging threats are analyzed and blocked in milliseconds, so you don’t have to wait for regular updates to arrive. The result: no gap in your protection. More of the security you value for your PC and data, with higher performance Our two-way firewall blocks outsiders from hacking into your PC, while McAfee SiteAdvisor software helps you know if a website is safe before you click, to avoid malware hidden in seemingly innocent sites. Advanced phishing protection alerts you to websites that may try to steal your identity or gain access to financial information. To manage your children’s online usage, we include powerful parental filtering controls. From faster computer startup, to lower CPU usage, to speedier scans, you will experience significantly improved performance. McAfee delivers innovative “silent” features that keep our security software out of your way. For example, you can reserve security scans and updates for when you are not using your PC. Online backups can be fully automated. And PC health tools can remove junk files, reliably destroy unneeded files with confidential data, and clean up your disk to improve system performance. Strengths
•
One GB of online, automated remote file backup takes the hassle out of backups Lets you manage your tools and schedule scans to avoid disruption Verifies security settings within your home network Smarter, more intuitive alerting and help center with contextual help Always-current malware detection with exclusive McAfee Active Protection Tools to improve PC health and destroy sensitive information
• • • • •
McAFEE FOR THE HOME
143
McAfee Internet Security for Mac 2011
Comprehensive Mac security to let you freely explore the web While Macs do not get PC viruses, they are just as vulnerable to Internet threats as PCs. Phishing websites can steal personal information, and malicious websites can download malware that you might unknowingly spread to your friends. With the daily emergence of new and more sophisticated Internet threats that could disrupt your digital life, you need more than the Mac OS to protect yourself, your computer, your identity, and your family. McAfee Internet Security for Mac helps protect your Mac from malware and cyber attacks as it safeguards your personal information from data-stealing programs and would-be hackers. It gives you the freedom to explore, download, and shop on the Internet any time, any place without fear of criminals or cyber attacks. McAfee is the number one provider of Internet security and is relentlessly committed to protecting and empowering you on the Web. Safe surfing and searching McAfee SiteAdvisor software adds safety ratings to your browser and search engine results, providing analysis on each website. It annotates each search result with red, yellow, or green ratings, letting you know if a website is safe or hosts potential security flaws. The safe search feature blocks sites with red annotations so you cannot click on bad links. Blocks malicious applications, sites, and data-stealing code Our firewall can keep uninvited guests from accessing your computer when you are online, restricting access to and from specific applications communicating via Internet or local area networks. Real-time protection recognizes phishing websites and blocks them. It also guards against harmful programs that monitor, collect, and send personal information to cyber criminals, such as viruses, Trojans, worms, bots, and rootkits. So you can exchange files freely, the software scans and cleans file attachments in Apple Mail and iChat programs, repairing and removing infections from files without damaging format or contents. Strengths
•
Protects against harmful programs that monitor, collect, and sell personal information Indicates website safety before you click and blocks phishing sites Firewall restricts access to your computer and files when you are online Catches emerging Internet threats before they reach you Scans and cleans downloaded files and attachments from email and IM programs Scans any external drive for potential threats to your Mac
• • • •
•
144
McAFEE FOR THE HOME
McAfee Online Backup
Easily and safely protect all of your digital files and memories Preserve precious memories with our simple, safe, unlimited online storage. McAfee Online Backup, powered by Mozy, takes the hassle out of manually backing up all of your valuable digital files — from Microsoft Outlook email and contacts to treasured family photos. Fast, simple setup lets you backup automatically as often as you would like Once you have installed the software, the backup process is easy because it is fully automated and seamless. Your files are encrypted and stored on a secure remote server online. There is no capacity limit, so you can back up all of your precious files. Your files are safe and easy to retrieve with just a few mouse clicks. Optimized for convenient, reliable backup After the initial backup, McAfee only backs up files that have been added or changed, saving you time and bandwidth. New and changed file detection makes sure McAfee Online Backup finds and saves the smallest changes, giving you a thorough backup. It can also back up open and locked files to ensure a reliable archive. Keep digital information and images safe with strong encryption Your annual subscription provides virtually unlimited offsite storage and online access. Reliable 128-bit SSL encryption protects your files during backup, and 448-bit Blowfish encryption protects your files while they are in storage, giving you peace of mind that your private data is safe from hackers, prying eyes, or inadvertent access. Convenient anywhere, anytime access Even if you experience a catastrophe, you still have electronic copies archived and available to you from any PC with an Internet connection. You can restore your files anywhere using any high-speed Internet-enabled PC. Strengths
• •
Fast, simple set-up allows automatic backup as often as you like Offsite storage and online access mean even after a disaster you still have electronic copies available All your backed up copies are encrypted for your protection Virtually unlimited storage space Anytime access from any PC with an Internet connection
• • •
McAFEE FOR THE HOME
145
McAfee SiteAdvisor LIVE
Identifies risky websites and protects your PC When any link can lead to a compromised website, it helps to know in advance — before you click — if a link means trouble. McAfee SiteAdvisor LIVE goes beyond safe searching and browsing to provide active, real-time, comprehensive protection from sites that can compromise your identity and your PC. You and your family can safely shop and bank online, guarded by advanced phishing protection, link checking in emails and instant messages, and “Protected Mode” to disable interaction with dangerous sites. The core McAfee SiteAdvisor software displays simple red, yellow, and green website safety ratings as well as McAfee SECURE trustmarks for sites passing rigorous daily tests. These safety ratings reflect a massive database of test results from millions of automated site visits, download installations, and email registrations. Tests detect risks such as spyware, spam, phishing, and browser exploits. Improve risk awareness and actively protect users McAfee SiteAdvisor LIVE adds extra data features that inform you how a download meddles with the inner workings of your PC and whether it will properly and completely uninstall. The software also includes unique link checking that warns you about risky websites coming in through instant messaging and email. Its Protected Mode prevents PCs from visiting those risky sites by disabling interaction with dangerous “red” sites and downloads. Add it easily to your infrastructure Every day, McAfee provides almost 3 billion website safety ratings to users of the McAfee SiteAdvisor product line. McAfee SiteAdvisor LIVE technology works with 20 search engines, including Google, Yahoo!, Bing, AOL, and Ask. And it requires no other security software to operate. Strengths
•
Comprehensive advice about sites with spyware, spam, phishing, exploits, and more, with support from McAfee computer security experts Simple icons appear when browsing, searching, instant messaging, or emailing Password controlled Protected Mode prevents interaction with risky sites Updates and upgrades automatically to protect against new threats
•
• •
146
McAFEE FOR THE HOME
McAfee Total Protection 2011
Ultimate, award-winning PC and online security for total peace of mind As criminals get more creative, you must fight back with extra protection for your data, your home network, and your PC. McAfee Total Protection builds on the anti-malware, firewall, web safety, and email security found in our McAfee Internet Security suite and layers in extended data protection and web controls. As it instantly detects and blocks malware, it defends your system and home network and blocks websites that could harm your computer. Engineered for the fastest performance, our design simplifies your experience while offering ultimate protection. McAfee Active Protection technology defends against emerging threats Our real-time scanning lets our anti-virus and anti-spyware detect, block, and remove viruses, spyware, spam, phishing attacks, adware, and rootkits. Unlike the competition, new and emerging threats are analyzed and blocked in milliseconds, so you do not have to wait for regular updates to arrive. Our two-way firewall blocks outsiders from hacking into your PC, while home network protection defends your PC from intruders on your home network, blocking access to sensitive files. Reinforce security for your family and your PC We take the hassle out of manually backing up your most valuable digital information with two GB of encrypted online data storage. Plus McAfee Antitheft encryption (in English versions) lets you lock private data in an encrypted vault on your PC, with password protection. Files are safe if your PC is lost, stolen, or hacked. McAfee SiteAdvisor LIVE tells you whether a website is safe before you click and checks links within email and instant messages to stop malware and identity theft. It can also instantly shield your PC when it is exposed to threats. And parental controls let you manage Internet use. Faster than ever, and easier to use After the rapid installation gets you up and running, a full system scan will not slow down your computer. Scheduled activity throttling works to initiate or resume updates when your PC is idle, minimizing interruptions. Strengths
• •
2GB of online, automated remote file backup Award-winning anti-virus, firewall, anti-spyware, and online protection, plus data and parental controls At-a-glance home screen makes it easy to manage and monitor your PC and network defenses
•
McAFEE FOR THE HOME
147
McAfee WaveSecure
For Android, BlackBerry, Symbian S60, Windows Mobile, and Java Control of your mobile device and data, anytime and anywhere Your mobile phone contains many details of your life: contacts, calendar, text messages, photos, videos, and more. If it is lost or stolen, you lose sensitive information and irreplaceable memories, and you risk malicious — and expensive — use of both device and data. McAfee WaveSecure enables you to remotely locate and track your phone, lock it, backup the data, wipe the device, and restore your data, even to a different phone. Locate, track, and disable your missing mobile device Should your mobile phone disappear, the first thing you will want to know is where it is. With McAfee WaveSecure, you can locate your device via either its built-in GPS or cell tower tracking, using our web portal or an SMS message from a friend’s phone. You can also trigger an alarm to help you find it or disrupt a thief, and send a brief SMS message with instructions for returning it. If you cannot immediately recover your phone, you can remotely program the device to receive incoming calls only, thwarting abuse. You can also set McAfee WaveSecure to automatically lock the phone, display a message if the SIM is changed, and send a notification to chosen friends via SMS. Remove your data from a lost device If you know the phone is stolen or lost, use our portal or an SMS to ensure that your personal data cannot be accessed or used maliciously. You can remotely wipe all data on the phone as well as its removable memory card. McAfee WaveSecure uses a wipe method compliant with US Department of Defense standards to make sure that the data is gone beyond recovery. Backup and restore your data with our convenient management options Regular backups of your data are important for protecting sensitive information and preserving contacts and captured images and videos. McAfee WaveSecure enables you to backup your data from your device or remotely through the web portal — so even if your device is missing you can back it up before you wipe it. You can restore your data any time, to the same or a replacement device. Choose the extensive functionality of the online portal, a simple mobile device interface, or fast PIN-authorized SMS messages from a friend’s phone. With McAfee WaveSecure, you can be sure of continuous, convenient protection for your mobile phone and data. Strengths
• • •
Remotely locks down your device Wipes out important data stored on your mobile to protect your privacy Backs up your data from your phone or remotely on the web
148
McAFEE FOR THE HOME
Global Reach, World-Class Technology
Security Connected delivers real-time visibility into the security and risk management profile of your business. The world’s most comprehensive threat intelligence keeps your security up to date and makes possible self-securing data, web, email, network, and endpoint security systems. Our open platform lets you integrate security into your existing business processes and security investments. Say “yes” to enabling your business. Security Connected from McAfee.
McAfee, Inc., headquartered in Santa Clara, California, is the world’s largest dedicated security technology company. McAfee is relentlessly committed to tackling the world’s toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse, and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector, and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security.
McAfee, Inc. 2821 Mission College Blvd. Santa Clara, CA 95054 1.888.847.8766 www.mcafee.com
McAfee, the McAfee logo, McAfee Active Protection, McAfee AppPrism, McAfee EMM, McAfee ePolicy Orchestrator, McAfee ePO, McAfee Global Threat Intelligence, McAfee Labs, McAfee SECURE, McAfee SiteAdvisor, McAfee Total Protection, Foundstone, FoundScore, QuickClean, SecureOS, SmartFilter, and VirusScan are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications, and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. © 2011 McAfee, Inc. All rights reserved. 17001pdir_cor_ssg_0111
JANUARY 2011
Bridging Security and Opportunity
Today’s IT ecosystem thrives on its connections. It may link ATM machines, virtual desktops, or personal devices to straight-through applications hosted in the cloud, link employees and partners to business-critical networks and data centers, and link your most sensitive assets to unexpected threats and escalating risk. Your security must help connect these moving parts, without creating friction. Instead of blocking business, security should benefit business—enabling users, services, and profits without sacrificing confidence or compliance. Security should be omnipresent, but not onerous. Effective, but not expensive. Agile, but not fragile. Welcome to a world where security works this way today.
Security Connected from McAfee.
Security Connected
The open McAfee® framework called Security Connected unites the many parts of security infrastructure against the many parts of today’s threats. Weaving in unequalled global threat intelligence, manageability, and industry partnerships, this flexible security platform protects the ubiquity of your IT infrastructure. Instead of competing for your budget and attention, your IT and security investments collaborate for maximum protection and efficiency. You optimize your security to safeguard your business everywhere it goes, in every way it operates, to seize every opportunity.
INTRODUCTION
01
While your business has been innovating, so has the business of cybercrime. From being an occasional headline, cybercrimes are now mainstream news.
• An average of 6,000,000 new botnet
infections are discovered each month1
• A new malicious website is detected
every 30 seconds2
• External agents represented 70 percent
of data breaches and 98 percent of stolen records3
Balancing Risk and Reward
The “do more with less” requirement and competitive climate have spurred investment in IT: desktop virtualization, cloud and social media services, and non-stop access for a dynamic workforce and its myriad devices. Undertakings like these offer efficiencies and competitive advantages—if you can manage risks and maintain compliance. Sometimes we simply have to say “no” to new services, because of the risk, the cost, or the technical constraints. What would it take to say “yes” to these requests? A security environment that gracefully handles
• • •
Complex threats Multidimensional countermeasures Fluid enterprise infrastructure
¹ McAfee Threats Report: Third Quarter 2010. 2 McAfee Labs. 3 2010 Verizon Data Breach Report, http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf
02
INTRODUCTION
McAfee Global Threat Intelligence drew this map of Stuxnet infections.
Threats with multiple components Zeus, Operation Aurora, Mariposa, and Stuxnet—these attacks represent professional operations. Wielding sophisticated tools and taking a long view of the opportunity, cybercriminals run businesses like yours, but without legal, geographical, or moral boundaries. Unlike the simple viruses of yesteryear, today’s cyberthreats employ multiple components and threat vectors—a cocktail of network port scans, phishing email and websites, corrupt Adobe Flash and PDF files, and browser vulnerabilities—to ensure success. For example, the Stuxnet worm took advantage of four separate, unpublished vulnerabilities to ensure a match with its target. It spread through USB devices and network shares and formed a botnet of infected systems that “phoned home” to malicious web servers. Designed to cripple critical infrastructure, Stuxnet now infects thousands of mainstream users around the globe.4 Similarly, Operation Aurora went unnoticed by federating endpoint, web, email, and network tactics with a multi-month timeline.
4
McAfee Threats Report: Third Quarter 2010.
INTRODUCTION
03
Security with islands of products and people Single-vector protections—traditional defense-in-depth layers—provide limited defense against multivector threats. They catch one facet of an attack but miss the big picture of today’s redundant paths. Many do nothing for insider threats where privileged users abuse legitimate access. Similarly, IT administrators from independent web, email, systems, and network organizations view separate parts of the risk picture from siloed management environments. While they might assemble a story from logs and alerts, this after-the-fact event correlation reacts to known threats and patterns. It is unlikely to detect subtle threats that change every use, unfold slowly, or incorporate unknown malware and unpublished vulnerabilities. When something goes wrong, isolated security islands and management environments make it expensive to diagnose, contain the damage, and recover to business as usual. A recent PricewaterhouseCoopers poll found that the cost of responding to the worst incidents has more than tripled since 2008.5
5
PricewaterhouseCoopers, Information Security Breaches Survey 2010, commissioned by Infosecurity Europe.
04
INTRODUCTION
Enterprise ecosystems with assets everywhere Businesses are hard to secure against multivector, fast-paced threats because enterprise IT architectures have evolved from static to fluid, from proprietary to personal. After waves of virtualization and outsourcing, a plethora of new devices accesses a host of services and sensitive data in consolidated data centers, hosted in the cloud, or maintained by third parties. This ubiquitous IT infrastructure has many moving parts, many of them virtual—partners, applications, employees, data centers.
•
If you aren’t providing the mobile devices, how do you ensure compliance with policies or confidentiality of locally stored data? If you can’t lock down the physical server where the data and applications are active, how can you block attacks and maintain required patches? If you spend all your time reacting, who is managing risk and securing the infrastructure required to support new services and business growth?
•
•
INTRODUCTION
05
Connecting the Components
IT infrastructures are often overextended—with islands of separately managed systems. This compounds the complexity of managing security. To combat these challenges, visionary security and risk managers are harnessing separate security components into a coordinated system, a security platform optimized to counter threats, enable compliance, and streamline operations. Working with industry leaders, McAfee has defined an open, proven architecture that helps you construct your optimized security platform: Security Connected.
06
INTRODUCTION
Our technology footprint enables sensors at every layer of the technology stack to communicate, share intelligence, and secure your entire enterprise.
A platform for confidence and compliance A Security Connected platform builds bridges between security islands to close coverage and technology gaps. It connects intelligence about changing threats, anomalies, risks, and priorities with the people and tools that need them. It gives you confidence that you understand the shifting situation and can manage risk. With real-time visibility into risk and events, you can safely link your users to their applications and data, across any network, from any device, in compliance with business and industry policies. The world’s most comprehensive threat intelligence keeps your countermeasures up to date and makes possible self-securing data, web, email, network, and endpoint protections. These systems share shreds of different types of information, collaborating in real time, non-stop, to act instantly as risks change. A platform for “yes” Security Connected also builds in choice and flexibility. Your extensible platform can connect processes and systems from multiple vendors and organizations, elements like IT user directories, Apple iPads, and auditor reports. Leveraging tested integrations and open interfaces, existing infrastructure can mesh with new capabilities to protect your investments as well as your data assets. You can use policies and automation to create efficiencies and enforce rules consistently. This open platform can handle the change required to seize opportunity and deal with necessity. In building security into the way your business operates, your Security Connected platform helps you secure the business without getting in its way.
INTRODUCTION
07
Leverage the Security Connected Platform
The Security Connected architecture takes key elements of security and makes them modular, manageable, and effective.
•
McAfee Global Threat Intelligence™ delivers the industry’s most comprehensive, real-time threat protection, providing deep visibility into current and emerging online dangers so that McAfee products activate countermeasures ahead of threats Network Security combines real-time threat awareness, award-winning intrusion prevention technologies, and an optimized management platform for the world’s most comprehensive network defense Content Security patrols email, web, and data usage both inside and outside the network, whether users are in the office or working remotely. It ensures a productive workforce with critical protections that flex to fit your evolving security architecture. Endpoint Security integrates system security, virtualization security, mobile protection, email security, web safety, and access control to let you guard endpoints against the latest threats with fewer IT resources Security Management provides constant visibility into your security, risk, and compliance profile. With an open platform to integrate existing security administration, McAfee automates protection, diagnosis, and remediation.
•
•
•
•
08
INTRODUCTION
The Security Connected platform from McAfee helps you optimize security as you enable business.
These elements—including over 100 third-party solutions—are united by the open interfaces of the McAfee ePolicy Orchestrator® (McAfee ePO™) management environment. Much more than a dashboard, McAfee ePO brings together data and activities so you can make sense of, mitigate, and report on your changing IT risks. To tailor your platform to your real-world requirements, look to McAfee Support and Services. These experts help you get the most out of your security investments, for optimized protection at optimal efficiency. McAfee Alliances fuse your security platform with your other IT infrastructure, from silicon to satellite, through tested integrations and value-added partnerships. Our consumer products bring McAfee Global Threat Intelligence and robust protection home to secure your loved ones, your identity, and your personal computing environment.
INTRODUCTION
09
WHAT IS YOUR SECURITY PRIORITY?
LOOK HERE FOR HELP
Protecting virtualized environments
– Endpoint Security – Alliances – Endpoint Security – Content Security – Content Security – Endpoint Security – Content Security – McAfee Global Threat Intelligence – Content Security – Network Security – McAfee Global Threat Intelligence – Content Security – Endpoint Security – Network Security – Network Security – McAfee Global Threat Intelligence – Network Security – McAfee Global Threat Intelligence – Security Management – Support and Services – Security Management – Support and Services – Security Management – Alliances
Enabling the consumerization of IT
Safeguarding sensitive data
Leveraging the cloud
Facilitating Web 2.0
Mitigating insider threats
Combating industrialized hacking
Fending off targeted attacks and advanced persistent threats (APTs) Balancing security and ROI
Reducing complexity and chaos
Using security to enable business
Get Connected
McAfee is ready to help you move toward your optimized security environment. Use this guide to navigate our Security Connected resources and start saying “yes” to enabling your business.
10
INTRODUCTION
Table of Contents
Table of Contents
Optimizing your organization’s security means moving from a reactive stance— such as deploying a new point tool to counter each new threat—to a strategic and connected security framework. By integrating protection across the most common threat vectors—file, web, message, and network—McAfee enables you to enhance operational efficiencies without making compromises on security or compliance.
Global Threat Intelligence McAfee Labs™ McAfee Global Threat Intelligence™ Network Security McAfee Firewall Enterprise McAfee Firewall Enterprise Profiler McAfee Network Access Control McAfee Network Security Manager McAfee Network Security Platform McAfee Network Threat Behavior Analysis McAfee Network Threat Response Content Security McAfee Command Line Encryption McAfee Content Security Blade Server McAfee Data Loss Prevention McAfee Device Control McAfee Email and Web Security Appliance McAfee Email Gateway McAfee Encrypted USB McAfee Endpoint Encryption McAfee SaaS Email Archiving McAfee SaaS Email Encryption McAfee SaaS Email Inbound Filtering McAfee SaaS Email Protection McAfee SaaS Email Protection and Continuity McAfee SaaS Total Protection™ McAfee SaaS Web and Email Protection McAfee SaaS Web and Email Security with Archiving
11 13 14 17 20 21 22 23 24 25 26 27 30 31 32 33 34 35 36 37 38 39 40 40 41 42 43 44
McAfee SaaS Web Protection McAfee Security for Email Servers McAfee SiteAdvisor® Enterprise McAfee Web Filtering for Endpoint McAfee SmartFilter® McAfee Total Protection for Internet Gateways McAfee Total Protection for Data McAfee Total Protection for Secure Business McAfee Web Gateway Endpoint Security On-premises Endpoint Suites Comparison Security SaaS Suites Comparison McAfee Application Control (for desktops and servers) McAfee Command Line Encryption McAfee Device Control McAfee Encrypted USB McAfee Endpoint Encryption McAfee Endpoint Protection— Advanced Suite McAfee Endpoint Protection Suite McAfee Endpoint Protection for Mac McAfee Enterprise Mobility Management (McAfee EMM™) McAfee Host Intrusion Prevention McAfee Mobile Security for Enterprise McAfee MOVE AntiVirus McAfee Network Access Control McAfee Policy Auditor McAfee SaaS Endpoint Security Suites
45 46 47 47 48 49 50 51 52 53 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72
continued on back of tab
Table of Contents
McAfee SaaS Total Protection McAfee Security for Email Servers McAfee Security for Microsoft SharePoint McAfee SiteAdvisor Enterprise McAfee Web Filtering for Endpoint McAfee Total Protection for Endpoint— Enterprise Edition McAfee Total Protection for Data McAfee Total Protection for Secure Business McAfee Total Protection for Server McAfee VirusScan® Enterprise McAfee VirusScan Enterprise for Linux McAfee VirusScan Enterprise for Offline Virtual Images McAfee VirusScan Enterprise for Storage McAfee VirusScan Enterprise for use with SAP NetWeaver platform McAfee VirusScan for Mac Security Management McAfee Change Control McAfee Change Reconciliation McAfee Configuration Control McAfee Database Activity Monitoring McAfee ePolicy Orchestrator (McAfee ePO) McAfee Integrity Control McAfee Integrity Monitor for Databases McAfee PCI Certification Service McAfee Policy Auditor McAfee Risk Advisor McAfee Total Protection for Compliance McAfee Vulnerability Manager (With McAfee SECURE™ module option) McAfee Vulnerability Manager McAfee Vulnerability Manager for Databases Support and Services McAfee Corporate Support McAfee Premium Support Offerings McAfee Corporate Technical Support Program Comparison McAfee Solution Services McAfee University Foundstone® Professional Services Foundstone Education
73 74 75 76 76 77 78 79 80 81 82 83 84 85 86 87 90 91 92 93 94 95 96 97 98 99 100 101 102 103 105 107 108 109 110 111 112 113
Alliances McAfee Global Alliances McAfee Global Alliance Partner Directory McAfee Security Innovation Alliance (SIA) McAfee SIA Partner Directory McAfee SIA Sales Teaming Partners McAfee for the Home Integrated Suites for Home Users McAfee AntiVirus Plus 2011 McAfee Family Protection McAfee Family Protection (iPhone/iPod Touch/iPad Edition) McAfee Internet Security 2011 McAfee Internet Security for Mac 2011 McAfee Online Backup McAfee SiteAdvisor LIVE McAfee Total Protection 2011 McAfee WaveSecure
115 117 119 125 126 128 137 139 140 141 142 143 144 145 146 147 148
Global Threat Intelligence
McAfee Global Threat Intelligence
McAfee Global Threat Intelligence from McAfee Labs delivers the industry’s most comprehensive, real-time threat protection. Powered by millions of sensors around the world and a global team of more than 400 researchers, it provides deep visibility into current and emerging online dangers—ensuring that your threat protection is predictive, rather than reactive.
Rely On the Highest Level of Coordinated Security
Today’s threats are more sophisticated and targeted than ever, and they are growing at an unprecedented rate. In 2007, we identified more than 16,000 new pieces of malware per day on average. In 2010, we reached a frightening 60,000 new identifications per day. Malicious URLs have grown almost six-fold in the last two years.1 With the increased threat of criminals mining for data, the efficiency of your security must be a priority.
•
Global Threat Intelligence
McAfee Labs—Backed by a portfolio of more than 480 patents and a network of millions of sensors spanning the Internet, the worldwide research experts at McAfee Labs deliver unparalleled protection against both known and emerging threats through a complete suite of security products, as well as a range of free educational tools and industry outreach McAfee Global Threat Intelligence—Integrated seamlessly into McAfee products, this cloud-based threat intelligence service from McAfee Labs helps protect your organization against cyberthreats across all vectors—file, web, message, and network—reducing your effort while increasing your protection
•
1
McAfee Threats Report: Third Quarter 2010.
About McAfee Labs
Threat intelligence leadership With more than 20 years of security research experience, McAfee Labs is at the forefront of real-time threat intelligence. McAfee Labs began as McAfee AVERT Labs, an industry-leading security research organization focused on identifying and tracking burgeoning malware threats. Through a series of strategic acquisitions and global expansion of the research team, AVERT Labs broadened its threat research scope to cover web, email, and network security, as well as the complete range of emerging vulnerabilities. This broad security research foundation enables today’s McAfee Labs to deliver comprehensive, real-time McAfee Global Threat Intelligence via a complete suite of McAfee security products. Year after year, McAfee ranks at the top of independent security testing organizations’ assessments of security vendors. We are cited most often for our high threat detection and low false positive rates. While testing is an important way to judge a product’s efficacy, the real proof is in our ability to protect against real-world attacks. We see and prevent billions of threats each day. In a recent independent study, we were the only one among top security vendors whose anti-malware engine correctly thwarted what was one of the most significant electronic intellectual property heists in history, Operation Aurora. McAfee Labs highlights
• • • • •
1996: McAfee discovers first locally exploitable kernel vulnerability 1997: McAfee pioneered detection of password-stealing Trojans 1998: McAfee discovers the first polymorphic field virus 1999: McAfee discovers famed Melissa virus 2003/2004: McAfee discovers two of the biggest self-executing worms written: Blaster and Sasser 2004: McAfee develops the world’s first real-time, multi-dimensional online reputation system, McAfee TrustedSource™ 2005: McAfee discovers attackers manipulating Google 2008: McAfee develops world’s first real-time, “in-the-cloud” file reputation system, McAfee Artemis™ 2009: McAfee credited with inventing and defining “global threat intelligence” 2010: McAfee identifies zero-day vulnerability in Microsoft Internet Explorer and names attack “Operation Aurora”
•
• •
•
•
GLOBAL THREAT INTELLIGENCE
13
McAfee Global Threat Intelligence
Comprehensive, cloud-based threat intelligence Not only has the threat growth curve shifted from linear to exponential, but threats have become increasingly sophisticated, evasive, and damaging. With the growth of cyberthreats putting extra pressure on your IT infrastructure and budget, your security needs to work more intelligently. McAfee has the answer: a reputation-based system that has visibility into all types of cyberthreats from around the globe. McAfee uses this visibility to provide the highest level of coordinated security defense, delivering up-to-themoment threat information to guide decisions in real time at each layer in your infrastructure.
•
Protects from both known and emerging cyberthreats, regardless of the source of those threats or where they travel Arms your security infrastructure with shared threat intelligence, enabling security products to act in concert, based on the same robust, real-time information Closes the threat window with instantaneous, often predictive, reputationbased threat intelligence, reducing the probability of attack and the costs of remediation and lost downtime
•
•
How it works McAfee Global Threat Intelligence data comes from multiple sources. Thanks to our large and diverse customer base, we receive queries from more than 100 million McAfee nodes deployed in real world settings around the globe. With each query, our cloud system learns something new about the subject of the query. We combine that insight with data from other threat vectors to understand cyberthreats from all angles. This perspective helps us identify threat relationships, such as malware used in network intrusions, websites embedded in malware code, websites hosting malware, botnet associations, and more. Bidirectional communications connect McAfee products with McAfee Global Threat Intelligence. McAfee products query the cloud, and our cloud renders the latest reputation or categorization intelligence to the products so that they can take action. For example, if McAfee Global Threat Intelligence detects malware, the system will automatically search its database for associations between that malware and URLs hosting it or embedded links in the malware, IP addresses hosting it, messages containing it, and so on. The reputations of these files, messages, websites, and IP addresses will be updated to reflect greater risk. McAfee products can then apply policies to limit interactions with these newly more risky entities. Our ongoing actions protect you, effortlessly.
14
GLOBAL THREAT INTELLIGENCE
Message Web Network Vulnerability Information CLOUD
File
File
Web
Message
Network
THREAT INTELLIGENCE
Endpoint Application Control
Web
Message
Risk and Compliance COUNTERMEASURES IPS
Firewall
The McAfee Global Threat Intelligence framework.
Shared threat intelligence McAfee Global Threat Intelligence enables McAfee products to protect you against cyberthreats across all vectors — file, web, message, and network. Already integrated into your McAfee security products on premises or in the cloud, McAfee Global Threat Intelligence has the broadest threat data, most robust data correlation, and most complete product integration in the market. This gives McAfee unique visibility into online dangers such as botnets, worms, DNS attacks, and even advanced persistent threats. Each product can take appropriate policy-based action when these threats strike. Each product you connect shares intelligence and capability to strengthen the overall effect. Not only do thirteen McAfee product families integrate McAfee Global Threat Intelligence, these products also integrate more threat intelligence services per product than any other security products available today — services like file reputation, web reputation, web categorization, message reputation, and network connection reputation. Multiple threat service mappings per product multiply the accuracy and responsiveness of your protections.
GLOBAL THREAT INTELLIGENCE
15
McAfee Global Threat Intelligence in action On May 7, 2010, McAfee Global Threat Intelligence picked up anomalous activity of a new website based on web and network threat data, and adjusted the reputation of the website accordingly. On June 7, 2010, the malicious website was the source of a widespread iFrame injection attack affecting more than 100,000 legitimate websites. However, McAfee customers with McAfee Global Threat Intelligence were already protected. Availability and activation McAfee Global Threat Intelligence is included in the cost of McAfee products that incorporate this service. In some products, McAfee Global Threat Intelligence is enabled by default. If not, you may enable it easily using your McAfee product administrative interface. To learn more, please visit www.mcafee.com/GTITurnItOn. For organizations that operate environments with limited Internet access, McAfee offers the McAfee Global Threat Intelligence Server, a virtual appliance that consolidates client-to-cloud communications using a set of auditable proxy servers for McAfee-protected clients. McAfee Global Threat Intelligence is also available as a standalone service. Strengths
• •
More than one hundred million McAfee nodes deployed around the globe More than one hundred billion queries each month from all threat vectors — file, web, message, and network The most comprehensive set of threat intelligence services in the market — file reputation, web reputation, web categorization, message reputation, and network connection reputation
•
Tap into this expertise online with free tools, blogs, and research at www.mcafee.com/threatintelligence.
16
GLOBAL THREAT INTELLIGENCE
Network Security
McAfee Network Security
Today’s networks face continuous threats and unauthorized access to resources. Combining real-time threat awareness, award-winning intrusion prevention technologies, and an optimized management platform, McAfee delivers the world’s most comprehensive network defense.
Protect Against Network-Based Threats and Policy Violations
McAfee safeguards networks 24/7 with real-time threat feeds from McAfee Labs, plus a complete range of security functions: intrusion prevention, firewall, network access control, anti-spam, anti-malware, web filtering, and outbound content control. We make ownership easy with integrated solutions and centralized management.
•
Perimeter defense—Firewall and network intrusion prevention technologies enable effective perimeter defense through constant, comprehensive global threat intelligence. Using millions of worldwide network sensors to fully characterize all threats, we provide an unparalleled understanding of how attacks behave and may evolve over time. The result is proactive, unmatched threat protection delivered in real time. Network asset protection—McAfee provides the most precise, high-performance network intrusion prevention technologies in the industry. Our network-class, purpose-built hardware platforms exceed the reliability requirements of even the most critical business applications. By combining zero-day vulnerability coverage with the most comprehensive, proactive threat intelligence feeds, McAfee protects network assets against the latest attacks. User access control—McAfee Network Access Control (NAC) links endpoint and network security with access control and compliance, centrally managed by McAfee ePolicy Orchestrator. McAfee NAC allows you to easily deploy and tailor access controls, resulting in increased security, fewer errors, and network control unmatched in the industry. User activity control—When you identify network activity by end-user application rather than network protocol, your security and network configurations can map directly to conventional, written organizational policies. You gain streamlined configuration management, improved enforcement accuracy, and simplified compliance assessment.
•
•
Network Security
•
Optimize Network Defenses to Match Your Risks
Take your pick from a full range of scalable, hardened appliances and convenient software designed to integrate seamlessly for better manageability and fast incident response. The products grouped below are presented in alphabetical order in the pages that follow. For the latest information, visit www.mcafee.com/networksecurity.
Firewall McAfee Firewall Enterprise — Use this next-generation firewall to restore control and protection to your network by blocking threats and eliminating unwanted traffic McAfee Firewall Enterprise Profiler — Instantly analyze network traffic and firewall rules to slash the time needed to solve firewall-related network or application outages Network intrusion prevention (IPS) McAfee Network Security Platform — Block attacks in real time, before they can cause damage, and protect every network-connected device McAfee Network Security Manager — Configure, deploy, and manage multiple IPS and NAC appliances through a single, easy-to-use console McAfee Network Threat Response — Dig deep into threats and construct forensic analysis to effectively characterize and respond appropriately to malware Network access control McAfee Network Access Control — Mitigate risk to corporate assets posed by systems that don’t comply with your security policies Network behavior analysis McAfee Network Threat Behavior Analysis — Collect traffic and analyze host and application behavior to detect worms, zero-day threats, botnets, and reconnaissance attacks
20
21
24 23 26
22
25
NETWORK SECURITY
19
McAfee Firewall Enterprise
Next-generation firewall with true application control As your business depends more and more on web-enabled applications, those applications have opened up a huge, fast-changing attack surface. First generation firewalls were limited to port, protocol, and IP addresses. The next generation McAfee Firewall Enterprise family lets you confidently discover, control, visualize, and protect new and existing applications. McAfee Firewall Enterprise combines full application visibility and control, reputation-aware threat intelligence, and multivector attack protection to deliver unprecedented protection in a single solution. Since effective security policies for today’s complex Web 2.0 traffic depend on fine-grained understanding that goes far beyond port and protocol, McAfee AppPrism™ offers visibility and control that spans applications and users. Multivector, reputation-aware security We can automatically discover applications running on your network, even port-agile and encrypted applications, and show you who is using them. Then our single policy view puts users, applications, and protections within your control as you construct rules with a minimum of clicks. You can selectively apply broad defenses such as application filters, anti-virus, anti-malware, anti-spam, IPS signatures, URL filtering, and reputation services and manage them all in a logical workflow. These integrated protections apply reputation and global threat intelligence to combat the latest botnets and advanced persistent threats. We can block content and connections based on malicious intent before a new threat is confirmed. Effective security that scales from branch office to data center New software updates are delivered automatically via the Internet, reducing maintenance effort. McAfee ePolicy Orchestrator integration shares firewall health and welfare information with centralized monitoring systems. All this powerful protection is wrapped up in appliances built on the SecureOS® operating system. Our reliability and control will be there as your application demands grow. Strengths
• • • •
Application discovery and control with powerful visualization tools Integrated, in-line inspection and URL filtering Proven in Fortune 500 and ultra-secure government organizations Flexible range of physical, virtual, and multi-firewall offerings, including the option to run on Riverbed Steelhead and Crossbeam X-Series appliances Includes the McAfee Firewall Enterprise Profiler Virtual Appliance and McAfee Firewall Reporter at no extra charge
•
20
NETWORK SECURITY
McAfee Firewall Enterprise Profiler
Intuitive visualization of network traffic and firewall actions in real time Many organizations struggle to understand the traffic traversing their networks, since it travels as generic or encrypted web traffic through port 80 and port 443. This blind spot limits administrator control over network use, hampers security, and sometimes allows firewall rule changes to inadvertently sabotage network applications. McAfee Firewall Enterprise Profiler shines a spotlight on traffic with application discovery, analysis, visualization, and validation, so you gain the visibility needed for effective control and fast resolution of issues. Situational awareness with the right details to guide action Profiler gives network and firewall administrators at-a-glance visibility into user behavior and who is using which applications, along with the threat risk of each application. Its reporting depicts the users, the applications they are using, the bandwidth being consumed (inbound and outbound), the countries involved, and the time of day. With a few simple clicks, you can drill down from the main view to the details needed to understand your network environment, including related user names, groups, roles, and more. Our visualization and analytics provide better understanding of rule usage and facilitate speedy identification of new application threats. For instance, details on recent or increased usage of a risky application like BitTorrent could indicate employees are breaking your acceptable use policy. Profiler can also minimize troubleshooting costs through quick identification and scoping of application outages and validation of fixes after rule changes. Seamless interoperability with existing network infrastructures Profiler receives data over a live feed from McAfee Firewall Enterprise and aggregates this information with flow data from across the network. By leveraging the McAfee ePO asset directory, you can see the full context of an event for faster resolution. A high-level McAfee ePO dashboard showcases the most pressing firewall alerts that likely require administrator intervention. The Profiler virtual appliance is included with the V8 release of McAfee Firewall Enterprise. Large organizations may want to step up to our pre-configured, scalable McAfee Firewall Enterprise Profiler P1000 appliance. Strengths
• • •
Real-time verification of application rollouts Confirms whether or not traffic disruptions are due to firewalls Detailed visuals and drilldowns let you understand root causes and immediately update firewall configurations to restore service
NETWORK SECURITY 21
McAfee Network Access Control
Reduce threats and data loss with unified network access control Visitors and contractors can introduce malware, disrupt your networks, and compromise your systems and data. Employees who self-administer their endpoints can disable or misconfigure security tools and install malicious programs that can threaten data. McAfee Unified Secure Access is the first network access control (NAC) solution to unify endpoint and network security with access control. Unlike many NAC solutions, the integrated McAfee solution secures against threats inside and outside the network while remaining simple, cost-effective, accurate, scalable, and secure. Minimize risk of outbreaks while allowing flexible policies McAfee expands your security posture with adaptive policy technology that combines multiple assessment and control features into one NAC solution. It controls access and protects against broad threats with application-based and identity-based technologies, which control who has access to your specific critical network resources. Further, McAfee protects your investment by leveraging your existing network and system components and taking advantage of integrated management through McAfee ePO. Broad enforcement options McAfee Unified Secure Access includes three main components. Mix and match these options to create a complete solution:
•
McAfee NAC Software supports managed users and offers employee endpoint health assessment both pre- and post-admission McAfee NAC Appliance controls guest and contractor access with a network-based approach and offers identity and application-based network access control McAfee NAC Module for McAfee Network Security Platform adds the functionality of the NAC Appliance to an existing Network Security Platform to incorporate intrusion prevention in network access control decisions
St
ep
licy Po 1:
Ste p2 :D i
Scans for rogue devices, alerts, and reports
•
•
er ov sc
Takes action based on outcome of policy check or behavior
Ste
p 4: R e m e diate
22
NETWORK SECURITY
St
ep
3:
Enf
orce
McAfee supports a continuous lifecycle of access control for compliance.
Defines health, machine/user identity, and application policy
ni St e p 5: M o
Monitors endpoint to ensure ongoing compliance
Checks pre- or post-admission health against policy
to
r
McAfee Network Security Manager
Simple, centralized control for multiple types of McAfee network sensors McAfee Network Security Manager gives you real-time visibility and control over a complete range of McAfee network appliances, including intrusion prevention system (IPS) sensors, network threat behavior analyzers (NBA), and network access control (NAC) appliances. With its plug-and-play operation, easy-to-use functions, and web-based management, McAfee Network Security Manager saves you time, trouble, and operating costs. Real-time control of real-time data Unrivaled simplicity teams up with centralized, real-time security management. McAfee Network Security Manager enables you to configure, deploy, and manage multiple McAfee IPS, NBA, and NAC appliances through a single, easy-to-use console. A single Network Security Manager appliance delivers centralized, web-based management and unrivaled ease-of-use. The stateof-the-art console puts you in control of real-time data to easily manage and monitor all network security appliances and make better decisions, faster. Pre-configured, but flexible, management Pre-installed and pre-configured, this hardened, plug-and-play appliance ensures scalable, real-time, always-on control. The intuitive web-based management interface can handle any situation, from single devices up to large, distributed, enterprise-wide deployments. It delivers comprehensive and in-depth attack information, as well as highly customized graphical reports. When you discover inappropriate traffic, you can move quickly to identify and correct problems on hosts. McAfee ePO integration provides real-time visibility of actionable system host details, including host name, user name, OS, patch level, media access control (MAC) address, last scan date, protection details, and the top host IPS, anti-virus, and anti-spyware events. The central McAfee ePO repository lets you synthesize and filter data from multiple tools to create custom reports. McAfee Network Security Manager and McAfee Network Security Central Manager are available as pre-configured, hardened appliances or software only, providing the flexibility required for small networks, global enterprises, and high-traffic data centers. Secure access to the Network Security Manager empowers remote management of sensors. Strengths
• •
Simple, granular security policy management Easy-to-use, pre-configured templates, recommended-for-block policies, and out-of-the-box blocking Highly flexible and customizable reporting
•
NETWORK SECURITY
23
McAfee Network Security Platform
Advanced, proven intrusion prevention for every networked device McAfee Network Security Platform protects every network-connected device by blocking attacks in real time before they cause damage. This network-class, vulnerability-based intrusion prevention (IPS) appliance offers the highest tested accuracy and throughput in the industry¹ and protects an average of 80 days ahead of threats. We combine IPS, application and protocol anomaly, and behavioral detection to guard against zero-day, DoS, DDoS, known exploits, SYN flood, and encrypted attacks, plus threats like VoIP vulnerabilities, and IM and peer-to-peer tunneling. McAfee Network Security Platform can also quarantine hosts, manage application traffic, and — through optional NAC software — control network policy and enforce compliance. Better protection, better response Enabled by McAfee Global Threat Intelligence, the platform offers real-time malware detection — via file reputation — and reputation and identity analysis — via network connection reputation — to protect against emerging threats. These dynamic updates ensure continuous, current protection. When McAfee detects an issue, such as a host that has become a bot, you can use McAfee ePO to quickly identify the system and take action, viewing host data such as protection details and the top host IPS and anti-malware events. An end to patch fatigue and compliance enforcement woes McAfee helps you insulate systems from risk and enable compliance with the same controls. It gives you the information and time you need to assess and enforce compliance, validate new patches, and deploy patches to the systems that really need them. You can control traffic and apply unique policies and protections to a network segment, a set of hosts, or even a single endpoint. The optional NAC module controls which devices get access to the network, including unmanaged devices belonging to guests and employees, and validates and enforces system health. On-board host quarantine helps you contain threats. Choose from a range of hardened, purpose-built appliances and experience performance from 100Mbps up to true 10Gbps network IPS for 10GbE networks — with 99.999 percent availability — for locations from the network core to the perimeter, edge, and branch office. Strengths
• • •
Industry-leading default and tuned security effectiveness¹ The only IPS to hold the NSS Labs 10-Gigabit IPS certification Carrier-class reliability and the highest port density platforms available
¹ “Intrusion Prevention Systems Individual Product Test Results,” NSS Labs, 2010.
24
NETWORK SECURITY
McAfee Network Threat Behavior Analysis
Network-wide threat visibility and anomaly detection for enterprises Attacks target your weak spots. As your network changes and grows more intricate, threats within your network — anomalous activities, targeted attacks including DDoS, and botnet zombies — require special attention. Gain insight into your evolving risks by seeing the full context of threat events, including the correlation of anomalies with host data and intrusion prevention system (IPS) alerts and forensic-quality threat behavior data. The McAfee Network Threat Behavior Analysis (NTBA) appliance reports unusual network behavior by analyzing traffic from network switches and routers called flow data (like NetFlow) and correlating this data with Layer 7 application information from the McAfee Network Security Platform. A single NTBA sensor efficiently collects traffic from the entire network, or large segments of the network, for cost-effective, network-wide visibility. In real time, it reviews host and application behavior to detect unknown threats including worms, zero-day threats, spam, botnets, and reconnaissance attacks traversing your network. When bandwidth use spikes, instead of poring through logs, you can instantly assess the threat: perhaps a denial-of-service attack, a worm, or innocent video traffic. Maximize Coverage and Value Graphical views help you know with confidence how well you are mitigating risks or pinpoint network segments and threat vectors that need a boost in protection. You can even detect and shut down unauthorized or vulnerable applications through NTBA integration with the McAfee Network Security Platform (IPS), McAfee Network Access Control, and McAfee ePO. Behavior analysis increases the value and utility of your other infrastructure. Comparing live traffic to normal baselines helps you identify and verify unusual network behavior. This appliance is an out-of-band network device, so it is minimally invasive. To reduce management complexity, use the McAfee Network Security Manager to control McAfee NTBA, NAC, and IPS sensors. Integration with McAfee ePO and McAfee Vulnerability Manager helps you enforce policies and act quickly to reduce risk when threats change. Strengths
•
Proactive, behavior-based threat detection to avoid network penetration and disruption of business operations and productivity Supports switches and routers from Cisco, Juniper, and Extreme Networks for cost-effective monitoring of network segments without IPS or firewalls Fully equipped with quad-core processors, RAID disk array, Gigabit Ethernet connectivity, distinct flow capacity, and offline SAN storage
•
•
NETWORK SECURITY
25
McAfee Network Threat Response
Deconstruct, analyze, and respond to previously unknown network malware When targeted attacks threaten your network, use specialized tools to see the threats unique to your environment. McAfee Network Threat Response (NTR) enables security analysts to dig deep into threats, confirm attacks, construct forensic analysis, and effectively characterize and respond to advanced malware, choosing the response most effective for each organization. Analyze unknown threats and targeted attacks This out-of-band appliance captures, deconstructs, and analyzes malware specific to your network. A powerful tool for security analysts, it automatically identifies malware targeting internal network vulnerabilities, detects shellcode, and instantly collects and analyzes a sample to aid remediation. Instead of sifting through thousands of threat alerts, you can rely on NTR: when it discovers both a vulnerability and a means to exploit it in the same stream, it confirms the attack. The McAfee NTR appliance sits inside your network and streamlines the forensic threat analysis process. First, McAfee NTR finds new network activity unique to your network. It detects malware activity in real time, even decoding polymorphic encoders and discovering malware payloads embedded inside otherwise innocuous PDF files. A web dashboard provides visibility into discovered malware. Confirm and characterize attacks For confirmed attacks, McAfee NTR analysis helps you better characterize the malware, how it entered your network, is operating, and trying to spread. We dissect payloads to identify, reverse engineer, and label malware and bots and can recreate the series of packets that attempted to conceal the threat. Finally, McAfee NTR helps you update your security posture by capturing malware and automatically sending samples to the McAfee Global Threat Intelligence network. Updated .DAT files move out to all protected systems within minutes. These shared signatures bring the full power of McAfee Labs research to McAfee NTR. Strengths
•
Ever-expanding SNORT-compatible signature database with support for custom signatures Easy integration with McAfee network security solutions for multi-pass analysis of embedded network threats Streamlined web-based management
•
•
26
NETWORK SECURITY
McAfee Content Security
Guard critical data and protect web and email productivity, whether users are in the office or working remotely. McAfee SaaS and on-premises solutions integrate intelligent and flexible control to weave strong—but manageable— content security into your existing architecture.
Content Security
Let Security Remove Barriers to Business
You can safely embrace Software-as-a-Service, cloud computing, business use of Web 2.0 applications, and employees using personal devices. Simply protect your precious data and crucial email and web services with McAfee Content Management.
•
Data protection—Safeguard regulated and sensitive data from unintended disclosure, unauthorized use, and loss. Using built-in data mining features, strong identification, authentication, and policy-driven security controls, McAfee removes the complexity and manual analysis from data loss prevention, making it easy to identify potential problems and fine-tune policies. Encryption—Protect data across a broad range of devices, preventing information loss and data theft. Powerful encryption technology stops unauthorized access to data and delivers layers of protection for desktops, laptops, network files, mobile devices, virtual disks, and removable media. With McAfee encryption solutions, you can safely exchange information with partners, keep employees productive, and streamline policy enforcement. Email and web protection—Sensitive data can easily escape through email and the web. With powerful inspection of inbound and outbound traffic, McAfee protects against this data loss. We stop spam, phishing attempts, and web-based malware, foiling cybercriminals who combine email and web technologies to install data-stealing code.
•
•
Content Security
Match Protections to Your Business
Our solutions scale from small businesses to large enterprises and fit into your evolving architecture as software, appliances, or SaaS. The products grouped below appear in alphabetical order in the pages that follow.
Data protection McAfee Data Loss Prevention McAfee Device Control McAfee Total Protection for Data Encryption McAfee Command Line Encryption McAfee Encrypted USB McAfee Endpoint Encryption Email and web protection McAfee Content Security Blade Server McAfee Email and Web Security Appliance McAfee Email Gateway McAfee SaaS Email Archiving McAfee SaaS Email Encryption McAfee SaaS Email Inbound Filtering McAfee SaaS Email Protection McAfee SaaS Email Protection and Continuity McAfee SaaS Total Protection McAfee SaaS Web and Email Protection McAfee SaaS Web and Email Security with Archiving McAfee SaaS Web Protection McAfee Security for Email Servers McAfee SiteAdvisor Enterprise McAfee SmartFilter McAfee Total Protection for Internet Gateways McAfee Total Protection for Secure Business McAfee Web Filtering for Endpoint McAfee Web Gateway Check www.mcafee.com/contentsecurity for the latest information. 32 33 50 30 36 37 31 34 35 38 39 40 40 41 42 43 44 45 46 47 48 49 51 47 52
CONTENT SECURITY
29
McAfee Command Line Encryption
Transfer and store your sensitive files securely Your data is the lifeblood of your business. Files with sensitive data need to be protected in transit and in storage for true end-to-end security. Enterprises that routinely exchange sensitive customer information or intellectual property with branch offices, vendors, and business partners need to keep confidential data and applications safe and secure. More than half of all Fortune 500 companies rely on McAfee E-Business Server for secure file transfer and storage. McAfee E-Business Server McAfee E-Business Server incorporates the industry’s strongest encryption algorithms, including Triple-DES CAST, IDEA, AES, Blowfish, and the Twofish Cipher Algorithm. It secures data as it is transmitted over the Internet and throughout your enterprise, eliminating the need for costly solutions such as leased lines and VPNs. By securing data automatically, companies consistently protect sensitive data, reduce labor costs, and eliminate human interaction errors. An application-layer approach to encryption McAfee E-Business Server — a fully integrated application-layer approach to encryption — simplifies the process of ensuring end-to-end data security. Using a simple command-line interface or natively within an application, developers and administrators can protect data throughout its lifecycle: from its point of origin to data processing and storage. You can secure data within automated and batch processes (for file transfer, remote archive, and transactions) and in standard or proprietary applications. Most importantly, you can protect the privacy of data in storage, during access, and in transit over the Internet, providing true end-to-end security. We support the OpenPGP standard, along with most major certificate authorities, so you can securely exchange information with more partners. In addition, because E-Business Server supports self-decrypting archives (SDA), you can even share secure data with partners that do not have encryption. Since these products are transfer protocol independent, companies can easily add encryption into existing processes, independent of their preferred transfer method. Additional configurations for flexible control over data
• • • •
McAfee E-Business Client McAfee E-Business Server for OS/390 McAfee E-Business Server Native APIs McAfee E-Business Server Partner Edition
30
CONTENT SECURITY
McAfee Content Security Blade Server
Highly scalable email and web security Large enterprises require high performance and throughput, of course, but they also have special requirements for availability and manageability. Performance and high availability for your security solutions McAfee Content Security Blade Server is the ultimate platform to host your email and web security solutions. McAfee Content Security Blade Server gives large enterprises and providers the functionality, scalability, and performance they need to implement top-rated email and web security solutions from McAfee. These McAfee solutions on the McAfee Content Security Blade Server bring a new level of protection, performance, and enterprise-class manageability. With plenty of capacity, simply add new blades as your requirements increase. Each blade is automatically installed and configured for its intended purpose (email or web scanning). Go green while reducing operating costs Our security technology plus the HP BladeSystem infrastructure creates an intelligent, integrated web and email security system that takes advantage of the blade server’s inherent capabilities: operational efficiency, scalability, and reliability. The blade enclosure integrates server, storage, networking, and power management into a single solution managed as a unified environment. It automatically responds to fluctuating traffic demands and system status and incorporates wire-speed load balancing for traffic distribution and fault tolerance. And it uses up to 40 percent less power and 40 percent less space when compared to equivalent 1U rack-mounted servers. The McAfee Content Security Blade Server combines many web and email protections and access control features that would otherwise require multiple stand-alone products. You can protect email or web infrastructure separately or cover both with a single system. Combining functionality this way streamlines management and ensures policy enforcement without gaps. Strengths
• •
Choice of eight blade or sixteen blade enclosures Redundant power supplies, fans, and management blades prevent downtime Increase capacity in minutes, without service disruption, by sliding in a new blade Overall system status displayed in convenient at-a-glance dashboard Flexibility to turn on different email and web features when you need them, such as URL filtering, SSL scanning, and content inspection
•
• •
CONTENT SECURITY
31
McAfee Data Loss Prevention
Follow the data — see what you are missing As increasing regulation and corporate standards place more demands on IT to ensure safe data handling, deployment of the necessary protective solutions can seem daunting. Some data loss prevention solutions can be difficult to deploy and expensive to own. McAfee Data Loss Prevention (DLP) simplifies and improves security for your sensitive information by giving you insight about where data is stored, how it is used, and who has access to it. With McAfee DLP, you can protect data consistently, safeguard information sent to third parties, and prove compliance with less effort. While you enjoy the highest levels of data protection, you will be saving time and money with centralized deployment, management, and reporting. A foundation for complete data protection Through our easy-to-own solution and streamlined management platform, McAfee DLP enables you to be proactive about data protection, implementing effective data protection quickly, without disrupting business. Unique analytics keep you ahead of threats, illustrate data flows, and explain your organization’s data use, enabling you to create accurate and effective information protection policies, without months of disruptive trial and error. Real-time network traffic inspection guards sensitive data that you may not realize you possess. McAfee DLP can secure all sensitive data wherever it is stored or used. It integrates with other McAfee products — encryption, email, and web security — for complete data security from the USB drive to the network firewall. To protect your data beyond your network, we offer tight integration with Adobe LiveCycle Rights Management. Pre-integrated solutions deploy in just days Deploying and managing McAfee DLP is simple. Our approach makes it easy to roll out protection quickly and drive down deployment costs. You manage the process through the McAfee ePO platform, a single console that supports a centralized overview and delegated control. Our DLP solution includes:
• • • • • • • •
McAfee Network DLP Discover McAfee Network DLP Monitor McAfee Network DLP Prevent McAfee Network DLP Manager McAfee Host Data Loss Prevention McAfee Device Control McAfee Data Protection Suite for Rights Management McAfee Total Protection for Data
CONTENT SECURITY
32
McAfee Device Control
Fine-grained control over removable media devices on your network USB drives, MP3 players, CDs, DVDs, and other removable media — however useful — pose a real threat to your organization. Their small size and enormous storage capacity make it all too easy for confidential customer data and intellectual property to walk right out the front door and into the wrong hands. Theft is not the only risk; even the most well-intentioned employees accidentally lose devices. Now you can monitor and control data transfer to portable storage devices to improve compliance with data control policies and regulations. McAfee Device Control guards against critical data leaving the corporation through USB flash drives, iPods, CDs, DVDs, Bluetooth and IrDA devices, and other removable storage devices that can connect to desktops and laptops. Targeted, automatic enforcement of detailed device and data policies With wholesale blocking, you frustrate users and constrain productivity. Instead, our granular controls let you specify and categorize which devices may or may not be used and enforce what data can and cannot be transferred to these devices. You quickly and easily configure, deploy, and update policies and agents throughout your environment from the centralized McAfee ePolicy Orchestrator management console. For accurate, reliable control, you can define detailed hardware-based filtering, monitoring, and blocking. Our complete device management lets you enforce devices by any Windows software-based device parameter, including product ID, vendor ID, serial numbers, device class, device name, and more. If you need hardware-based encryption, you can specifically limit use to devices that include approved encryption. This unrivaled protection helps you protect all data, formats, and derivatives even when data is modified, copied, pasted, compressed, or encrypted. Strengths
• • • • •
Fine grained device definitions Content and context-aware protection Centralized policy deployment and management with McAfee ePO Easy upgrade to McAfee Host Data Loss Prevention Visibility, control, and user- and device-level logging to support compliance
CONTENT SECURITY
33
McAfee Email and Web Security Appliance
Inbound security, outbound protection Much more than a spam and malware filter, the McAfee Email and Web Security Appliance combines market-leading email protection with data loss prevention, policy-based controls, and advanced reporting. Powered by McAfee Global Threat Intelligence, the McAfee Email and Web Security Appliance is always armed with the latest, proactive defenses against both known and unknown threats. Highly scalable to meet the demands of the most demanding enterprises, yet easily managed, the McAfee Email and Web Security Appliance provides the highest level of email security available with a perfect blend of simplicity and sophistication. Inbound security Great email security starts with efficiently blocking inbound spam and threats. With the McAfee Email and Web Security Appliance, you do not have to choose between effective spam blocking and low false positive rates; you get them both. With its extremely low rate of false positives, McAfee Email and Web Security Appliance keeps the spam out while delivering legitimate email accurately. Outbound protection Outbound hygiene and content inspection of email are critically important. Infected systems within your network cause your organization to be blacklisted. Sensitive or regulated data leaving via email can also have huge negative implications. McAfee Email and Web Security Appliance inspects outbound traffic, identifying policy-controlled content and stopping outbound messages that could negatively affect your corporate and email reputations. McAfee Global Threat Intelligence Cloud-based sender reputation provided by McAfee Global Threat Intelligence enables the solution to make rapid decisions about the email, identifying threats and unwanted email at the connection, message, and file levels. Reputation scrutiny enables the McAfee Email and Web Security Appliance to more efficiently and accurately block or quarantine email, making the solution extremely effective, with maximum performance. Strengths
• • •
Scalable, high performance email security appliance The most effective spam filter with the lowest false positives Built-in content dictionaries, and document fingerprinting for simplified compliance and data loss prevention Integrated web filtering and anti-virus
•
34
CONTENT SECURITY
McAfee Email Gateway
Comprehensive protection from email-borne threats and email data loss The scale and diversity of email-borne security threats continue to increase. While threats such as spam were once considered merely nuisances, they now seek to steal data and deploy malware. Email is also a primary vector for sensitive data loss. Effective email security should address both inbound and outbound threats while lowering costs and reducing the burden of administration. The industry’s most complete feature set — at no additional cost McAfee Email Gateway integrates comprehensive inbound threat protection with outbound data loss prevention, advanced compliance, encryption, detailed reporting, and simplified administration. Combining these features into a single, easy-to-deploy appliance simplifies fragmented, multivendor security environments and cuts operating costs while strengthening messaging security. Protection from email-borne threats The McAfee Email Gateway identifies and blocks incoming spam with over 99 percent accuracy while providing integrated protection against viruses, malware, phishing, directory harvest, denial of service, and bounceback attacks. It prevents zero hour threats and dramatically reduces the impact of spam surges through dynamic spam classification and threat updates combined with global, multi-protocol reputation intelligence. Simplified compliance, easy administration Sophisticated content scanning technologies, multiple encryption techniques, and granular, policy-based message handling prevent outbound data loss and simplify compliance. Administrators have the flexibility they need to create policies to fit each business, increasing the value and precision of email controls. Upon detection, the gateway supports a wide range of policy-based actions including forced encryption, alerting, re-routing, quarantining, and blocking. Enterprise-class logging and reporting simplify administration and compliance. The gateway integrates with McAfee ePO for centralized reporting and alerting. Strengths
• •
99 percent or better spam detection accuracy Protection against email-borne threats such as malware, phishing, directory harvest, denial of service, and bounceback attacks The industry’s most extensive on-box data loss prevention detects structured and unstructured data to reduce data loss and enable regulatory compliance Gateway-to-gateway encryption with TLS, S/MIME, and OpenPGP included Integrated, on-box encryption for sending encrypted email to end users
•
• •
CONTENT SECURITY
35
McAfee Encrypted USB
Secure mobile devices with built-in access control and encryption USB devices are widely used and convenient because of their small size, huge storage capacity, and high portability. However, with convenience comes risk. These devices, along with the confidential data they contain, are easily lost or stolen. To make the data on these devices unreadable by unauthorized parties, McAfee Encrypted USB drives keep mobile data secure, applying strong encryption and an advanced management platform. Automatic, industry-leading encryption McAfee Encrypted USB drives encrypt data transparently, automatically, and on the fly, with no special training required. Data stored on your USB drives is protected and compliant with company policies, and with industry and government regulations. Our drives protect sensitive information with industry-leading technology: AES-256 encryption and FIPS-140-2 validation. Because of our hardware-based encryption, encryption keys cannot be obtained or copied, because they never leave the USB drive. Advanced management with proof of encryption if lost or stolen Efficient security requires you to extend company security policies and compliance requirements to mobile USB drives in a strategic, comprehensive, and managed way. With McAfee ePolicy Orchestrator (McAfee ePO), you centralize deployment, management, policy administration, monitoring, reporting, and auditing. Extensive auditing and reporting tools allow you to prove that data on devices was encrypted, even if a device is lost or stolen.
McAFEE ENCRYPTED USB BY SANDISK McAFEE ENCRYPTED USB STANDARD McAFEE ENCRYPTED USB BIO McAFEE ENCRYPTED USB HARD DISK NON-BIO McAFEE ENCRYPTED USB HARD DISK
Password Authentication Biometric Authentication AES-256 Bit Hardware Encryption Virtualization Capable (PC-on-a-Stick)1 FIPS 140-2 validated Centralized management via McAfee ePO2 McAfee Anti-Malware Protection
•
•
• •
•
• •
•
•
•
•
•
Optional Optional Optional Optional Optional
•
• •
•
•
•
•
•
•
•
•
1 Third-party software required at additional cost. 2 McAfee Encrypted USB Manager software is optional and provided for non-McAfee ePO customers and digital identity options. 36 CONTENT SECURITY
McAfee Endpoint Encryption
Ironclad security for lost or stolen devices, anytime, anywhere Rarely does a month go by without an organization revealing the loss or theft of a laptop brimming with sensitive data. Piecemeal and full-disk-only encryption solutions leave security holes and complicate management and reporting. With over 6,000 customers around the globe, McAfee is the leading vendor of encryption software. McAfee Endpoint Encryption prevents unauthorized access to sensitive data through industry-leading encryption technology and strong access control. Multiple layers of protection let us cover more data loss scenarios than any other vendor in the marketplace. Heterogeneous device support McAfee Endpoint Encryption provides full-disk and file/folder encryption that supports your mixed, evolving range of devices: desktops, laptops, network files and folders, smartphones, removable media, portable storage devices, and self-encrypting and solid-state drives. Transparent policy enforcement Encryption happens transparently — on the fly — with virtually no system performance degradation. Single sign-on with pre-boot authentication gives users secure yet convenient access to the information needed to do their jobs efficiently. As a result, sensitive data remains protected regardless of how it is stored, used, or transferred, enabling business continuity anytime, anywhere. One management environment for endpoint and data Our solution offers real-time enforcement, tracking, and reporting of encryption status for every device in the environment from a single management console. A common agent and management platform with McAfee endpoint security products helps ensure dramatically lower operational costs and administrative overhead. A single policy architecture for data protection and endpoint security makes it easier to implement and prove compliance as regulations get more stringent. Strengths
•
Supports software-based encryption, plus self-encrypting and solid state drives Consistent administration and policies for any mix of devices in the environment Support for hardware acceleration based on the Intel AES-NI technology Persistent encryption requires no end-user action or file renaming
•
• •
CONTENT SECURITY
37
McAfee SaaS Email Archiving
Limitless storage, powerful e-discovery, no hardware required A business that relies on email can easily generate thousands of new messages every day, constantly jeopardizing its ability to economically and efficiently store email at its site. With hardware-based solutions, such as tape backup, companies must spend hours managing onsite servers to provide continuous maintenance, often with coverage gaps between backups. Secure archival at our site, not yours McAfee SaaS (software-as-a-service) email archiving automatically, safely, and economically stores email for future review and e-discovery on McAfee infrastructure, at our site. It works by securely pulling messages from your mail server journal and storing them using industry-standard 256-bit encryption. Confident responses to e-discovery requests When you need to recover a stored email message in response to an e-discovery request, to demonstrate compliance, or simply as an accurate record of who said what to whom, you need to produce that message as quickly as possible. With the McAfee SaaS email archiving service, you can easily access a single message — or thousands — in seconds, using either simple or advanced search criteria, including user, date range, message content, and even attachment content. Simple online management provides rapid search functionality, data exporting options, and common email configurations to satisfy discovery needs and reduce administration. For example, through our unified management platform, service administrators can easily set up and view multiple saved searches, with unparalleled ease. Strengths
•
Secure, automated email archiving to McAfee data centers helps you manage your Microsoft Exchange database size and reduce your maintenance burden Unlimited in-the-cloud storage allows scalability and helps you easily comply with document retention regulations Easy online management and powerful search tools help you quickly satisfy discovery needs Flexible licensing options minimize maintenance time and capital expenditures Included technical support helps resolve any issues around the clock
•
•
•
•
38
CONTENT SECURITY
McAfee SaaS Email Encryption
Cloud-based encryption to secure confidential information delivery With one innocent click sending one simple email, years of product research, valuable intellectual property, and billions of dollars in account data can be lost. An easy to use, cloud-based encryption solution, McAfee SaaS email encryption helps businesses meet regulatory compliance and ensure secure confidential information delivery. It enables both sender and recipient to communicate securely. As Security-as-a-Service, this cost-effective encryption solution does not need any upfront investment in additional hardware or software. Easy encryption for business users on the go Available only as an add-on to our McAfee SaaS email outbound filtering service, McAfee SaaS email encryption is easy to use, even through mobile devices. Senders simply compose an email and send it. If it matches a policy set by the administrator, we scan and encrypt the content, automatically and transparently, behind the scenes. End users also have the option to initiate encryption proactively by entering “[encrypt]” in either the subject line or the message body to force encryption. To decrypt messages, a recipient can retrieve the message from the web-based message pick-up portal, or they can download a secure message reader, which enables viewing of the message directly through the recipient’s email client. And, when they reply, the message can also be encrypted, providing bidirectional protection. We require no encryption key management, and with our centralized online SaaS management, administrators can manage end-user credentials and pre-configure multiple encryption policies for all user groups. Strengths
•
Cloud-based encryption to comply with regulations and ensure secure confidential information delivery Enables both your senders and recipients to communicate securely and easily, even when using mobile devices Policy-based (passive) or sender-initiated (active) encryption Centralized management is easy-to-use and simple to administer No encryption key management
•
• • •
CONTENT SECURITY
39
McAfee SaaS Email Inbound Filtering McAfee SaaS Email Protection
Block inbound and outbound email-borne attacks in their tracks Deploy this effective, reliable, fully Software-as-a-Service email security outside your network to quickly and accurately prevent over 99 percent of spam, phishing scams, viruses, and other harmful content from entering your network — without installing any hardware or software. Our redundant data centers, with industry-leading availability, work non-stop as a first line of defense to protect your email infrastructure and safeguard your communications and information integrity. Lower infrastructure costs by filtering email in the cloud Compatible with all major email platforms, McAfee SaaS email solutions provide either inbound only, or inbound and outbound protection. It raises the level of your messaging security without capital expenditures, set-up fees, or costly installs. Your email is routed through the McAfee SecurityCenter where it is scanned and cleaned before being delivered, with less than one second of delay in transit. McAfee does all the work of keeping the system up to date with the latest anti-virus and anti-spam signatures and detection methods. Our set-andforget management experience, accessible online, lightens your workload while cutting the burden on your email server and keeping unwanted email from clogging your network. With McAfee SaaS Email Protection, we add insurance to your network and email server so you have full confidence no incoming email is lost during planned or unplanned downtime. Incoming emails are automatically spooled, and upon recovery, unspooled back to your email server. Knowing what goes out is just as important as knowing what goes in Some emails contain confidential information, some contain malware, some are spam sent from an infected machine on your network. McAfee SaaS Email Protection provides the outbound protection needed to rein in these risks and protect your business, whether the sender’s intent is malicious or benign. Strengths
•
Real-time threat checking of inbound or outbound emails in the cloud using McAfee Global Threat Intelligence Centrally managed via the online SaaS management console Enforces corporate email policies while safeguarding users, customers, and partners Disguises your email server to thwart attacks, while we block or quarantine spam, viruses, phishing, directory harvest attacks, mail bombs, and DOS attacks
CONTENT SECURITY
• •
•
40
McAfee SaaS Email Protection and Continuity
Keep your business connected and secured with email protection Email is today’s engine of productivity as thousands of email messages pass through a typical company’s servers every day. With all that email traffic, managing email to reduce spam and to ensure uptime becomes a huge task that continually diverts IT resources from strategic work. Email outage protection guards your business against downtime Protect your users, IT infrastructure, and knowledge assets while ensuring business continuity and compliance with McAfee SaaS Email Protection and Continuity. This suite is a cloud-based solution that blocks unwanted email before it reaches your network, supports outbound email security policies, and ensures email access even when your server is unavailable. In an outage, all inbound and outbound email is filtered via McAfee, and all email is spooled until connectivity is restored. Your users will have “business as usual” access during this period, including the ability to compose, reply to, and delete messages. When connectivity is reestablished, McAfee intelligently synchronizes all sent, received, and deleted email back to the primary system. You achieve this protection and business continuity with no hardware to buy, no software to install, no tapes to change, and no maintenance to perform. Strengths
•
Security-as-a-Service ensures inbound and outbound email availability and email business continuity protection even during a server outage In-the-cloud protection blocks more than 99 percent of spam and malware before it reaches your network Automatic outbound email inspections keep your business compliant with regulatory and workplace requirements Continuous email storage, access, and use Streamlines email management with a web-based portal — no need for tape backups or onsite infrastructure
•
•
• •
CONTENT SECURITY
41
McAfee SaaS Total Protection
Complete email and web protection, endpoint security, and vulnerability scanning Looking for complete protection from the cloud? McAfee SaaS Total Protection offers best-in-class security that leverages the power of cloud computing to deliver comprehensive and cost-effective protection for endpoint, email, web, and network. Integrated, cloud-based security Get a single integrated suite that provides all the benefits from the McAfee SaaS email, endpoint, vulnerability management, and web protection solutions — all hosted by the McAfee management infrastructure. Subscribe to McAfee SaaS solutions, infrastructure, expertise, and 24/7 Gold support to improve your security, cut your capital expenditures, and free your IT staff to focus on other areas critical to your business. Our best-in-class SaaS solution maximizes your protection from the cloud and enables your success with a centralized management console, the McAfee SecurityCenter. The SecurityCenter provides total visibility with 24/7 access to an easy-to-use, online dashboard to view user protection, customize security policies, and generate and download reports. Strengths
•
An integrated Security-as-a-Service suite that eliminates the high costs of onsite hardware maintenance and investments Endpoint protection stops viruses, spyware, hackers, and intrusions and provides web security Inbound and outbound email filtering blocks spam and phishing attacks Email continuity ensures email access even when your server experiences an outage Host-based and cloud-based web filtering blocks online threats and ensures Internet compliance and productivity for users on and off the corporate network Perimeter scanning helps identify potential vulnerabilities or security issues and provides remediation assistance
•
• •
•
•
42
CONTENT SECURITY
McAfee SaaS Web and Email Protection
Fend off blended threats, Web 2.0 malware, and lost productivity Thousands of companies trust McAfee to protect their most critical productivity tools: web and email. McAfee SaaS Web and Email protection combines superior, integrated defenses with convenience and control to help you worry less while your team is more productive. This integration of inbound and outbound filtering and anti-malware blocks spam, strips threats, reduces risky and unproductive surfing, and saves you money. Our experts do all the work, saving you time while enhancing your security. Block hard-to-detect threats before they reach your network By routing your web and email traffic through our data centers, we are able to insert our best security between you and these threats. Our rich scanning infrastructure compares each email and each web page’s active content to our extensive file and URL reputation databases. We assess intent or predicted behavior, and then proactively protect against unknown malware, viruses, worms, Trojans, phishing sites, and targeted attacks. As your users access web pages, we scan outbound requests, blocking connections to risky or policy-controlled sites. We can stop keyloggers phoning home with your sensitive information and strip out objectionable or regulated content, including adult content. With over 100 categories to choose from, our web filtering is unmatched in flexibility, accuracy, and security. We can also enforce Internet use and content policies by applying access rules to web and email traffic. Ensure email availability and protection McAfee SaaS Email Protection blocks over 99 percent of spam and eliminates 90 percent of spam-related costs with a complete, multilayered email defense — and industry-leading low false positive rates. If your network or email server goes down, whether through disaster or design, our service keeps your employees, customers, partners, and suppliers connected 24/7. Strengths
•
Convenient subscription replaces the up-front costs and daily expenses of on-premises security McAfee Global Threat Intelligence protects in real time Complete inbound and outbound web and email protection Reliable email access during planned and unplanned server outages Integrated web management portal speeds start-up and management Web-based dashboards allow easy monitoring, tuning, and reporting Leading anti-malware and anti-virus engines
• • • • • •
CONTENT SECURITY
43
McAfee SaaS Web and Email Security with Archiving
Nonstop security, compliance, and availability for critical applications Let the cloud lighten the burdens of email and web security, email retention, and email continuity. McAfee SaaS Web and Email Security with Archiving combines multiple critical services into a single, convenient subscription. Real-time, reputation-powered email and web controls By scanning each email and each web page’s active content and understanding its intent or predicted behavior, McAfee proactively protects your whole network, even roaming users. We fend off unknown malware, blended threats, phishing sites, and targeted attacks hidden in email and websites. With over 100 categories to choose from, McAfee web filtering is unmatched in flexibility, accuracy, and security. We link policies directly to user groups defined in your directory, automatically applying access rules to all policy-controlled web traffic. Web-based dashboards allow easy visibility into inappropriate Internet use that saps productivity, consumes resources, and can present legal liability. Twenty layers of filtering trap malware and spam before it places your systems and user productivity in jeopardy. Our complete solution shields your network and messaging gateways from email attack and blocks over 99 percent of spam. Automatic engagement and synchronization for seamless continuity Whenever the network is inaccessible, our service keeps your employees, customers, partners, and suppliers connected 24/7. Users browse to our secure, easy-to-use web interface to send, receive, search, and manage emails. The service retains all messages sent or received during the outage, and returns them back to the email server when it becomes available. Secure archival for compliance and data management McAfee SaaS email archiving automatically, safely, and economically stores email at our site for future review and e-discovery. Powerful search tools support quick retrieval of emails, whether to demonstrate compliance or restore a lost message. By providing users easy access to archived emails, you minimize maintenance and gain control of database sizes. Strengths
• • •
Instant startup, no maintenance hassle, and a predictable cost Advanced analytics and reputation services block mutating threats Rolling 60 days of email continuity protection, with options to retain email archives for one or multiple years Built-in encryption during transport and storage Leading anti-malware and anti-virus engines
• •
44
CONTENT SECURITY
McAfee SaaS Web Protection
Comprehensive cloud-based security for a safe, secure network Web 2.0 has opened the door to sophisticated threats specifically designed to evade detection by traditional web security measures. McAfee SaaS Web Protection guards your team against infection, malicious infiltration, lost productivity, and corporate risk. Managed by professionals in cloud security, you gain effective, economical control over threats and undesired Internet use. Complete inbound and outbound protection When you redirect your web traffic to our load-balanced data centers, the traffic is scanned with state-of-the-art security. Traffic that violates your policy is blocked before it can enter your network. Categories can be paired with your unique user communities to set policies against offensive, undesired, and unproductive use of the web. With over 100 categories to choose from, McAfee web filtering is unmatched in flexibility, accuracy, and security — including filtering of anonymizer sites built specifically to bypass filtering engines. Webbased dashboards and forensic analysis capabilities allow easy monitoring, tuning, and reporting for easy control over inappropriate Internet use. For permitted traffic, McAfee SaaS Web Protection uses sophisticated techniques to analyze the nature, intent, and behavior of a web page’s active content. This deep analysis lets us proactively protect against zero-day threats, unknown malware, blended threats, phishing sites, and targeted attacks, and lets us filter objects exhibiting questionable behavior within pages. Proactive reputation-based services updated in real time Instead of depending on static filtering that doesn’t keep up with changing websites and content, hundreds of threat researchers at McAfee Labs develop advanced analytics and reputation services to infer risk and act immediately to protect you. Near-zero latency, industry-leading uptime, and enterprise-class scalability ensure the performance and reliability you need to secure even the most demanding and distributed environments. If you already have on-premises web filtering, McAfee SaaS Web Protection is a great way to add industry-leading anti-malware capabilities, or to secure branch offices and mobile users. Strengths
• • • • • •
Easy to deploy with no hardware or software to buy, install, or maintain Accurate and granular filtering with more than 100 categories for flexibility Users experience secure, transparent browsing with no irritating latency Simplified 24/7 web management of policies and configurations Customizable alerts and dashboards for instant access to the data you need Enforces policies based on existing LDAP or Active Directory users
CONTENT SECURITY 45
McAfee Security for Email Servers
Robust content security for Microsoft Exchange and Lotus Domino servers An important component for comprehensive email security, McAfee Security for Email Servers serves as an additional layer of security by inspecting email on your email server. Because it plugs directly into your email server, McAfee Email Security for Servers can scan and automatically apply policy to internal email that your email gateway never sees. Unbeatable virus and threat detection McAfee Security for Email Servers uses the McAfee scanning engine to detect, clean, and block viruses, worms, Trojans, and other potentially unwanted programs. The cloud-based McAfee Global Threat Intelligence reputation service analyzes email sender addresses and domains, messages, embedded URLs, and file attachments. Reputation analysis helps McAfee Email Security for Servers accurately identify and quarantine undesired messages using minimal system resources, saving critical computing power for your email server’s number one job: delivering email. Content filtering You can filter messages based on size, message content, or attachment content. Many enterprises block or quarantine messages that contain controlled or sensitive contents in the subject, message body, or attachments. McAfee Quarantine Manager McAfee Quarantine Manager is a highly scalable centralized off-box quarantine server. Supporting multiple McAfee products and managed through McAfee ePO, it enables administrators to easily consolidate and manage email quarantines. Role-based administration, granular quarantines, and a brandable user interface offer ultimate control and quarantine flexibility. Manage your security simply Integration with McAfee ePO provides centralized configuration, policy management, and reporting. McAfee ePO automatically pushes out and implements your configuration changes and policy changes. Strengths
• • • •
Prevents viruses and spyware from traversing your internal network via email Protects Windows, Linux, and AIX email servers on 32- and 64-bit platforms Automatically enforces email usage and content policies Works in conjunction with McAfee email appliances to provide comprehensive email security with shared central management and quarantine
46
CONTENT SECURITY
McAfee SiteAdvisor Enterprise McAfee Web Filtering for Endpoint
Worry-free web browsing and blocking for business users While the Internet is a crucial business tool, cybercriminals are making it a dangerous one. Now you can allow employees to surf and search the web safely, using active technology to guide users away from malicious websites and shield them from online threats. Proactive safety information keeps users alert McAfee SiteAdvisor Enterprise lets you avoid restrictive policies that keep your employees from using the web for research and business projects. Your business users will have the freedom to surf online, protected from web-based threats such as spyware, adware, and phishing. Featuring an intuitive color-coded rating system — green, yellow, red, or gray for unrated — and the reputation intelligence of McAfee Global Threat Intelligence, McAfee SiteAdvisor Enterprise provides risk-aware protection at the desktop. Deploy and manage policies with ease Ready to deploy across your organization with McAfee ePO, McAfee SiteAdvisor Enterprise solutions install easily to protect all business users. You can customize the authorization or blocking of website access, view reporting, control messaging, assign actions based on safety ratings, and implement added protection for remote users — all to ensure policy compliance. Integrated URL and content filtering Unmanaged Internet access presents many challenges and introduces unnecessary risk. McAfee Web Filtering for Endpoint integrates with McAfee Site Advisor Enterprise to help organizations manage productivity, reduce legal liability, and improve bandwidth to make employee Internet use efficient and effective. McAfee customers who use McAfee Web Filtering for Endpoint and McAfee Web Gateway can take advantage of this integrated, gateway-aware solution to enforce the appropriate policy intelligently, whether the user is at a corporate office behind the McAfee Web Gateway or outside the network. Strengths
• • • •
Educates users for continuous protection against changing threats Prevents users from browsing to websites hosting malware or exploits Restricts and monitors employee web usage with superior content filtering Centralized management through McAfee ePO makes deployment, management, and reporting easy and efficient
CONTENT SECURITY
47
McAfee SmartFilter
Control and security for today’s web Today’s dynamic web environment offers significant opportunity for increased productivity and collaboration. However, expanded Internet use also often translates into inappropriate use of the web at work and associated productivity drains, legal liability, and significant security challenges for the enterprise. Malicious code and web-borne viruses can enter the network when users visit an infected website — without users even knowing. Comprehensive web filtering powered by McAfee Global Threat Intelligence McAfee SmartFilter software enables organizations to control how the web is used and easily enforce an Internet use policy, while protecting organizations from the viruses, malware, and other security risks associated with employee or student use of the Internet. With McAfee SmartFilter, you gain control. You can understand, filter, monitor, and block Internet use to reduce legal liability, maximize employee productivity, and preserve bandwidth for business. McAfee SmartFilter achieves its control and protection through the combination of reputation and category-based filtering. It incorporates McAfee Global Threat Intelligence web reputation, enabling your company to benefit from information about content sources and risks gathered across the entire Internet. Based on known behaviors, deviations from expected behaviors, and dynamic assessment of security risks, McAfee proactively and reliably detects risky sites hosting spyware, phishing, and malware. Through the millions of URLs McAfee processes each month, McAfee SmartFilter gives you the power to block the ubiquitous security threats of today’s dynamic web world. Safely enable web access in your unique working and learning environments Customizable controls with fine-grained options let you enforce Internet usage policies that match your organization: create unique policies for different users and groups, add categories, create block/allow lists, exempt certain URLs, and more. Strengths
• •
Includes solutions optimized for business and education Predefined filtering policies for over 35 million blockable websites in more than 90 categories Simple installation, centralized management, and precision reporting Comprehensive coverage of all categories for no additional cost
• •
48
CONTENT SECURITY
McAfee Total Protection for Internet Gateways
Comprehensive security for web, email, and data loss prevention Data protection is top of mind for many organizations, and interactive web technologies increase the risk of data loss and downtime. Effective protection patrols email and web interactions that might bring malicious code into your business or attempt to extract sensitive data over your network. Great protection, great value McAfee Total Protection for Internet Gateways protects against malware coming into your enterprise through email and web traffic, while it ensures that sensitive data does not leave in violation of government and corporate regulations. It combines three proven McAfee security solutions — McAfee Web Gateway, McAfee Email Gateway, and McAfee Network DLP Prevent — into one affordable, manageable solution. Inbound and outbound control over malware and sensitive data This combination gives you effective protection against inbound attacks, including web-based, blended, and targeted malware, while it keeps your email free of spam, phishing attacks, or other email-borne threats. Blocking this unwanted traffic increases productivity, frees up bandwidth, and cuts malware cleanup costs. For complete confidence and compliance, the solution includes outbound filtering and blocking. Throughout your entire enterprise, it safeguards both structured and unstructured data, protecting private data like credit card numbers and corporate intellectual property such as financial records, source code, or blueprints. Simplified management for lower total cost of ownership McAfee Total Protection for Internet Gateways bakes in all the efficiencies that are possible with hard-working solutions from a single vendor. Savings start with rapid deployment, policy configuration, testing, and scaling. We make administration easy with a simplified management footprint, nearzero-touch user-based authentication, one support contract, and automated malware and spam protection updates. Moreover, compliance reporting is straightforward, with deep micro-level forensics when you need them. Strengths
•
Number one rated anti-malware protection coupled with better than 99 percent spam detection Identifies and enforces policies on both structured and unstructured data McAfee Global Threat Intelligence protects against emerging threats
• •
CONTENT SECURITY
49
McAfee Total Protection for Data
Industry’s most complete data protection solution With today’s mobile devices and ever-connected work style, protecting confidential customer information — as well as your intellectual property — has to be job one. To secure your confidential data reliably, the McAfee Total Protection for Data suite provides strong encryption, authentication, data loss prevention, and policy-driven security controls. They prevent unauthorized access to your sensitive data — anytime, anywhere, for any device. The suite includes McAfee Endpoint Encryption (full-disk, file and folder, and removable media encryption), McAfee Host Data Loss Prevention, McAfee Device Control, and centralized management by McAfee ePO. Instead of managing separate point solutions, use a single environment to manage your deployment, define security policies, monitor flexible dashboards, generate reports, and maintain your data protection. Enterprise-grade encryption and device control To protect data at rest, full-disk encryption combined with strong access control protects sensitive data on all endpoints. Persistent file and folder encryption transparently encrypts the files and folders you choose, on the fly, before they move through your organization. Host data loss prevention allows you to monitor real-time events and apply centrally managed security policies to control how employees access and use confidential data. You can also monitor and control data transfer to portable devices, such as USB flash disks, iPods, DVDs, and Bluetooth devices. Unlike wholesale blocking of device usage, you can specify and categorize which devices may or may not be used and enforce what data can and cannot be transferred to these devices based on sophisticated content analysis. Improved visibility and efficient, centralized management As your business needs change, we help you understand evolving usage and adjust policies appropriately. Advanced reporting and auditing help your company better meet tough privacy mandates, demonstrate compliance, ensure safe harbor protection, and support prompt and proper audits. Strengths
•
Works even when data is modified, copied, pasted, compressed, or encrypted Enforces policies based on users and groups and synchronizes policies with Active Directory, Novell NDS, and PKI Encrypts files, folders, or devices without end-user action Logs every data transaction with forensic-quality, audit-ready details
•
• •
50
CONTENT SECURITY
McAfee Total Protection for Secure Business
All the critical elements of security a medium-sized company needs Free yourself from the headaches of managing multiple point products from multiple vendors. McAfee Total Protection for Secure Business has it all — the industry’s most comprehensive security in one easy-to-manage suite for endpoints, email, web, and data. It saves time, saves money, and provides a more powerful, integrated defense against the threats medium-sized businesses know about — and the threats you cannot see coming. Smart data, email, and web security, plus compliance In one solution, you get anti-virus, anti-spyware, desktop firewall, and host intrusion prevention, web security, and highly accurate spam detection for effective gateway blocking of malware. To protect your business from data loss, you can encrypt all data on laptops, desktops, and other mobile devices and prevent unauthorized use of removable devices, such as memory sticks. We also help you limit access to dangerous websites, block data-stealing malware, and enforce appropriate data usage policies. Save time and money Let McAfee simplify acquisition and deployment of the protections you need, with one purchase of one package from one trusted, proven vendor, with substantially lower licensing fees and support costs than if purchased separately. It eliminates the compatibility and maintenance issues associated with multiple point products and vendors. Instead, you gain better visibility, control, and comprehensive intelligence on your security posture. Strengths
• • • •
Instant, always-active threat protection from data-stealing threats Encryption and device control to prevent data loss Single, centralized management to streamline management and reporting Easy to choose, purchase, and manage the protections you need
CONTENT SECURITY
51
McAfee Web Gateway
Proactive web security for enabling secure web access As use of the web grows and evolves, solutions designed to block only “known bad” behavior and content — signature-based anti-virus and categoryonly URL filtering — cannot combat the full range of threats. McAfee Web Gateway, an industry-leading anti-malware solution, combines all the gateway security solutions you need to protect your web traffic. Our family of appliances offers reputation-based web filtering powered by McAfee Global Threat Intelligence, SSL scanning of encrypted traffic, data leakage protection, and anti-malware — all in a single appliance that is easy to afford, deploy, and manage. The unmatched anti-malware protection proactively blocks zero-day and blended threats, without waiting for a signature. Our appliances analyze the nature, behavior, and intent of all content and code on requested web pages, providing immediate protection against hidden threats. Fine-grained control stops threats such as infected iFrames, while still enabling access to the site. McAfee Web Gateway extends control to websites and applications as well. You can enable or disable specific functionality on a site, for instance allowing access to social media sites, but disabling access to games available through that site. Powerful safeguards against data loss We scan user-generated content on all key web protocols to prevent confidential or suspicious information from leaking out of your enterprise through social media, blogs, wikis, and other web-based applications and sites. We can even stop infections phoning home. Enterprise-class performance and manageability Our high-performance, enterprise-strength proxy appliances provide the caching, authentication, administration, authorization controls, and built-in clustering and availability required by today’s agile enterprises. Management is easy with web filtering, anti-malware, anti-spyware, SSL scanner, and other protections administered securely from a single point using a single set of policies. View McAfee Web Gateway data in McAfee ePO or take advantage of additional reporting capabilities that offer real-time dashboard views with extensive drilldowns and powerful off-line reporting. You can minimize operational effort — including policy tuning — and support compliance. Strengths
• •
Proactive, layered protection on all traffic, with flexibility and scalability Applies threat intelligence including category, reputation, signatures, and proactive scanning and ends the blind spot of encrypted threats Enables expanded inbound and outbound access without worry of infection or inappropriate content
•
52
CONTENT SECURITY
Endpoint Security
McAfee Endpoint Security
The industry’s broadest suite of integrated solutions protects your endpoint devices with system security, virtualization security, mobile protection, email and web safety, and access control. You can guard against the full spectrum of threats with fewer IT resources.
Endpoint Security
Empower Your Mobile Workforce with the Right Balance of Protection and Access
McAfee Endpoint Security lets you meet the needs of your highly mobile workforce with ironclad security and data protection—anytime, anywhere, on any device. At the same time, you can ensure secure, seamless access to business applications and corporate data. With its intelligent security management and single management console approach, McAfee reduces complexity and minimizes the effort and operational overhead required to manage security.
•
System protection—Obtain a comprehensive defense against today’s advanced threats with the industry’s first and only unified solution for endpoint security, compliance, and access control. McAfee helps you block malware, control employee web activity and network access, ensure IT standards meet compliance requirements, and integrate security management for all endpoints through a centralized console. Virtualization protection—Whether you are managing virtual desktops or deploying virtual servers, we provide innovative options to increase protection and operational efficiencies. McAfee delivers optimized security, compliance, and control with streamlined management to help ensure compliance and reduce costs, allowing you to implement new virtualization security without affecting your existing infrastructure or system performance. Mobile protection—As more personal and mobile devices are used for business-related purposes, their sophistication and diversity present new challenges to IT. As you provide content to these mobile devices, you can protect and manage them, too. McAfee mobile protection solutions defend against emerging mobile threats and deliver secure and scalable device management and provisioning. User access control—McAfee Network Access Control (NAC) links endpoint and network security with access control and compliance, centrally managed by McAfee ePolicy Orchestrator. McAfee NAC allows administrators to easily deploy and tailor access controls, resulting in increased security, fewer errors, and network control unmatched in the industry.
•
•
•
Say “Yes” to Business Initiatives
McAfee endpoint solutions protect devices from servers to smartphones to embedded systems. The products categorized below appear alphabetically in the pages that follow. Check www.mcafee.com/endpointsecurity for the latest information.
Suites managed at your site On-premises endpoint suites comparison McAfee Total Protection for Endpoint — Enterprise Edition McAfee Endpoint Protection — Advanced Suite* McAfee Endpoint Protection Suite* McAfee Total Protection for Secure Business* McAfee Total Protection for Data McAfee Total Protection for Server McAfee Endpoint Protection for Mac* Suites managed through the cloud Security SaaS suites comparison McAfee SaaS Endpoint Security Suites – McAfee SaaS Endpoint Protection Suite – McAfee SaaS Endpoint Protection — Advanced Suite – McAfee SaaS Endpoint and Email Protection Suite McAfee SaaS Total Protection* Individual endpoint products McAfee Application Control (for desktops and servers) McAfee Command Line Encryption McAfee Device Control McAfee Encrypted USB McAfee Endpoint Encryption McAfee Enterprise Mobility Management (McAfee EMM™) McAfee Host Intrusion Prevention McAfee Mobile Security for Enterprise McAfee MOVE AntiVirus McAfee Network Access Control McAfee Policy Auditor McAfee Security for Email Servers McAfee Security for Microsoft SharePoint McAfee SiteAdvisor Enterprise McAfee Web Filtering for Endpoint McAfee VirusScan Enterprise McAfee VirusScan Enterprise for Linux McAfee VirusScan Enterprise for Offline Virtual Images McAfee VirusScan Enterprise for Storage McAfee VirusScan Enterprise for use with SAP NetWeaver platform McAfee VirusScan for Mac*
*Products ideally suited to small and mid-sized businesses. ENDPOINT SECURITY 55
56 77 63 64 79 78 80 65 57 72
73 58 59 60 61 62 66 67 68 69 70 71 74 75 76 76 81 82 83 84 85 86
On-premises Endpoint Suites Comparison
Our integrated, intelligent suites work hard to guard your data, systems, and network, so you can work on other things. Select the suite that meets your needs, then refer to the alphabetical listings that follow for details.
McAFEE TOTAL PROTECTION FOR ENDPOINT ENTERPRISE EDITION McAFEE TOTAL PROTECTION FOR SECURE BUSINESS McAFEE TOTAL PROTECTION FOR SERVER McAFEE ENDPOINT PROTECTION — ADVANCED
McAFEE TOTAL PROTECTION FOR DATA
Single integrated management — on site DATA PROTECTION Full-disk encryption File and folder encryption Device control Data loss prevention for endpoint DESKTOP AND SERVER PROTECTION Anti-virus Anti-spyware Real-time anti-malware Host intrusion prevention for desktop Host intrusion prevention for server Application blocking Multi-platform support Desktop firewall Safe surfing with site blocking Network access control Anti-malware (offline virtual images) Web filtering (host) WEB GATEWAY SECURITY Anti-malware Safe surfing URL filtering EMAIL GATEWAY SECURITY Anti-malware Anti-spam Content filtering EMAIL SERVER SECURITY Anti-malware Anti-spam Content filtering RISK AND COMPLIANCE Agentless policy & vulnerability auditing Agent-based policy auditing Change policy enforcement Integrity monitoring Application whitelisting
• • • • •
McAFEE ENDPOINT PROTECTION
•
•
• •
• • • • • • • • • •
•
• • • •
• • • • • • • • • • •
• • • • • • • • • • • •
•
• •
• • • • • • • • • • • • • • • • • • • • • • • • •
56
ENDPOINT SECURITY
Security SaaS Suites Comparison
Flexible Endpoint Protection Available in three custom suites, McAfee SaaS Suites provide continuous protection against known and unknown threats, automatic security updates and upgrades hosted by McAfee, and around-the-clock technical support. Since McAfee automated protection continuously provides up-to-date reporting information to our SecurityCenter, there’s no need to dedicate IT staff to security maintenance or to invest in additional security management software, on-premises hardware, or technical support. McAfee SaaS Endpoint Security Suites, formerly Total Protection Service suites, offer multivector security options for your endpoints. And our best-of-suite solution, McAfee SaaS Total Protection, adds cloud-based content filtering, email continuity, and risk and compliance functions to keep threats and risks away from your network.
McAFEE SaaS ENDPOINT PROTECTION SUITE Centralized visibility through an online management console Desktop and file server anti-virus and anti-spyware Real-time threat intelligence Desktop firewall to block hackers and intrusions Web security for safe surfing Host-based web filtering to ensure web security even when users are not on the local network Email server protection to scan for viruses and spam on site Cloud-based, inbound email filtering to block unwanted spam and phishing attacks Cloud-based, outbound email filtering to stop viruses and malware Email continuity to enable full disaster recovery Cloud-based web filtering of unwanted websites to ensure compliance and productivity Vulnerability assessment to scan for perimeter weaknesses McAFEE SaaS ENDPOINT PROTECTION ADVANCED SUITE McAFEE SaaS ENDPOINT AND EMAIL PROTECTION SUITE McAFEE SaaS TOTAL PROTECTION
• • • • •
• • • • • • •
• • • • • • • • •
• • • • • • • • • • • •
ENDPOINT SECURITY
57
McAfee Application Control (for desktops and servers)
Reduced risk from unauthorized applications, plus stronger endpoint control Users can unintentionally introduce software that installs malware, creates support issues, and violates software licenses — compromising systems and your overall business. McAfee Application Control offers an effective way to block unauthorized applications and, unlike simple whitelisting, uses a dynamic trust model to avoid labor-intensive lists. As enterprises face an avalanche of unknown software from the web, this centrally managed solution adds a timely control to your systems security strategy, attuned to the operational needs of enterprises. Complete protection from unwanted applications Malicious code takes full advantage of the flexible software and modular code used in Web 2.0. McAfee Application Control extends coverage to Java, ActiveX controls, scripts, batch files, and specialty code to give you greater control over application components. Integration with McAfee Risk Advisor provides assurance that you are protected from new and emerging vulnerabilities. Viable security for remote and legacy systems Patching can be a logistical headache for remote systems and may be impossible for older operating environments that no longer receive vendor updates. McAfee Application Control extends a unique layer of protection to shield hard-to-maintain systems, including legacy Windows NT and 2000 systems. Flexible, affordable, manageable, and secure McAfee Application Control leverages your security investment in the McAfee ePolicy Orchestrator platform. McAfee ePO provides remote deployment, and you can manage and report on large enterprise rollouts from a central location. Dynamic management of whitelists makes it easy to support multiple configurations for different business needs, such as back office servers and multiple desktop images for different user profiles. It runs transparently on endpoints, with very low initial and ongoing operational costs. Strengths
• • • • •
Ensures only trusted applications run on servers and endpoints Trust model and dynamic whitelists save administration time and overhead Comprehensive code protection preserves integrity of critical systems Enhanced visibility into vulnerability shielding via Risk Advisor integration Extends lifespan of legacy systems
58
ENDPOINT SECURITY
McAfee Command Line Encryption
Transfer and store your sensitive files securely Your data is the lifeblood of your business. Files with sensitive data need to be protected in transit and in storage for true end-to-end security. Enterprises that routinely exchange sensitive customer information or intellectual property with branch offices, vendors, and business partners need to keep confidential data and applications safe and secure. More than half of all Fortune 500 companies rely on McAfee E-Business Server for secure file transfer and storage. McAfee E-Business Server McAfee E-Business Server incorporates the industry’s strongest encryption algorithms, including Triple-DES CAST, IDEA, AES, Blowfish, and the Twofish Cipher Algorithm. It secures data as it is transmitted over the Internet and throughout your enterprise, eliminating the need for costly solutions such as leased lines and VPNs. By securing data automatically, companies consistently protect sensitive data, reduce labor costs, and eliminate human interaction errors. An application-layer approach to encryption McAfee E-Business Server — a fully integrated application-layer approach to encryption — simplifies the process of ensuring end-to-end data security. Using a simple command-line interface or natively within an application, developers and administrators can protect data throughout its lifecycle: from its point of origin to data processing and storage. You can secure data within automated and batch processes (for file transfer, remote archive, and transactions) and in standard or proprietary applications. Most importantly, you can protect the privacy of data in storage, during access, and in transit over the Internet, providing true end-to-end security. We support the OpenPGP standard, along with most major certificate authorities, so you can securely exchange information with more partners. In addition, because E-Business Server supports self-decrypting archives (SDA), you can even share secure data with partners that do not have encryption. Since these products are transfer protocol independent, companies can easily add encryption into existing processes, independent of their preferred transfer method. Additional configurations for flexible control over data
• • • •
McAfee E-Business Client McAfee E-Business Server for OS/390 McAfee E-Business Server Native APIs McAfee E-Business Server Partner Edition
ENDPOINT SECURITY
59
McAfee Device Control
Fine-grained control over removable media devices on your network USB drives, MP3 players, CDs, DVDs, and other removable media — however useful — pose a real threat to your organization. Their small size and enormous storage capacity make it all too easy for confidential customer data and intellectual property to walk right out the front door and into the wrong hands. Theft is not the only risk; even the most well-intentioned employees accidentally lose devices. Now you can monitor and control data transfer to portable storage devices to improve compliance with data control policies and regulations. McAfee Device Control guards against critical data leaving the corporation through USB flash drives, iPods, CDs, DVDs, Bluetooth and IrDA devices, and other removable storage devices that can connect to desktops and laptops. Targeted, automatic enforcement of detailed device and data policies With wholesale blocking, you frustrate users and constrain productivity. Instead, our granular controls let you specify and categorize which devices may or may not be used and enforce what data can and cannot be transferred to these devices. You quickly and easily configure, deploy, and update policies and agents throughout your environment from the centralized McAfee ePolicy Orchestrator management console. For accurate, reliable control, you can define detailed hardware-based filtering, monitoring, and blocking. Our complete device management lets you enforce devices by any Windows software-based device parameter, including product ID, vendor ID, serial numbers, device class, device name, and more. If you need hardware-based encryption, you can specifically limit use to devices that include approved encryption. This unrivaled protection helps you protect all data, formats, and derivatives even when data is modified, copied, pasted, compressed, or encrypted. Strengths
• • • • •
Fine grained device definitions Content and context-aware protection Centralized policy deployment and management with McAfee ePO Easy upgrade to McAfee Host Data Loss Prevention Visibility, control, and user- and device-level logging to support compliance
60
ENDPOINT SECURITY
McAfee Encrypted USB
Secure mobile devices with built-in access control and encryption USB devices are widely used and convenient because of their small size, huge storage capacity, and high portability. However, with convenience comes risk. These devices, along with the confidential data they contain, are easily lost or stolen. To make the data on these devices unreadable by unauthorized parties, McAfee Encrypted USB drives keep mobile data secure, applying strong encryption and an advanced management platform. Automatic, industry-leading encryption McAfee Encrypted USB drives encrypt data transparently, automatically, and on the fly, with no special training required. Data stored on your USB drives is protected and compliant with company policies, and with industry and government regulations. Our drives protect sensitive information with industry-leading technology: AES-256 encryption and FIPS-140-2 validation. Because of our hardware-based encryption, encryption keys cannot be obtained or copied, because they never leave the USB drive. Advanced management with proof of encryption if lost or stolen Efficient security requires you to extend company security policies and compliance requirements to mobile USB drives in a strategic, comprehensive, and managed way. With McAfee ePolicy Orchestrator (McAfee ePO), you centralize deployment, management, policy administration, monitoring, reporting, and auditing. Extensive auditing and reporting tools allow you to prove that data on devices was encrypted, even if a device is lost or stolen.
McAFEE ENCRYPTED USB BY SANDISK McAFEE ENCRYPTED USB STANDARD McAFEE ENCRYPTED USB BIO McAFEE ENCRYPTED USB HARD DISK NON-BIO McAFEE ENCRYPTED USB HARD DISK
Password Authentication Biometric Authentication AES-256 Bit Hardware Encryption Virtualization Capable (PC-on-a-Stick) FIPS 140-2 validated Centralized management via McAfee ePO McAfee Anti-Malware Protection
2 1
•
•
• •
•
• •
•
•
•
•
•
Optional Optional Optional Optional Optional
•
• •
•
•
•
•
•
•
•
•
1 Third-party software required at additional cost. 2 McAfee Encrypted USB Manager software is optional and provided for non-McAfee ePO customers and digital identity options. ENDPOINT SECURITY 61
McAfee Endpoint Encryption
Ironclad security for lost or stolen devices, anytime, anywhere Rarely does a month go by without an organization revealing the loss or theft of a laptop brimming with sensitive data. Piecemeal and full-disk-only encryption solutions leave security holes and complicate management and reporting. With over 6,000 customers around the globe, McAfee is the leading vendor of encryption software. McAfee Endpoint Encryption prevents unauthorized access to sensitive data through industry-leading encryption technology and strong access control. Multiple layers of protection let us cover more data loss scenarios than any other vendor in the marketplace. Heterogeneous device support McAfee Endpoint Encryption provides full-disk and file/folder encryption that supports your mixed, evolving range of devices: desktops, laptops, network files and folders, smartphones, removable media, portable storage devices, and self-encrypting and solid-state drives. Transparent policy enforcement Encryption happens transparently — on the fly — with virtually no system performance degradation. Single sign-on with pre-boot authentication gives users secure yet convenient access to the information needed to do their jobs efficiently. As a result, sensitive data remains protected regardless of how it is stored, used, or transferred, enabling business continuity anytime, anywhere. One management environment for endpoint and data Our solution offers real-time enforcement, tracking, and reporting of encryption status for every device in the environment from a single management console. A common agent and management platform with McAfee endpoint security products helps ensure dramatically lower operational costs and administrative overhead. A single policy architecture for data protection and endpoint security makes it easier to implement and prove compliance as regulations get more stringent. Strengths
•
Supports software-based encryption, plus self-encrypting and solid state drives Consistent administration and policies for any mix of devices in the environment Support for hardware acceleration based on the Intel AES-NI technology Persistent encryption requires no end-user action or file renaming
•
• •
62
ENDPOINT SECURITY
McAfee Endpoint Protection — Advanced Suite
Protection against zero-day attacks, and help with compliance A mobile workforce plus increased regulation could equal a security nightmare. Get the McAfee Endpoint Protection — Advanced suite and rest peacefully. This suite puts you in charge with broad protections, compliance controls, and unified management for Microsoft Windows endpoints. Whether you want to keep viruses, hackers, spammers, data thieves, or auditors at bay, this seamless solution has the perfect combination of capabilities and cost savings. Integrated, proactive security combats sophisticated malware and zero-day threats to protect endpoints when they leave your network and protect your network when they return. The built-in McAfee Global Threat Intelligence file reputation service provides real-time, always-on protection based on insight gathered by McAfee Labs. And advanced web access control ensures employee productivity everywhere they travel. Zero-day and vulnerability shielding Integrated intrusion prevention secures Windows workstations and servers from advanced persistent threats. It patrols these endpoints against malware, blocks malicious code from hijacking an application, and provides automatically updated signatures that shield laptops and desktops from attack. Finally, it is safe to implement and test patches on your schedule. Combined with our patented behavioral protection, which prevents buffer overflow attacks, and a stateful desktop firewall, you get the most advanced system vulnerability coverage on the market. Centrally managed for control with lower cost and complexity Centralized policy-based management, network access control, device control, and desktop policy auditing keep endpoints safe and compliant.
FEATURE WHY YOU NEED IT
Single integrated management Device control Host IPS and desktop firewall Anti-malware Anti-spam Safe surf and search Host web filtering Email server security Network access control Policy auditing
Instant visibility into security status and events, efficient control of security and compliance tools Keeps confidential data from leaving the company Zero-day protection against new vulnerabilities, reduced urgency to patch, stops network-borne attacks Blocks code that steals data and sabotages user productivity Improves productivity and limits phishing and malware Helps ensure compliance and reduce risk from web surfing Controls users surfing on or off the corporate network Intercepts malware before it reaches the user inbox Limits malware infections by blocking noncompliant systems Streamlined compliance reporting for HIPAA, PCI, and more
ENDPOINT SECURITY
63
McAfee Endpoint Protection Suite
Secure Windows PCs against real-time malware and unauthorized devices Many enterprise users and small businesses rely on tower-based PCs and traditional desktop systems that never leave the building. These traditional desktops and fixed systems within your LAN probably have layers of gateway or network security to protect them. Since these systems don’t visit wireless hot spots, help kids browse the Internet at night, or get left at airports, they have a lower risk of being compromised, picking up malicious downloads, or being stolen while carrying sensitive data. However, every business user relies heavily on web-enabled applications and email, so even these fixed machines require sophisticated protection against the targeted, real-time malware web and email applications convey. Core controls to protect users and their systems The McAfee Endpoint Protection Suite integrates essential security to block advanced malware, control data loss and compliance risks caused by removable media, and provide safe access to critical email and web applications. We unite these core functions into a single, manageable environment ideal for safeguarding traditional desktops and other systems that have limited exposure to Internet threats. Of course, your email server gets an extra dose of anti-malware, backed up by malware protection on each endpoint itself. Device controls help you restrict use of removable media and portable storage to avoid loss of sensitive and regulated data, essential for small businesses and merchants subject to PCI DSS regulation. The McAfee Endpoint Protection Suite seamlessly integrates proven security to help you manage these risks, delivering both operational efficiencies and cost savings with the convenience of a single solution.
FEATURE WHY YOU NEED IT
Single integrated management Device control Desktop firewall Anti-malware Anti-spam Email server security Safe surf and search
Instant visibility into security status and events, efficient control of security and compliance tools Keeps confidential data from leaving the company Prevents network-based attacks and allows only legitimate network traffic Blocks code that steals data and sabotages user productivity Improves productivity and limits employee exposure to phishing and malware Intercepts malware before it reaches the user inbox Helps ensure compliance and reduce risk from web surfing
64
ENDPOINT SECURITY
McAfee Endpoint Protection for Mac
Say “yes” to Macs in the workplace As more and more business users choose Macs, these systems contain or access the same sensitive data as other PCs. Any Macs running virtualization software face Microsoft Windows threats. And since hackers and cybercriminals now view Macs as a target, you should enforce compliance of Macs to the same high security standards of your Windows-based PCs. Advanced security for Mac endpoints McAfee Endpoint Protection for Mac secures Apple Macintosh endpoints with complete, advanced coverage, including anti-virus, anti-spyware, system firewall, and application protection. It stops malware and other security threats before they can damage or infect Macintosh desktops and laptops and spread throughout your company’s network. McAfee Endpoint Protection for Mac also addresses compliance requirements by ensuring that Macs receive the same level of protection as Microsoft Windows-based PCs. It gives you the confidence to say “yes” to Macs in the workplace while maintaining or even reducing operational costs. Centralized, simultaneous management of Macs and PCs McAfee ePO integration enables you to lower operational management costs by making it easier to manage all endpoints — Macs and PCs — from a single platform. You can bring new Macs onto the network quickly and seamlessly and respond quickly to security incidents, regardless of where they originate. A single view helps you update security settings on distributed endpoints simultaneously, and then confirm compliance using powerful reporting. Critical firewall, data, and application controls We include the most advanced firewall on the market for Apple Macs. Inbound scanning stops network-based attacks, while outbound packet filtering prevents spyware and malware from shipping personal data out to would-be attackers. And you can set rules to control access to specific networks, hosts, or IP addresses. Application lockdown lets you pre-approve applications that can run and freeze configurations to ensure compliance with policies, preserve availability, and thwart cybercriminals. Strengths
• • • •
Proven anti-virus, anti-spyware, application lockdown, and desktop firewall Fast and reliable scanning preserves system performance Familiar, intuitive Mac OS X Aqua interface Supports Mac OS X 10.6 (Snow leopard), 10.5 (Leopard), and 10.4 (Tiger)
ENDPOINT SECURITY
65
McAfee Enterprise Mobility Management (McAfee EMM)
Secure, easy, and scalable mobile access to enterprise applications As enterprises mobilize corporate applications, some sacrifice security and control and risk data loss and noncompliance. McAfee Enterprise Mobility Management (McAfee EMM™) enables you to offer mobile device choice — including Apple iPhones and iPads, Google Android, Windows Mobile, and Symbian — while delivering the same level of control traditionally applied to laptops and desktops. Our approach blends mobile device management with policy-managed endpoint security, network access control, and compliance reporting in a seamless system. Comprehensive, robust management enables you to secure your mobile workforce effectively, ensure persistent policies and configurations, and deliver automatic and real-time compliance management. By leveraging existing data center and network infrastructure, including directory services, we also help drive down support costs and overall cost of ownership. Risk reduction tailored to mobile devices McAfee Enterprise Mobility Management configures mobile devices to comply with corporate security policies and enforces compliance via network access control. Your policies define which devices may access the corporate network and can block modified devices like iPhones and iPads. Non-stop, we monitor access to alert you to unauthorized requests so you can maintain compliance. Take advantage of native device encryption, password authentication, and remote data wipe to reduce the risk to sensitive corporate data if a device is lost or stolen. Fast rollout and a lightweight, productive user experience Once you specify users, policies, and connections, a self-service portal allows users to perform basic help desk services, such as enterprise device activation, unlocking their devices, and device wipe, from any web browser. We automate configuration of Wi-Fi, VPN, and native email sync, minimizing help desk calls. Users have unique credentials to trigger access to their specific application services as well as enforcement of role-based policies. Strengths
•
Scales to let you manage thousands of users and tens of thousands of devices Enables device choice, including access from personally-owned devices Reduces costs with centralized management, over-the-air provisioning of policies and updates, and automation throughout the device lifecycle
• •
66
ENDPOINT SECURITY
McAfee Host Intrusion Prevention
Proactively secure your desktops and servers As an IT manager, one of your top challenges is to protect the IT assets that support your business, fending off known and unknown attacks to guard confidential data and preserve business continuity. McAfee Host Intrusion Prevention (Host IPS) delivers complete protection against new and unknown threats, and proactively prevents emerging attacks through McAfee Global Threat Intelligence. Behavioral protection blocks zero-day attacks that target new vulnerabilities, while signature-based protection identifies known attacks. Both enforce proper system and application behavior. A dynamic, stateful firewall integrates McAfee Global Threat Intelligence network connection reputation to characterize and block newly malicious traffic, protecting you from advanced threats such as botnets and DDOS before these attacks can do damage. The firewall also ensures compliance with application and system access policies. The integrated McAfee ePO agent and management console let you consolidate processes and cut overhead. Relax on “Patch Tuesdays” You can save time, money, and resources on patching, ending the pain of “Patch Tuesdays” and emergency patch cycles. Automatic signature updates and zero-day protection give you advanced vulnerability shielding. You can maintain a high level of protection with complete vulnerability coverage while deploying patches on your schedule, after appropriate testing. For server Host IPS for server can monitor and block unwanted activity and threats to maintain server uptime and protect assets. Host IPS for server contains unique protection engineered specifically for web and database servers, protecting against attacks like directory traversal and SQL injection. Application shielding and enveloping prevent compromise of applications and data and prevent applications from being used to attack other applications, even by a user with administrative privileges. For desktop Managing security and connectivity policies for endpoints can be a real IT headache. Employees can inadvertently introduce worms, spyware, and other threats into your network with their desktops or laptops. These actions compromise data, put employees at risk, and result in lost productivity. Host IPS for desktop uses multiple proven methods — behavioral analysis, signature analysis, and a dynamic, stateful firewall — to keep desktops safe.
ENDPOINT SECURITY
67
McAfee Mobile Security for Enterprise
Proven endpoint security for enterprise mobile devices Malware can interrupt mobile service and disrupt business. Comprehensive mobile protection is essential to protect data integrity and employee productivity from malware attacks. McAfee Mobile Security for Enterprise is a centrally operated anti-malware system that scans and cleans mobile data, preventing corruption from viruses, worms, dialers, Trojans, and other malicious code. Mobile Security for Enterprise protects your mobile devices at the most critical points of exposure, including inbound and outbound emails, text messages, email attachments, and Internet downloads. Complete mobile protection As your users work, the system transparently scans all types of files, including emails, text messages, photos, and videos on Windows Mobile OS smartphones. Our comprehensive anti-malware technology protects data transmitted over wireless carrier data networks, Bluetooth, Wi-Fi, and infrared communications. Instant threat detection Continuous protection detects malware in less than 200 milliseconds without interrupting wireless operations or connectivity. After detection, malicious files are stripped of their payloads. All the while, automatic updates safeguard your devices from the latest threats. Simple, streamlined administration Mobile Security for Enterprise extends centralized management to include your Windows Mobile devices. Through the web-based McAfee ePO console, you can easily configure policies, manage updates, and monitor mobile security status. Using a consistent management platform lowers IT overhead costs and generates operational efficiencies. A consistent policy definition and management environment reduces mobile risk for your enterprise and helps you maintain compliance. Strengths
• • • •
Always-on, real-time protection without interrupting connections Inline cleaning automatically removes infections to maintain device health Designed specifically for mobile threats with a minimal device footprint Regular over-the-air signature updates and alerts if an update fails or a device becomes infected Reduces risk of sensitive data loss that can mean compliance violations
•
68
ENDPOINT SECURITY
McAfee MOVE AntiVirus
Optimize security for virtualized desktops without compromising Virtual desktop infrastructure (VDI) is giving IT great flexibility to support work whenever and where ever. As data is now consolidated within the datacenter, having strong protection against malware is more important than ever. But anti-virus implemented in the traditional manner, within each virtual desktop, can cause much delay and overhead. Realize the full benefits of virtualization without the risk McAfee MOVE AntiVirus (AV) works in conjunction with McAfee VirusScan to optimize security processing in virtualized environments. McAfee MOVE AV enables on-access and .DAT update functions while greatly reducing the infrastructure impact seen with traditional anti-virus deployments. Supporting VMware View and Citrix XenDesktop, McAfee provides AV offloading and security intelligence that results in a sixty percent increase in supportable virtual workloads. Virtualization makes it easier to support a multitude of servers. However, it also can become tricky to capacity plan. With fluid provisioning, having the controls to minimize unintended resource consumption is critical. When loads are high, extra resource consumption can affect all of the services provided on the hypervisor. McAfee provides operational flexibility for virtual servers with AV scanning of offline images and the ability to schedule AV on-demand scanning based on the overall load of the hypervisor. We cut operating costs through common security management for both physical and virtual environments. Reduce resource utilization Security processing can be resource intensive. McAfee MOVE AV optimizes security for virtualized environments, freeing valuable resources for other business operations. Because of hypervisor-aware security management, capacity planning and utilization can now be predictive, improving performance. Security for virtualization — now and in the future McAfee MOVE AV supports the major hypervisor vendors and is fully integrated with McAfee Global Threat Intelligence. You get advanced security from McAfee with the agility to adopt a variety of virtualization implementations. Strengths
•
Removes common hindrances of implementing security in virtualized environments Decouples security management from operations Provides robust security policy and reporting adaptable enough for virtualization deployments
ENDPOINT SECURITY 69
• •
McAfee Network Access Control
Reduce threats and data loss with unified network access control Visitors and contractors can introduce malware, disrupt your networks, and compromise your systems and data. Employees who self-administer their endpoints can disable or misconfigure security tools and install malicious programs that can threaten data. McAfee Unified Secure Access is the first network access control (NAC) solution to unify endpoint and network security with access control. Unlike many NAC solutions, the integrated McAfee solution secures against threats inside and outside the network while remaining simple, cost-effective, accurate, scalable, and secure. Minimize risk of outbreaks while allowing flexible policies McAfee expands your security posture with adaptive policy technology that combines multiple assessment and control features into one NAC solution. It controls access and protects against broad threats with application-based and identity-based technologies, which control who has access to your specific critical network resources. Further, McAfee protects your investment by leveraging your existing network and system components and taking advantage of integrated management through McAfee ePO. Broad enforcement options McAfee Unified Secure Access includes three main components. Mix and match these options to create a complete solution:
•
McAfee NAC Software supports managed users and offers employee endpoint health assessment both pre- and post-admission McAfee NAC Appliance controls guest and contractor access with a network-based approach and offers identity and application-based network access control McAfee NAC Module for McAfee Network Security Platform adds the functionality of the NAC Appliance to an existing Network Security Platform to incorporate intrusion prevention in network access control decisions
St
ep
licy Po 1:
Ste p2 :D i
Scans for rogue devices, alerts, and reports
•
•
er ov sc
Takes action based on outcome of policy check or behavior
Ste
p 4: R e m e diate
70
ENDPOINT SECURITY
St
ep
3:
Enf
orce
McAfee supports a continuous lifecycle of access control for compliance.
Defines health, machine/user identity, and application policy
ni St e p 5: M o
Monitors endpoint to ensure ongoing compliance
Checks pre- or post-admission health against policy
to
r
McAfee Policy Auditor
Get in control, prove compliance by automating the IT audit process These days, it is not enough to be compliant. It is critical to show it with a high degree of accuracy — a daunting and time-consuming task. You spend an inordinate amount of time and effort manually collecting data, mapping IT controls to policy, and auditing devices — especially your mission-critical servers — to identify policy violations and noncompliant systems. You need an efficient and accurate alternative. McAfee Policy Auditor simplifies the process of demonstrating compliance. It automates manual audit processes and increases efficiency. Its proven agent, extensive support for content standards, and transparent integration with McAfee ePolicy Orchestrator mean accurate, efficient audits, every time. By mapping IT controls against predefined policy content, McAfee Policy Auditor enables you to produce consistent and accurate reporting against internal and external policies. Get proactive about compliance McAfee Policy Auditor delivers automated policy auditing of managed assets. You can proactively define, measure, and report on the compliance of information systems based on industry, regulatory, and corporate security policies, as well as standards and frameworks. Predefined templates include ISO 27001, COBIT, FISMA, FDCC, HIPAA, SOX, GLBA, and PCI DSS. Built on open standards and SCAP-validated, it enables you to import authoritative templates, such as FDCC, and audit for compliance to that standard within minutes. Integrated for investment protection Use McAfee Policy Auditor with McAfee ePO to consolidate security management and compliance management, easing agent deployment, management, and reporting. Pair McAfee Policy Auditor with McAfee Vulnerability Manager to run consolidated audits across both managed (agent-based) and unmanaged (agentless) systems. Strengths
• • • • •
Fast, automated import of industry benchmarks through SCAP standard Real-time audit model and blackout window reduce business disruption Automation saves hours and days of tedious tasks Builds confidence with external auditors Enables organizations to prove compliance consistently
ENDPOINT SECURITY
71
McAfee SaaS Endpoint Security Suites
Always-on-guard Security-as-a-Service With IT staff stretched thin and limited budgets, companies are looking for innovative ways to protect their assets and their users without complex and expensive software deployments and maintenance. McAfee SaaS Endpoint Security Suites, formerly McAfee Total Protection Service suites, consolidate endpoint, email, and web security to protect businesses of all sizes against the latest known and unknown threats. Defend all your systems and eliminate the high costs of onsite maintenance and investments with an integrated Security-as-a-Service approach. Enjoy fast deployment and uninterrupted protection that is never obsolete. Simply install the protection onto endpoints, and the software transparently updates over an Internet connection with no maintenance and no disruptions. From the web-based McAfee SecurityCenter console, you can centralize installation, configuration, reporting, updates, and group management. Use the same console to customize reporting, schedule reports, and run virus and vulnerability scans. McAfee Gold Technical Support is included for easy access to trusted experts through phone, chat, and email. Advanced security McAfee SaaS Endpoint Security Suites protect from unknown threats, outbreaks, and online exploits like phishing scams, spyware, and more — without limiting online access. Signature and behavioral-based scanning reduce exposure from unknown threats. McAfee SiteAdvisor software helps users stay safe from malicious websites, and you can customize web policies to filter unwanted websites. For the most complete security, our SaaS Endpoint and Email Protection Suite filters and quarantines inbound and outbound threats from email before the threats reach your network — with no installation required. It also scans the network perimeter for vulnerabilities to help you take action against weaknesses.
McAFEE SaaS ENDPOINT PROTECTION SUITE Centralized online management Desktop and file server anti-virus and anti-spyware Real-time threat intelligence Desktop firewall Web security for safe surfing (McAfee SiteAdvisor) Host web filtering Email server protection Cloud email filtering for inbound and outbound email McAFEE SaaS ENDPOINT PROTECTION ADVANCED SUITE McAFEE SaaS ENDPOINT AND EMAIL PROTECTION SUITE
• • • • •
• • • • • • •
• • • • • • • •
72
ENDPOINT SECURITY
McAfee SaaS Total Protection
Complete email and web protection, endpoint security, and vulnerability scanning Looking for complete protection from the cloud? McAfee SaaS Total Protection offers best-in-class security that leverages the power of cloud computing to deliver comprehensive and cost-effective protection for endpoint, email, web, and network. Integrated, cloud-based security Get a single integrated suite that provides all the benefits from the McAfee SaaS email, endpoint, vulnerability management, and web protection solutions — all hosted by the McAfee management infrastructure. Subscribe to McAfee SaaS solutions, infrastructure, expertise, and 24/7 Gold support to improve your security, cut your capital expenditures, and free your IT staff to focus on other areas critical to your business. Our best-in-class SaaS solution maximizes your protection from the cloud and enables your success with a centralized management console, the McAfee SecurityCenter. The SecurityCenter provides total visibility with 24/7 access to an easy-to-use, online dashboard to view user protection, customize security policies, and generate and download reports. Strengths
•
An integrated Security-as-a-Service suite that eliminates the high costs of onsite hardware maintenance and investments Endpoint protection stops viruses, spyware, hackers, and intrusions and provides web security Inbound and outbound email filtering blocks spam and phishing attacks Email continuity ensures email access even when your server experiences an outage Host-based and cloud-based web filtering blocks online threats and ensures Internet compliance and productivity for users on and off the corporate network Perimeter scanning helps identify potential vulnerabilities or security issues and provides remediation assistance
•
• •
•
•
ENDPOINT SECURITY
73
McAfee Security for Email Servers
Robust content security for Microsoft Exchange and Lotus Domino servers An important component for comprehensive email security, McAfee Security for Email Servers serves as an additional layer of security by inspecting email on your email server. Because it plugs directly into your email server, McAfee Email Security for Servers can scan and automatically apply policy to internal email that your email gateway never sees. Unbeatable virus and threat detection McAfee Security for Email Servers uses the McAfee scanning engine to detect, clean, and block viruses, worms, Trojans, and other potentially unwanted programs. The cloud-based McAfee Global Threat Intelligence reputation service analyzes email sender addresses and domains, messages, embedded URLs, and file attachments. Reputation analysis helps McAfee Email Security for Servers accurately identify and quarantine undesired messages using minimal system resources, saving critical computing power for your email server’s number one job: delivering email. Content filtering You can filter messages based on size, message content, or attachment content. Many enterprises block or quarantine messages that contain controlled or sensitive contents in the subject, message body, or attachments. McAfee Quarantine Manager McAfee Quarantine Manager is a highly scalable centralized off-box quarantine server. Supporting multiple McAfee products and managed through McAfee ePO, it enables administrators to easily consolidate and manage email quarantines. Role-based administration, granular quarantines, and a brandable user interface offer ultimate control and quarantine flexibility. Manage your security simply Integration with McAfee ePO provides centralized configuration, policy management, and reporting. McAfee ePO automatically pushes out and implements your configuration changes and policy changes. Strengths
• • • •
Prevents viruses and spyware from traversing your internal network via email Protects Windows, Linux, and AIX email servers on 32- and 64-bit platforms Automatically enforces email usage and content policies Works in conjunction with McAfee email appliances to provide comprehensive email security with shared central management and quarantine
74
ENDPOINT SECURITY
McAfee Security for Microsoft SharePoint
Powerful protection for your SharePoint servers With so much information shared throughout your business, you need targeted security for your SharePoint document libraries. Otherwise, viruses, worms, Trojans, and other threats can harm them. Know your content and enforce compliance McAfee Security for Microsoft SharePoint provides comprehensive, enhanced security for documents, web content, and files stored on your SharePoint workspaces. It detects, cleans, and removes viruses, as well as banned or inappropriate content, using the lightning-fast McAfee scanning engine. McAfee Security for Microsoft SharePoint offers preset content rules to prevent the spread of inappropriate content. Easy to use and immediately effective, the preset content rules can be run straight out of the box, or you can fine-tune them using advanced custom rule sets. The content management rules can prevent downloads and uploads. They also report details about documents that contain sensitive or offensive information. Scalable management McAfee Security for Microsoft SharePoint leverages your investment in the McAfee ePO platform. Comprehensive, graphical reports detail your security posture and answer the question: “Are all my SharePoint servers protected with the latest engine and virus definition files?” McAfee ePO supports remote deployment and allows large enterprise rollouts to be managed easily from a central location. Actionable monitoring with a graphical dashboard The management dashboard provides an overview of the latest virus detections; graphical data views with charts, detection summaries, product updates, licensing, and version information; details on recently scanned items; and security and vulnerability news. Strengths
• • • • • • •
Advanced anti-virus technology Effective content filtering Centralized management and reporting Preset content rules Microsoft VSAPI support Automatic updating Enhanced quarantine management
ENDPOINT SECURITY
75
McAfee SiteAdvisor Enterprise McAfee Web Filtering for Endpoint
Worry-free web browsing and blocking for business users While the Internet is a crucial business tool, cybercriminals are making it a dangerous one. Now you can allow employees to surf and search the web safely, using active technology to guide users away from malicious websites and shield them from online threats. Proactive safety information keeps users alert McAfee SiteAdvisor Enterprise lets you avoid restrictive policies that keep your employees from using the web for research and business projects. Your business users will have the freedom to surf online, protected from web-based threats such as spyware, adware, and phishing. Featuring an intuitive color-coded rating system — green, yellow, red, or gray for unrated — and the reputation intelligence of McAfee Global Threat Intelligence, McAfee SiteAdvisor Enterprise provides risk-aware protection at the desktop. Deploy and manage policies with ease Ready to deploy across your organization with McAfee ePO, McAfee SiteAdvisor Enterprise solutions install easily to protect all business users. You can customize the authorization or blocking of website access, view reporting, control messaging, assign actions based on safety ratings, and implement added protection for remote users — all to ensure policy compliance. Integrated URL and content filtering Unmanaged Internet access presents many challenges and introduces unnecessary risk. McAfee Web Filtering for Endpoint integrates with McAfee Site Advisor Enterprise to help organizations manage productivity, reduce legal liability, and improve bandwidth to make employee Internet use efficient and effective. McAfee customers who use McAfee Web Filtering for Endpoint and McAfee Web Gateway can take advantage of this integrated, gateway-aware solution to enforce the appropriate policy intelligently, whether the user is at a corporate office behind the McAfee Web Gateway or outside the network. Strengths
• • • •
Educates users for continuous protection against changing threats Prevents users from browsing to websites hosting malware or exploits Restricts and monitors employee web usage with superior content filtering Centralized management through McAfee ePO makes deployment, management, and reporting easy and efficient
76
ENDPOINT SECURITY
McAfee Total Protection for Endpoint — Enterprise Edition
Complete endpoint security designed for medium to large enterprises Providing a secure endpoint environment for your business can be complex. Sophisticated malware and a boundary free workplace make it easy for cybercriminals to steal information and devices. Users expect support for their preferred systems, including Macs and mobile devices, while regulations force increased safeguards for data and documented compliance. All the while, the growing number of security point products increases management costs and complicates response. Protect every endpoint from data, web, email, network, and system-level threats You could patch together a collection of individual products, but you would never achieve the effectiveness and efficiency of McAfee Total Protection for Endpoint — Enterprise Edition. This integrated security suite delivers ironclad protection for all your endpoints, including Windows, Mac, and Linux systems and mobile devices. We secure your systems and data against sophisticated malware, shielding your assets from bots and zero-day attacks with the support of McAfee Global Threat Intelligence. We protect even if the device is lost or stolen, and block noncompliant systems or unauthorized devices that may attempt to access your business-critical systems and sensitive data. This combination of controls is ideal for sophisticated enterprises with users who expect freedom — as well as total protection from the risks their mobility and flexibility entail.
FEATURE WHY YOU NEED IT
Single integrated management Encryption Device control Host IPS and desktop firewall Anti-malware Anti-spam Safe surf and search Host web filtering Email server security Network access control Policy auditing Multiplatform
Instant visibility into security status and events, efficient control of security and compliance tools Safeguards data and minimizes compliance issues Keeps confidential data from leaving the company Zero-day protection against new vulnerabilities, reduced urgency to patch, stops network-borne attacks Blocks code that steals data and sabotages user productivity Improves productivity and limits phishing and malware Helps ensure compliance and reduce risk from web surfing Controls users surfing on or off the corporate network Intercepts malware before it reaches the user inbox Limits malware infections by blocking noncompliant systems Streamlines checks and compliance reporting Protects the full range of endpoints required by mobile and knowledge workers
ENDPOINT SECURITY
77
McAfee Total Protection for Data
Industry’s most complete data protection solution With today’s mobile devices and ever-connected work style, protecting confidential customer information — as well as your intellectual property — has to be job one. To secure your confidential data reliably, the McAfee Total Protection for Data suite provides strong encryption, authentication, data loss prevention, and policy-driven security controls. They prevent unauthorized access to your sensitive data — anytime, anywhere, for any device. The suite includes McAfee Endpoint Encryption (full-disk, file and folder, and removable media encryption), McAfee Host Data Loss Prevention, McAfee Device Control, and centralized management by McAfee ePO. Instead of managing separate point solutions, use a single environment to manage your deployment, define security policies, monitor flexible dashboards, generate reports, and maintain your data protection. Enterprise-grade encryption and device control To protect data at rest, full-disk encryption combined with strong access control protects sensitive data on all endpoints. Persistent file and folder encryption transparently encrypts the files and folders you choose, on the fly, before they move through your organization. Host data loss prevention allows you to monitor real-time events and apply centrally managed security policies to control how employees access and use confidential data. You can also monitor and control data transfer to portable devices, such as USB flash disks, iPods, DVDs, and Bluetooth devices. Unlike wholesale blocking of device usage, you can specify and categorize which devices may or may not be used and enforce what data can and cannot be transferred to these devices based on sophisticated content analysis. Improved visibility and efficient, centralized management As your business needs change, we help you understand evolving usage and adjust policies appropriately. Advanced reporting and auditing help your company better meet tough privacy mandates, demonstrate compliance, ensure safe harbor protection, and support prompt and proper audits. Strengths
•
Works even when data is modified, copied, pasted, compressed, or encrypted Enforces policies based on users and groups and synchronizes policies with Active Directory, Novell NDS, and PKI Encrypts files, folders, or devices without end-user action Logs every data transaction with forensic-quality, audit-ready details
•
• •
78
ENDPOINT SECURITY
McAfee Total Protection for Secure Business
All the critical elements of security a medium-sized company needs Free yourself from the headaches of managing multiple point products from multiple vendors. McAfee Total Protection for Secure Business has it all — the industry’s most comprehensive security in one easy-to-manage suite for endpoints, email, web, and data. It saves time, saves money, and provides a more powerful, integrated defense against the threats medium-sized businesses know about — and the threats you cannot see coming. Smart data, email, and web security, plus compliance In one solution, you get anti-virus, anti-spyware, desktop firewall, and host intrusion prevention, web security, and highly accurate spam detection for effective gateway blocking of malware. To protect your business from data loss, you can encrypt all data on laptops, desktops, and other mobile devices and prevent unauthorized use of removable devices, such as memory sticks. We also help you limit access to dangerous websites, block data-stealing malware, and enforce appropriate data usage policies. Save time and money Let McAfee simplify acquisition and deployment of the protections you need, with one purchase of one package from one trusted, proven vendor, with substantially lower licensing fees and support costs than if purchased separately. It eliminates the compatibility and maintenance issues associated with multiple point products and vendors. Instead, you gain better visibility, control, and comprehensive intelligence on your security posture. Strengths
• • • •
Instant, always-active threat protection from data-stealing threats Encryption and device control to prevent data loss Single, centralized management to streamline management and reporting Easy to choose, purchase, and manage the protections you need
ENDPOINT SECURITY
79
McAfee Total Protection for Server
Improve security while preserving system availability and uptime Many companies have scaled back security on the server because traditional server security solutions introduce latency, hamper server operations, and disrupt critical processes. However, servers are a prime target as hackers pursue valuable, sensitive data. McAfee Total Protection for Server lets you ensure optimal security without compromising availability or uptime. Optimize your security posture Our combination of dynamic whitelisting, change policy management, policy auditing, and on-demand anti-virus helps you ensure only authorized applications can run. Strong change management controls mitigate the risk of targeted attacks, data breaches, and compliance drift. These lightweight security components preserve processing power for critical applications by locking in a trusted state and blocking unauthorized scripts, drivers, and executables. To better manage risk exposure, you acquire complete visibility as well as policy enforcement over data and system access. Any attempt at unauthorized change is detected and flagged with an alert, thwarting attacks like Operation Aurora. Gain operational efficiency and continuous compliance Combined security and compliance functions reduce the number of hours required to manage processes. The ability to assess configuration and management of the system against policy drives down the cost of management. You also trim investments in hardware and separate licenses for application and file server security. We include templates for key regulatory and industry policy standards. Alerting and rich auditable data on server changes help you test and verify compliance with regulations, and reports become routine. Centralized McAfee ePO management makes our flexible configurations easy to set up and maintain and helps you manage and document security throughout your enterprise. Strengths
• • •
Whitelisting and on-demand scanning for maximum protection Prevents execution of all unauthorized code, scripts, and DLLs Defends against memory exploits with memory protection and in-memory scanning Low overhead components minimize CPU impact Simple setup and low initial and ongoing operational overhead Administrators with physical or remote access to the machine cannot override protection
• • •
80
ENDPOINT SECURITY
McAfee VirusScan Enterprise
The ultimate way to keep viruses out of your desktops and servers Enterprises cannot afford to wait for every threat to be identified and a signature file to be released. The time between attack and subsequent identification is critical: the shorter, the better. It’s better yet if your protection technology identifies new, unknown threats. Block multiple threats to protect systems and productivity McAfee VirusScan Enterprise proactively stops and removes malicious software, extends coverage against new security risks, and reduces the cost of responding to outbreaks. By blending advanced anti-virus, firewall, and intrusion prevention technologies, McAfee VirusScan Enterprise covers a broad range of known and unknown threats. It defends your systems against viruses, buffer overflows, and blended attacks, including threats that attempt to write to memory. Advanced analysis and behavior-based threat detection With innovative heuristics and generic detection, it finds even new, unknown viruses concealed in compressed files and can stop rootkits and hidden keyloggers from installing. McAfee VirusScan Enterprise looks for exploits known to target Microsoft applications and services. It will also identify and block threats that take advantage of JavaScript and Visual Basic, as well as HTML text and attachments. Supported by the McAfee Global Threat Intelligence network To dramatically reduce the exposure from new, unknown malware, McAfee VirusScan Enterprise incorporates real-time risk analysis from McAfee Global Threat Intelligence, the most comprehensive threat intelligence in the market. With visibility across all threat vectors — including file, web, message, and network — and a view into the latest vulnerabilities across the IT industry, McAfee correlates real-world data collected from millions of sensors around the globe and provides real-time malware information to McAfee VirusScan Enterprise. Strengths
• • • •
Powered by global threat intelligence across all key threat vectors Cannot be disabled by hackers, malware, or fake anti-virus Centrally managed, monitored, and reported on through McAfee ePO Defends against threats that target Microsoft — especially Windows services, Word, Excel, Explorer, Outlook, and SQL Server Can replace existing anti-virus products remotely, automatically, and with no reboot required in most cases
•
ENDPOINT SECURITY
81
McAfee VirusScan Enterprise for Linux
Always-on protection for Linux systems Though most threats attack Windows systems, malware definitely does target the Linux platform. Unprotected Linux systems may also act as carriers, allowing viruses and malware to disrupt non-Linux operating systems throughout the network. Even after an initial outbreak has been contained, viruses may still be able to execute their payloads and infect the entire network. McAfee VirusScan Enterprise for Linux offers superior protection from the growing numbers of viruses, worms, and other malware targeting Linux systems. Always on the lookout, its unique, Linux-based on-access scanner constantly monitors the system for potential attacks. Supported by the McAfee Global Threat Intelligence network McAfee Global Threat Intelligence offers the most comprehensive threat intelligence in the market. With visibility across all threat vectors — including file, web, message, and network — and a view into the latest vulnerabilities across the IT industry, McAfee correlates real-world data collected from millions of sensors around the globe. It provides real-time malware information to McAfee VirusScan Enterprise for Linux to block threats before signatures become available. Enhanced enterprise management and reporting McAfee ePolicy Orchestrator manages and enforces anti-virus protection and policies. It provides centralized, comprehensive policy management, detailed graphical reporting, and software deployment across your Linux, Windows, and Mac clients, offering better security visibility across your entire infrastructure. Security designed for Linux We offer real-time protection, low processing overhead, and support for most common Linux distributions and include a kernel-scanning cache for efficient processing. Extremely scalable, McAfee VirusScan Enterprise for Linux suits today’s fast-moving, highly adaptive small businesses and global enterprises. Strengths
•
Continuous, on-access scanning, including heuristic scanning to identify and block new variants and unknown threats without the need to patch Archive scanning to discover and block viruses hidden within archived files Automatic updating without system reboots Cross-platform protection to block Windows malware Kernel module versioning for on-access scanning on new kernels without having to recompile modules
• • • •
82
ENDPOINT SECURITY
McAfee VirusScan Enterprise for Offline Virtual Images
Purpose-built security for virtual environments Enterprise applications are easier to provision and deploy on virtualized systems than on physical servers. However, the consequence of easy deployment is virtual machine (VM) proliferation, with more and more VMs created throughout the IT environment. In today’s virtual environments, VMs that are dormant for an extended time miss the latest patches. When these archived VMs activate, their anti-malware security profiles can be precariously out of date and their unpatched vulnerabilities put your entire infrastructure at risk. Updated protection, automatically McAfee has extended its trusted expertise to virtualized environments, with integrated protection for virtual environments. With McAfee VirusScan Enterprise for Offline Virtual Images, your organization can ensure your VMs are secure and also reduce IT effort. We cut operating costs through common security management for both physical and virtual environments. The solution scans, cleans, and updates the anti-malware security profile of dormant VMs — without bringing them online. Automatic, real-time anti-malware updates use McAfee Global Threat Intelligence to maintain the latest threat protection, allowing your IT staff to focus on other issues. Safe archival for compliance Now you can archive safely for longer intervals to support regulatory policies. Periodic automatic scans and updates of offline virtual images will ensure the systems remain protected. Reduced IT overhead and headaches Eventually, when you bring offline VMs back online, McAfee has already scanned, cleaned, and fully secured them with updated signatures, so they no longer threaten the IT environment. Because we automate these processes, we also greatly reduce the intermittent IT burden of bringing VMs back online for security patches, updates, and other routine maintenance. Through McAfee ePO, you monitor, maintain, and report on physical and virtual environments with one console. Strengths
• •
Updates McAfee .DAT signature files without bringing the VM online Integrated with VMware’s VMsafe integration tools for optimal performance and security Facilitates real-time disaster recovery by securing offline virtual machines at secondary sites Reduces migration issues with one solution for VMware, Microsoft, and Citrix environments
•
•
ENDPOINT SECURITY
83
McAfee VirusScan Enterprise for Storage
Unmatched virus protection for network-attached storage environments Network-attached storage (NAS) devices hold a vast amount of business-critical information, accessed and stored constantly by your users. Use McAfee VirusScan Enterprise for Storage to keep viruses away with continuous, on-access scanning that has minimal impact on filer access time. Broad, proactive protection McAfee scans NAS filers to deliver real-time virus protection against a wide range of viruses and other threats, detecting new, unknown viruses and even those hidden in compressed files. It blocks threats before they are stored. Unique on-access scanning technology scans constantly in real-time, while files are accessed, copied, or written to the server. Regular automatic updates from McAfee Labs keep your protection abreast of the latest threats. Automatic remediation Once it finds an infected file, VirusScan for Storage automatically cleans, deletes, or quarantines it. By scanning files as they move to and from your filers, you gain the ultimate in virus protection. Multiple scanners checking multiple filers give you the power of parallel processing for optimal load balancing and flexible failover protection. One management platform McAfee ePolicy Orchestrator makes control and management easy with a single display and detailed graphical reporting. Strengths
•
Continuous, on-access scanning blocks viruses before they are stored and prevents script-type threats, spyware, and unwanted programs One management platform Automatic updates of .DAT files and scanning engines Rapid notification of alerts Works with NetApp filers and Sun Storage devices Enterprise-ready multi-scanner to multi-filer configurations Backed by the 24/7 global research team at McAfee Labs
• • • • • •
84
ENDPOINT SECURITY
McAfee VirusScan Enterprise for use with SAP NetWeaver platform
Extending proven security to mission-critical business applications While anti-malware software is a de facto standard with enterprise clients globally, the vast majority of mission-critical SAP environments remain exposed to potential security threats. With the expanding SAP product portfolio, there are more opportunities to upload external, potentially infected, files to the SAP NetWeaver environment, such as employment resumes, configuration files, and templates. Infected files could potentially corrupt the entire database. We help with the first enterprise-class protection for this critical enterprise asset: McAfee VirusScan Enterprise for use with SAP NetWeaver platform. It supports business continuity for mission-critical SAP environments and helps ensure uploads of infected files do not affect the whole database. Enterprise-class protection McAfee is the only enterprise-class vendor to offer security that scans, quarantines, and remediates sensitive documents, configuration files, templates, and other files before they reach the SAP environment. The product offers real-time (on-access) scanning of any file uploaded or modified in the environment and comes with the flexibility for deployment as a standalone server or as a virtual machine. Enterprise-class manageability Use the same McAfee ePO management platform you use to control other McAfee enterprise products. You get simple, centralized reporting, updates, and auditing. Strengths
•
Real-time (on-access) scanning of any file uploaded or modified in the environment Flexible deployment: standalone or virtual machine SAP certified integration partner Backed by 24/7 global threat intelligence from McAfee Labs
• • •
ENDPOINT SECURITY
85
McAfee VirusScan for Mac
Complete protection for Mac PowerPC and Intel-based systems Leverage the award-winning McAfee scan engine to proactively hunt down and kill Macintosh and Windows viruses, worms, Trojans, and other threats. Automatic virus updating and cleaning protects you against infected Internet downloads, such as spyware, adware, and other unwanted software. Complete, proactive threat protection McAfee VirusScan for Mac uses on-access scanning to search for viruses and malicious threats every time a file is accessed. It automatically detects viral infections as they attempt to infect a system and protects against Macintosh, PC, and Unix-based viruses. In addition, it has the ability to scan Apple Mail messages and attachments for malicious threats. It will also protect your users when they save or open files from shared network drives. McAfee VirusScan for Mac uses heuristic analysis and generic detection that proactively protects against new and previously unknown viruses. The advanced heuristic analysis looks through the code in a file to determine if the actions it takes are typical of a virus. The more virus-like the code found, the more likely the file is to be infected. To reduce the risk of false alarms, we combine our positive heuristics approach with negative heuristics, which searches for those things that are distinctly non-virus-like. Proactive McAfee Global Threat Intelligence technology automatically detects and blocks suspicious files without the need for signatures. Centralized management McAfee ePolicy Orchestrator can administer McAfee VirusScan for Mac for easy policy configuration, deployment, enforcement, reporting, and management across all your endpoints. Strengths
• • • •
Familiar Apple Mac OS X Aqua user interface Fast on-access or convenient on-demand and full-disk scanning Automatic or on-demand one-click updating Universal deployment on either Intel-based or Power PC-based Macintosh systems Kept up to date with 24/7 global threat intelligence from McAfee Labs Centralized management and visibility across Mac, Windows, and Linux clients Supports Mac OS X 10.6 (Snow Leopard), 10.5 (Leopard), and 10.4 (Tiger) Also available as part of comprehensive protection in the McAfee Endpoint Protection for Mac suite
• •
• •
86
ENDPOINT SECURITY
Security Management
McAfee Security Management
McAfee Security Management delivers real-time visibility into your security, risk, and compliance profile. With an open platform to integrate existing security administration, McAfee automates protection, diagnosis, and remediation.
Take the Guesswork Out of Securing Your Enterprise
McAfee Security Management represents the industry’s most comprehensive approach to managing enterprise security. Designed to monitor, manage, and report on your security, risk, and compliance profile, it empowers you with situational awareness, global protection across your heterogeneous infrastructure, and shared intelligence— all in an open platform.
•
Security Management
Consolidated management—McAfee ePolicy Orchestrator is the only enterprise-class, open platform to centrally manage security for systems, networks, data, and compliance. With end-to-end visibility and powerful automation, McAfee slashes incident response times, strengthens protection, and drives down the cost of managing security. Risk management—Your organization can fully understand its risk posture across every meaningful sector of your IT environment, including databases, web applications, systems, and networks. Armed with this new visibility, you can optimize security, mitigate risk, and prioritize security efforts while eliminating manual threat correlation processes. Compliance—McAfee solutions automate compliance reporting and elevate your organization’s adherence to industry standards—including PCI, SOX, and HIPAA—while lowering costs and reducing audit overhead. Through built-in integration with our centralized management console, you can secure continuous integrity monitoring, create and enforce change policies, and easily incorporate revised standards.
•
•
Coordinate Your Security Defenses
McAfee Security Management offers proactive risk management, integration with business operations, and security defenses coordinated across dynamic enterprise infrastructures. Now security goes wherever your employees go. Regardless of the device, application, network, or database, McAfee protection is there.
Security management for systems, networks, data, and compliance McAfee ePolicy Orchestrator (McAfee ePO) Risk management McAfee Risk Advisor McAfee Vulnerability Assessment SaaS (with McAfee SECURE module option) McAfee Vulnerability Manager McAfee Vulnerability Manager for Databases Streamlined compliance McAfee Change Control McAfee Change Reconciliation McAfee Configuration Control McAfee Database Activity Monitoring McAfee Integrity Control McAfee Integrity Monitor for Databases McAfee PCI Certification Service McAfee Policy Auditor McAfee Total Protection for Compliance The above products appear in alphabetical order in the pages that follow. Visit www.mcafee.com/securitymanagement for the latest information.
94 99 101 102 103 90 91 92 93 95 96 97 98 100
SECURITY MANAGEMENT
89
McAfee Change Control
Stay in control with comprehensive change policy enforcement How often has an unapproved or untimely change brought down a key system? Unauthorized or untested changes may cause 80 percent of unplanned system downtime. McAfee Change Control prevents unauthorized changes by providing realtime visibility into modifications and delivering technology-based policy enforcement. McAfee Change Control continuously tracks and validates every attempted change to your IT infrastructure. It improves accountability and eliminates violations that affect compliance or cause outages — while lowering IT costs. Real-time network visibility McAfee Change Control alerts you to changes on servers, databases, and network devices, including switches, routers, and firewalls. It instantly detects changes as they are made, logging modifications in an independent change database. If it blocks an unauthorized change, it immediately makes a record of the attempt. Complete policy enforcement As insider threats rise, many organizations are eager to block unwanted changes and improve accountability for privileged insiders, including employees and outsourced IT contractors. This software lets you enforce change policy according to time window, source, or approved ticket. Improved compliance with SOX and PCI DSS Unauthorized changes can violate policies, leading to costly network outages and material weakness in compliance standards. McAfee Change Control provides categorical management over your complete IT infrastructure, enabling those who process credit card transactions to fulfill and validate PCI and SOX requirements efficiently and cost-effectively. Strengths
•
Real-time visibility and alerting across servers, databases, and network devices Instant file integrity monitoring lets you quickly identify where policies are being challenged Prevents unauthorized changes, violations, and outages before they occur Eliminates costly manual efforts to track and account for changes Easily integrates with change management, data center automation, and configuration management database solutions
•
• • •
90
SECURITY MANAGEMENT
McAfee Change Reconciliation
Automate change policy and ensure effectiveness Most IT organizations recognize the impact of change on their operations and have invested in change management, data center automation, or a service desk. But often a gap remains between actual activity and the documented change management process. McAfee Change Reconciliation operates in concert with McAfee Change Control to correlate changes made on servers to the change tickets documented in existing ticketing systems. It integrates with popular change management systems and configuration management databases to reduce the cost of compliance, increase availability, and improve information technology infrastructure library (ITIL) processes. Cost-effective compliance and change validation McAfee Change Reconciliation verifies deployment of approved changes and identifies, groups, and documents unapproved or unticketed changes, such as emergency changes, with high accuracy. It automatically validates changes corresponding to an approved and implemented request for change (RFC) based on the identifying hostname or configuration item, actual start time, actual end time, and username. After reconciliation, the RFC is updated with detailed information about the change. To help minimize differences between staging and production environments, the software can track changes on staging environments and create a manifest ticket for use in production implementations. Integrations help create closed-loop change management When deployed with McAfee Change Control, McAfee Change Reconciliation can be configured to prevent any unauthorized changes to the infrastructure. For instance, you might allow a change only if there is an approved RFC and the time of change is between the scheduled start and end time. HP uCMDB and BMC Atrium integrations place comprehensive real-time change data into the CMDB. McAfee also integrates with both default and customized installations of HP ServiceManager, HP Release Control, and BMC Remedy and supports integration with custom workflows. Strengths
• • •
Reconciles actual changes to approved, ticketed change requests Automatically creates new tickets for unticketed changes Creates tickets for changes made to staging environment, reconciles the ticket with production environment changes, and offers exception reporting
SECURITY MANAGEMENT
91
McAfee Configuration Control
Get in control and stay in control, with continuous compliance For enterprises that must adhere to multiple compliance standards or strict regulations, constantly maintaining and achieving compliance in dynamic environments is both tricky and expensive. McAfee Configuration Control offers a cost effective means to automate and enforce individualized or standard compliance configurations. Through the three steps of Audit, Control, and Enforcement, you can achieve continuous compliance while dramatically cutting audit preparation, time, and costs. Beyond saving you time and money on audit activity, it goes farther to block unauthorized changes and limits the liability and costs associated with ad hoc changes that may affect performance, availability, or security. Achieve compliant configurations and enforce policy with ease Through unique IT controls and automated assessments, we help you obtain continuous compliance. With a flexible and easy-to-use interface, you can quickly create your own IT compliance standards as well as address external requirements — without being an expert. Alerting with policy enforcement provides the notification of changes that could jeopardize compliance. It also limits changes to predetermined time windows, trusted sources, or approved work tickets. You have control and can stop drift from corporate policy. With this one solution, you meet prescribed compliance requirements for unauthorized change alerting and configuration assessment reporting. Profiles let you focus on what is critical for you to monitor, with dashboards making it easy to keep watch and track. Scheduled, automated audit and compliance reports can provide internally or externally defensible proof of continuous compliance across your environment. Strengths
•
Controls integrity of your systems with continuous tracking and alerting of events that could compromise security or lead to noncompliance Enforces a centralized or enterprise change policy so that only validated, authorized changes are executed Minimizes risk by controlling system change and configurations to ensure the highest level of security, reliability, and compliance Leverages your investment in McAfee ePolicy Orchestrator and other enterprise software
•
•
•
92
SECURITY MANAGEMENT
McAfee Database Activity Monitoring
Automated database protection Organizations store their most valuable and sensitive data in a database, but perimeter protection and basic security provided with the database may not protect this asset from sophisticated hackers or rogue insiders. Research shows that more than 92 percent of records breached involved a database, with more than 87 percent based on exploits requiring significant technical skills.¹ McAfee Database Activity Monitoring automatically finds databases on your network, protects them with a set of pre-configured defenses, and helps you build a custom security policy for your environment — making it easier to demonstrate compliance to auditors and improving protection of critical data assets. Total visibility into database compliance With McAfee Database Activity Monitoring, you gain visibility into all database activity, including local privileged access and sophisticated attacks from within the database. Audit trail reports are available to meet SOX, PCI, and other compliance audit requirements. An audit trail aids post-incident forensic analysis to understand the amount of lost data or malicious activity. Virtual patching protects against extreme database threats Applying missing patches and fixing misconfigurations found by the vulnerability scan will enable you to improve the security posture of your databases immediately. Since database patch deployments require downtime, a luxury not available to most mission-critical databases, McAfee Virtual Patching technology can protect even your unpatched databases against zero-day attacks by blocking attacks that exploit known vulnerabilities. It also shields applications that use older releases of the databases for which patches are no longer provided. McAfee Database Activity Monitoring cost-effectively protects your data from threats by monitoring activity locally on each database server and by alerting or terminating malicious behavior in real time, even when running in virtualized or cloud computing environments. It can also enforce policies by terminating sessions that violate security policy. Strengths
• • •
Protects unpatched databases against zero-day attacks Real-time monitoring alerts can spark immediate response Intrusion prevention terminates suspicious sessions and quarantines malicious users, allowing time for the security team to investigate Monitors threats from all sources, including network and application users, local privileged accounts, and attacks from within the database itself
•
1 Verizon Business Study, 2010.
SECURITY MANAGEMENT
93
McAfee ePolicy Orchestrator (McAfee ePO)
Intelligent security and compliance optimization Over 35,000 customers use McAfee ePolicy Orchestrator to manage nearly 60 million PCs and servers, making it the world’s most deployed and respected security and compliance management technology. A cornerstone of the McAfee Security Management Platform, McAfee ePO brings together information and processes to create intelligent security that is automated and actionable. With McAfee ePO, you can make quick, effective decisions. You can reduce operational costs with advanced reporting and policy assignment functions. Every efficient response improves threat protection and compliance management. Integration for quick problem identification and action To help you get answers about infections and threat events faster, McAfee ePO integrates system, data, network, web, and email protections. It streams threat and vulnerability information into a central management hub for a single, correlated set of threat events. When the integrated display shows you need to investigate, it also helps you respond quickly. From the management dashboard, you can just select a system or group and immediately launch a task. Achieve operational efficiencies and business benefits McAfee ePO unifies security management across the enterprise with an open architecture that streamlines reporting, incident response, and compliance processes. Compared to old-style point solutions, this approach dramatically simplifies installation and maintenance of protections and their rules and policies. It eliminates the system impact of multiple agents and the decision inefficiencies of multiple consoles. When policies need to adjust as threats and regulations change, updates are quick, accurate, and consistent. For the big picture, McAfee ePO correlates threats, attacks, and events across endpoint, network, and gateway protection tiers, and then factors in data usage and compliance information. This consolidation supports more relevant and efficient operational and compliance processes. The savings can be material. According to third party research, customers manage more nodes with less hardware in less time. Open for innovation McAfee ePO has an open architecture that helps advance next-generation security and compliance innovations. Members of the McAfee Security Innovation Alliance (SIA) develop new use cases and integrations to make it easier for you to oversee your infrastructure. For example, a partner might link its real-time monitoring and threat detection with McAfee incident response and compliance reporting. You leverage your McAfee ePO investment for a united view and audit trail of actions.
94 SECURITY MANAGEMENT
McAfee Integrity Control
Protect fixed-function systems from unauthorized applications and changes Vertical segments such as retail, healthcare, and industrial control face a barrage of unknown software from the web and intensifying compliance and regulatory scrutiny. It’s crucial to ensure only trusted applications run on high-value fixed-function devices, such as point-of-service (POS) systems, automated teller machines (ATMs), medical imaging systems, kiosks, and process control systems. Unauthorized applications or changes affect service availability, introduce malware, and present compliance violations and risk. Combining industry-leading whitelisting and change control technology, McAfee Integrity Control provides an effective, lightweight way to block unauthorized applications and changes on fixed-function point-of-service systems and devices. It enables real-time change detection, accountability to validate change activity, and change prevention against unwanted activity. Dynamic whitelisting and policy enforcement with low TCO Our solution blocks unauthorized, vulnerable, or malicious applications that can compromise the integrity of systems. A dynamic whitelisting trust model keeps systems tightly secured, yet allows for authorized updates or changes from administrator-defined trusted sources. The software eliminates the manual, costly support associated with other whitelisting technologies, as it needs no databases, rules, or updates. McAfee Integrity Control also includes change control to block unwanted, out-of-policy changes before they occur. Protection links directly to policy, and you can verify changes against the change source, time window, or approved change ticket. We block changes attempted outside of policy, log the change attempt, and notify administrators. We also catch transient violations, where changes are later reversed. This control slashes change-related outages and policy violations. Monitor file integrity and changes in real time Continuous file integrity monitoring (FIM) watches files and directories for changes to content, permissions, or both. It reduces risk, cuts overhead caused by scan-based monitoring, and is essential for verifying security or meeting compliance requirements such as the Payment Card Industry Data Security Standard (PCI DSS). Strengths
• • • •
McAfee ePO eases agent deployment, management, and reporting Provides data about every change, including the user and program used Transparent operational footprint suits compact, fixed-function systems Eases compliance with PCI regulations
SECURITY MANAGEMENT 95
McAfee Integrity Monitor for Databases
Improved visibility into your database security posture while meeting compliance requirements Compliance regulations demand that organizations have proper controls over sensitive data, including financial information and customer personally identifiable information (PII). This content is typically stored in relational databases, but complex configuration of these systems coupled with difficulty in monitoring privileged access make it a challenge to demonstrate consistent protection. McAfee Integrity Monitor for Databases tests systems for common configuration vulnerabilities, monitors changes to these settings, and helps you build a custom security policy to audit access to your sensitive data — providing visibility into dangerous configuration changes and making it easier to demonstrate compliance to auditors. Saves time and money through fast deployment and an efficient architecture With McAfee Integrity Monitor for Databases, organizations gain visibility into important configuration parameters for database servers, as well as any changes to these settings that could influence data security, capturing the information necessary to meet compliance requirements. McAfee Integrity Monitor for Databases is the easiest, most cost-effective solution to deploy for evaluating and monitoring the security of systems storing sensitive information. It can be up and running quickly, without affecting existing operations or performance, and offers a simple upgrade path to more advanced capabilities as needed. Strengths
•
Deploys on the IT infrastructure you prefer: installed non-intrusively on physical servers, provisioned along with the database on virtual machines, or deployed remotely on cloud servers Minimizes risk and liability with real-time notification of any configuration changes that affect security Tracks activities such as logons, logoffs, user/role creations, password changes, and more, and monitors database schema changes and data changes Centralized deployment and management through McAfee ePO Low overhead operation allows you to monitor comprehensively, without an impact on performance
•
•
• •
96
SECURITY MANAGEMENT
McAfee PCI Certification Service
PCI peace of mind from the world’s largest dedicated security company and PCI-approved scan vendor All organizations that capture, process, or store credit card data must demonstrate proof of compliance with PCI DSS. The McAfee PCI Certification Service provides step-by-step guidance and real-time analysis of compliance status, so that companies can successfully navigate and complete the PCI DSS requirements. Tens of thousands of organizations around the world trust McAfee to audit their PCI compliance. The McAfee PCI Certification Service includes quarterly and on demand scanning, remediation assistance, technical support, the self-assessment questionnaire, and a certificate of compliance. The service is completely web-based, with Software-as-a-Service provisioning and no hardware or software to deploy, install, or maintain. Simple, reliable, and affordable compliance Working directly with Visa International, we developed an accurate, easyto-use service that makes PCI compliance more affordable and more reliable for organizations of all sizes. Merchants can quickly meet all requirements with confidence. Our portal makes it easy to complete your self-assessment questionnaire, review quarterly vulnerability scans, launch on-demand scans to retest as needed, and even generate the necessary PCI compliance reports and documentation. The McAfee PCI Certification Service includes IP address scanning, assistance and recommendations to help you meet requirements, and extensive technical support. This full-service PCI compliance service is suitable for organizations with fewer than 6 million payment card transactions per year (PCI merchant levels 2, 3, and 4). Strengths
• •
Easy-to-use Software-as-a-Service Self-assessment questionnaire selection wizard and unlimited technical support Automatic quarterly scans help you continue to demonstrate compliance Quarterly and on-demand scanning includes dynamic port scanning, port-level network services vulnerability testing, and web application vulnerability testing Generates PCI compliance reports that are ready to submit
• •
•
SECURITY MANAGEMENT
97
McAfee Policy Auditor
Get in control, prove compliance by automating the IT audit process These days, it is not enough to be compliant. It is critical to show it with a high degree of accuracy — a daunting and time-consuming task. You spend an inordinate amount of time and effort manually collecting data, mapping IT controls to policy, and auditing devices — especially your mission-critical servers — to identify policy violations and noncompliant systems. You need an efficient and accurate alternative. McAfee Policy Auditor simplifies the process of demonstrating compliance. It automates manual audit processes and increases efficiency. Its proven agent, extensive support for content standards, and transparent integration with McAfee ePolicy Orchestrator mean accurate, efficient audits, every time. By mapping IT controls against predefined policy content, McAfee Policy Auditor enables you to produce consistent and accurate reporting against internal and external policies. Get proactive about compliance McAfee Policy Auditor delivers automated policy auditing of managed assets. You can proactively define, measure, and report on the compliance of information systems based on industry, regulatory, and corporate security policies, as well as standards and frameworks. Predefined templates include ISO 27001, COBIT, FISMA, FDCC, HIPAA, SOX, GLBA, and PCI DSS. Built on open standards and SCAP-validated, it enables you to import authoritative templates, such as FDCC, and audit for compliance to that standard within minutes. Integrated for investment protection Use McAfee Policy Auditor with McAfee ePO to consolidate security management and compliance management, easing agent deployment, management, and reporting. Pair McAfee Policy Auditor with McAfee Vulnerability Manager to run consolidated audits across both managed (agent-based) and unmanaged (agentless) systems. Strengths
• • • • •
Fast, automated import of industry benchmarks through SCAP standard Real-time audit model and blackout window reduce business disruption Automation saves hours and days of tedious tasks Builds confidence with external auditors Enables organizations to prove compliance consistently
98
SECURITY MANAGEMENT
McAfee Risk Advisor
Take the guesswork out of securing your environment What happens when you face an out-of-cycle patch, such as Stuxnet? Does your team have to scramble to test and apply patches? As you evaluate risks, how do you know where to invest your time and resources? Most organizations rely on error-prone, manual assessments to guide their security efforts. McAfee Risk Advisor takes the guesswork out of protecting critical assets by proactively correlating threat, vulnerability, and countermeasure information. It pinpoints critical assets in need of immediate attention to let you direct security efforts, while demonstrating the positive impact of deployed security products. Its insight pays off in improved operational efficiency, reduced cost, and an optimized security posture. Comprehensive risk assessment, real-time visibility, and patch optimization Through correlation and analysis, McAfee Risk Advisor provides detailed, realtime information about a threat, its severity, and the risk it poses to specific assets. “At Risk” and “Not at Risk” views of all the assets in your environment enable you to see quickly which assets are threatened, then drill down for actionable details. To help reduce the frequency and cost of patching, the dashboard provides recommended countermeasures, links to threat discussion groups and notices, various risk-scoring methods, and a list of affected applications. You learn how threats affect regulatory mandates so you can balance your business objectives with the right amount of security. Simplified management and compliance McAfee Risk Advisor integrates with McAfee ePO for easy, cost-effective management from a single, web-based console. “Not Vulnerable” reports and threats filtered by regulation cut the time it takes to satisfy auditors. Automated threat correlation and real-time updates from McAfee Labs and tight integration with core McAfee products combine to deliver the highest level of security and improve operational efficiencies. Strengths
•
Replaces manual tasks with real-time risk assessment to focus efforts on at-risk assets Reduces the cost and time associated with patching Demonstrates measurable ROI for existing security products Leverages centralized dashboard and integrated, real-time threat updates to improve situational awareness
• • •
SECURITY MANAGEMENT
99
McAfee Total Protection for Compliance
Unified IT policy auditing and risk management For many organizations, keeping pace with new requirements, more controls, and changing guidelines means deploying multiple technologies for managing IT audit cycles and sustaining compliance. McAfee Total Protection for Compliance makes compliance easy with the industry’s first integrated solution for vulnerability management, compliance assessment and reporting, and comprehensive risk management. Using McAfee ePolicy Orchestrator (McAfee ePO) as the single deployment, management, and reporting platform, it integrates McAfee Vulnerability Manager, McAfee Policy Auditor, and McAfee Risk Advisor. Through both agent-based and agentless technology, it audits, assesses, and reports across managed and unmanaged systems, dramatically reducing IT audit time while managing risk more effectively. Comprehensive coverage and proactive risk management The combination of agent and agent-less scans mean we assess every system for compliance with regulations, standards, and best practices. This comprehensive model lets you use the most effective technology for the architecture you have. Leveraging McAfee ePO and McAfee Risk Advisor, you can combine threat, vulnerability, and countermeasure information to proactively pinpoint assets that are at risk to threats. It takes the guesswork out of when and where to focus your security efforts — saving you time and money. If your environment has 3,000 systems, for instance, you can discern the 30 systems that are at risk and vulnerable to a specific threat. McAfee Global Threat Intelligence keeps threat and vulnerability data updated, nonstop. Simplified compliance McAfee Total Protection for Compliance reduces the number of point products needed to achieve the results and reports auditors demand, while eliminating manual processes throughout the risk management and audit lifecycle. For instance, administrators and auditors can use a single workflow and policy environment for policy definition, asset identification, and consolidated reporting. As you prepare for audits, just import industry-standard content and tailor policies and checks for your needs, applying policy benchmarks across many different asset types. Strengths
• •
Accurate risk analysis and prioritization shrink the noncompliance window Deep policy assessments on hosts, plus network audits of policy settings for account, file, network, and system access Assessments and reports for SOX, FDCC, FISMA, HIPAA, PCI DSS, and more
SECURITY MANAGEMENT
•
100
McAfee Vulnerability Assessment SaaS (With McAfee SECURE module option)
The world’s network perimeter security standard Protect the perimeter, and you will defend your organization, brand, and customers from hackers, data breaches, spyware, popups, browser exploits, and phishing. To help organizations around the world achieve this peace of mind, we integrated complementary security technologies into a single service. McAfee Vulnerability Assessment SaaS leverages our widely used vulnerability scanning technology that currently helps protect more than 80,000 sites. We combine this with security data gathered by continuously crawling the web, searching for and identifying sites harboring malicious code, such as browser exploits and spyware. The service helps you identify potential security issues through real-time insight into the security status of your network perimeter, prioritize and delegate your remediation responsibilities, and even demonstrate ROI. It provides transparent objectivity by continually benchmarking and certifying your network perimeter security status to widely adopted independent data security standards including the McAfee SECURE™ certification and PCI. Easy startup and no hardware or software to install or maintain This web-based service runs entirely from our McAfee network. It requires no installation, no hardware purchases, no software development, no security expertise, and no special training to use. McAfee provides automated network security audits combined with an interactive, highly customizable vulnerability management portal. McAfee Vulnerability Assessment SaaS also includes a simplified, easy-to-use system perfectly suited to any organization that needs to successfully and confidently complete the steps necessary for PCI (merchant level 2 – 4) certification. Compliance holds other benefits. As long as you remain compliant with the McAfee SECURE standard, you have the option of promoting your certified security to visitors by displaying the McAfee SECURE trustmark on your site. Strengths
• •
Software-as-a-Service delivery model cuts start-up time and eliminates costs Accurate, customizable daily audits for latest web application and network perimeter vulnerabilities Includes technical and PCI DSS compliance support to ensure the resources you need to certify your PCI DSS compliance Continual benchmarks of your real-time security against the PCI and McAfee SECURE standards, with meaningful reports to guide action Lets you promote your trustworthy status with the McAfee SECURE trustmark
SECURITY MANAGEMENT 101
•
•
•
McAfee Vulnerability Manager
Evaluate 100 percent of your network 100 percent of the time When scanning for vulnerabilities, coverage counts. Protect your business against changing risks with the industry’s most flexible, scalable, and comprehensive solution. Thousands of organizations rely on McAfee Vulnerability Manager, from organizations with a few hundred nodes to one continuously scanning over four million IP addresses. Find and fix fast, with less stress McAfee makes it simple to implement reliable scanning, beginning with installation. Within minutes, you start your first scan and automatically discover assets. Since we integrate directly with enterprise user and asset management tools, you can maintain one repository for asset data and design scans based on groups and other tags. Four times more content checks for comprehensive coverage Our risk-based approach combines thorough, broad scanning coverage with vulnerability, asset data, and countermeasures to help you make informed decisions. We make system and application-level assessments that include database banners, policy settings, registry keys, file and drive permissions, running services, and tests for more than 450 operating system versions. Real-time threat feeds and correlation data help you determine how emerging malware and vulnerabilities affect your risk profile, guiding you to deploy resources efficiently. Support for custom scripts and checks, integrations with McAfee and third party products, and an open programming interface let you merge McAfee Vulnerability Manager into your entire IT security operation. As you work, tailor scans and reports with virtually unlimited flexibility. We present conclusive evidence — such as expected and actual scan results, any systems not scanned, and any failed scans — to show that specific systems are “Not Vulnerable,” an increasing audit requirement. Our portable option lets you scan isolated networks and bring back results for aggregated reporting. Strengths
•
Ultimate flexibility in reporting, scanning, and deployment, including air-gapped networks Unmatched scalability, vulnerability coverage, and scanning accuracy Unrivaled data integration with homegrown and third party applications Unprecedented response to threats via McAfee Global Threat Intelligence Unique capability to prove assets “Not Vulnerable” to threats
• • • •
102
SECURITY MANAGEMENT
McAfee Vulnerability Manager for Databases
Protect your network databases from threats Few assets merit stronger protection than your databases. They are home to your sensitive and regulated data, enabler of your business workflows, and the hub of 24/7 employee and partner activities. McAfee Vulnerability Manager for Databases evaluates risks from all known threat vectors and provides concrete tools and expert recommendations to remediate them. By improving your visibility, McAfee Vulnerability Manager for Databases reduces the likelihood of a damaging breach. It also cuts cost by preparing you for audits. Clear visibility into database vulnerabilities and your risk posture McAfee Vulnerability Manager for Databases automatically discovers databases on your network, determines if the latest patches have been applied, and starts looking for potential problems. It conducts more than 3,000 vulnerability checks — including weaknesses such as weak passwords and default accounts — against databases including Oracle, SQL Server, DB2, and MySQL. Actionable risk evaluation and efficient reporting Some products overwhelm with a myriad of minor threats, drowning you in data and disguising the truly critical issues. Instead, the comprehensive McAfee Vulnerability Manager for Databases inspects from all known threat vectors and organizes the results to expedite processing. It clearly classifies threats into distinct priority levels with relevant remediation recommendations and fix scripts where practical. Use the familiar McAfee ePO platform to get centralized reporting and summary information for thousands of databases from one consistent dashboard. Out-of-the-box regulatory compliance reports allow you to fulfill obligations for PCI DSS and other regulations. Or, you can tailor reports for specific stakeholders such as database administrators (DBAs), developers, and InfoSec users. Strengths
•
Performs more than 3,000 checks, reporting on criteria such as version/ patch level, changed objects, modified privileges, and forensic traces Provides practical remedy advice and solutions Tests and reports on real issues, rather than generating long, cryptic reports Creates outputs based on stakeholder needs to suit audiences including DBAs, developers, and IT security
• • •
SECURITY MANAGEMENT
103
104
SECURITY MANAGEMENT
Support and Services
McAfee Support and Services
If you find yourself constantly reacting to events or mired in day-to-day activities, the McAfee Support and Services team stands ready to help. We work with you to move your Security Connected infrastructure from reactive to compliant, from proactive to optimized. Our experts help prevent issues, train teams, tune installations, and apply best practices. Your organization can reduce its workload and gain back time to manage risk proactively. We can help there, too, with best practice-based program development.
Select the Help That Matches Your Organization
Tailor your technical support to get help fast, and then add in relevant services to be prepared and respond effectively.
•
McAfee Corporate Support—Define your own technical support experience with our à la carte software and hardware support programs. See the comparison chart in this section for details. McAfee Solution Services—Realize the full value of your McAfee solutions. We help you assess, design, implement, and optimize your security—all based on best practices and tools that ensure comprehensive protection, minimize risk, and maximize your return on investment. McAfee University—Learn the real-world skills you need to effectively fight today’s attacks and tomorrow’s threats. McAfee University combines hands-on experience with expert instruction so you can get the most from your McAfee security products. Foundstone® Professional Services, a division of McAfee— Build a strong foundation for long-term security. Drawing from our deep and broad experience, our experts address security issues from both a business and technology perspective to deliver measurable protection for your business. Foundstone Education—Give your in-house security team the tools and methodologies they need to defend your business. Foundstone combines interactive classroom demonstrations with hands-on labs. You leave armed with a real-world understanding of how to address critical security issues.
•
•
•
•
Support and Services
McAfee Corporate Support
Keeping you secure For your business to thrive, your network and systems must remain secure. Today’s threat environment is constantly changing, and your defenses need to adapt to these new threats. Security is not just about the purchase of a product. It is about that product constantly keeping your business protected. To ensure our customers remain secure, McAfee includes McAfee Gold Business Support as standard, constantly providing updates and upgrades to our products, backed up by 24/7 support. Regardless of when you need assistance, McAfee is there to help. We also help minimize the internal costs of supporting security. McAfee emphasizes proactive and pre-emptive support, notifying its customers of new threats and product updates that increase protection and enable best practices. Enterprise customers are encouraged to leverage McAfee Platinum Enterprise support offerings. Additional resources can work directly with your IT team, preventing issues before they occur and remediating complex issues quickly if they do. McAfee Gold Business Support brings big benefits Because threats from other countries occur during their business hours, not yours, McAfee customers can access an expert in less than 5 minutes, around the clock. You will find highly trained and certified security specialists and get the right information, support, service skills, and replacement parts that you need. McAfee support options include:
• • • • • • • • •
Daily product updates for the latest threats Product upgrades Alerts and remediation actions on the latest threats Analysis on latest malware trends Online product evaluation environments Video and best practice guides Automated issue analysis and remediation tools Direct access to McAfee experts regardless of problem severity Unlimited access to support
SUPPORT AND SERVICES
107
McAfee Premium Support Offerings
Tailored solutions to meet your needs As you consider your organization’s risks and support requirements, you can choose from several levels of increasingly personalized attention. Product Specialists Multisite environments with hundreds of employees often invest in McAfee Product Specialists whose higher level of training and experience helps them identify and resolve complex issues faster. Support Account Managers Predictive support from an assigned McAfee Support Account Manager helps you address issues before they become a problem, saving your resources, time, and money. A single McAfee point of contact for case management ensures that you are constantly protected. Resident Resources The deepest understanding of a company’s environment comes from a McAfee expert physically located at your facility. Your onsite expert ensures pre-emptive guidance and rapid hands-on support.
108
SUPPORT AND SERVICES
McAfee Corporate Technical Support Program Comparison
Choose the level of support you prefer Your company is unique. That’s why we offer multiple programs to meet your needs.
PLATINUM ENTERPRISE SUPPORT PLATINUM GLOBAL ENTERPRISE SUPPORT PLATINUM LARGE ENTERPRISE SUPPORT PLATINUM RESIDENT ENTERPRISE SUPPORT
FEATURES AND OFFERINGS Daily product updates (such as .DATs, engines) Product upgrades Malware alerts with remediation analysis Malware analysis service Malware trend podcasts and blogs Chat, web, and phone support with remote desktop control 24/7 phone support (normally under 5 minutes to expert) Automatic diagnostic and remediation tools Best practice videos and guides Online product test environments Product Specialists Direct Access to Specialists for all your products Enhanced escalation strategy Enhanced SMS alerting services Authorized contacts Assigned Support Account Manager Product planning and protection analysis Regular case and business reviews Risk assessments Technical onsite visits Emergency onsite assistance Global Account Management Scheduled calls with McAfee Labs and Product Management
• • • • • • • • • •
GOLD ENHANCED BUSINESS SUPPORT
GOLD BUSINESS SUPPORT
• • • • • • • • • • • • • •
5
• • • • • • • • • • • • • •
10
• • • • • • • • • • • • • •
25
• • • • • • • • • • • • • •
20
• • • • • • • • • • • • • •
Resident Resident
• • • • •
Up to 2
• • • • • • •
• • • • • • • •
• • •
Resident Resident
• •
Look for detailed information on McAfee support programs at www.mcafee.com/support.
SUPPORT AND SERVICES
109
McAfee Solution Services
Quickly realize the full value of your McAfee security solution Deploying new solutions can be challenging for any organization. Whether your company has fifty or five million nodes, McAfee Solution Services can help you improve time to value, maximize your security, and reduce risk. Many customers using our Quickstart program cut support cases by thirty percent — savings that turn into more time for other priorities. We specialize in the deployment and delivery of McAfee solutions, both standalone and integrated. Our worldwide team of architects and consultants works closely with McAfee support and development organizations to apply the full talents of the McAfee organization to your needs. Reduce risk McAfee Solution Services help you avoid system downtime that can damage your bottom line. Investing in the planned deployment of a centralized security solution can not only reduce risk but also minimize your operational costs. Faster time to value Through our proven deployment methodology, customers can reduce delays in product installation resulting from the initial learning curve of new technologies, as well as costly problem diagnosis and remediation. Our experience enables faster product migration so your investments deliver their full value as quickly as possible. Strategize, plan, design, implement, operate, and optimize The six stages of the McAfee methodology leverage the best current security practices including ISO, ITIL, and PCI standards. We help ensure that your security investment supports the best security posture, while minimizing total cost of ownership and risk. As no two organizations have exactly the same environment, McAfee provides a wide range of custom services tuned to each company’s specific needs.
• • • •
Custom services Standard engagements Express packages Security Quickstarts for midsize businesses
For more information on these tailored engagements, please contact McAfee Solution Services: www.mcafee.com/us/services/ solution-services.
110
SUPPORT AND SERVICES
McAfee University
Expert instruction for McAfee security products Learn the real world skills you need to effectively fight today’s attacks and tomorrow’s threats. McAfee University combines hands-on experience with expert instruction, so that you can get the most from your McAfee security products. McAfee University has both online and traditional classroom training programs to suit the needs of any size business. McAfee classroom training McAfee University provides onsite, instructor-led training allowing for a practical, hands-on experience that maximizes the value of your investment in McAfee solutions. McAfee provides this training around the globe, either as “public classes” where any student may register and attend, or as “private classes” given to individual organizations. For more information visit www.mcafeeuniversity.com. McAfee University online training Experience classroom-level training without the need to travel, through McAfee University Online courses. McAfee hosts streaming video and online virtual environments that you launch on demand to fit your schedule. This convenient approach saves time and travel costs while providing the training you need. A wide range of courses is available at the click of a mouse. Visit the online course catalog at www.mcafee.com/university_online. McAfee customer certification program Demonstrate your knowledge and experience on key McAfee products and McAfee Foundstone penetration testing skills by becoming a McAfee Certified Product Specialist or a McAfee Certified Assessment Specialist. Get certified now and help your company stay secure from the latest threats, while increasing your knowledge and expanding your career opportunities. The process is simple. The McAfee Security Certification Program allows you to select a certification track based on either McAfee products (McAfee Certified Product Specialist) or a McAfee Foundstone penetration testing skill area (McAfee Certified Assessment Specialist), in a variety of security-related categories. Graduates of appropriate McAfee or Foundstone courses and other qualified candidates can test at any of 5,000 global testing locations. For more information, email the McAfee Security Certification Program at [email protected].
For more information, contact your McAfee salesperson or email McAfee Training at [email protected]
SUPPORT AND SERVICES
111
Foundstone Professional Services
Trust the experts Foundstone® Professional Services experts help you continuously and measurably protect your most important assets from the most critical threats. Through a strategic approach, Foundstone identifies and implements the right balance of people, process, and technology to manage risk and leverage security investments more effectively. Strategic consulting Fill the gaps in your information security program with trusted advice from McAfee Foundstone. We assess current policies, create new programs that meet compliance goals, and help you cost-effectively prepare for security emergencies.
•
Compliance — Get help meeting ongoing compliance requirements or building policies and procedures to meet evolving regulations Health checks — We evaluate your security status to pinpoint strengths, diagnose weaknesses, and recommend a strategic security road map Data loss prevention (DLP) — Your program can begin with discovery, policy, and procedure development and continue full leverage of tools Incident response and forensics — Our experts can respond quickly to a security breach, minimizing damage and downtime due to an attack. Our Advanced Persistent Threat (APT) health checks can ensure you have not been compromised by these targeted attacks. Program development — We help build policies and processes that tackle network and application vulnerabilities and educate employees enterprise-wide about information security
•
•
•
•
Technology consulting We can detail the immediate threats across your enterprise and recommend appropriate responses without a deluge of irrelevant data. Methodical tests and analysis help guide and optimize security investments.
•
Infrastructure assessments — We identify vulnerabilities and defend areas that present the greatest risk to your business. Foundstone expertise spans from penetration testing to modems, VoIP, and wireless tests. Software and application security services — Threat modeling, code review, and application penetration testing can identify software security problems in the early stages of development when they cost the least to fix. We also bring extensive experience testing devices ranging from mobile phones to tablets, as well as the “apps” that run on them.
•
For more information, visit http://www.mcafee.com/us/services/ mcafee-foundstone-practice.aspx.
112
SUPPORT AND SERVICES
Foundstone Education
Build the knowledge for effective defenses Foundstone provides a comprehensive security training curriculum designed to meet the needs of individuals, Fortune 1000 companies, academic institutions, and government organizations. Courses cover topics such as software security, network security, incident response, and forensics.
•
Ultimate Hacking series — Includes Ultimate Hacking, Ultimate Hacking: Web, Ultimate Hacking: Wireless, Ultimate Hacking: Windows, and Ultimate Hacking: Expert. These hands-on courses serve the goals of serious security practitioners in either offensive or defensive roles. Software Security series — Includes Software Security Essentials, Building Secure Software, and Writing Secure Code (available in C/C++, .NET, and Java). These classes will teach anyone involved in the software development lifecycle how to write secure code and are available in programming language-agnostic or language-specific versions. In-depth, subject-specific classes — Foundstone also offers classes in Forensics and Incident Response, as well as customized classes to fit your needs
•
•
All Foundstone courses combine interactive classroom demonstrations with hand-on lab exercises to reinforce critical security issues with real-world scenarios. This immersive experience arms students with the tools and methodologies to proactively defend against the latest security threats. Our instructors Some of the world’s foremost network security experts and developers of market-leading security technology teach Foundstone education and training courses. Instructors are noted experts, activists, advisors, and influencers on topics of national security, cryptography, privacy, Critical Infrastructure Protection, and Homeland Security issues, measures, and legislation. They have a broad range of expertise through work with leading IT and financial services companies and government agencies and are featured speakers at industry conferences. For more information, visit www.foundstone.com/us/education-overview.asp.
SUPPORT AND SERVICES
113
114
SUPPORT AND SERVICES
McAfee Alliances
In today’s world of sophisticated malware, targeted threats, and multistage attacks, security needs to be smarter, and it needs to be everywhere. Through alliances with the most relevant leaders in IT, McAfee security is being woven into the fabric of computing.
Alliances
Security Connected to Your Business— and Your Customers
Our extensible platform unites advanced security and management technologies with the most influential technology vendors in the world to help you optimize your IT security environment and reduce operational costs.
•
McAfee Global Alliances—Industry-shaping relationships ensure McAfee can help you take advantage of changing market dynamics and the rapid evolution at every technology layer from silicon to satellite McAfee Security Innovation Alliance (SIA)—This partner ecosystem uses cross-product integrations to maximize the value of your existing investments, reduce time to resolution, and lower costs; the “McAfee Compatible” symbol tells you a partner’s solution is integrated, tested, and ready to deploy with McAfee technology McAfee Connected—When you purchase products and services that meet the McAfee Connected specifications, you can reduce testing costs, simplify deployments, and increase overall confidence in your purchase decision McAfee OEM Alliances—McAfee expertise is at your service, placing industry-leading McAfee protection in a broad spectrum of existing and emerging products for endpoints, servers, data, and the network
•
•
•
Our technology footprint enables sensors at every layer of the technology stack to communicate, share intelligence, and secure your entire enterprise.
Alliances
McAfee Global Alliances
Innovative joint solutions and integrated services As technologies expand and evolve, threats change quickly, and security must keep pace. But few individual companies have the security know-how to match their innovations. That’s why leading vendors in every product category, from silicon to satellites, are making McAfee their partner of choice. With our Global Alliances, we work with select partners to create bundled or embedded security that runs seamlessly with each partner’s technology and within their service offerings. Only McAfee delivers industry-leading security in an extensible architecture, so integration is easy and efficient. And because McAfee is a full-spectrum security company, we offer each partner relevant expertise and capabilities in a one-stop security solution. Help where you need it most The Global Alliances program concentrates on seven areas central to an optimized security and compliance architecture:
•
Cloud Computing — McAfee works with leading telecommunication companies and service providers to deliver the industry’s broadest range of SaaS security solutions, including email, web, and endpoint security. Partners choose between a hosted delivery model managed fully by the partner, a co-located delivery model managed in partnership with McAfee, or a fully managed delivery model where McAfee manages the entire process. Through these high-value security services, partners are able to extend additional value to customers and prospects very quickly and affordably.
McAfee alliances help you implement advanced technologies to meet emerging security needs.
S
IO
ut
s
rc ou
in g
MS SP
IT Con sum eri za ti
d ifie tions Un unica m m Co
on
er s
Data Prote and Compl ction ian ce
e Manufactur
G LO B
AL
TH
REAT INTEL
it y
Se
r cu
Co n te
LIG
co Tel
Net
CE EN urit y Sec
mmunications / ISP
ng worki
nt
Network
Security Management
twar
nd
S of
io n
p oi
nt Secu
rit
y
at
E
R AT
EGIC F O C
US
Vi
ua
rt
liz
Cl
s
ou
ST
d
PC
M
an
M o b ilit y
uf
ac t
ure
rs
Sem
ico
u nd
ct
or
s
ALLIANCES
117
•
Data Protection and IT Compliance — In a business world where efficiency is everything, it no longer makes sense to see systems management and data security as separate endeavors. Instead, top systems management vendors and their customers are working with McAfee to build a bridge between systems and security. A systems integration partner, for example, might deliver IT operations solutions that include configuration and patch management and use the McAfee expertise and open architecture to make full-spectrum data protection an integral part of operations. IT Consumerization — With new devices and applications that enable employees to be more productive, and the acceptance of a virtual office work environment, the line between enterprise and personal has become blurred. McAfee solutions coupled with our alliance partner offerings enable companies to adhere to their corporate compliance policies, yet enable the flexibility that their employees desire. Mobility — As you give mobile users access to sensitive data and applications, McAfee mobility partners can help you secure your mobile workforce, ensure persistent policies and configurations, and deliver automatic and real-time compliance management. Turn to them for help conquering mobile enterprise challenges: user expectations of convenience, productivity, and privacy; the array of devices and network configurations that require support; and the risks associated with allowing these devices on your corporate network. Networking — The world’s leading network equipment vendors work with McAfee so you can rest assured that your networking equipment has been tested and qualified for the highest level of security in a proven environment. We offer three levels of integration, from interoperability testing and certification of combined products to bundled networking and security solutions to embedded best-of-breed security solutions built directly into the network equipment architecture. Unified Communications — McAfee helps unified communication partners address the growing need for enhanced security to protect the telepresence environment. These strong protections can also help IT managers in regulated industries from healthcare to financial services to lessen the burden of meeting compliance and reporting requirements. Virtualization — McAfee helps virtualization partners offer you the benefits of virtualization with complete, scalable security. McAfee MOVE provides a common way to develop across the hypervisor vendors, offload resource-intensive actions from the individual virtual machines, and optimize scheduling of these actions based on the state of the hypervisor. McAfee MOVE AV enables virus scanning to protect online and offline VMs. Other McAfee security products protect VM server farms, secure virtualized desktops, assess vulnerabilities, and identify risks as soon as they arise.
•
•
•
•
•
118
ALLIANCES
McAfee Global Alliance Partner Directory
Industry leaders teaming to secure your future McAfee and its Global Alliance partners are ready to provide you with better solutions that work better in your changing environment. Below are some of the relationships that are expanding our security footprint. View a complete, up-to-date list of partners at www.mcafee.com/global_alliances.
Adobe Adobe revolutionizes how the world engages with ideas and information — anytime, anywhere, and through any medium. McAfee and Adobe have a global alliance to jointly deliver new solutions that will offer more comprehensive security and allow customers to expand the reach of data protection beyond the enterprise boundaries. Together, we offer a joint solution that combines McAfee Data Loss Prevention’s (DLP) automated discovery of sensitive data with Adobe LiveCycle Rights Management’s persistent enforcement of sensitive data anywhere, anytime. This solution will help automate data protection for customers by applying a LiveCycle Rights Management policy (DRM) to documents that have been determined to be highly sensitive by the McAfee DLP classification system.
AT&T AT&T and McAfee have created a strategic partnership that allows both companies to utilize and benefit from each other’s leading technologies and services in order to deliver advanced security and application solutions with superior ease-of-use, protection, and cost-effectiveness to meet customers’ challenging business demands. AT&T is providing McAfee with state-of-the-art Global IP networking solutions, enabling McAfee to deliver security solutions and updates to its customers with scalability, reliability, and intelligence. McAfee is providing AT&T with advanced global threat intelligence technologies that help protect customers against the latest threats, enabling AT&T to offer innovative managed security solutions that do not require customers’ capital investment in management, maintenance, or infrastructure.
ALLIANCES
119
BMC BMC and McAfee have joined forces to build the industry’s first truly enterpriseready solution for automated policy compliance, spanning software, patches, service packs (for Microsoft Windows), power settings, configuration settings, remediation of vulnerabilities, and security policy. The integrated solution combines best-in-class technology from McAfee, through McAfee Policy Auditor, coupled with BMC’s proven client management technology: BMC BladeLogic Client Automation.
Brocade The McAfee and Brocade partnership provides an industry-leading networking and threat protection solution for business-critical enterprise environments. Proven to protect against known and emerging threats while meeting compliance and reporting objectives, a Brocade and McAfee solution delivers end-to-end assurance for enterprise networking and security. Brocade and McAfee have collaborated on a set of jointly designed, interoperable, integrated solutions developed specifically to address the networking security needs of enterprise customers from the edge to the core of the data center. These solutions integrate McAfee Firewall Enterprise, McAfee Network Access Control, and McAfee Network Security Platform (IPS) into Brocade’s network infrastructure equipment and management platform. Together, Brocade and McAfee provide an industry-leading networking and threat-protection solution for business-critical enterprise environments.
Citrix Citrix and McAfee have partnered to provide business continuity and regulatory compliance solutions with software created for securing data and applications via centralized IT management. The Citrix Ready program identifies trusted, third-party solutions that add the greatest value in the Citrix Delivery Center infrastructure. As a member of the Citrix Ready program, McAfee makes it easy for customers to identify complementary security products and solutions that can enhance their Citrix environments. Customers can be confident that McAfee system security and vulnerability management products have successfully passed a series of tests established by Citrix and can be trusted to work effectively with XenApp and XenDesktop. Citrix and McAfee collaborated on McAfee MOVE AntiVirus for VDI-based virtual desktops that centralizes all virus scanning and virus signature file updates, offloading processing-intensive actions from the individual VMs.
120
ALLIANCES
Cognizant Technology Solutions Cognizant and McAfee have partnered to provide enterprises the ability to optimize their security and compliance controls while reducing operational effort and costs. Cognizant’s Digital Security Practice provides services for an end-to-end Data Loss Prevention (DLP) solution deployment within an enterprise. This includes a phase-wise approach for assessment and policy definition, product implementation, and DLP policy monitoring service. The McAfee integrated data protection suite allows Cognizant to provide complete data protection for an organization, integrating DLP into encryption, authentication, and policy-based security controls within the enterprise, thus ensuring comprehensive protection based on a suite of products, rather than integrating point solutions. McAfee Governance, Risk, and Compliance (GRC) solutions allow Cognizant to holistically look into the compliance posture of an organization and recommend suitable controls to address gaps at an enterprise risk management level. The suite of solutions helps our customers by speeding implementation and response times.
CrossBeam Systems, Inc. McAfee and Crossbeam have partnered to deliver the most scalable applicationaware firewall in the industry. Designed to help large enterprises optimize and consolidate their security infrastructure, the combined solution, McAfee Firewall Enterprise for Crossbeam, features the McAfee next-generation firewall on the industry-proven Crossbeam X-Series security platform. The X-Series offers an open, high-performance architecture that easily provisions and scales multiple best-in-class security applications to meet the evolving threat landscape. McAfee Firewall Enterprise for Crossbeam delivers carrier-class security performance with scalability up to 40Gbps of real-world inspected traffic throughput as well as self-healing redundancy. The combined solution reduces the cost and complexity of security infrastructure by consolidating networking and security into one platform.
ALLIANCES
121
Dell Dell is a market leading system and services provider whose unique relationships with its customers provide a competitive advantage in the market. Dell’s breadth of products and solutions provide customers a total offering to their computer needs. McAfee and Dell partner together across all markets from innovative offerings geared to the consumer, to security protection capabilities for small and medium business, enterprise, and the public sector. The McAfee and Dell partnership provides customers the highest level of protection and cost efficiency. In the consumer line of PC products, we offer McAfee Security Center, which allows customers to have constant threat protection on their PCs or workstations. Together, McAfee and Dell empower customers to experience the web more safely, protect data, prevent disruptions, and continuously monitor and improve their security.
HP HP and McAfee work together to help organizations get ahead of evolving threats — and stay ahead — by securing more effectively and efficiently. As a team, we’ve applied enterprise expertise and broad security leadership to track down and eliminate the sources of IT risk, cost, and complexity. HP and McAfee offer integrated service delivery, integrated products, integrated management, and integrated reporting. The partnership directly connects the proven HP Converged Infrastructure, including the HP Secure Advantage security portfolio of products and services, to critical McAfee and third party security and compliance processes. By combining HP technologies and services with McAfee, enterprises gain end-to-end solutions that do a better job of addressing critical security challenges, improve risk management, and ease the path to compliance.
Intel McAfee works with Intel’s technology in many key areas: data protection technologies, security management, and system optimization. Intel is a leading technology platform company that develops advanced integrated digital technology platforms for the computing and communications industries. Intel offers products at various levels of integration, providing its customers and partners the flexibility to create advanced computing and communications systems and products. Intel’s products include chips, boards, software, and semiconductor components that are the building blocks integral to computers, servers, and networking and communications products.
122
ALLIANCES
Polycom Polycom and McAfee have partnered to jointly develop and deliver Secure Unified Communications and Collaboration. With security threats on the rise, Polycom and McAfee are taking a proactive approach to further enhance the security features of Polycom’s video, telepresence, and infrastructure solutions. Polycom plans to design solutions that feature McAfee threat protection, shielding Polycom telepresence users, from the desktop to the fully immersive suite, from potential and increasingly sophisticated security threats while making it easier to comply with privacy and confidentiality mandates.
Riverbed McAfee and Riverbed have partnered to deliver best-of-breed WAN optimization and branch office security on a single device. The McAfee Web Gateway Virtual Appliance and the Firewall Enterprise Virtual Appliance solutions can run on the Riverbed Services Platform that resides within the Riverbed Steelhead Appliance. The McAfee Firewall for Riverbed delivers best of breed, next-generation firewall capabilities including application and identity policy control, VPN, web filtering, encrypted filtering, and McAfee Global Threat Intelligence. The McAfee Web Gateway for Riverbed provides market-leading Web 2.0 security including inbound and outbound advanced web filtering, anti-malware, anti-virus, SSL scanning, and McAfee Global Threat Intelligence. With these joint solutions, customers minimize the hardware infrastructure footprint at the branch office and reduce operational overhead.
Verizon Verizon Business and McAfee have formed a global strategic alliance to provide integrated security solutions to businesses and government agencies worldwide. Together, McAfee and Verizon Business now offer a comprehensive portfolio of managed security services (MSS) to enterprises, leveraging the strength of Verizon Business MSS offerings and McAfee technology. Verizon Business also offers the full complement of McAfee enterprise security solutions to its diverse client base through Verizon’s customer premises equipment catalog.
ALLIANCES
123
VMware McAfee and VMware work together to help organizations secure their virtualized data centers and cloud infrastructures. These efforts include supporting VMware security technologies such as vShield, developing products such as McAfee MOVE AV that address specific virtualization security challenges, and ensuring McAfee products are compatible with VMware platforms. By working together, VMware and McAfee are helping customers reduce capital and operating expenses, ensure business continuity, strengthen security, and go green.
Look for our most up-to-date list of partners at www.mcafee.com/global_alliances.
124
ALLIANCES
McAfee Security Innovation Alliance (SIA)
Partnerships that extend the value of intelligent security Today’s security challenges require open, collaborative approaches to detect threats, reduce risk, and ensure compliance. The McAfee Security Innovation Alliance (SIA) technology partnering program
• •
Accelerates the development of interoperable security products Simplifies the integration of these products into complex customer environments Delivers solutions to maximize the value of existing investments, reduce time to problem resolution, and lower operational costs
•
Innovative integrations built on customer-driven use cases improve threat visibility and create powerful new security behaviors and workflows. For example, an SIA partner might link its real-time monitoring and threat detection with McAfee incident response and compliance reporting.
With over 100 vendors in various stages of integration, SIA has become the security industry’s premier technology partnering program.
Leaders leverage our extensible platform While many SIA partners integrate with McAfee ePO, the broad McAfee portfolio allows efficiencies and leverage at other integration points, such as McAfee Encrypted USB, McAfee Firewall Enterprise, and McAfee Vulnerability Manager. McAfee provides developer support and then performs compatibility testing. Validated SIA partner solutions receive the “McAfee Compatible” logo.
ALLIANCES
125
McAfee SIA Partner Directory
Create your trusted technology environment The SIA program enables an open, collaborative approach to detecting threats, reducing risk, and ensuring compliance. SIA partners are screened for leadership and innovation in their respective market segments. Each company begins as an Associate Partner. After completing McAfee integration testing for at least one use case, the partner is promoted to Technology Partner and their integrated product becomes “McAfee Compatible.” Selected Technology Partners that complement the McAfee product portfolio are invited to become Sales Teaming Partners and help large organizations achieve more complete security solutions. The chart below lists the McAfee Security Innovation Alliance Partners at the time this guide went to press, followed on the next few pages by details on our Sales Teaming Partners.
PARTNER MARKET CATEGORIES
ASSOCIATE PARTNERS
TECHNOLOGY PARTNERS
SALES TEAMING PARTNERS
Security Event and Log Management • Bridge security monitoring and incident response • Reduce costs by faster time to problem resolution • Simplify compliance lifecycle Application and Database Security • Manage application security risk • Protect applications against tampering • Secure databases against internal and external threats Theft and Forensics • Augment incident response with powerful forensics • Extend endpoint security to track and recover stolen laptops • Investigate employees suspected of wrongdoing Risk and Compliance • Measure enterprise-wide risk, consolidate reporting • Mitigate risk through targeted policies and controls • Track compliance with security metrics and scorecards
• • • • •
CorreLog NetIQ Novell S21sec Tier-3 Veracode
• •
HP Q1 Labs
• • • • • •
ArcSight eIQnetworks LogLogic LogRhythm NitroSecurity SenSage Application Security, Inc. Arxan Guardium Secerno Absolute Software AccessData HBGary
•
•
Sentrigo
•
• • •
• •
Mandiant Raytheon Oakley
•
•
Allen Corporation Guidance Software
•
• •
• • • • • • • • • • • •
Archer Technologies Courion Cyber-Ark Lieberman Software NetWitness NSSPlus OpenPages Overtis Quest Software Rev2 Networks SignaCert Tiversa
• • •
RedSeal Systems Skybox Security Telos
• • • •
• • •
Agiliance BDNA Centrify ClearPoint Metrics Infoblox Prevari Triumfant
126
ALLIANCES
PARTNER MARKET CATEGORIES
ASSOCIATE PARTNERS
TECHNOLOGY PARTNERS
SALES TEAMING PARTNERS
Authentication and Encryption • Prevent unauthorized access to sensitive data • Reduce risk through strong authentication • Support a range of smart cards and biometric options
• •
• • • • • • • • • • • • • • • • •
•
2e2 Assured Information Security Athena Authenex Avtor Buypass AS Buysec Ceedo Chicony CryptoTech DigitalPersona Hitachi Key Ovation PreciseBiometrics Sagem Orga Spyrus SUNZone SyferLock Toshiba America Information Systems Validity Novell
• • • • • • • • • • • • • • • •
Actividentity AET Aladdin Alcatel-Lucent Charismathics Gemalto HID Global Key Tronic Kobil Luxtrust Oberthur Passfaces SCM Vasco UPEK ZF Electronics
•
• • •
Absolute Identification MXI Security RingCube Voltage Security
Single Sign-On • Secure and seamless single sign-on experience to applications and other resources • Secures information access at the point of initial system boot • Eliminates multiple passwords Other Security, IT, and Services • Centrally protect both physical and virtual infrastructure • Track location and events for wireless assets • Reduce PC power consumption without compromising security • Coordinate data loss prevention with digital vaulting • Turnkey integration services for McAfee customers
•
• • • • • •
ActivIdentity Avencis Evidian Imprivata i-Sprint Passlogix Ciphent Pareto Networks
• •
MXI Security SecureAuth
• • •
• • • • • •
1E Altor Networks Autonomic Software DG Technology ForeScout Intrinsic SEP Software Sipera Systems StillSecure
• •
•
•
• • • •
AirPatrol Corporation AirTight Networks Catbird CommVault Insightix Verdiem
For the most up-to-date information, refer to www.mcafee.com/sia.
ALLIANCES
127
McAfee SIA Sales Teaming Partners
Driving more complete security solutions to large organizations All of the McAfee SIA Sales Teaming Partners highlighted in the next few pages offer proven McAfee Compatible solutions and work with McAfee to help maximize the value of your investments. For the most complete list of partners and their planned or completed integrations, please see the partner directory at www.mcafee.com/sia.
Absolute Identification Absolute ID is an innovative provider of data-centric protection products and services. Absolute ID has integrated its Virtual System on a Stick (ViSoS) with McAfee encrypted USB drives. By combining ViSoS with any standards-based network, users now have the ability to securely collaborate with colleagues, business partners, and supply chains and with the controlled distribution mechanisms inherent in Absolute ID’s ViSoS solution, and to distribute digital data without the risk of piracy or theft.
Absolute Software Corporation Absolute Software provides subscription-based computer theft recovery, IT asset management, and remote data delete solutions for organizations and consumers. Absolute’s McAfee ePO plug-in deploys Computrace agents on McAfee ePO-managed assets and delivers periodic summary reports from these assets into McAfee ePO dashboards. Based on Computrace agent call patterns, these reports help IT asset managers track, identify, and recover stolen laptops and other mobile devices.
AccessData AccessData, a pioneer in the digital forensics industry, provides investigators with the tools to preview, search for, analyze, process, and forensically preserve electronic evidence for the purposes of criminal investigations, internal investigations, incident response, and e-discovery. You can use McAfee ePO to deploy AccessData agents on McAfee ePO-managed assets and view agent coverage reports that include publisher, product, version, and more. McAfee ePO enhances the forensic effort by correlating users in its database with assets or activities under investigation.
128
ALLIANCES
Agiliance Agiliance enables highly scalable, quickly deployable, organization-wide risk, compliance and security management in real time. The McAfee Compatible integration of Agiliance RiskVision with McAfee ePO and McAfee Vulnerability Manager offers a unique, closed-loop risk management solution for risk-based security with exceptional accuracy and coverage. RiskVision is also interoperable with McAfee Policy Auditor, McAfee Risk Advisor, McAfee Endpoint Encryption, and McAfee VirusScan Enterprise.
AirPatrol Corporation AirPatrol’s Wireless Policy Manager (WPM) extends the capabilities of the McAfee ePolicy Orchestrator platform into the wireless regime, giving network administrators the ability to manage, distribute, and enforce wireless network policies from the central McAfee ePO management console. AirPatrol’s WPM secures the wireless interfaces on endpoints and allows IT Administrators to easily enforce common sense rules that govern how employees use their wireless resources. With WPM, organizations can secure their valuable laptops and PCs against today’s wide range of mobile and wireless threats.
AirTight Networks AirTight Networks provides technology to automatically detect, classify, block, and locate current and emerging wireless threats. AirTight will integrate summary reports on wireless security event data from AirTight SpectraGuard Enterprise into McAfee ePO dashboards. The data for these reports will be provided by both SpectraGuard Sensors for WLAN security and SpectraGuard SAFE agents for wireless endpoint protection. SpectraGuard SAFE agents will also report the endpoint wireless vulnerability level and related data to McAfee ePO.
Application Security, Inc. DbProtect allows organizations to secure their most sensitive data from internal and external threats, while ensuring that those organizations meet or exceed regulatory compliance and audit requirements. DbProtect is integrated with McAfee ePO. The integrated solution allows McAfee ePO administrators to deploy DbProtect agents and seamlessly link DbProtect’s real-time database monitoring with McAfee incident response. McAfee ePO administrators can view and report on database vulnerabilities, threats, and events and take corrective action.
ALLIANCES
129
ArcSight ArcSight helps customers comply with corporate and regulatory policy, safeguard their assets and processes, and control risk. ArcSight integrates with McAfee ePO to enable closed-loop security monitoring, log management, and policy enforcement. By passing alerts generated from correlated events into McAfee ePO, the ArcSight SIEM Platform drives the quick detection of security threats, compliance violations, and policy breaches, improving the context for targeted countermeasure, audit, and remediation functions provided by McAfee security solutions.
Arxan Arxan integrates its real-time application security checks and tampering alerts with McAfee ePO. Notifications from GuardIT appear in McAfee ePO dashboards, enabling security administrators to respond immediately with appropriate countermeasures. Administrators can thereby gain greater visibility during the interval between the onset of an application attack and when the application is fully compromised, so they can limit and preempt enterprise risk.
BDNA BDNA’s Discover product scans endpoint computers for installation of McAfee ePO software components, helping customers identify security gaps and bring previously unprotected assets under McAfee ePO security management. This capability significantly shifts the balance of security in favor of defenders by reducing the number of vulnerable assets in dynamic, rapidly evolving enterprise IT infrastructures.
Catbird Catbird brings visibility, control, and policy enforcement to the virtual data center. Catbird’s V-Security product suite provides security, change control, separation of duties, and validation by deploying a virtual appliance inside VMware ESX or Citrix XenServer. Catbird’s solution complements McAfee systems and network security offerings for virtualized environments. With the integration of V-Security, current McAfee ePO customers gain additional visibility into, receive alerts from, and manage policies for their virtual network environments.
130
ALLIANCES
Centrify Centrify DirectControl for Mac OS X integrates with McAfee ePO software, giving IT and desktop managers the ability to centrally deploy DirectControl and integrate Mac systems into Active Directory. Centrify DirectControl for Mac OS X enables centralized user management and authentication including smartcard login, centralized access controls, group management, and administrative rights, as well as extensive controls over user and system configurations via Active Directory Group Policy enforcement. For the first time, a centralized IT team can now manage Mac systems in the same way they manage Windows PCs — using the same familiar Windows tools and processes.
ClearPoint Metrics ClearPoint delivers unified visibility and active performance management for IT security governance, risk, and compliance requirements. ClearPoint offers specifically crafted Metric Apps that leverage data from McAfee ePO and McAfee Vulnerability Manager. Each is designed to securely access McAfee application databases to instantly deliver meaningful indicators that continuously monitor the state, quality, and effectiveness of controls supporting your compliance and risk management programs.
CommVault A singular vision — a belief in a better way to address current and future data management needs — guides CommVault in the development of Singular Information Management solutions for high-performance data protection, universal availability, and simplified management of data on complex storage networks. CommVault Simpana is integrated with McAfee ePO, sending status updates on backup, recovery, and archive events to McAfee ePO dashboards and giving administrators and compliance officers a more complete view of the state of their business-critical information. This resulting enterprise-wide visibility helps organizations meet their end-to-end data security needs.
eIQnetworks eIQnetworks is redefining security and compliance management by fostering collaboration across security, network, data center, and audit teams to more quickly isolate the root cause of security issues and ensure compliance mandates are being enforced. SecureVue uses information from the McAfee Network Security Platform, McAfee ePO, and McAfee Vulnerability Manager, aggregating and correlating not just logs but adding configuration, asset, performance, vulnerability, and network flow data into a single, comprehensive enterprise view. McAfee customers can now also view eIQnetworks’ reports directly on McAfee ePO dashboards for visibility into the organization’s security and compliance environment.
ALLIANCES 131
Guardium Guardium, the database security company, delivers a widely used solution for preventing information leaks from the data center and ensuring the integrity of enterprise data. Guardium’s database security solution has been integrated with McAfee ePO. Critical security information, including database vulnerabilities, policy violations, and database configuration changes can now be displayed in McAfee ePO dashboards. When used together, McAfee ePO and Guardium deliver a more comprehensive security and compliance solution with reduced operational costs.
HBGary HBGary specializes in developing advanced computer analysis products to detect, diagnose, and respond to advanced malware, targeted threats, and other cybercrime activities. HB Gary Digital DNA is integrated with McAfee ePO so that McAfee customers can deploy Digital DNA, scan physical memory for malicious and unauthorized code, and report results to the McAfee ePO console for optimal corrective action.
Infoblox Infoblox’s NetMRI integration with McAfee ePO extends the reach of McAfee risk and compliance management solutions deeper within network infrastructure. By automating the discovery, collection, analysis, storage, and access of network device configuration, change, and compliance information, you can take control of and automate network change while dramatically reducing operational and compliance risks as well as costs. NetMRI sends key alerts such as rogue network changes and compliance violations to McAfee ePO, accelerating the identification and remediation of risks associated with policy violations and access breaches.
Insightix Insightix is an innovator of real-time security intelligence and control solutions. Insightix BSA Visibility updates the McAfee ePO asset database in near real time allowing McAfee ePO to maintain a comprehensive, accurate, and up-to-date inventory of devices, their profiles, and the identities of those using the devices. The integration then provides the single source of truth about the network for effectively managing security, compliance, and risk against all devices.
132
ALLIANCES
LogLogic LogLogic provides an enterprise-class platform for collecting, storing, reporting, and alerting on 100 percent of IT log data from virtually any source. LogLogic intends to provide bilateral integration between its open log management and intelligence platform and McAfee ePO. LogLogic’s integrated analysis applications for compliance, security, and operational excellence will be able to leverage information provided by McAfee ePO and will in turn enhance McAfee ePO analytics with information about user and system behavior.
LogRhythm LogRhythm’s incident detection now drives automated alerting to McAfee ePO, enabling faster remediation and policy enforcement through the broad McAfee portfolio. Alerts appear in actionable McAfee ePO reports to facilitate corrective actions, such as starting a compliance check using McAfee Policy Auditor, running a virus scan with McAfee VirusScan Enterprise, pushing out new signature sets or patches, enhancing endpoint protection with the McAfee Host Intrusion Prevention System, updating security policies, and more.
MXI Security MXI Security provides managed portable security solutions that combine the power of secure storage with identity and access management services. The MXI Security Stealth ZONE platform leverages the industry-leading hardware security features of the McAfee Encrypted USB product line to deliver a superior, secure USB desktop. Any computer can be instantly transformed into a standard IT-managed system while maintaining both performance and security.
NitroSecurity The bidirectional integration of McAfee ePO and NitroView extends McAfee ePO visibility to events, activity, and logs from networks, databases, and applications to identify, track, and remediate security threats, compromised data, and vulnerabilities in real time. McAfee ePO users now have visibility from within McAfee ePO into the underlying network infrastructure, sessions transporting threats, and the location of the offenders. All NitroView correlated security events are visible with a real-time, drill-down view of specific events and individual data fields. Events are summarized, correlated, and analyzed so the user sees a reduced number of prioritized events and can quickly access months and years of data.
ALLIANCES
133
Prevari Prevari provides industry-leading solutions that objectively and quantitatively measure, model, and manage technology risk. McAfee Vulnerability Manager and McAfee Policy Auditor provide organizations with automated methods to quickly and accurately identify technical vulnerability exposures and to audit configuration policy compliance. Using data created by these McAfee solutions, Prevari TRM provides a common language for managing technology risk across the enterprise, aligning technology, compliance, and risk management goals with specific business objectives.
Ringcube RingCube vDesk integrates with McAfee Encrypted USB drives to create a portable desktop virtualization solution for the enterprise. Using vDesk, users can securely access their own corporate desktop from any PC for remote access, disaster recovery, or temporary access by consultants, contractors, and outsources. McAfee Encrypted USB drives ensure that RingCube’s workspaces are protected by the highest two-factor biometric user authentication and the strongest AES 256-bit hardware encryption to prevent data leakage and unauthorized access.
Secerno Secerno DataWall understands the intent of every SQL interaction with a database, allowing Secerno DataWall to deliver accurate alerts, reports, and security policy decisions on the fly. This patented technology integrates with McAfee ePO to allow select database transactions, audit events, or security violations to be displayed in McAfee ePO dashboards, augmenting McAfee incident response and compliance validation. This integration also drives down the cost and complexity of protection and compliance.
SecureAuth SecureAuth for SSO is an integrated strong authentication platform that provides transparent, secure single sign-on (SSO) for on-premise web applications, off premise cloud applications as well as traditional VPN resources, all from a single appliance. Used in conjunction with McAfee Endpoint Encryption, SecureAuth leverages a user’s domain authentication from a McAfee encrypted workstation and then performs an identity translation to local, on-premises, and cloud-based resources. SecureAuth supports regulations such as PCI DSS, HIPAA, and FFIEC.
134
ALLIANCES
SenSage The SenSage log data management solution enables reporting on log data from virtually any McAfee product and publishes eighteen summary reports directly to McAfee ePO dashboards. McAfee ePO users can “click through” the reports and automatically drill into the details for root cause analysis in the SenSage Event Data Warehouse. Through this integration, customers gain a 360-degree view of activity across the network to meet their compliance, security, and root-cause investigation requirements.
Triumfant The integration of Triumfant Resolution Manager (TRM) with McAfee ePO allows customers to view unwanted changes and unexpected conditions detected by TRM through the McAfee ePO console. McAfee ePO users can switch to TRM to view the details of the changes detected, review and execute the synthesized remediation, and execute reports. This integration provides McAfee ePO users additional insight into the security readiness of the endpoint population through Triumfant’s ability to identify and analyze unusual changes to each machine.
Verdiem Verdiem is an enterprise software company focused on PC Power Management and Green IT. Verdiem’s Surveyor has been tested with McAfee ePO and enables enterprises to reduce their operational costs and maximize energy savings of their PC infrastructure, all while keeping their networks secure. IT administrators can deploy Surveyor agents using McAfee ePO and coordinate power management of PCs with scheduled scans and updates. This will enable security updates to run off-hours without affecting end-user productivity.
Voltage Security Voltage Security, Inc. provides innovative security solutions that protect employee and customer data in email, documents, or databases. Voltage SecureMail Gateway integrates with the McAfee Email Gateway for automated and policy driven email encryption and helps organizations fulfill regulatory compliance on their email messaging platforms. By utilizing the two solutions concurrently, organizations can be certain that all inbound or outbound messages are secured per corporate policy and not dependent on individual user action.
Refer to www.mcafee.com/sia for the latest information on these and other SIA partners.
ALLIANCES
135
136
ALLIANCES
McAfee for the Home
McAfee For the Home
McAfee can proactively protect you and your entire family, on your PC, Mac, or mobile device. Award-winning software guards against dangerous websites and online interactions, helps avoid phishing scams, and protects you from hackers, identity thieves, and other cyber hazards. We can even locate or lock a lost device. Our software combines the most effective threat detection with the fastest performance and the lowest impact on your computer and online experience.
McAfee for the Home
Revolutionary Security, Made for You
With thousands of new malware threats surfacing each day, traditional security updates are no longer enough. McAfee consumer software applies McAfee Global Threat Intelligence to instantly detect and block viruses and stop web threats before they damage your home computer or mobile device. Engineered for the fastest performance ever, the software’s innovative design simplifies your security experience while offering essential protection. Specialized software extends our proactive security to your mobile devices, your family, and your identity to help secure all the facets of your digital world. The products grouped below appear alphabetically in the listings that follow. Products for the PC Suites (see next page for comparison chart)
• • •
McAfee AntiVirus Plus 2011 McAfee Internet Security 2011 McAfee Total Protection 2011
Specialty services
• • •
McAfee Family Protection McAfee Online Backup McAfee SiteAdvisor LIVE
Products for Mac
• •
McAfee Internet Security 2011 for Mac McAfee Family Protection for Mac
Products for mobile devices
• •
McAfee Family Protection (iPhone/iPod Touch/iPad Edition) McAfee WaveSecure
Integrated Suites for Home Users
We apply advanced ideas, integrated management, and global threat intelligence to help you protect your family and guard your data, home computer, and network.
McAFEE INTERNET SECURITY
Superb malware detection
Exclusive McAfee Active Protection™ technology instantly analyzes and blocks new and emerging threats in milliseconds, so there’s no gap in your protection Extensive speed enhancements include faster scans and faster updates Schedule security scans and updates so you can work or play without interruptions Monitor threats blocked and check security status at a glance with the easy-to-use security status area Get crucial product alerts that are less intrusive and easier to understand Enjoy safer Internet searching, surfing, and shopping thanks to identification of potentially harmful websites QuickClean eliminates junk files that can hurt PC performance Shred files to prevent future access Advanced identification prevents spam from clogging your inbox Take the hassle out of manually saving files with 1GB or 2GB of remote online storage Manage your children’s online usage more effectively Lock private data in your encrypted vault, so files are safe if your PC is lost, stolen, or hacked Defends your PC from intruders on your home network, blocking access to sensitive files Identifies harmful links in your browser, email, or instant messages, protects against identity theft, and blocks your PC when exposed to potential threats
• • • • • • • •
• • • • • • • • • • •
Faster PC performance No scan interruptions Check status at a glance with completely redesigned home screen Simplified security management with intelligent alerts Enjoy safer web surfing with McAfee SiteAdvisor® Better PC health with QuickClean™ Remove digital files thoroughly Anti-spam and email protection Protect digital files and memories with automatic online backup Child protection with enhanced parental controls Secure valuable files with Anti-Theft File Protection (note: English versions only) Home network defense protection Better protection from dangerous websites with McAfee SiteAdvisor LIVE
McAFEE FOR THE HOME
McAFEE TOTAL PROTECTION
McAFEE ANTIVIRUS PLUS
• • • • • • • • • • • • • •
139
McAfee AntiVirus Plus 2011
Essential, award-winning PC protection for carefree computing With thousands of new viruses created every day, relying on traditional security updates isn’t enough anymore. McAfee AntiVirus Plus instantly detects and blocks viruses, even stopping web-based threats before they download to your PC. Engineered for the fastest performance ever, our innovative design simplifies your experience while offering essential protection. Award-winning anti-virus, firewall, anti-spyware, and online protection McAfee AntiVirus Plus detects, blocks, and removes viruses, spyware, adware, even rootkits — insidious programs designed to tamper with your PC. Leveraging the same real-time global threat intelligence used in our enterprise products, revolutionary McAfee Active Protection™ technology provides the fastest protection against threats to your PC. Unlike the competition, we analyze and block new and emerging threats in milliseconds, so you do not have to wait for regular updates to arrive. With continuous and automatic updates, McAfee helps ensure that you are running the most current security to combat ever-evolving Internet threats. The result: no gap in your protection. In addition, our robust two-way firewall blocks outsiders from hacking into your PC, while it keeps sensitive information from leaking out if the system is compromised. McAfee AntiVirus Plus software also features the McAfee SiteAdvisor site rating system, our powerful safety rating system that lets you know if a site is risky, before you click. Better than ever Our latest release includes dramatic improvements to performance, such as update time and scanning, delivered within a completely redesigned, instantly understandable home screen. A simple color-coded security bar tells you if you can relax, or that specific defenses may need some attention. No guesswork, no stress, just essential protection. And you can now schedule scans and updates to minimize any disruption to your day. Strengths
•
Essential PC protection includes anti-malware, firewall, safe surf and search, and scanning optimization Always-current malware detection with exclusive McAfee Active Protection Reengineered for 8 times faster subsequent scan time Includes 30 days of free phone support (US only) and unlimited email and chat assistance
• • •
140
McAFEE FOR THE HOME
McAfee Family Protection
Keep your children safe as they learn and explore online Children using the Internet are subject to many threats, including access to inappropriate content, cyber bullying, posting of personal information, and risky discussions with strangers. With McAfee Family Protection, parents can have peace of mind as children learn, explore, and enjoy the Internet. McAfee Family Protection is the easiest, most complete way to keep your children safe online. It grows with your children as their Internet interests change and mature and keeps children of all ages safe from exposure to adult content, social networking risks, strangers, and other online threats. Restrict access to objectionable content McAfee Family Protection offers fast, easy set up so you can start protecting your children within minutes. Select websites and other content to block using 35 pre-defined categories and set time limits for Internet use. Our unique YouTube filtering prevents exposure to objectionable content, yet gives children access to appropriate videos. If specific applications are inappropriate, you can prohibit their use. And you can block unknown email addresses, so your children cannot communicate with strangers. Help your children protect their identities and private information Most children do not understand what personal information should or should not be shared. McAfee Family Protection prevents distribution of confidential information through file sharing applications and protects your PC against security threats commonly found in them. If you are on the go, you can be notified instantly by email or text message if your child posts personal information — such as phone number, address, or location — on social network sites, and if they attempt to access inappropriate sites. Monitor, record, and review cyber interactions To help you keep track of what is happening, including cyber bullying and improper dialogue with strangers, you can monitor and record instant message conversations and social networking site activity, including the use of profanity and sexually explicit terms. Usage reports help you understand your children’s online activities and empower you to educate them about proper online behaviors. Strengths
• • •
Fast, simple set up so you can start protecting your children within minutes Lets you permit your children to use the Internet while keeping them safe Protects children of all ages from inappropriate content, social networking risks, strangers, and other online threats
McAFEE FOR THE HOME
141
McAfee Family Protection (iPhone / iPod Touch / iPad Edition)
Protect and locate your children on their mobile devices Mobile devices — like the Apple iPhone, iPod Touch, or iPad — have unrestricted access to the Internet. As your children surf using these devices, they have access to objectionable websites and content. McAfee Family Protection for mobile devices protects your children from exposure to inappropriate mobile Internet content and allows you to monitor their online activities, including their physical device locations. Being able to identify and prevent objectionable activities lets you educate them about online threats, while allowing appropriate Internet use. Safe surf and search As kids explore and search online, they naturally cross borders. McAfee Family Protection helps establish boundaries and automatically blocks inappropriate web pages across different content categories. In addition, it filters inappropriate websites from search results to prevent intentional and unintentional exposure. Knowing where they are In parenthood, there are situations in which knowing where your children are — or have been — can be priceless. McAfee Family Protection allows you to determine the location of your children’s device where it was last used for Internet browsing. Since feature accuracy may vary and may not function in all areas, it cannot be relied on as an emergency locator, yet this feature will help you to raise your children more safely. Comprehensive reporting, everywhere Our online management portal is accessible via the Internet from a PC or mobile device. It allows you to monitor your children’s browsing activities and see the physical device location where your children last went online. You can review a log of all visited and blocked websites, add and remove websites manually, or remotely disable browsing altogether. Packaged as a dedicated secure mobile Internet browser, McAfee Family Protection offers a superior and safe browsing experience. Your children will recognize and love the device’s default browser, Safari. Features include search bar, tabbed browsing, pinch, zoom, resize, landscape view, manage bookmarks, share links via email, animated content, save images, and copy and paste. Strengths
• • •
Immediate protection with a familiar Safari experience Establishes boundaries for mobile web surfing Helps you locate your children through their devices
142
McAFEE FOR THE HOME
McAfee Internet Security 2011
Comprehensive, award-winning PC security to freely explore online For broad, effective online security at home, McAfee Internet Security combines the essential security of McAfee AntiVirus Plus — anti-malware, firewall, and safe search and surf — with anti-spam and email protection, plus data protection and parental controls. Engineered for the fastest PC performance ever, our innovative design simplifies your Internet security experience while offering comprehensive protection. Superb detection of viruses, spyware, and other malware Our system detects, blocks, and removes viruses, spam, phishing attacks, spyware, adware, even rootkits — subtle programs designed to tamper with your PC. Unlike the competition, new and emerging threats are analyzed and blocked in milliseconds, so you don’t have to wait for regular updates to arrive. The result: no gap in your protection. More of the security you value for your PC and data, with higher performance Our two-way firewall blocks outsiders from hacking into your PC, while McAfee SiteAdvisor software helps you know if a website is safe before you click, to avoid malware hidden in seemingly innocent sites. Advanced phishing protection alerts you to websites that may try to steal your identity or gain access to financial information. To manage your children’s online usage, we include powerful parental filtering controls. From faster computer startup, to lower CPU usage, to speedier scans, you will experience significantly improved performance. McAfee delivers innovative “silent” features that keep our security software out of your way. For example, you can reserve security scans and updates for when you are not using your PC. Online backups can be fully automated. And PC health tools can remove junk files, reliably destroy unneeded files with confidential data, and clean up your disk to improve system performance. Strengths
•
One GB of online, automated remote file backup takes the hassle out of backups Lets you manage your tools and schedule scans to avoid disruption Verifies security settings within your home network Smarter, more intuitive alerting and help center with contextual help Always-current malware detection with exclusive McAfee Active Protection Tools to improve PC health and destroy sensitive information
• • • • •
McAFEE FOR THE HOME
143
McAfee Internet Security for Mac 2011
Comprehensive Mac security to let you freely explore the web While Macs do not get PC viruses, they are just as vulnerable to Internet threats as PCs. Phishing websites can steal personal information, and malicious websites can download malware that you might unknowingly spread to your friends. With the daily emergence of new and more sophisticated Internet threats that could disrupt your digital life, you need more than the Mac OS to protect yourself, your computer, your identity, and your family. McAfee Internet Security for Mac helps protect your Mac from malware and cyber attacks as it safeguards your personal information from data-stealing programs and would-be hackers. It gives you the freedom to explore, download, and shop on the Internet any time, any place without fear of criminals or cyber attacks. McAfee is the number one provider of Internet security and is relentlessly committed to protecting and empowering you on the Web. Safe surfing and searching McAfee SiteAdvisor software adds safety ratings to your browser and search engine results, providing analysis on each website. It annotates each search result with red, yellow, or green ratings, letting you know if a website is safe or hosts potential security flaws. The safe search feature blocks sites with red annotations so you cannot click on bad links. Blocks malicious applications, sites, and data-stealing code Our firewall can keep uninvited guests from accessing your computer when you are online, restricting access to and from specific applications communicating via Internet or local area networks. Real-time protection recognizes phishing websites and blocks them. It also guards against harmful programs that monitor, collect, and send personal information to cyber criminals, such as viruses, Trojans, worms, bots, and rootkits. So you can exchange files freely, the software scans and cleans file attachments in Apple Mail and iChat programs, repairing and removing infections from files without damaging format or contents. Strengths
•
Protects against harmful programs that monitor, collect, and sell personal information Indicates website safety before you click and blocks phishing sites Firewall restricts access to your computer and files when you are online Catches emerging Internet threats before they reach you Scans and cleans downloaded files and attachments from email and IM programs Scans any external drive for potential threats to your Mac
• • • •
•
144
McAFEE FOR THE HOME
McAfee Online Backup
Easily and safely protect all of your digital files and memories Preserve precious memories with our simple, safe, unlimited online storage. McAfee Online Backup, powered by Mozy, takes the hassle out of manually backing up all of your valuable digital files — from Microsoft Outlook email and contacts to treasured family photos. Fast, simple setup lets you backup automatically as often as you would like Once you have installed the software, the backup process is easy because it is fully automated and seamless. Your files are encrypted and stored on a secure remote server online. There is no capacity limit, so you can back up all of your precious files. Your files are safe and easy to retrieve with just a few mouse clicks. Optimized for convenient, reliable backup After the initial backup, McAfee only backs up files that have been added or changed, saving you time and bandwidth. New and changed file detection makes sure McAfee Online Backup finds and saves the smallest changes, giving you a thorough backup. It can also back up open and locked files to ensure a reliable archive. Keep digital information and images safe with strong encryption Your annual subscription provides virtually unlimited offsite storage and online access. Reliable 128-bit SSL encryption protects your files during backup, and 448-bit Blowfish encryption protects your files while they are in storage, giving you peace of mind that your private data is safe from hackers, prying eyes, or inadvertent access. Convenient anywhere, anytime access Even if you experience a catastrophe, you still have electronic copies archived and available to you from any PC with an Internet connection. You can restore your files anywhere using any high-speed Internet-enabled PC. Strengths
• •
Fast, simple set-up allows automatic backup as often as you like Offsite storage and online access mean even after a disaster you still have electronic copies available All your backed up copies are encrypted for your protection Virtually unlimited storage space Anytime access from any PC with an Internet connection
• • •
McAFEE FOR THE HOME
145
McAfee SiteAdvisor LIVE
Identifies risky websites and protects your PC When any link can lead to a compromised website, it helps to know in advance — before you click — if a link means trouble. McAfee SiteAdvisor LIVE goes beyond safe searching and browsing to provide active, real-time, comprehensive protection from sites that can compromise your identity and your PC. You and your family can safely shop and bank online, guarded by advanced phishing protection, link checking in emails and instant messages, and “Protected Mode” to disable interaction with dangerous sites. The core McAfee SiteAdvisor software displays simple red, yellow, and green website safety ratings as well as McAfee SECURE trustmarks for sites passing rigorous daily tests. These safety ratings reflect a massive database of test results from millions of automated site visits, download installations, and email registrations. Tests detect risks such as spyware, spam, phishing, and browser exploits. Improve risk awareness and actively protect users McAfee SiteAdvisor LIVE adds extra data features that inform you how a download meddles with the inner workings of your PC and whether it will properly and completely uninstall. The software also includes unique link checking that warns you about risky websites coming in through instant messaging and email. Its Protected Mode prevents PCs from visiting those risky sites by disabling interaction with dangerous “red” sites and downloads. Add it easily to your infrastructure Every day, McAfee provides almost 3 billion website safety ratings to users of the McAfee SiteAdvisor product line. McAfee SiteAdvisor LIVE technology works with 20 search engines, including Google, Yahoo!, Bing, AOL, and Ask. And it requires no other security software to operate. Strengths
•
Comprehensive advice about sites with spyware, spam, phishing, exploits, and more, with support from McAfee computer security experts Simple icons appear when browsing, searching, instant messaging, or emailing Password controlled Protected Mode prevents interaction with risky sites Updates and upgrades automatically to protect against new threats
•
• •
146
McAFEE FOR THE HOME
McAfee Total Protection 2011
Ultimate, award-winning PC and online security for total peace of mind As criminals get more creative, you must fight back with extra protection for your data, your home network, and your PC. McAfee Total Protection builds on the anti-malware, firewall, web safety, and email security found in our McAfee Internet Security suite and layers in extended data protection and web controls. As it instantly detects and blocks malware, it defends your system and home network and blocks websites that could harm your computer. Engineered for the fastest performance, our design simplifies your experience while offering ultimate protection. McAfee Active Protection technology defends against emerging threats Our real-time scanning lets our anti-virus and anti-spyware detect, block, and remove viruses, spyware, spam, phishing attacks, adware, and rootkits. Unlike the competition, new and emerging threats are analyzed and blocked in milliseconds, so you do not have to wait for regular updates to arrive. Our two-way firewall blocks outsiders from hacking into your PC, while home network protection defends your PC from intruders on your home network, blocking access to sensitive files. Reinforce security for your family and your PC We take the hassle out of manually backing up your most valuable digital information with two GB of encrypted online data storage. Plus McAfee Antitheft encryption (in English versions) lets you lock private data in an encrypted vault on your PC, with password protection. Files are safe if your PC is lost, stolen, or hacked. McAfee SiteAdvisor LIVE tells you whether a website is safe before you click and checks links within email and instant messages to stop malware and identity theft. It can also instantly shield your PC when it is exposed to threats. And parental controls let you manage Internet use. Faster than ever, and easier to use After the rapid installation gets you up and running, a full system scan will not slow down your computer. Scheduled activity throttling works to initiate or resume updates when your PC is idle, minimizing interruptions. Strengths
• •
2GB of online, automated remote file backup Award-winning anti-virus, firewall, anti-spyware, and online protection, plus data and parental controls At-a-glance home screen makes it easy to manage and monitor your PC and network defenses
•
McAFEE FOR THE HOME
147
McAfee WaveSecure
For Android, BlackBerry, Symbian S60, Windows Mobile, and Java Control of your mobile device and data, anytime and anywhere Your mobile phone contains many details of your life: contacts, calendar, text messages, photos, videos, and more. If it is lost or stolen, you lose sensitive information and irreplaceable memories, and you risk malicious — and expensive — use of both device and data. McAfee WaveSecure enables you to remotely locate and track your phone, lock it, backup the data, wipe the device, and restore your data, even to a different phone. Locate, track, and disable your missing mobile device Should your mobile phone disappear, the first thing you will want to know is where it is. With McAfee WaveSecure, you can locate your device via either its built-in GPS or cell tower tracking, using our web portal or an SMS message from a friend’s phone. You can also trigger an alarm to help you find it or disrupt a thief, and send a brief SMS message with instructions for returning it. If you cannot immediately recover your phone, you can remotely program the device to receive incoming calls only, thwarting abuse. You can also set McAfee WaveSecure to automatically lock the phone, display a message if the SIM is changed, and send a notification to chosen friends via SMS. Remove your data from a lost device If you know the phone is stolen or lost, use our portal or an SMS to ensure that your personal data cannot be accessed or used maliciously. You can remotely wipe all data on the phone as well as its removable memory card. McAfee WaveSecure uses a wipe method compliant with US Department of Defense standards to make sure that the data is gone beyond recovery. Backup and restore your data with our convenient management options Regular backups of your data are important for protecting sensitive information and preserving contacts and captured images and videos. McAfee WaveSecure enables you to backup your data from your device or remotely through the web portal — so even if your device is missing you can back it up before you wipe it. You can restore your data any time, to the same or a replacement device. Choose the extensive functionality of the online portal, a simple mobile device interface, or fast PIN-authorized SMS messages from a friend’s phone. With McAfee WaveSecure, you can be sure of continuous, convenient protection for your mobile phone and data. Strengths
• • •
Remotely locks down your device Wipes out important data stored on your mobile to protect your privacy Backs up your data from your phone or remotely on the web
148
McAFEE FOR THE HOME
Global Reach, World-Class Technology
Security Connected delivers real-time visibility into the security and risk management profile of your business. The world’s most comprehensive threat intelligence keeps your security up to date and makes possible self-securing data, web, email, network, and endpoint security systems. Our open platform lets you integrate security into your existing business processes and security investments. Say “yes” to enabling your business. Security Connected from McAfee.
McAfee, Inc., headquartered in Santa Clara, California, is the world’s largest dedicated security technology company. McAfee is relentlessly committed to tackling the world’s toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse, and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector, and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security.
McAfee, Inc. 2821 Mission College Blvd. Santa Clara, CA 95054 1.888.847.8766 www.mcafee.com
McAfee, the McAfee logo, McAfee Active Protection, McAfee AppPrism, McAfee EMM, McAfee ePolicy Orchestrator, McAfee ePO, McAfee Global Threat Intelligence, McAfee Labs, McAfee SECURE, McAfee SiteAdvisor, McAfee Total Protection, Foundstone, FoundScore, QuickClean, SecureOS, SmartFilter, and VirusScan are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications, and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. © 2011 McAfee, Inc. All rights reserved. 17001pdir_cor_ssg_0111
