Beruflich Dokumente
Kultur Dokumente
JANUARY 2011
Security Connected
The open McAfee framework called Security Connected unites the many parts of security infrastructure against the many parts of todays threats. Weaving in unequalled global threat intelligence, manageability, and industry partnerships, this flexible security platform protects the ubiquity of your IT infrastructure. Instead of competing for your budget and attention, your IT and security investments collaborate for maximum protection and efficiency. You optimize your security to safeguard your business everywhere it goes, in every way it operates, to seize every opportunity.
INTRODUCTION
01
While your business has been innovating, so has the business of cybercrime. From being an occasional headline, cybercrimes are now mainstream news.
An average of 6,000,000 new botnet
every 30 seconds2
External agents represented 70 percent
McAfee Threats Report: Third Quarter 2010. 2 McAfee Labs. 3 2010 Verizon Data Breach Report, http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf
02
INTRODUCTION
Threats with multiple components Zeus, Operation Aurora, Mariposa, and Stuxnetthese attacks represent professional operations. Wielding sophisticated tools and taking a long view of the opportunity, cybercriminals run businesses like yours, but without legal, geographical, or moral boundaries. Unlike the simple viruses of yesteryear, todays cyberthreats employ multiple components and threat vectorsa cocktail of network port scans, phishing email and websites, corrupt Adobe Flash and PDF files, and browser vulnerabilitiesto ensure success. For example, the Stuxnet worm took advantage of four separate, unpublished vulnerabilities to ensure a match with its target. It spread through USB devices and network shares and formed a botnet of infected systems that phoned home to malicious web servers. Designed to cripple critical infrastructure, Stuxnet now infects thousands of mainstream users around the globe.4 Similarly, Operation Aurora went unnoticed by federating endpoint, web, email, and network tactics with a multi-month timeline.
INTRODUCTION
03
Security with islands of products and people Single-vector protectionstraditional defense-in-depth layersprovide limited defense against multivector threats. They catch one facet of an attack but miss the big picture of todays redundant paths. Many do nothing for insider threats where privileged users abuse legitimate access. Similarly, IT administrators from independent web, email, systems, and network organizations view separate parts of the risk picture from siloed management environments. While they might assemble a story from logs and alerts, this after-the-fact event correlation reacts to known threats and patterns. It is unlikely to detect subtle threats that change every use, unfold slowly, or incorporate unknown malware and unpublished vulnerabilities. When something goes wrong, isolated security islands and management environments make it expensive to diagnose, contain the damage, and recover to business as usual. A recent PricewaterhouseCoopers poll found that the cost of responding to the worst incidents has more than tripled since 2008.5
04
INTRODUCTION
Enterprise ecosystems with assets everywhere Businesses are hard to secure against multivector, fast-paced threats because enterprise IT architectures have evolved from static to fluid, from proprietary to personal. After waves of virtualization and outsourcing, a plethora of new devices accesses a host of services and sensitive data in consolidated data centers, hosted in the cloud, or maintained by third parties. This ubiquitous IT infrastructure has many moving parts, many of them virtualpartners, applications, employees, data centers.
If you arent providing the mobile devices, how do you ensure compliance with policies or confidentiality of locally stored data? If you cant lock down the physical server where the data and applications are active, how can you block attacks and maintain required patches? If you spend all your time reacting, who is managing risk and securing the infrastructure required to support new services and business growth?
INTRODUCTION
05
06
INTRODUCTION
Our technology footprint enables sensors at every layer of the technology stack to communicate, share intelligence, and secure your entire enterprise.
A platform for confidence and compliance A Security Connected platform builds bridges between security islands to close coverage and technology gaps. It connects intelligence about changing threats, anomalies, risks, and priorities with the people and tools that need them. It gives you confidence that you understand the shifting situation and can manage risk. With real-time visibility into risk and events, you can safely link your users to their applications and data, across any network, from any device, in compliance with business and industry policies. The worlds most comprehensive threat intelligence keeps your countermeasures up to date and makes possible self-securing data, web, email, network, and endpoint protections. These systems share shreds of different types of information, collaborating in real time, non-stop, to act instantly as risks change. A platform for yes Security Connected also builds in choice and flexibility. Your extensible platform can connect processes and systems from multiple vendors and organizations, elements like IT user directories, Apple iPads, and auditor reports. Leveraging tested integrations and open interfaces, existing infrastructure can mesh with new capabilities to protect your investments as well as your data assets. You can use policies and automation to create efficiencies and enforce rules consistently. This open platform can handle the change required to seize opportunity and deal with necessity. In building security into the way your business operates, your Security Connected platform helps you secure the business without getting in its way.
INTRODUCTION
07
McAfee Global Threat Intelligence delivers the industrys most comprehensive, real-time threat protection, providing deep visibility into current and emerging online dangers so that McAfee products activate countermeasures ahead of threats Network Security combines real-time threat awareness, award-winning intrusion prevention technologies, and an optimized management platform for the worlds most comprehensive network defense Content Security patrols email, web, and data usage both inside and outside the network, whether users are in the office or working remotely. It ensures a productive workforce with critical protections that flex to fit your evolving security architecture. Endpoint Security integrates system security, virtualization security, mobile protection, email security, web safety, and access control to let you guard endpoints against the latest threats with fewer IT resources Security Management provides constant visibility into your security, risk, and compliance profile. With an open platform to integrate existing security administration, McAfee automates protection, diagnosis, and remediation.
08
INTRODUCTION
The Security Connected platform from McAfee helps you optimize security as you enable business.
These elementsincluding over 100 third-party solutionsare united by the open interfaces of the McAfee ePolicy Orchestrator (McAfee ePO) management environment. Much more than a dashboard, McAfee ePO brings together data and activities so you can make sense of, mitigate, and report on your changing IT risks. To tailor your platform to your real-world requirements, look to McAfee Support and Services. These experts help you get the most out of your security investments, for optimized protection at optimal efficiency. McAfee Alliances fuse your security platform with your other IT infrastructure, from silicon to satellite, through tested integrations and value-added partnerships. Our consumer products bring McAfee Global Threat Intelligence and robust protection home to secure your loved ones, your identity, and your personal computing environment.
INTRODUCTION
09
Endpoint Security Alliances Endpoint Security Content Security Content Security Endpoint Security Content Security McAfee Global Threat Intelligence Content Security Network Security McAfee Global Threat Intelligence Content Security Endpoint Security Network Security Network Security McAfee Global Threat Intelligence Network Security McAfee Global Threat Intelligence Security Management Support and Services Security Management Support and Services Security Management Alliances
Fending off targeted attacks and advanced persistent threats (APTs) Balancing security and ROI
Get Connected
McAfee is ready to help you move toward your optimized security environment. Use this guide to navigate our Security Connected resources and start saying yes to enabling your business.
10
INTRODUCTION
Table of Contents
Table of Contents
Optimizing your organizations security means moving from a reactive stance such as deploying a new point tool to counter each new threatto a strategic and connected security framework. By integrating protection across the most common threat vectorsfile, web, message, and networkMcAfee enables you to enhance operational efficiencies without making compromises on security or compliance.
Global Threat Intelligence McAfee Labs McAfee Global Threat Intelligence Network Security McAfee Firewall Enterprise McAfee Firewall Enterprise Profiler McAfee Network Access Control McAfee Network Security Manager McAfee Network Security Platform McAfee Network Threat Behavior Analysis McAfee Network Threat Response Content Security McAfee Command Line Encryption McAfee Content Security Blade Server McAfee Data Loss Prevention McAfee Device Control McAfee Email and Web Security Appliance McAfee Email Gateway McAfee Encrypted USB McAfee Endpoint Encryption McAfee SaaS Email Archiving McAfee SaaS Email Encryption McAfee SaaS Email Inbound Filtering McAfee SaaS Email Protection McAfee SaaS Email Protection and Continuity McAfee SaaS Total Protection McAfee SaaS Web and Email Protection McAfee SaaS Web and Email Security with Archiving
11 13 14 17 20 21 22 23 24 25 26 27 30 31 32 33 34 35 36 37 38 39 40 40 41 42 43 44
McAfee SaaS Web Protection McAfee Security for Email Servers McAfee SiteAdvisor Enterprise McAfee Web Filtering for Endpoint McAfee SmartFilter McAfee Total Protection for Internet Gateways McAfee Total Protection for Data McAfee Total Protection for Secure Business McAfee Web Gateway Endpoint Security On-premises Endpoint Suites Comparison Security SaaS Suites Comparison McAfee Application Control (for desktops and servers) McAfee Command Line Encryption McAfee Device Control McAfee Encrypted USB McAfee Endpoint Encryption McAfee Endpoint Protection Advanced Suite McAfee Endpoint Protection Suite McAfee Endpoint Protection for Mac McAfee Enterprise Mobility Management (McAfee EMM) McAfee Host Intrusion Prevention McAfee Mobile Security for Enterprise McAfee MOVE AntiVirus McAfee Network Access Control McAfee Policy Auditor McAfee SaaS Endpoint Security Suites
45 46 47 47 48 49 50 51 52 53 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72
Table of Contents
McAfee SaaS Total Protection McAfee Security for Email Servers McAfee Security for Microsoft SharePoint McAfee SiteAdvisor Enterprise McAfee Web Filtering for Endpoint McAfee Total Protection for Endpoint Enterprise Edition McAfee Total Protection for Data McAfee Total Protection for Secure Business McAfee Total Protection for Server McAfee VirusScan Enterprise McAfee VirusScan Enterprise for Linux McAfee VirusScan Enterprise for Offline Virtual Images McAfee VirusScan Enterprise for Storage McAfee VirusScan Enterprise for use with SAP NetWeaver platform McAfee VirusScan for Mac Security Management McAfee Change Control McAfee Change Reconciliation McAfee Configuration Control McAfee Database Activity Monitoring McAfee ePolicy Orchestrator (McAfee ePO) McAfee Integrity Control McAfee Integrity Monitor for Databases McAfee PCI Certification Service McAfee Policy Auditor McAfee Risk Advisor McAfee Total Protection for Compliance McAfee Vulnerability Manager (With McAfee SECURE module option) McAfee Vulnerability Manager McAfee Vulnerability Manager for Databases Support and Services McAfee Corporate Support McAfee Premium Support Offerings McAfee Corporate Technical Support Program Comparison McAfee Solution Services McAfee University Foundstone Professional Services Foundstone Education
73 74 75 76 76 77 78 79 80 81 82 83 84 85 86 87 90 91 92 93 94 95 96 97 98 99 100 101 102 103 105 107 108 109 110 111 112 113
Alliances McAfee Global Alliances McAfee Global Alliance Partner Directory McAfee Security Innovation Alliance (SIA) McAfee SIA Partner Directory McAfee SIA Sales Teaming Partners McAfee for the Home Integrated Suites for Home Users McAfee AntiVirus Plus 2011 McAfee Family Protection McAfee Family Protection (iPhone/iPod Touch/iPad Edition) McAfee Internet Security 2011 McAfee Internet Security for Mac 2011 McAfee Online Backup McAfee SiteAdvisor LIVE McAfee Total Protection 2011 McAfee WaveSecure
115 117 119 125 126 128 137 139 140 141 142 143 144 145 146 147 148
McAfee LabsBacked by a portfolio of more than 480 patents and a network of millions of sensors spanning the Internet, the worldwide research experts at McAfee Labs deliver unparalleled protection against both known and emerging threats through a complete suite of security products, as well as a range of free educational tools and industry outreach McAfee Global Threat IntelligenceIntegrated seamlessly into McAfee products, this cloud-based threat intelligence service from McAfee Labs helps protect your organization against cyberthreats across all vectorsfile, web, message, and networkreducing your effort while increasing your protection
1996: McAfee discovers first locally exploitable kernel vulnerability 1997: McAfee pioneered detection of password-stealing Trojans 1998: McAfee discovers the first polymorphic field virus 1999: McAfee discovers famed Melissa virus 2003/2004: McAfee discovers two of the biggest self-executing worms written: Blaster and Sasser 2004: McAfee develops the worlds first real-time, multi-dimensional online reputation system, McAfee TrustedSource 2005: McAfee discovers attackers manipulating Google 2008: McAfee develops worlds first real-time, in-the-cloud file reputation system, McAfee Artemis 2009: McAfee credited with inventing and defining global threat intelligence 2010: McAfee identifies zero-day vulnerability in Microsoft Internet Explorer and names attack Operation Aurora
13
Protects from both known and emerging cyberthreats, regardless of the source of those threats or where they travel Arms your security infrastructure with shared threat intelligence, enabling security products to act in concert, based on the same robust, real-time information Closes the threat window with instantaneous, often predictive, reputationbased threat intelligence, reducing the probability of attack and the costs of remediation and lost downtime
How it works McAfee Global Threat Intelligence data comes from multiple sources. Thanks to our large and diverse customer base, we receive queries from more than 100 million McAfee nodes deployed in real world settings around the globe. With each query, our cloud system learns something new about the subject of the query. We combine that insight with data from other threat vectors to understand cyberthreats from all angles. This perspective helps us identify threat relationships, such as malware used in network intrusions, websites embedded in malware code, websites hosting malware, botnet associations, and more. Bidirectional communications connect McAfee products with McAfee Global Threat Intelligence. McAfee products query the cloud, and our cloud renders the latest reputation or categorization intelligence to the products so that they can take action. For example, if McAfee Global Threat Intelligence detects malware, the system will automatically search its database for associations between that malware and URLs hosting it or embedded links in the malware, IP addresses hosting it, messages containing it, and so on. The reputations of these files, messages, websites, and IP addresses will be updated to reflect greater risk. McAfee products can then apply policies to limit interactions with these newly more risky entities. Our ongoing actions protect you, effortlessly.
14
File
File
Web
Message
Network
THREAT INTELLIGENCE
Web
Message
Firewall
Shared threat intelligence McAfee Global Threat Intelligence enables McAfee products to protect you against cyberthreats across all vectors file, web, message, and network. Already integrated into your McAfee security products on premises or in the cloud, McAfee Global Threat Intelligence has the broadest threat data, most robust data correlation, and most complete product integration in the market. This gives McAfee unique visibility into online dangers such as botnets, worms, DNS attacks, and even advanced persistent threats. Each product can take appropriate policy-based action when these threats strike. Each product you connect shares intelligence and capability to strengthen the overall effect. Not only do thirteen McAfee product families integrate McAfee Global Threat Intelligence, these products also integrate more threat intelligence services per product than any other security products available today services like file reputation, web reputation, web categorization, message reputation, and network connection reputation. Multiple threat service mappings per product multiply the accuracy and responsiveness of your protections.
15
McAfee Global Threat Intelligence in action On May 7, 2010, McAfee Global Threat Intelligence picked up anomalous activity of a new website based on web and network threat data, and adjusted the reputation of the website accordingly. On June 7, 2010, the malicious website was the source of a widespread iFrame injection attack affecting more than 100,000 legitimate websites. However, McAfee customers with McAfee Global Threat Intelligence were already protected. Availability and activation McAfee Global Threat Intelligence is included in the cost of McAfee products that incorporate this service. In some products, McAfee Global Threat Intelligence is enabled by default. If not, you may enable it easily using your McAfee product administrative interface. To learn more, please visit www.mcafee.com/GTITurnItOn. For organizations that operate environments with limited Internet access, McAfee offers the McAfee Global Threat Intelligence Server, a virtual appliance that consolidates client-to-cloud communications using a set of auditable proxy servers for McAfee-protected clients. McAfee Global Threat Intelligence is also available as a standalone service. Strengths
More than one hundred million McAfee nodes deployed around the globe More than one hundred billion queries each month from all threat vectors file, web, message, and network The most comprehensive set of threat intelligence services in the market file reputation, web reputation, web categorization, message reputation, and network connection reputation
Tap into this expertise online with free tools, blogs, and research at www.mcafee.com/threatintelligence.
16
Network Security
Perimeter defenseFirewall and network intrusion prevention technologies enable effective perimeter defense through constant, comprehensive global threat intelligence. Using millions of worldwide network sensors to fully characterize all threats, we provide an unparalleled understanding of how attacks behave and may evolve over time. The result is proactive, unmatched threat protection delivered in real time. Network asset protectionMcAfee provides the most precise, high-performance network intrusion prevention technologies in the industry. Our network-class, purpose-built hardware platforms exceed the reliability requirements of even the most critical business applications. By combining zero-day vulnerability coverage with the most comprehensive, proactive threat intelligence feeds, McAfee protects network assets against the latest attacks. User access controlMcAfee Network Access Control (NAC) links endpoint and network security with access control and compliance, centrally managed by McAfee ePolicy Orchestrator. McAfee NAC allows you to easily deploy and tailor access controls, resulting in increased security, fewer errors, and network control unmatched in the industry. User activity controlWhen you identify network activity by end-user application rather than network protocol, your security and network configurations can map directly to conventional, written organizational policies. You gain streamlined configuration management, improved enforcement accuracy, and simplified compliance assessment.
Network Security
20
21
24 23 26
22
25
NETWORK SECURITY
19
Application discovery and control with powerful visualization tools Integrated, in-line inspection and URL filtering Proven in Fortune 500 and ultra-secure government organizations Flexible range of physical, virtual, and multi-firewall offerings, including the option to run on Riverbed Steelhead and Crossbeam X-Series appliances Includes the McAfee Firewall Enterprise Profiler Virtual Appliance and McAfee Firewall Reporter at no extra charge
20
NETWORK SECURITY
Real-time verification of application rollouts Confirms whether or not traffic disruptions are due to firewalls Detailed visuals and drilldowns let you understand root causes and immediately update firewall configurations to restore service
NETWORK SECURITY 21
McAfee NAC Software supports managed users and offers employee endpoint health assessment both pre- and post-admission McAfee NAC Appliance controls guest and contractor access with a network-based approach and offers identity and application-based network access control McAfee NAC Module for McAfee Network Security Platform adds the functionality of the NAC Appliance to an existing Network Security Platform to incorporate intrusion prevention in network access control decisions
St
ep
licy Po 1:
Ste p2 :D i
Scans for rogue devices, alerts, and reports
er ov sc
Ste
p 4: R e m e diate
22
NETWORK SECURITY
St
ep
3:
Enf
orce
ni St e p 5: M o
to
r
Simple, granular security policy management Easy-to-use, pre-configured templates, recommended-for-block policies, and out-of-the-box blocking Highly flexible and customizable reporting
NETWORK SECURITY
23
Industry-leading default and tuned security effectiveness The only IPS to hold the NSS Labs 10-Gigabit IPS certification Carrier-class reliability and the highest port density platforms available
Intrusion Prevention Systems Individual Product Test Results, NSS Labs, 2010.
24
NETWORK SECURITY
Proactive, behavior-based threat detection to avoid network penetration and disruption of business operations and productivity Supports switches and routers from Cisco, Juniper, and Extreme Networks for cost-effective monitoring of network segments without IPS or firewalls Fully equipped with quad-core processors, RAID disk array, Gigabit Ethernet connectivity, distinct flow capacity, and offline SAN storage
NETWORK SECURITY
25
Ever-expanding SNORT-compatible signature database with support for custom signatures Easy integration with McAfee network security solutions for multi-pass analysis of embedded network threats Streamlined web-based management
26
NETWORK SECURITY
Content Security
Data protectionSafeguard regulated and sensitive data from unintended disclosure, unauthorized use, and loss. Using built-in data mining features, strong identification, authentication, and policy-driven security controls, McAfee removes the complexity and manual analysis from data loss prevention, making it easy to identify potential problems and fine-tune policies. EncryptionProtect data across a broad range of devices, preventing information loss and data theft. Powerful encryption technology stops unauthorized access to data and delivers layers of protection for desktops, laptops, network files, mobile devices, virtual disks, and removable media. With McAfee encryption solutions, you can safely exchange information with partners, keep employees productive, and streamline policy enforcement. Email and web protectionSensitive data can easily escape through email and the web. With powerful inspection of inbound and outbound traffic, McAfee protects against this data loss. We stop spam, phishing attempts, and web-based malware, foiling cybercriminals who combine email and web technologies to install data-stealing code.
Content Security
CONTENT SECURITY
29
McAfee E-Business Client McAfee E-Business Server for OS/390 McAfee E-Business Server Native APIs McAfee E-Business Server Partner Edition
30
CONTENT SECURITY
Choice of eight blade or sixteen blade enclosures Redundant power supplies, fans, and management blades prevent downtime Increase capacity in minutes, without service disruption, by sliding in a new blade Overall system status displayed in convenient at-a-glance dashboard Flexibility to turn on different email and web features when you need them, such as URL filtering, SSL scanning, and content inspection
CONTENT SECURITY
31
McAfee Network DLP Discover McAfee Network DLP Monitor McAfee Network DLP Prevent McAfee Network DLP Manager McAfee Host Data Loss Prevention McAfee Device Control McAfee Data Protection Suite for Rights Management McAfee Total Protection for Data
CONTENT SECURITY
32
Fine grained device definitions Content and context-aware protection Centralized policy deployment and management with McAfee ePO Easy upgrade to McAfee Host Data Loss Prevention Visibility, control, and user- and device-level logging to support compliance
CONTENT SECURITY
33
Scalable, high performance email security appliance The most effective spam filter with the lowest false positives Built-in content dictionaries, and document fingerprinting for simplified compliance and data loss prevention Integrated web filtering and anti-virus
34
CONTENT SECURITY
99 percent or better spam detection accuracy Protection against email-borne threats such as malware, phishing, directory harvest, denial of service, and bounceback attacks The industrys most extensive on-box data loss prevention detects structured and unstructured data to reduce data loss and enable regulatory compliance Gateway-to-gateway encryption with TLS, S/MIME, and OpenPGP included Integrated, on-box encryption for sending encrypted email to end users
CONTENT SECURITY
35
Password Authentication Biometric Authentication AES-256 Bit Hardware Encryption Virtualization Capable (PC-on-a-Stick)1 FIPS 140-2 validated Centralized management via McAfee ePO2 McAfee Anti-Malware Protection
1 Third-party software required at additional cost. 2 McAfee Encrypted USB Manager software is optional and provided for non-McAfee ePO customers and digital identity options. 36 CONTENT SECURITY
Supports software-based encryption, plus self-encrypting and solid state drives Consistent administration and policies for any mix of devices in the environment Support for hardware acceleration based on the Intel AES-NI technology Persistent encryption requires no end-user action or file renaming
CONTENT SECURITY
37
Secure, automated email archiving to McAfee data centers helps you manage your Microsoft Exchange database size and reduce your maintenance burden Unlimited in-the-cloud storage allows scalability and helps you easily comply with document retention regulations Easy online management and powerful search tools help you quickly satisfy discovery needs Flexible licensing options minimize maintenance time and capital expenditures Included technical support helps resolve any issues around the clock
38
CONTENT SECURITY
Cloud-based encryption to comply with regulations and ensure secure confidential information delivery Enables both your senders and recipients to communicate securely and easily, even when using mobile devices Policy-based (passive) or sender-initiated (active) encryption Centralized management is easy-to-use and simple to administer No encryption key management
CONTENT SECURITY
39
Real-time threat checking of inbound or outbound emails in the cloud using McAfee Global Threat Intelligence Centrally managed via the online SaaS management console Enforces corporate email policies while safeguarding users, customers, and partners Disguises your email server to thwart attacks, while we block or quarantine spam, viruses, phishing, directory harvest attacks, mail bombs, and DOS attacks
CONTENT SECURITY
40
Security-as-a-Service ensures inbound and outbound email availability and email business continuity protection even during a server outage In-the-cloud protection blocks more than 99 percent of spam and malware before it reaches your network Automatic outbound email inspections keep your business compliant with regulatory and workplace requirements Continuous email storage, access, and use Streamlines email management with a web-based portal no need for tape backups or onsite infrastructure
CONTENT SECURITY
41
An integrated Security-as-a-Service suite that eliminates the high costs of onsite hardware maintenance and investments Endpoint protection stops viruses, spyware, hackers, and intrusions and provides web security Inbound and outbound email filtering blocks spam and phishing attacks Email continuity ensures email access even when your server experiences an outage Host-based and cloud-based web filtering blocks online threats and ensures Internet compliance and productivity for users on and off the corporate network Perimeter scanning helps identify potential vulnerabilities or security issues and provides remediation assistance
42
CONTENT SECURITY
Convenient subscription replaces the up-front costs and daily expenses of on-premises security McAfee Global Threat Intelligence protects in real time Complete inbound and outbound web and email protection Reliable email access during planned and unplanned server outages Integrated web management portal speeds start-up and management Web-based dashboards allow easy monitoring, tuning, and reporting Leading anti-malware and anti-virus engines
CONTENT SECURITY
43
Instant startup, no maintenance hassle, and a predictable cost Advanced analytics and reputation services block mutating threats Rolling 60 days of email continuity protection, with options to retain email archives for one or multiple years Built-in encryption during transport and storage Leading anti-malware and anti-virus engines
44
CONTENT SECURITY
Easy to deploy with no hardware or software to buy, install, or maintain Accurate and granular filtering with more than 100 categories for flexibility Users experience secure, transparent browsing with no irritating latency Simplified 24/7 web management of policies and configurations Customizable alerts and dashboards for instant access to the data you need Enforces policies based on existing LDAP or Active Directory users
CONTENT SECURITY 45
Prevents viruses and spyware from traversing your internal network via email Protects Windows, Linux, and AIX email servers on 32- and 64-bit platforms Automatically enforces email usage and content policies Works in conjunction with McAfee email appliances to provide comprehensive email security with shared central management and quarantine
46
CONTENT SECURITY
Educates users for continuous protection against changing threats Prevents users from browsing to websites hosting malware or exploits Restricts and monitors employee web usage with superior content filtering Centralized management through McAfee ePO makes deployment, management, and reporting easy and efficient
CONTENT SECURITY
47
McAfee SmartFilter
Control and security for todays web Todays dynamic web environment offers significant opportunity for increased productivity and collaboration. However, expanded Internet use also often translates into inappropriate use of the web at work and associated productivity drains, legal liability, and significant security challenges for the enterprise. Malicious code and web-borne viruses can enter the network when users visit an infected website without users even knowing. Comprehensive web filtering powered by McAfee Global Threat Intelligence McAfee SmartFilter software enables organizations to control how the web is used and easily enforce an Internet use policy, while protecting organizations from the viruses, malware, and other security risks associated with employee or student use of the Internet. With McAfee SmartFilter, you gain control. You can understand, filter, monitor, and block Internet use to reduce legal liability, maximize employee productivity, and preserve bandwidth for business. McAfee SmartFilter achieves its control and protection through the combination of reputation and category-based filtering. It incorporates McAfee Global Threat Intelligence web reputation, enabling your company to benefit from information about content sources and risks gathered across the entire Internet. Based on known behaviors, deviations from expected behaviors, and dynamic assessment of security risks, McAfee proactively and reliably detects risky sites hosting spyware, phishing, and malware. Through the millions of URLs McAfee processes each month, McAfee SmartFilter gives you the power to block the ubiquitous security threats of todays dynamic web world. Safely enable web access in your unique working and learning environments Customizable controls with fine-grained options let you enforce Internet usage policies that match your organization: create unique policies for different users and groups, add categories, create block/allow lists, exempt certain URLs, and more. Strengths
Includes solutions optimized for business and education Predefined filtering policies for over 35 million blockable websites in more than 90 categories Simple installation, centralized management, and precision reporting Comprehensive coverage of all categories for no additional cost
48
CONTENT SECURITY
Number one rated anti-malware protection coupled with better than 99 percent spam detection Identifies and enforces policies on both structured and unstructured data McAfee Global Threat Intelligence protects against emerging threats
CONTENT SECURITY
49
Works even when data is modified, copied, pasted, compressed, or encrypted Enforces policies based on users and groups and synchronizes policies with Active Directory, Novell NDS, and PKI Encrypts files, folders, or devices without end-user action Logs every data transaction with forensic-quality, audit-ready details
50
CONTENT SECURITY
Instant, always-active threat protection from data-stealing threats Encryption and device control to prevent data loss Single, centralized management to streamline management and reporting Easy to choose, purchase, and manage the protections you need
CONTENT SECURITY
51
Proactive, layered protection on all traffic, with flexibility and scalability Applies threat intelligence including category, reputation, signatures, and proactive scanning and ends the blind spot of encrypted threats Enables expanded inbound and outbound access without worry of infection or inappropriate content
52
CONTENT SECURITY
Endpoint Security
Endpoint Security
Empower Your Mobile Workforce with the Right Balance of Protection and Access
McAfee Endpoint Security lets you meet the needs of your highly mobile workforce with ironclad security and data protectionanytime, anywhere, on any device. At the same time, you can ensure secure, seamless access to business applications and corporate data. With its intelligent security management and single management console approach, McAfee reduces complexity and minimizes the effort and operational overhead required to manage security.
System protectionObtain a comprehensive defense against todays advanced threats with the industrys first and only unified solution for endpoint security, compliance, and access control. McAfee helps you block malware, control employee web activity and network access, ensure IT standards meet compliance requirements, and integrate security management for all endpoints through a centralized console. Virtualization protectionWhether you are managing virtual desktops or deploying virtual servers, we provide innovative options to increase protection and operational efficiencies. McAfee delivers optimized security, compliance, and control with streamlined management to help ensure compliance and reduce costs, allowing you to implement new virtualization security without affecting your existing infrastructure or system performance. Mobile protectionAs more personal and mobile devices are used for business-related purposes, their sophistication and diversity present new challenges to IT. As you provide content to these mobile devices, you can protect and manage them, too. McAfee mobile protection solutions defend against emerging mobile threats and deliver secure and scalable device management and provisioning. User access controlMcAfee Network Access Control (NAC) links endpoint and network security with access control and compliance, centrally managed by McAfee ePolicy Orchestrator. McAfee NAC allows administrators to easily deploy and tailor access controls, resulting in increased security, fewer errors, and network control unmatched in the industry.
56 77 63 64 79 78 80 65 57 72
73 58 59 60 61 62 66 67 68 69 70 71 74 75 76 76 81 82 83 84 85 86
Single integrated management on site DATA PROTECTION Full-disk encryption File and folder encryption Device control Data loss prevention for endpoint DESKTOP AND SERVER PROTECTION Anti-virus Anti-spyware Real-time anti-malware Host intrusion prevention for desktop Host intrusion prevention for server Application blocking Multi-platform support Desktop firewall Safe surfing with site blocking Network access control Anti-malware (offline virtual images) Web filtering (host) WEB GATEWAY SECURITY Anti-malware Safe surfing URL filtering EMAIL GATEWAY SECURITY Anti-malware Anti-spam Content filtering EMAIL SERVER SECURITY Anti-malware Anti-spam Content filtering RISK AND COMPLIANCE Agentless policy & vulnerability auditing Agent-based policy auditing Change policy enforcement Integrity monitoring Application whitelisting
56
ENDPOINT SECURITY
ENDPOINT SECURITY
57
Ensures only trusted applications run on servers and endpoints Trust model and dynamic whitelists save administration time and overhead Comprehensive code protection preserves integrity of critical systems Enhanced visibility into vulnerability shielding via Risk Advisor integration Extends lifespan of legacy systems
58
ENDPOINT SECURITY
McAfee E-Business Client McAfee E-Business Server for OS/390 McAfee E-Business Server Native APIs McAfee E-Business Server Partner Edition
ENDPOINT SECURITY
59
Fine grained device definitions Content and context-aware protection Centralized policy deployment and management with McAfee ePO Easy upgrade to McAfee Host Data Loss Prevention Visibility, control, and user- and device-level logging to support compliance
60
ENDPOINT SECURITY
Password Authentication Biometric Authentication AES-256 Bit Hardware Encryption Virtualization Capable (PC-on-a-Stick) FIPS 140-2 validated Centralized management via McAfee ePO McAfee Anti-Malware Protection
2 1
1 Third-party software required at additional cost. 2 McAfee Encrypted USB Manager software is optional and provided for non-McAfee ePO customers and digital identity options. ENDPOINT SECURITY 61
Supports software-based encryption, plus self-encrypting and solid state drives Consistent administration and policies for any mix of devices in the environment Support for hardware acceleration based on the Intel AES-NI technology Persistent encryption requires no end-user action or file renaming
62
ENDPOINT SECURITY
Single integrated management Device control Host IPS and desktop firewall Anti-malware Anti-spam Safe surf and search Host web filtering Email server security Network access control Policy auditing
Instant visibility into security status and events, efficient control of security and compliance tools Keeps confidential data from leaving the company Zero-day protection against new vulnerabilities, reduced urgency to patch, stops network-borne attacks Blocks code that steals data and sabotages user productivity Improves productivity and limits phishing and malware Helps ensure compliance and reduce risk from web surfing Controls users surfing on or off the corporate network Intercepts malware before it reaches the user inbox Limits malware infections by blocking noncompliant systems Streamlined compliance reporting for HIPAA, PCI, and more
ENDPOINT SECURITY
63
Single integrated management Device control Desktop firewall Anti-malware Anti-spam Email server security Safe surf and search
Instant visibility into security status and events, efficient control of security and compliance tools Keeps confidential data from leaving the company Prevents network-based attacks and allows only legitimate network traffic Blocks code that steals data and sabotages user productivity Improves productivity and limits employee exposure to phishing and malware Intercepts malware before it reaches the user inbox Helps ensure compliance and reduce risk from web surfing
64
ENDPOINT SECURITY
Proven anti-virus, anti-spyware, application lockdown, and desktop firewall Fast and reliable scanning preserves system performance Familiar, intuitive Mac OS X Aqua interface Supports Mac OS X 10.6 (Snow leopard), 10.5 (Leopard), and 10.4 (Tiger)
ENDPOINT SECURITY
65
Scales to let you manage thousands of users and tens of thousands of devices Enables device choice, including access from personally-owned devices Reduces costs with centralized management, over-the-air provisioning of policies and updates, and automation throughout the device lifecycle
66
ENDPOINT SECURITY
ENDPOINT SECURITY
67
Always-on, real-time protection without interrupting connections Inline cleaning automatically removes infections to maintain device health Designed specifically for mobile threats with a minimal device footprint Regular over-the-air signature updates and alerts if an update fails or a device becomes infected Reduces risk of sensitive data loss that can mean compliance violations
68
ENDPOINT SECURITY
Removes common hindrances of implementing security in virtualized environments Decouples security management from operations Provides robust security policy and reporting adaptable enough for virtualization deployments
ENDPOINT SECURITY 69
McAfee NAC Software supports managed users and offers employee endpoint health assessment both pre- and post-admission McAfee NAC Appliance controls guest and contractor access with a network-based approach and offers identity and application-based network access control McAfee NAC Module for McAfee Network Security Platform adds the functionality of the NAC Appliance to an existing Network Security Platform to incorporate intrusion prevention in network access control decisions
St
ep
licy Po 1:
Ste p2 :D i
Scans for rogue devices, alerts, and reports
er ov sc
Ste
p 4: R e m e diate
70
ENDPOINT SECURITY
St
ep
3:
Enf
orce
ni St e p 5: M o
to
r
Fast, automated import of industry benchmarks through SCAP standard Real-time audit model and blackout window reduce business disruption Automation saves hours and days of tedious tasks Builds confidence with external auditors Enables organizations to prove compliance consistently
ENDPOINT SECURITY
71
72
ENDPOINT SECURITY
An integrated Security-as-a-Service suite that eliminates the high costs of onsite hardware maintenance and investments Endpoint protection stops viruses, spyware, hackers, and intrusions and provides web security Inbound and outbound email filtering blocks spam and phishing attacks Email continuity ensures email access even when your server experiences an outage Host-based and cloud-based web filtering blocks online threats and ensures Internet compliance and productivity for users on and off the corporate network Perimeter scanning helps identify potential vulnerabilities or security issues and provides remediation assistance
ENDPOINT SECURITY
73
Prevents viruses and spyware from traversing your internal network via email Protects Windows, Linux, and AIX email servers on 32- and 64-bit platforms Automatically enforces email usage and content policies Works in conjunction with McAfee email appliances to provide comprehensive email security with shared central management and quarantine
74
ENDPOINT SECURITY
Advanced anti-virus technology Effective content filtering Centralized management and reporting Preset content rules Microsoft VSAPI support Automatic updating Enhanced quarantine management
ENDPOINT SECURITY
75
Educates users for continuous protection against changing threats Prevents users from browsing to websites hosting malware or exploits Restricts and monitors employee web usage with superior content filtering Centralized management through McAfee ePO makes deployment, management, and reporting easy and efficient
76
ENDPOINT SECURITY
Single integrated management Encryption Device control Host IPS and desktop firewall Anti-malware Anti-spam Safe surf and search Host web filtering Email server security Network access control Policy auditing Multiplatform
Instant visibility into security status and events, efficient control of security and compliance tools Safeguards data and minimizes compliance issues Keeps confidential data from leaving the company Zero-day protection against new vulnerabilities, reduced urgency to patch, stops network-borne attacks Blocks code that steals data and sabotages user productivity Improves productivity and limits phishing and malware Helps ensure compliance and reduce risk from web surfing Controls users surfing on or off the corporate network Intercepts malware before it reaches the user inbox Limits malware infections by blocking noncompliant systems Streamlines checks and compliance reporting Protects the full range of endpoints required by mobile and knowledge workers
ENDPOINT SECURITY
77
Works even when data is modified, copied, pasted, compressed, or encrypted Enforces policies based on users and groups and synchronizes policies with Active Directory, Novell NDS, and PKI Encrypts files, folders, or devices without end-user action Logs every data transaction with forensic-quality, audit-ready details
78
ENDPOINT SECURITY
Instant, always-active threat protection from data-stealing threats Encryption and device control to prevent data loss Single, centralized management to streamline management and reporting Easy to choose, purchase, and manage the protections you need
ENDPOINT SECURITY
79
Whitelisting and on-demand scanning for maximum protection Prevents execution of all unauthorized code, scripts, and DLLs Defends against memory exploits with memory protection and in-memory scanning Low overhead components minimize CPU impact Simple setup and low initial and ongoing operational overhead Administrators with physical or remote access to the machine cannot override protection
80
ENDPOINT SECURITY
Powered by global threat intelligence across all key threat vectors Cannot be disabled by hackers, malware, or fake anti-virus Centrally managed, monitored, and reported on through McAfee ePO Defends against threats that target Microsoft especially Windows services, Word, Excel, Explorer, Outlook, and SQL Server Can replace existing anti-virus products remotely, automatically, and with no reboot required in most cases
ENDPOINT SECURITY
81
Continuous, on-access scanning, including heuristic scanning to identify and block new variants and unknown threats without the need to patch Archive scanning to discover and block viruses hidden within archived files Automatic updating without system reboots Cross-platform protection to block Windows malware Kernel module versioning for on-access scanning on new kernels without having to recompile modules
82
ENDPOINT SECURITY
Updates McAfee .DAT signature files without bringing the VM online Integrated with VMwares VMsafe integration tools for optimal performance and security Facilitates real-time disaster recovery by securing offline virtual machines at secondary sites Reduces migration issues with one solution for VMware, Microsoft, and Citrix environments
ENDPOINT SECURITY
83
Continuous, on-access scanning blocks viruses before they are stored and prevents script-type threats, spyware, and unwanted programs One management platform Automatic updates of .DAT files and scanning engines Rapid notification of alerts Works with NetApp filers and Sun Storage devices Enterprise-ready multi-scanner to multi-filer configurations Backed by the 24/7 global research team at McAfee Labs
84
ENDPOINT SECURITY
Real-time (on-access) scanning of any file uploaded or modified in the environment Flexible deployment: standalone or virtual machine SAP certified integration partner Backed by 24/7 global threat intelligence from McAfee Labs
ENDPOINT SECURITY
85
Familiar Apple Mac OS X Aqua user interface Fast on-access or convenient on-demand and full-disk scanning Automatic or on-demand one-click updating Universal deployment on either Intel-based or Power PC-based Macintosh systems Kept up to date with 24/7 global threat intelligence from McAfee Labs Centralized management and visibility across Mac, Windows, and Linux clients Supports Mac OS X 10.6 (Snow Leopard), 10.5 (Leopard), and 10.4 (Tiger) Also available as part of comprehensive protection in the McAfee Endpoint Protection for Mac suite
86
ENDPOINT SECURITY
Security Management
Security Management
Consolidated managementMcAfee ePolicy Orchestrator is the only enterprise-class, open platform to centrally manage security for systems, networks, data, and compliance. With end-to-end visibility and powerful automation, McAfee slashes incident response times, strengthens protection, and drives down the cost of managing security. Risk managementYour organization can fully understand its risk posture across every meaningful sector of your IT environment, including databases, web applications, systems, and networks. Armed with this new visibility, you can optimize security, mitigate risk, and prioritize security efforts while eliminating manual threat correlation processes. ComplianceMcAfee solutions automate compliance reporting and elevate your organizations adherence to industry standardsincluding PCI, SOX, and HIPAAwhile lowering costs and reducing audit overhead. Through built-in integration with our centralized management console, you can secure continuous integrity monitoring, create and enforce change policies, and easily incorporate revised standards.
SECURITY MANAGEMENT
89
Real-time visibility and alerting across servers, databases, and network devices Instant file integrity monitoring lets you quickly identify where policies are being challenged Prevents unauthorized changes, violations, and outages before they occur Eliminates costly manual efforts to track and account for changes Easily integrates with change management, data center automation, and configuration management database solutions
90
SECURITY MANAGEMENT
Reconciles actual changes to approved, ticketed change requests Automatically creates new tickets for unticketed changes Creates tickets for changes made to staging environment, reconciles the ticket with production environment changes, and offers exception reporting
SECURITY MANAGEMENT
91
Controls integrity of your systems with continuous tracking and alerting of events that could compromise security or lead to noncompliance Enforces a centralized or enterprise change policy so that only validated, authorized changes are executed Minimizes risk by controlling system change and configurations to ensure the highest level of security, reliability, and compliance Leverages your investment in McAfee ePolicy Orchestrator and other enterprise software
92
SECURITY MANAGEMENT
Protects unpatched databases against zero-day attacks Real-time monitoring alerts can spark immediate response Intrusion prevention terminates suspicious sessions and quarantines malicious users, allowing time for the security team to investigate Monitors threats from all sources, including network and application users, local privileged accounts, and attacks from within the database itself
SECURITY MANAGEMENT
93
McAfee ePO eases agent deployment, management, and reporting Provides data about every change, including the user and program used Transparent operational footprint suits compact, fixed-function systems Eases compliance with PCI regulations
SECURITY MANAGEMENT 95
Deploys on the IT infrastructure you prefer: installed non-intrusively on physical servers, provisioned along with the database on virtual machines, or deployed remotely on cloud servers Minimizes risk and liability with real-time notification of any configuration changes that affect security Tracks activities such as logons, logoffs, user/role creations, password changes, and more, and monitors database schema changes and data changes Centralized deployment and management through McAfee ePO Low overhead operation allows you to monitor comprehensively, without an impact on performance
96
SECURITY MANAGEMENT
Easy-to-use Software-as-a-Service Self-assessment questionnaire selection wizard and unlimited technical support Automatic quarterly scans help you continue to demonstrate compliance Quarterly and on-demand scanning includes dynamic port scanning, port-level network services vulnerability testing, and web application vulnerability testing Generates PCI compliance reports that are ready to submit
SECURITY MANAGEMENT
97
Fast, automated import of industry benchmarks through SCAP standard Real-time audit model and blackout window reduce business disruption Automation saves hours and days of tedious tasks Builds confidence with external auditors Enables organizations to prove compliance consistently
98
SECURITY MANAGEMENT
Replaces manual tasks with real-time risk assessment to focus efforts on at-risk assets Reduces the cost and time associated with patching Demonstrates measurable ROI for existing security products Leverages centralized dashboard and integrated, real-time threat updates to improve situational awareness
SECURITY MANAGEMENT
99
Accurate risk analysis and prioritization shrink the noncompliance window Deep policy assessments on hosts, plus network audits of policy settings for account, file, network, and system access Assessments and reports for SOX, FDCC, FISMA, HIPAA, PCI DSS, and more
SECURITY MANAGEMENT
100
Software-as-a-Service delivery model cuts start-up time and eliminates costs Accurate, customizable daily audits for latest web application and network perimeter vulnerabilities Includes technical and PCI DSS compliance support to ensure the resources you need to certify your PCI DSS compliance Continual benchmarks of your real-time security against the PCI and McAfee SECURE standards, with meaningful reports to guide action Lets you promote your trustworthy status with the McAfee SECURE trustmark
SECURITY MANAGEMENT 101
Ultimate flexibility in reporting, scanning, and deployment, including air-gapped networks Unmatched scalability, vulnerability coverage, and scanning accuracy Unrivaled data integration with homegrown and third party applications Unprecedented response to threats via McAfee Global Threat Intelligence Unique capability to prove assets Not Vulnerable to threats
102
SECURITY MANAGEMENT
Performs more than 3,000 checks, reporting on criteria such as version/ patch level, changed objects, modified privileges, and forensic traces Provides practical remedy advice and solutions Tests and reports on real issues, rather than generating long, cryptic reports Creates outputs based on stakeholder needs to suit audiences including DBAs, developers, and IT security
SECURITY MANAGEMENT
103
104
SECURITY MANAGEMENT
McAfee Corporate SupportDefine your own technical support experience with our la carte software and hardware support programs. See the comparison chart in this section for details. McAfee Solution ServicesRealize the full value of your McAfee solutions. We help you assess, design, implement, and optimize your securityall based on best practices and tools that ensure comprehensive protection, minimize risk, and maximize your return on investment. McAfee UniversityLearn the real-world skills you need to effectively fight todays attacks and tomorrows threats. McAfee University combines hands-on experience with expert instruction so you can get the most from your McAfee security products. Foundstone Professional Services, a division of McAfee Build a strong foundation for long-term security. Drawing from our deep and broad experience, our experts address security issues from both a business and technology perspective to deliver measurable protection for your business. Foundstone EducationGive your in-house security team the tools and methodologies they need to defend your business. Foundstone combines interactive classroom demonstrations with hands-on labs. You leave armed with a real-world understanding of how to address critical security issues.
Daily product updates for the latest threats Product upgrades Alerts and remediation actions on the latest threats Analysis on latest malware trends Online product evaluation environments Video and best practice guides Automated issue analysis and remediation tools Direct access to McAfee experts regardless of problem severity Unlimited access to support
107
108
FEATURES AND OFFERINGS Daily product updates (such as .DATs, engines) Product upgrades Malware alerts with remediation analysis Malware analysis service Malware trend podcasts and blogs Chat, web, and phone support with remote desktop control 24/7 phone support (normally under 5 minutes to expert) Automatic diagnostic and remediation tools Best practice videos and guides Online product test environments Product Specialists Direct Access to Specialists for all your products Enhanced escalation strategy Enhanced SMS alerting services Authorized contacts Assigned Support Account Manager Product planning and protection analysis Regular case and business reviews Risk assessments Technical onsite visits Emergency onsite assistance Global Account Management Scheduled calls with McAfee Labs and Product Management
10
25
20
Resident Resident
Up to 2
Resident Resident
109
Custom services Standard engagements Express packages Security Quickstarts for midsize businesses
For more information on these tailored engagements, please contact McAfee Solution Services: www.mcafee.com/us/services/ solution-services.
110
McAfee University
Expert instruction for McAfee security products Learn the real world skills you need to effectively fight todays attacks and tomorrows threats. McAfee University combines hands-on experience with expert instruction, so that you can get the most from your McAfee security products. McAfee University has both online and traditional classroom training programs to suit the needs of any size business. McAfee classroom training McAfee University provides onsite, instructor-led training allowing for a practical, hands-on experience that maximizes the value of your investment in McAfee solutions. McAfee provides this training around the globe, either as public classes where any student may register and attend, or as private classes given to individual organizations. For more information visit www.mcafeeuniversity.com. McAfee University online training Experience classroom-level training without the need to travel, through McAfee University Online courses. McAfee hosts streaming video and online virtual environments that you launch on demand to fit your schedule. This convenient approach saves time and travel costs while providing the training you need. A wide range of courses is available at the click of a mouse. Visit the online course catalog at www.mcafee.com/university_online. McAfee customer certification program Demonstrate your knowledge and experience on key McAfee products and McAfee Foundstone penetration testing skills by becoming a McAfee Certified Product Specialist or a McAfee Certified Assessment Specialist. Get certified now and help your company stay secure from the latest threats, while increasing your knowledge and expanding your career opportunities. The process is simple. The McAfee Security Certification Program allows you to select a certification track based on either McAfee products (McAfee Certified Product Specialist) or a McAfee Foundstone penetration testing skill area (McAfee Certified Assessment Specialist), in a variety of security-related categories. Graduates of appropriate McAfee or Foundstone courses and other qualified candidates can test at any of 5,000 global testing locations. For more information, email the McAfee Security Certification Program at certification@mcafee.com.
For more information, contact your McAfee salesperson or email McAfee Training at education@mcafee.com
111
Compliance Get help meeting ongoing compliance requirements or building policies and procedures to meet evolving regulations Health checks We evaluate your security status to pinpoint strengths, diagnose weaknesses, and recommend a strategic security road map Data loss prevention (DLP) Your program can begin with discovery, policy, and procedure development and continue full leverage of tools Incident response and forensics Our experts can respond quickly to a security breach, minimizing damage and downtime due to an attack. Our Advanced Persistent Threat (APT) health checks can ensure you have not been compromised by these targeted attacks. Program development We help build policies and processes that tackle network and application vulnerabilities and educate employees enterprise-wide about information security
Technology consulting We can detail the immediate threats across your enterprise and recommend appropriate responses without a deluge of irrelevant data. Methodical tests and analysis help guide and optimize security investments.
Infrastructure assessments We identify vulnerabilities and defend areas that present the greatest risk to your business. Foundstone expertise spans from penetration testing to modems, VoIP, and wireless tests. Software and application security services Threat modeling, code review, and application penetration testing can identify software security problems in the early stages of development when they cost the least to fix. We also bring extensive experience testing devices ranging from mobile phones to tablets, as well as the apps that run on them.
112
Foundstone Education
Build the knowledge for effective defenses Foundstone provides a comprehensive security training curriculum designed to meet the needs of individuals, Fortune 1000 companies, academic institutions, and government organizations. Courses cover topics such as software security, network security, incident response, and forensics.
Ultimate Hacking seriesIncludesUltimateHacking,UltimateHacking: Web,UltimateHacking:Wireless,UltimateHacking:Windows,andUltimate Hacking:Expert.Thesehands-oncoursesservethegoalsofserioussecurity practitionersineitheroffensiveordefensiveroles. Software Security seriesIncludesSoftwareSecurityEssentials,Building SecureSoftware,andWritingSecureCode(availableinC/C++,.NET,and Java).Theseclasseswillteachanyoneinvolvedinthesoftwaredevelopment lifecyclehowtowritesecurecodeandareavailableinprogramming language-agnosticorlanguage-specificversions. In-depth, subject-specific classesFoundstonealsooffersclasses inForensicsandIncidentResponse,aswellascustomizedclassestofit yourneeds
All Foundstone courses combine interactive classroom demonstrations with hand-on lab exercises to reinforce critical security issues with real-world scenarios. This immersive experience arms students with the tools and methodologies to proactively defend against the latest security threats. Our instructors Some of the worlds foremost network security experts and developers of market-leading security technology teach Foundstone education and training courses. Instructors are noted experts, activists, advisors, and influencers on topics of national security, cryptography, privacy, Critical Infrastructure Protection, and Homeland Security issues, measures, and legislation. They have a broad range of expertise through work with leading IT and financial services companies and government agencies and are featured speakers at industry conferences. For more information, visit www.foundstone.com/us/education-overview.asp.
113
114
McAfee Alliances
In todays world of sophisticated malware, targeted threats, and multistage attacks, security needs to be smarter, and it needs to be everywhere. Through alliances with the most relevant leaders in IT, McAfee security is being woven into the fabric of computing.
Alliances
McAfee Global AlliancesIndustry-shaping relationships ensure McAfee can help you take advantage of changing market dynamics and the rapid evolution at every technology layer from silicon to satellite McAfee Security Innovation Alliance (SIA)This partner ecosystem uses cross-product integrations to maximize the value of your existing investments, reduce time to resolution, and lower costs; the McAfee Compatible symbol tells you a partners solution is integrated, tested, and ready to deploy with McAfee technology McAfee ConnectedWhen you purchase products and services that meet the McAfee Connected specifications, you can reduce testing costs, simplify deployments, and increase overall confidence in your purchase decision McAfee OEM AlliancesMcAfee expertise is at your service, placing industry-leading McAfee protection in a broad spectrum of existing and emerging products for endpoints, servers, data, and the network
Our technology footprint enables sensors at every layer of the technology stack to communicate, share intelligence, and secure your entire enterprise.
Alliances
Cloud Computing McAfee works with leading telecommunication companies and service providers to deliver the industrys broadest range of SaaS security solutions, including email, web, and endpoint security. Partners choose between a hosted delivery model managed fully by the partner, a co-located delivery model managed in partnership with McAfee, or a fully managed delivery model where McAfee manages the entire process. Through these high-value security services, partners are able to extend additional value to customers and prospects very quickly and affordably.
McAfee alliances help you implement advanced technologies to meet emerging security needs.
IO
ut
rc ou
in g
MS SP
IT Con sum eri za ti
on
er s
e Manufactur
G LO B
AL
TH
REAT INTEL
it y
Se
r cu
Co n te
LIG
co Tel
Net
CE EN urit y Sec
mmunications / ISP
ng worki
nt
Network
Security Management
twar
nd
S of
io n
p oi
nt Secu
rit
y
at
R AT
EGIC F O C
US
Vi
ua
rt
liz
Cl
ou
ST
PC
an
M o b ilit y
uf
ac t
ure
rs
Sem
ico
u nd
ct
or
ALLIANCES
117
Data Protection and IT Compliance In a business world where efficiency is everything, it no longer makes sense to see systems management and data security as separate endeavors. Instead, top systems management vendors and their customers are working with McAfee to build a bridge between systems and security. A systems integration partner, for example, might deliver IT operations solutions that include configuration and patch management and use the McAfee expertise and open architecture to make full-spectrum data protection an integral part of operations. IT Consumerization With new devices and applications that enable employees to be more productive, and the acceptance of a virtual office work environment, the line between enterprise and personal has become blurred. McAfee solutions coupled with our alliance partner offerings enable companies to adhere to their corporate compliance policies, yet enable the flexibility that their employees desire. Mobility As you give mobile users access to sensitive data and applications, McAfee mobility partners can help you secure your mobile workforce, ensure persistent policies and configurations, and deliver automatic and real-time compliance management. Turn to them for help conquering mobile enterprise challenges: user expectations of convenience, productivity, and privacy; the array of devices and network configurations that require support; and the risks associated with allowing these devices on your corporate network. Networking The worlds leading network equipment vendors work with McAfee so you can rest assured that your networking equipment has been tested and qualified for the highest level of security in a proven environment. We offer three levels of integration, from interoperability testing and certification of combined products to bundled networking and security solutions to embedded best-of-breed security solutions built directly into the network equipment architecture. Unified Communications McAfee helps unified communication partners address the growing need for enhanced security to protect the telepresence environment. These strong protections can also help IT managers in regulated industries from healthcare to financial services to lessen the burden of meeting compliance and reporting requirements. Virtualization McAfee helps virtualization partners offer you the benefits of virtualization with complete, scalable security. McAfee MOVE provides a common way to develop across the hypervisor vendors, offload resource-intensive actions from the individual virtual machines, and optimize scheduling of these actions based on the state of the hypervisor. McAfee MOVE AV enables virus scanning to protect online and offline VMs. Other McAfee security products protect VM server farms, secure virtualized desktops, assess vulnerabilities, and identify risks as soon as they arise.
118
ALLIANCES
Adobe Adobe revolutionizes how the world engages with ideas and information anytime, anywhere, and through any medium. McAfee and Adobe have a global alliance to jointly deliver new solutions that will offer more comprehensive security and allow customers to expand the reach of data protection beyond the enterprise boundaries. Together, we offer a joint solution that combines McAfee Data Loss Preventions (DLP) automated discovery of sensitive data with Adobe LiveCycle Rights Managements persistent enforcement of sensitive data anywhere, anytime. This solution will help automate data protection for customers by applying a LiveCycle Rights Management policy (DRM) to documents that have been determined to be highly sensitive by the McAfee DLP classification system.
AT&T AT&T and McAfee have created a strategic partnership that allows both companies to utilize and benefit from each others leading technologies and services in order to deliver advanced security and application solutions with superior ease-of-use, protection, and cost-effectiveness to meet customers challenging business demands. AT&T is providing McAfee with state-of-the-art Global IP networking solutions, enabling McAfee to deliver security solutions and updates to its customers with scalability, reliability, and intelligence. McAfee is providing AT&T with advanced global threat intelligence technologies that help protect customers against the latest threats, enabling AT&T to offer innovative managed security solutions that do not require customers capital investment in management, maintenance, or infrastructure.
ALLIANCES
119
BMC BMC and McAfee have joined forces to build the industrys first truly enterpriseready solution for automated policy compliance, spanning software, patches, service packs (for Microsoft Windows), power settings, configuration settings, remediation of vulnerabilities, and security policy. The integrated solution combines best-in-class technology from McAfee, through McAfee Policy Auditor, coupled with BMCs proven client management technology: BMC BladeLogic Client Automation.
Brocade The McAfee and Brocade partnership provides an industry-leading networking and threat protection solution for business-critical enterprise environments. Proven to protect against known and emerging threats while meeting compliance and reporting objectives, a Brocade and McAfee solution delivers end-to-end assurance for enterprise networking and security. Brocade and McAfee have collaborated on a set of jointly designed, interoperable, integrated solutions developed specifically to address the networking security needs of enterprise customers from the edge to the core of the data center. These solutions integrate McAfee Firewall Enterprise, McAfee Network Access Control, and McAfee Network Security Platform (IPS) into Brocades network infrastructure equipment and management platform. Together, Brocade and McAfee provide an industry-leading networking and threat-protection solution for business-critical enterprise environments.
Citrix Citrix and McAfee have partnered to provide business continuity and regulatory compliance solutions with software created for securing data and applications via centralized IT management. The Citrix Ready program identifies trusted, third-party solutions that add the greatest value in the Citrix Delivery Center infrastructure. As a member of the Citrix Ready program, McAfee makes it easy for customers to identify complementary security products and solutions that can enhance their Citrix environments. Customers can be confident that McAfee system security and vulnerability management products have successfully passed a series of tests established by Citrix and can be trusted to work effectively with XenApp and XenDesktop. Citrix and McAfee collaborated on McAfee MOVE AntiVirus for VDI-based virtual desktops that centralizes all virus scanning and virus signature file updates, offloading processing-intensive actions from the individual VMs.
120
ALLIANCES
Cognizant Technology Solutions Cognizant and McAfee have partnered to provide enterprises the ability to optimize their security and compliance controls while reducing operational effort and costs. Cognizants Digital Security Practice provides services for an end-to-end Data Loss Prevention (DLP) solution deployment within an enterprise. This includes a phase-wise approach for assessment and policy definition, product implementation, and DLP policy monitoring service. The McAfee integrated data protection suite allows Cognizant to provide complete data protection for an organization, integrating DLP into encryption, authentication, and policy-based security controls within the enterprise, thus ensuring comprehensive protection based on a suite of products, rather than integrating point solutions. McAfee Governance, Risk, and Compliance (GRC) solutions allow Cognizant to holistically look into the compliance posture of an organization and recommend suitable controls to address gaps at an enterprise risk management level. The suite of solutions helps our customers by speeding implementation and response times.
CrossBeam Systems, Inc. McAfee and Crossbeam have partnered to deliver the most scalable applicationaware firewall in the industry. Designed to help large enterprises optimize and consolidate their security infrastructure, the combined solution, McAfee Firewall Enterprise for Crossbeam, features the McAfee next-generation firewall on the industry-proven Crossbeam X-Series security platform. The X-Series offers an open, high-performance architecture that easily provisions and scales multiple best-in-class security applications to meet the evolving threat landscape. McAfee Firewall Enterprise for Crossbeam delivers carrier-class security performance with scalability up to 40Gbps of real-world inspected traffic throughput as well as self-healing redundancy. The combined solution reduces the cost and complexity of security infrastructure by consolidating networking and security into one platform.
ALLIANCES
121
Dell Dell is a market leading system and services provider whose unique relationships with its customers provide a competitive advantage in the market. Dells breadth of products and solutions provide customers a total offering to their computer needs. McAfee and Dell partner together across all markets from innovative offerings geared to the consumer, to security protection capabilities for small and medium business, enterprise, and the public sector. The McAfee and Dell partnership provides customers the highest level of protection and cost efficiency. In the consumer line of PC products, we offer McAfee Security Center, which allows customers to have constant threat protection on their PCs or workstations. Together, McAfee and Dell empower customers to experience the web more safely, protect data, prevent disruptions, and continuously monitor and improve their security.
HP HP and McAfee work together to help organizations get ahead of evolving threats and stay ahead by securing more effectively and efficiently. As a team, weve applied enterprise expertise and broad security leadership to track down and eliminate the sources of IT risk, cost, and complexity. HP and McAfee offer integrated service delivery, integrated products, integrated management, and integrated reporting. The partnership directly connects the proven HP Converged Infrastructure, including the HP Secure Advantage security portfolio of products and services, to critical McAfee and third party security and compliance processes. By combining HP technologies and services with McAfee, enterprises gain end-to-end solutions that do a better job of addressing critical security challenges, improve risk management, and ease the path to compliance.
Intel McAfee works with Intels technology in many key areas: data protection technologies, security management, and system optimization. Intel is a leading technology platform company that develops advanced integrated digital technology platforms for the computing and communications industries. Intel offers products at various levels of integration, providing its customers and partners the flexibility to create advanced computing and communications systems and products. Intels products include chips, boards, software, and semiconductor components that are the building blocks integral to computers, servers, and networking and communications products.
122
ALLIANCES
Polycom Polycom and McAfee have partnered to jointly develop and deliver Secure Unified Communications and Collaboration. With security threats on the rise, Polycom and McAfee are taking a proactive approach to further enhance the security features of Polycoms video, telepresence, and infrastructure solutions. Polycom plans to design solutions that feature McAfee threat protection, shielding Polycom telepresence users, from the desktop to the fully immersive suite, from potential and increasingly sophisticated security threats while making it easier to comply with privacy and confidentiality mandates.
Riverbed McAfee and Riverbed have partnered to deliver best-of-breed WAN optimization and branch office security on a single device. The McAfee Web Gateway Virtual Appliance and the Firewall Enterprise Virtual Appliance solutions can run on the Riverbed Services Platform that resides within the Riverbed Steelhead Appliance. The McAfee Firewall for Riverbed delivers best of breed, next-generation firewall capabilities including application and identity policy control, VPN, web filtering, encrypted filtering, and McAfee Global Threat Intelligence. The McAfee Web Gateway for Riverbed provides market-leading Web 2.0 security including inbound and outbound advanced web filtering, anti-malware, anti-virus, SSL scanning, and McAfee Global Threat Intelligence. With these joint solutions, customers minimize the hardware infrastructure footprint at the branch office and reduce operational overhead.
Verizon Verizon Business and McAfee have formed a global strategic alliance to provide integrated security solutions to businesses and government agencies worldwide. Together, McAfee and Verizon Business now offer a comprehensive portfolio of managed security services (MSS) to enterprises, leveraging the strength of Verizon Business MSS offerings and McAfee technology. Verizon Business also offers the full complement of McAfee enterprise security solutions to its diverse client base through Verizons customer premises equipment catalog.
ALLIANCES
123
VMware McAfee and VMware work together to help organizations secure their virtualized data centers and cloud infrastructures. These efforts include supporting VMware security technologies such as vShield, developing products such as McAfee MOVE AV that address specific virtualization security challenges, and ensuring McAfee products are compatible with VMware platforms. By working together, VMware and McAfee are helping customers reduce capital and operating expenses, ensure business continuity, strengthen security, and go green.
124
ALLIANCES
Accelerates the development of interoperable security products Simplifies the integration of these products into complex customer environments Delivers solutions to maximize the value of existing investments, reduce time to problem resolution, and lower operational costs
Innovative integrations built on customer-driven use cases improve threat visibility and create powerful new security behaviors and workflows. For example, an SIA partner might link its real-time monitoring and threat detection with McAfee incident response and compliance reporting.
With over 100 vendors in various stages of integration, SIA has become the security industrys premier technology partnering program.
Leaders leverage our extensible platform While many SIA partners integrate with McAfee ePO, the broad McAfee portfolio allows efficiencies and leverage at other integration points, such as McAfee Encrypted USB, McAfee Firewall Enterprise, and McAfee Vulnerability Manager. McAfee provides developer support and then performs compatibility testing. Validated SIA partner solutions receive the McAfee Compatible logo.
ALLIANCES
125
ASSOCIATE PARTNERS
TECHNOLOGY PARTNERS
Security Event and Log Management Bridge security monitoring and incident response Reduce costs by faster time to problem resolution Simplify compliance lifecycle Application and Database Security Manage application security risk Protect applications against tampering Secure databases against internal and external threats Theft and Forensics Augment incident response with powerful forensics Extend endpoint security to track and recover stolen laptops Investigate employees suspected of wrongdoing Risk and Compliance Measure enterprise-wide risk, consolidate reporting Mitigate risk through targeted policies and controls Track compliance with security metrics and scorecards
HP Q1 Labs
ArcSight eIQnetworks LogLogic LogRhythm NitroSecurity SenSage Application Security, Inc. Arxan Guardium Secerno Absolute Software AccessData HBGary
Sentrigo
Archer Technologies Courion Cyber-Ark Lieberman Software NetWitness NSSPlus OpenPages Overtis Quest Software Rev2 Networks SignaCert Tiversa
126
ALLIANCES
ASSOCIATE PARTNERS
TECHNOLOGY PARTNERS
Authentication and Encryption Prevent unauthorized access to sensitive data Reduce risk through strong authentication Support a range of smart cards and biometric options
2e2 Assured Information Security Athena Authenex Avtor Buypass AS Buysec Ceedo Chicony CryptoTech DigitalPersona Hitachi Key Ovation PreciseBiometrics Sagem Orga Spyrus SUNZone SyferLock Toshiba America Information Systems Validity Novell
Actividentity AET Aladdin Alcatel-Lucent Charismathics Gemalto HID Global Key Tronic Kobil Luxtrust Oberthur Passfaces SCM Vasco UPEK ZF Electronics
Single Sign-On Secure and seamless single sign-on experience to applications and other resources Secures information access at the point of initial system boot Eliminates multiple passwords Other Security, IT, and Services Centrally protect both physical and virtual infrastructure Track location and events for wireless assets Reduce PC power consumption without compromising security Coordinate data loss prevention with digital vaulting Turnkey integration services for McAfee customers
1E Altor Networks Autonomic Software DG Technology ForeScout Intrinsic SEP Software Sipera Systems StillSecure
ALLIANCES
127
Absolute Identification Absolute ID is an innovative provider of data-centric protection products and services. Absolute ID has integrated its Virtual System on a Stick (ViSoS) with McAfee encrypted USB drives. By combining ViSoS with any standards-based network, users now have the ability to securely collaborate with colleagues, business partners, and supply chains and with the controlled distribution mechanisms inherent in Absolute IDs ViSoS solution, and to distribute digital data without the risk of piracy or theft.
Absolute Software Corporation Absolute Software provides subscription-based computer theft recovery, IT asset management, and remote data delete solutions for organizations and consumers. Absolutes McAfee ePO plug-in deploys Computrace agents on McAfee ePO-managed assets and delivers periodic summary reports from these assets into McAfee ePO dashboards. Based on Computrace agent call patterns, these reports help IT asset managers track, identify, and recover stolen laptops and other mobile devices.
AccessData AccessData, a pioneer in the digital forensics industry, provides investigators with the tools to preview, search for, analyze, process, and forensically preserve electronic evidence for the purposes of criminal investigations, internal investigations, incident response, and e-discovery. You can use McAfee ePO to deploy AccessData agents on McAfee ePO-managed assets and view agent coverage reports that include publisher, product, version, and more. McAfee ePO enhances the forensic effort by correlating users in its database with assets or activities under investigation.
128
ALLIANCES
Agiliance Agiliance enables highly scalable, quickly deployable, organization-wide risk, compliance and security management in real time. The McAfee Compatible integration of Agiliance RiskVision with McAfee ePO and McAfee Vulnerability Manager offers a unique, closed-loop risk management solution for risk-based security with exceptional accuracy and coverage. RiskVision is also interoperable with McAfee Policy Auditor, McAfee Risk Advisor, McAfee Endpoint Encryption, and McAfee VirusScan Enterprise.
AirPatrol Corporation AirPatrols Wireless Policy Manager (WPM) extends the capabilities of the McAfee ePolicy Orchestrator platform into the wireless regime, giving network administrators the ability to manage, distribute, and enforce wireless network policies from the central McAfee ePO management console. AirPatrols WPM secures the wireless interfaces on endpoints and allows IT Administrators to easily enforce common sense rules that govern how employees use their wireless resources. With WPM, organizations can secure their valuable laptops and PCs against todays wide range of mobile and wireless threats.
AirTight Networks AirTight Networks provides technology to automatically detect, classify, block, and locate current and emerging wireless threats. AirTight will integrate summary reports on wireless security event data from AirTight SpectraGuard Enterprise into McAfee ePO dashboards. The data for these reports will be provided by both SpectraGuard Sensors for WLAN security and SpectraGuard SAFE agents for wireless endpoint protection. SpectraGuard SAFE agents will also report the endpoint wireless vulnerability level and related data to McAfee ePO.
Application Security, Inc. DbProtect allows organizations to secure their most sensitive data from internal and external threats, while ensuring that those organizations meet or exceed regulatory compliance and audit requirements. DbProtect is integrated with McAfee ePO. The integrated solution allows McAfee ePO administrators to deploy DbProtect agents and seamlessly link DbProtects real-time database monitoring with McAfee incident response. McAfee ePO administrators can view and report on database vulnerabilities, threats, and events and take corrective action.
ALLIANCES
129
ArcSight ArcSight helps customers comply with corporate and regulatory policy, safeguard their assets and processes, and control risk. ArcSight integrates with McAfee ePO to enable closed-loop security monitoring, log management, and policy enforcement. By passing alerts generated from correlated events into McAfee ePO, the ArcSight SIEM Platform drives the quick detection of security threats, compliance violations, and policy breaches, improving the context for targeted countermeasure, audit, and remediation functions provided by McAfee security solutions.
Arxan Arxan integrates its real-time application security checks and tampering alerts with McAfee ePO. Notifications from GuardIT appear in McAfee ePO dashboards, enabling security administrators to respond immediately with appropriate countermeasures. Administrators can thereby gain greater visibility during the interval between the onset of an application attack and when the application is fully compromised, so they can limit and preempt enterprise risk.
BDNA BDNAs Discover product scans endpoint computers for installation of McAfee ePO software components, helping customers identify security gaps and bring previously unprotected assets under McAfee ePO security management. This capability significantly shifts the balance of security in favor of defenders by reducing the number of vulnerable assets in dynamic, rapidly evolving enterprise IT infrastructures.
Catbird Catbird brings visibility, control, and policy enforcement to the virtual data center. Catbirds V-Security product suite provides security, change control, separation of duties, and validation by deploying a virtual appliance inside VMware ESX or Citrix XenServer. Catbirds solution complements McAfee systems and network security offerings for virtualized environments. With the integration of V-Security, current McAfee ePO customers gain additional visibility into, receive alerts from, and manage policies for their virtual network environments.
130
ALLIANCES
Centrify Centrify DirectControl for Mac OS X integrates with McAfee ePO software, giving IT and desktop managers the ability to centrally deploy DirectControl and integrate Mac systems into Active Directory. Centrify DirectControl for Mac OS X enables centralized user management and authentication including smartcard login, centralized access controls, group management, and administrative rights, as well as extensive controls over user and system configurations via Active Directory Group Policy enforcement. For the first time, a centralized IT team can now manage Mac systems in the same way they manage Windows PCs using the same familiar Windows tools and processes.
ClearPoint Metrics ClearPoint delivers unified visibility and active performance management for IT security governance, risk, and compliance requirements. ClearPoint offers specifically crafted Metric Apps that leverage data from McAfee ePO and McAfee Vulnerability Manager. Each is designed to securely access McAfee application databases to instantly deliver meaningful indicators that continuously monitor the state, quality, and effectiveness of controls supporting your compliance and risk management programs.
CommVault A singular vision a belief in a better way to address current and future data management needs guides CommVault in the development of Singular Information Management solutions for high-performance data protection, universal availability, and simplified management of data on complex storage networks. CommVault Simpana is integrated with McAfee ePO, sending status updates on backup, recovery, and archive events to McAfee ePO dashboards and giving administrators and compliance officers a more complete view of the state of their business-critical information. This resulting enterprise-wide visibility helps organizations meet their end-to-end data security needs.
eIQnetworks eIQnetworks is redefining security and compliance management by fostering collaboration across security, network, data center, and audit teams to more quickly isolate the root cause of security issues and ensure compliance mandates are being enforced. SecureVue uses information from the McAfee Network Security Platform, McAfee ePO, and McAfee Vulnerability Manager, aggregating and correlating not just logs but adding configuration, asset, performance, vulnerability, and network flow data into a single, comprehensive enterprise view. McAfee customers can now also view eIQnetworks reports directly on McAfee ePO dashboards for visibility into the organizations security and compliance environment.
ALLIANCES 131
Guardium Guardium, the database security company, delivers a widely used solution for preventing information leaks from the data center and ensuring the integrity of enterprise data. Guardiums database security solution has been integrated with McAfee ePO. Critical security information, including database vulnerabilities, policy violations, and database configuration changes can now be displayed in McAfee ePO dashboards. When used together, McAfee ePO and Guardium deliver a more comprehensive security and compliance solution with reduced operational costs.
HBGary HBGary specializes in developing advanced computer analysis products to detect, diagnose, and respond to advanced malware, targeted threats, and other cybercrime activities. HB Gary Digital DNA is integrated with McAfee ePO so that McAfee customers can deploy Digital DNA, scan physical memory for malicious and unauthorized code, and report results to the McAfee ePO console for optimal corrective action.
Infoblox Infobloxs NetMRI integration with McAfee ePO extends the reach of McAfee risk and compliance management solutions deeper within network infrastructure. By automating the discovery, collection, analysis, storage, and access of network device configuration, change, and compliance information, you can take control of and automate network change while dramatically reducing operational and compliance risks as well as costs. NetMRI sends key alerts such as rogue network changes and compliance violations to McAfee ePO, accelerating the identification and remediation of risks associated with policy violations and access breaches.
Insightix Insightix is an innovator of real-time security intelligence and control solutions. Insightix BSA Visibility updates the McAfee ePO asset database in near real time allowing McAfee ePO to maintain a comprehensive, accurate, and up-to-date inventory of devices, their profiles, and the identities of those using the devices. The integration then provides the single source of truth about the network for effectively managing security, compliance, and risk against all devices.
132
ALLIANCES
LogLogic LogLogic provides an enterprise-class platform for collecting, storing, reporting, and alerting on 100 percent of IT log data from virtually any source. LogLogic intends to provide bilateral integration between its open log management and intelligence platform and McAfee ePO. LogLogics integrated analysis applications for compliance, security, and operational excellence will be able to leverage information provided by McAfee ePO and will in turn enhance McAfee ePO analytics with information about user and system behavior.
LogRhythm LogRhythms incident detection now drives automated alerting to McAfee ePO, enabling faster remediation and policy enforcement through the broad McAfee portfolio. Alerts appear in actionable McAfee ePO reports to facilitate corrective actions, such as starting a compliance check using McAfee Policy Auditor, running a virus scan with McAfee VirusScan Enterprise, pushing out new signature sets or patches, enhancing endpoint protection with the McAfee Host Intrusion Prevention System, updating security policies, and more.
MXI Security MXI Security provides managed portable security solutions that combine the power of secure storage with identity and access management services. The MXI Security Stealth ZONE platform leverages the industry-leading hardware security features of the McAfee Encrypted USB product line to deliver a superior, secure USB desktop. Any computer can be instantly transformed into a standard IT-managed system while maintaining both performance and security.
NitroSecurity The bidirectional integration of McAfee ePO and NitroView extends McAfee ePO visibility to events, activity, and logs from networks, databases, and applications to identify, track, and remediate security threats, compromised data, and vulnerabilities in real time. McAfee ePO users now have visibility from within McAfee ePO into the underlying network infrastructure, sessions transporting threats, and the location of the offenders. All NitroView correlated security events are visible with a real-time, drill-down view of specific events and individual data fields. Events are summarized, correlated, and analyzed so the user sees a reduced number of prioritized events and can quickly access months and years of data.
ALLIANCES
133
Prevari Prevari provides industry-leading solutions that objectively and quantitatively measure, model, and manage technology risk. McAfee Vulnerability Manager and McAfee Policy Auditor provide organizations with automated methods to quickly and accurately identify technical vulnerability exposures and to audit configuration policy compliance. Using data created by these McAfee solutions, Prevari TRM provides a common language for managing technology risk across the enterprise, aligning technology, compliance, and risk management goals with specific business objectives.
Ringcube RingCube vDesk integrates with McAfee Encrypted USB drives to create a portable desktop virtualization solution for the enterprise. Using vDesk, users can securely access their own corporate desktop from any PC for remote access, disaster recovery, or temporary access by consultants, contractors, and outsources. McAfee Encrypted USB drives ensure that RingCubes workspaces are protected by the highest two-factor biometric user authentication and the strongest AES 256-bit hardware encryption to prevent data leakage and unauthorized access.
Secerno Secerno DataWall understands the intent of every SQL interaction with a database, allowing Secerno DataWall to deliver accurate alerts, reports, and security policy decisions on the fly. This patented technology integrates with McAfee ePO to allow select database transactions, audit events, or security violations to be displayed in McAfee ePO dashboards, augmenting McAfee incident response and compliance validation. This integration also drives down the cost and complexity of protection and compliance.
SecureAuth SecureAuth for SSO is an integrated strong authentication platform that provides transparent, secure single sign-on (SSO) for on-premise web applications, off premise cloud applications as well as traditional VPN resources, all from a single appliance. Used in conjunction with McAfee Endpoint Encryption, SecureAuth leverages a users domain authentication from a McAfee encrypted workstation and then performs an identity translation to local, on-premises, and cloud-based resources. SecureAuth supports regulations such as PCI DSS, HIPAA, and FFIEC.
134
ALLIANCES
SenSage The SenSage log data management solution enables reporting on log data from virtually any McAfee product and publishes eighteen summary reports directly to McAfee ePO dashboards. McAfee ePO users can click through the reports and automatically drill into the details for root cause analysis in the SenSage Event Data Warehouse. Through this integration, customers gain a 360-degree view of activity across the network to meet their compliance, security, and root-cause investigation requirements.
Triumfant The integration of Triumfant Resolution Manager (TRM) with McAfee ePO allows customers to view unwanted changes and unexpected conditions detected by TRM through the McAfee ePO console. McAfee ePO users can switch to TRM to view the details of the changes detected, review and execute the synthesized remediation, and execute reports. This integration provides McAfee ePO users additional insight into the security readiness of the endpoint population through Triumfants ability to identify and analyze unusual changes to each machine.
Verdiem Verdiem is an enterprise software company focused on PC Power Management and Green IT. Verdiems Surveyor has been tested with McAfee ePO and enables enterprises to reduce their operational costs and maximize energy savings of their PC infrastructure, all while keeping their networks secure. IT administrators can deploy Surveyor agents using McAfee ePO and coordinate power management of PCs with scheduled scans and updates. This will enable security updates to run off-hours without affecting end-user productivity.
Voltage Security Voltage Security, Inc. provides innovative security solutions that protect employee and customer data in email, documents, or databases. Voltage SecureMail Gateway integrates with the McAfee Email Gateway for automated and policy driven email encryption and helps organizations fulfill regulatory compliance on their email messaging platforms. By utilizing the two solutions concurrently, organizations can be certain that all inbound or outbound messages are secured per corporate policy and not dependent on individual user action.
Refer to www.mcafee.com/sia for the latest information on these and other SIA partners.
ALLIANCES
135
136
ALLIANCES
McAfee AntiVirus Plus 2011 McAfee Internet Security 2011 McAfee Total Protection 2011
Specialty services
McAfee Internet Security 2011 for Mac McAfee Family Protection for Mac
Exclusive McAfee Active Protection technology instantly analyzes and blocks new and emerging threats in milliseconds, so theres no gap in your protection Extensive speed enhancements include faster scans and faster updates Schedule security scans and updates so you can work or play without interruptions Monitor threats blocked and check security status at a glance with the easy-to-use security status area Get crucial product alerts that are less intrusive and easier to understand Enjoy safer Internet searching, surfing, and shopping thanks to identification of potentially harmful websites QuickClean eliminates junk files that can hurt PC performance Shred files to prevent future access Advanced identification prevents spam from clogging your inbox Take the hassle out of manually saving files with 1GB or 2GB of remote online storage Manage your childrens online usage more effectively Lock private data in your encrypted vault, so files are safe if your PC is lost, stolen, or hacked Defends your PC from intruders on your home network, blocking access to sensitive files Identifies harmful links in your browser, email, or instant messages, protects against identity theft, and blocks your PC when exposed to potential threats
Faster PC performance No scan interruptions Check status at a glance with completely redesigned home screen Simplified security management with intelligent alerts Enjoy safer web surfing with McAfee SiteAdvisor Better PC health with QuickClean Remove digital files thoroughly Anti-spam and email protection Protect digital files and memories with automatic online backup Child protection with enhanced parental controls Secure valuable files with Anti-Theft File Protection (note: English versions only) Home network defense protection Better protection from dangerous websites with McAfee SiteAdvisor LIVE
139
Essential PC protection includes anti-malware, firewall, safe surf and search, and scanning optimization Always-current malware detection with exclusive McAfee Active Protection Reengineered for 8 times faster subsequent scan time Includes 30 days of free phone support (US only) and unlimited email and chat assistance
140
Fast, simple set up so you can start protecting your children within minutes Lets you permit your children to use the Internet while keeping them safe Protects children of all ages from inappropriate content, social networking risks, strangers, and other online threats
141
Immediate protection with a familiar Safari experience Establishes boundaries for mobile web surfing Helps you locate your children through their devices
142
One GB of online, automated remote file backup takes the hassle out of backups Lets you manage your tools and schedule scans to avoid disruption Verifies security settings within your home network Smarter, more intuitive alerting and help center with contextual help Always-current malware detection with exclusive McAfee Active Protection Tools to improve PC health and destroy sensitive information
143
Protects against harmful programs that monitor, collect, and sell personal information Indicates website safety before you click and blocks phishing sites Firewall restricts access to your computer and files when you are online Catches emerging Internet threats before they reach you Scans and cleans downloaded files and attachments from email and IM programs Scans any external drive for potential threats to your Mac
144
Fast, simple set-up allows automatic backup as often as you like Offsite storage and online access mean even after a disaster you still have electronic copies available All your backed up copies are encrypted for your protection Virtually unlimited storage space Anytime access from any PC with an Internet connection
145
Comprehensive advice about sites with spyware, spam, phishing, exploits, and more, with support from McAfee computer security experts Simple icons appear when browsing, searching, instant messaging, or emailing Password controlled Protected Mode prevents interaction with risky sites Updates and upgrades automatically to protect against new threats
146
2GB of online, automated remote file backup Award-winning anti-virus, firewall, anti-spyware, and online protection, plus data and parental controls At-a-glance home screen makes it easy to manage and monitor your PC and network defenses
147
McAfee WaveSecure
For Android, BlackBerry, Symbian S60, Windows Mobile, and Java Control of your mobile device and data, anytime and anywhere Your mobile phone contains many details of your life: contacts, calendar, text messages, photos, videos, and more. If it is lost or stolen, you lose sensitive information and irreplaceable memories, and you risk malicious and expensive use of both device and data. McAfee WaveSecure enables you to remotely locate and track your phone, lock it, backup the data, wipe the device, and restore your data, even to a different phone. Locate, track, and disable your missing mobile device Should your mobile phone disappear, the first thing you will want to know is where it is. With McAfee WaveSecure, you can locate your device via either its built-in GPS or cell tower tracking, using our web portal or an SMS message from a friends phone. You can also trigger an alarm to help you find it or disrupt a thief, and send a brief SMS message with instructions for returning it. If you cannot immediately recover your phone, you can remotely program the device to receive incoming calls only, thwarting abuse. You can also set McAfee WaveSecure to automatically lock the phone, display a message if the SIM is changed, and send a notification to chosen friends via SMS. Remove your data from a lost device If you know the phone is stolen or lost, use our portal or an SMS to ensure that your personal data cannot be accessed or used maliciously. You can remotely wipe all data on the phone as well as its removable memory card. McAfee WaveSecure uses a wipe method compliant with US Department of Defense standards to make sure that the data is gone beyond recovery. Backup and restore your data with our convenient management options Regular backups of your data are important for protecting sensitive information and preserving contacts and captured images and videos. McAfee WaveSecure enables you to backup your data from your device or remotely through the web portal so even if your device is missing you can back it up before you wipe it. You can restore your data any time, to the same or a replacement device. Choose the extensive functionality of the online portal, a simple mobile device interface, or fast PIN-authorized SMS messages from a friends phone. With McAfee WaveSecure, you can be sure of continuous, convenient protection for your mobile phone and data. Strengths
Remotely locks down your device Wipes out important data stored on your mobile to protect your privacy Backs up your data from your phone or remotely on the web
148
McAfee, Inc., headquartered in Santa Clara, California, is the worlds largest dedicated security technology company. McAfee is relentlessly committed to tackling the worlds toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse, and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector, and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security.
McAfee, Inc. 2821 Mission College Blvd. Santa Clara, CA 95054 1.888.847.8766 www.mcafee.com
McAfee, the McAfee logo, McAfee Active Protection, McAfee AppPrism, McAfee EMM, McAfee ePolicy Orchestrator, McAfee ePO, McAfee Global Threat Intelligence, McAfee Labs, McAfee SECURE, McAfee SiteAdvisor, McAfee Total Protection, Foundstone, FoundScore, QuickClean, SecureOS, SmartFilter, and VirusScan are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications, and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. 2011 McAfee, Inc. All rights reserved. 17001pdir_cor_ssg_0111