Escolar Documentos
Profissional Documentos
Cultura Documentos
INTRODUCTION i
Whether it’s new malware lurking
in an email or the insider threat,
organizations have never faced
greater challenges in protecting
critical data. A growing number
of regulations also carry stiff
penalties for noncompliance.
McAfee responds by delivering
the industry’s most comprehensive
set of security and compliance
products. Enterprise customers
around the world trust these
integrated solutions—backed by
the industry’s best researchers—
to improve their security profiles,
reduce risk, and control cost.
INTRODUCTION ii
Craftier cybercriminals. More malicious malware.
Tougher privacy laws. Everywhere you turn,
your organization faces an operating landscape
teeming with risk. In the race to respond to
the latest threats, security systems have often
evolved into a patchwork of point solutions.
One company provides the firewall. A different
vendor delivers policy management tools. And
yet another protects against spyware.
INTRODUCTION iii
Think big—Making security more effective and more cost-effective
With threats to data and systems rising in tandem with the need to control
expenditures, organizations require solutions that improve their security posture
while reducing their total cost of ownership. As the world’s largest dedicated
security provider, McAfee offers the comprehensive technologies needed to
replace reactive, ad hoc approaches with integrated, strategic security solutions.
Choosing McAfee means moving to both a multi-layered defense and a
multi-correlated security approach. Multiple McAfee technologies—on the
endpoints, across the network, and in the cloud—work in concert to thwart
multi-pronged attacks. This system of interlocking components and centralized
management creates an optimized security architecture that makes security
not only more effective but also more cost-effective.
Think McAfee
Whether you need to enhance your security profile, streamline compliance, or
reduce capital expenditures and operational overhead, McAfee technology is the
safe choice in an increasingly perilous world.
POI N
ND
E
SE
C U RITY
WOR
ET CUR I T Y
SE
N
SE
C U RITY
IN
TERLOCK
COMPL
R I SK &
IA
N
CE
SE
C U RITY
security interlock
INTRODUCTION iv
Table of Contents
TABLE OF CONTENTS 01
You have a lot to think about.
1
McAfee Threats Report, http://www.mcafee.com/
us/local_content/reports/7315rpt_threat_1009.pdf
02 INTRODUCTION
90%
75%
60%
45%
30%
15%
54%
50%
68%
42%
48%
63%
53%
57%
63%
0%
Australia
Canada
China
France
Germany
India
Spain
United Kingdom
United States
Threats increased from 2008 to 2009.
2
http://www.hhs.gov/news/press/2009pres/10/20091030a.html
3
The Security Paradox, http://www.mcafee.com/us/research/
security_paradox/index.html
INTRODUCTION 03
Think McAfee.
04 INTRODUCTION
Security Interlock Delivers Security Optimization
Security
Management
Platform Risk
Endpoint Encryption Manage- Email Firewall
ment
ePO
Intrusion Security
White Data Loss
Web Prevention Innovation
Listing Protection
Solutions Alliance
Visibility of Vulnerabilities
INTRODUCTION 05
– Regulatory – Web Security Research
Compliance Research
– Host and Network
– Email Research Intrusion Prevention
06 INTRODUCTION
Through correlated data and clear The McAfee ePolicy Orchestrator®
custom reports, you demonstrate com- (ePOTM) management platform is the
pliance in a way that builds confidence only environment that manages
with auditors and is sustainable. security and compliance across systems,
data, and the network. It unifies the
Online options for confidence information you need to help you
and continuity understand your risks, define and
As compliance requirements evolve document the right policies, and
and grow more burdensome, we help proactively configure and maintain
lighten the load. Our online vulner- your security systems.
ability assessment and PCI certification This kind of operational efficiency trans-
services make it simple to detect viola- lates to significant savings. According
tions and prove compliance, including to research by InsightExpress, a typical
the ongoing quarterly scanning and large ePO customer cuts the costs of
reporting of PCI. security operations by 62 percent.4
Managed email archival and business
continuity services ensure data is avail- An open platform for
able when disaster strikes or auditors partner products
ask. And Security-as-a-Service is the McAfee ePO works with solutions
ideal way to implement protection and from McAfee and others to bring
policy enforcement as you add remote together information, policies, and
sites and users. processes. It acts as a hub where
products join forces to harvest and
A single point of reference for correlate data to make it meaningful.
security management As you manage, custom dashboards
Count the number of security manage- let you monitor your security posture
ment consoles in your environment. at all times, so your IT staff can make
Too many management consoles informed decisions when threats strike
makes security difficult to implement or vulnerabilities are detected. Every
and tedious to manage and audit. streamlined workflow and automated
task means savings for you.
4
Insight Express Survey, 2007
INTRODUCTION 07
Global partnerships and services Some customers choose a hybrid
McAfee Security Innovation Alliance approach:
(SIA) and McAfee Global Strategic – Software and appliances on site
Alliance partners integrate with McAfee for core operations
products, including the McAfee ePO – Managed services for email archival
management platform, to place and business continuity
advanced security technologies from
silicon to satellite. Through these – Always-on Security-as-a-Service for
integrations, you can do much more, mobile workers and remote offices
much more easily. With more than 80 Every integrated suite and hardened
vendors in various stages of integra- appliance saves you installation
tion, McAfee has become the security and maintenance time. And the
industry’s premier technology partner. savings don’t stop with operations.
McAfee Total Protection suites are
Flexible, cost-effective options— attractively priced so you get more
Onsite, online, or hybrid of your security in one convenient
Every organization and business unit package. Security-as-a-Service offers
has different requirements. McAfee has many savings—including minimal cash
the broad portfolio and flexible options outlays in advance and no need for
to support you—from smartphone to investment in onsite infrastructure.
ATM, from thumb drive to data center. With your choice of tools like these,
McAfee gives you a choice of you can reliably protect every asset,
affordable, flexible implementation even on Terrible Tuesdays with 63
options across the full security and vulnerabilities, like October 13, 2009.
compliance spectrum. These suites, Think about securing your future.
hosted services, and individual controls
use centralized management to improve Think McAfee.
response time and productivity. You
may opt for the detailed, customized
control made possible through tightly
integrated suites of protection you
manage on site. Or, you can plug into
Security-as-a-Service and let McAfee
experts oversee your security and apply
the right protection.
08 INTRODUCTION
McAFEE SOLUTIONS
McAfee
Integrated Suites
1
McAfee Labs.
2
Ponemon Institute, Fourth Annual US Cost
of Data Breach Study, January 2009.
Suites for Every Requirement
The list below explains how our suites match the market. To investigate
further, turn to the feature comparisons and alphabetical listings that follow.
10 INTRODUCTION
The McAfee Advantage for Business Users
Our integrated, intelligent suites work hard to guard your data, systems,
and network, so you can work on other things. Select the suite that meets
your needs, then refer to the alphabetical listings that follow for details.
Compliance
Endpoint —
Virtualiza-
Advanced
Advanced
Service —
Service —
Service —
Gateways
Extended
Essential
Endpoint
Endpoint
Internet
Business
Secure
Basic
Data
tion
Single integrated management — on site
Single integrated management — on line
Data Protection
Full-disk encryption
File and folder encryption
Device control
Data loss prevention (DLP)
for endpoint/users
Data loss prevention for data in motion
Desktop and Server Protection
Anti-virus
Anti-spyware
Real-time protection (Artemis)
Host intrusion prevention for desktop
Host intrusion prevention for server
Desktop firewall
Safe surfing
Safe surfing with site blocking
Network access control
Anti-malware (offline virtual images)
Web Gateway Security
Anti-malware
Safe surfing
URL filtering
Web In-the-Cloud Security
Content filtering
URL filtering
Email Gateway Security
Anti-malware
Anti-spam
Content filtering
Email In-the-Cloud Security
Anti-malware
Anti-spam
Content filtering
Email Server Security
Anti-malware
Anti-spam
Content filtering
Risk and Compliance
Agentless policy & vulnerability auditing
Agent-based policy auditing
Risk Profiling
Vulnerability scanning
PCI certification
INTEGRATED SUITES 11
The McAfee Advantage for Home Users
We apply the same advanced ideas, integrated management, and global threat
intelligence to help you protect your family, guarding your data, home PC,
and network. Our suites for the home feature 30 days of free phone support
and unlimited email and chat assistance, plus continuous and automatic
updates for the life of your subscription.
Protection
AntiVirus
Security
Internet
Total
Plus
McAfee #1 in Malware Detection Exclusive McAfee Active Protection
(AV-Test.org malware detection results technology instantly analyzes and
published in ComputerBild magazine blocks new and emerging threats
Issues 18 – 23, 08/17/09 – 10/26/09) in milliseconds, so there’s no gap in
your protection
Faster PC performance Extensive speed enhancements
(McAfee 2009 vs. McAfee 2010) include faster scans and faster updates
No scan interruptions with Idle Schedule security scans and updates
Timer and Scheduler so you can work or play without
interruptions
Check status at a glance with Monitor threats blocked and check
completely redesigned home screen security status at a glance with the
all-new, easy-to-use security status area
Simplified security management Get crucial product alerts that are less
with intelligent alerts intrusive and easier to understand
Enjoy safer web surfing Enjoy safer Internet searching, surfing,
with McAfee SiteAdvisor® and shopping thanks to identification
enhancements of potentially harmful
websites
Better PC health with QuickClean QuickClean eliminates junk files that
can hurt PC performance
Remove digital files thoroughly Shred files to prevent future access
with Shredder
Anti-spam and email protection Advanced identification prevents
spam from clogging your inbox
Protect digital files and memories Take the hassle out of manually saving
with automatic Online Backup files with 1 GB or 2 GB of remote
online storage
Better child protection with Manage your children’s online usage
enhanced Parental Controls more effectively
Secure valuable files with Lock private data in your encrypted
Anti-Theft File Protection vault, so files are safe if your PC is
lost, stolen, or hacked
Home Network Defense Protection Defends your PC from intruders on
your home network, blocking access
to sensitive files
Better protection from Identifies harmful links in your
dangerous websites with browser, email, or instant messages,
McAfee SiteAdvisor Plus protects against identity theft, and
blocks your PC when exposed to
potential threats
12 INTEGRATED SUITES
McAfee AntiVirus Plus 2010 (for home users)
Essential, effective protection against virus threats
With thousands of new viruses created everyday, relying on traditional secu-
rity updates isn’t enough anymore. McAfee AntiVirus Plus instantly detects
and blocks viruses, even stopping web-based threats before they download
to your PC. Reengineered for the fastest performance ever, our innovative
design simplifies your experience while offering essential protection.
Strengths
• Always-current malware detection with exclusive McAfee Active Protection
• Reengineered for 8×’s faster subsequent scan time
• 30 days of free phone support and unlimited email and chat assistance
1
AV-Test.org malware detection results published in ComputerBild magazine (Issues 18 – 23, 08/17/09 – 10/26/09).
INTEGRATED SUITES 13
McAfee Endpoint Protection for Mac
Say “yes” to Macs in the workplace
As more and more business users choose Macs, these systems contain or
access the same sensitive data as other PCs. Since hackers and cybercriminals
now view Macs as a target, you need to enforce compliance of Macs to the
same high security standards of your Windows-based PCs.
Strengths
• Proven anti-virus, anti-spyware, application lockdown, and desktop firewall
• Fast and reliable scanning preserves system performance
• Familiar, intuitive Mac OS X Aqua interface
• Supports Mac OS X 10.6 (Snow Leopard), 10.5 (Leopard), and 10.4 (Tiger)
14 INTEGRATED SUITES
McAfee Internet Security 2010 (for home users)
Comprehensive, proven protection against virus and online threats
For broad, effective online security at home, McAfee Internet Security com-
bines advanced malware detection with anti-spam and email protection,
plus data protection and parental controls. Reengineered for the fastest PC
performance ever, our innovative design simplifies your internet security
experience while offering comprehensive protection.
Strengths
• Online, automated remote file backup takes the hassle out of backups
• Better ways to manage your tools and scheduling to avoid disruption
• Verifies security settings within your home network
• Smarter, more intuitive alerting and help center with contextual help
• Always-current malware detection with exclusive McAfee Active Protection
• Tools to improve PC health and destroy sensitive information
1
AV-Test.org malware detection results published in ComputerBild magazine (Issues 18 – 23, 08/17/09 – 10/26/09).
INTEGRATED SUITES 15
McAfee Total Protection 2010 (for home users)
Ultimate protection against virus, online, and network threats
As criminals get more creative, you must fight back with extra protection
for your data, your home network, and your PC. McAfee Total Protection
instantly detects and blocks malware, defends your system and home network,
and blocks websites that could harm your computer. Reengineered for the
fastest performance, our design simplifies your experience while offering
ultimate protection.
Strengths
• 2 GB of online, automated remote file backup
• 30 days of free phone support and unlimited email and chat assistance
• Continuous and automatic updates for the life of your subscription
• Number one in threat detection of viruses, spyware, and other malware¹
1
AV-Test.org malware detection results published in ComputerBild magazine (Issues 18 – 23, 08/17/09 – 10/26/09).
16 INTEGRATED SUITES
McAfee Total Protection for Compliance
Unified IT policy auditing and risk management to simplify compliance
For many organizations, keeping pace with new requirements, more controls,
and changing guidelines means deploying multiple technologies for managing
IT audit cycles and sustaining compliance.
McAfee Total Protection for Compliance makes compliance easy with the
industry’s first integrated solution for vulnerability management, compliance
assessment and reporting, and comprehensive risk management. Using ePO
as the single deployment, management, and reporting platform, it integrates
McAfee Vulnerability Manager, McAfee Policy Auditor, and McAfee Risk Advisor.
Through both agent-based and agentless technology, it audits, assesses, and
reports across managed and unmanaged systems, dramatically reducing IT
audit time.
Simplified compliance
We reduce the number of point products needed to achieve the results and
reports auditors demand, while we eliminate manual processes throughout
the audit lifecycle. For instance, administrators and auditors can use a single
workflow and policy environment for policy definition, asset identification,
and consolidated reporting. As you prepare for audits, you can import industry-
standard content and tailor policies and checks for your needs, applying policy
benchmarks across many different asset types.
Strengths
• Accurate risk analysis and prioritization shrink the noncompliance window
• Deep policy assessments on hosts, plus network audits of policy settings
for account, file, network, and system access
• Assessments and reports for SOX, FDCC, FISMA, HIPAA, and PCI DSS
INTEGRATED SUITES 17
McAfee Total Protection for Data
Industry’s most complete data protection solution
With today’s mobile devices and ever-connected work style, protecting confi-
dential customer information — as well as your intellectual property — has to
be job one. Companies that suffer data losses risk regulatory penalties, brand
damage, and customer distrust.
To secure your confidential data reliably, McAfee Total Protection for Data
integrates McAfee Endpoint Encryption (Full Disk, File, and Folder encryption
including Removable Media encryption), McAfee Host Data Loss Prevention,
and McAfee Device Control along with the unifying management of McAfee
ePO. This suite provides strong encryption, authentication, data loss prevention,
and policy-driven security controls to prevent unauthorized access to your
sensitive data — anytime, anywhere. Instead of separate point solutions that
must be managed separately, ePO allows you to use a single environment to
manage your deployment, define security policies, monitor activities, generate
reports, and maintain your data protection.
Strengths
• Works for all data, formats, and derivatives even when data is modified,
copied, pasted, compressed, or encrypted
• Enforces central policies based on users and user groups and synchronizes
policies with Active Directory, Novell NDS, and PKI
• Encrypts files, folders, or devices without end-user action
• Logs every data transaction with forensic-quality, audit-ready details
18 INTEGRATED SUITES
McAfee Total Protection for Endpoint
Total security, total integration, total protection for all your endpoints
As the pace of threats accelerates, the threats themselves grow more
complex. You need integrated, advanced protection to guard your systems
against worms, spyware, rootkits, Trojans, bots, hackers, and identity thieves.
INTEGRATED SUITES 19
McAfee Total Protection for Internet Gateways
Comprehensive security for web, email, and data loss prevention
Data protection is top of mind for many organizations, and Web 2.0 increases
the risk of data loss and downtime. For effective protection, you have to
patrol email and web interactions that might bring malicious code into your
business or attempt to extract sensitive data over your network.
Strengths
• Number one rated anti-malware protection coupled with better than
99 percent spam detection¹
• Identifies and enforces policies on both structured and unstructured data
• McAfee Global Threat Intelligence protects against emerging threats
¹ http://blogs.pcmag.com/securitywatch/2008/01/antimalware_performance_testin.php.
20 INTEGRATED SUITES
McAfee Total Protection for Secure Business
All the critical elements of security a medium-sized company needs
Free yourself from the headaches of managing multiple point products from
multiple vendors. McAfee Total Protection for Secure Business has it all —
the industry’s most comprehensive security in one easy-to-manage suite for
endpoints, email, web, and data. It saves time, saves money, and provides a
more powerful, integrated defense against the threats medium-sized busi-
nesses know about — and the threats you cannot see coming.
Strengths
• Instant, always-active threat protection from the experts at McAfee Labs
• Encryption and controls to prevent data loss
• Easy to choose, purchase, and manage the protections you need
INTEGRATED SUITES 21
McAfee Total Protection for Virtualization
Proven, comprehensive protection for virtual servers
Research by McAfee Labs shows that virtual environments are not only sus-
ceptible to the same threats as physical systems, they are also vulnerable to
additional threats that exploit virtualization specifically.
We have optimized McAfee Total Protection for Virtualization to protect all
major virtualization environments, including Citrix, Microsoft, and VMware.
It combines industry-leading, proven products to provide complete and scal-
able security for virtual servers and critical data, so that enterprises can safely
benefit from virtualization. Integrated, centralized management reduces the
time and resources required for enforcing policies and managing security of
both physical and virtual servers, while it simplifies compliance with internal
policies and key industry regulations.
Strengths
• Customized protection for all major virtualization environments,
including Citrix, Microsoft, and VMware
• Protection for online and offline virtual machines
• Single management console for virtual and physical servers
• Non-stop threat protection from McAfee Artemis technology,
applying McAfee Global Threat Intelligence
• VMsafe-integrated for optimized performance in VMware environments
22 INTEGRATED SUITES
McAfee Total Protection Service
An always-on-guard Security-as-a-Service solution
Businesses of all sizes need to keep protection current while minimizing
downtime, costs, and maintenance. McAfee lets you access constant
protection without additional investment in on-site hardware or software.
Defend all your systems, all the time, with this one-touch solution
McAfee Total Protection Service, the industry’s first truly integrated Security
Software-as-a-Service (SaaS) solution, provides protection against endpoint,
email, web, and perimeter threats — all managed on line.
With Security SaaS, you reduce your security licensing costs and capital
investment in hardware and software by taking advantage of McAfee expertise
and managed infrastructure off site. Save time and money as Total Protection
Service frees your IT staff from complex security deployments, server mainte-
nance, upgrades, and time-consuming daily management.
INTEGRATED SUITES 23
24 INTEGRATED SUITES
McAFEE SOLUTIONS
McAfee
Interlocking Products
McAfee works tirelessly to help you improve your risk posture with the
most effective protections and efficient processes. The previous section
of this guide described our integrated suites. The defenses in these suites
are also available individually to help you optimize your security and com-
pliance. This section describes onsite products. If you prefer in-the-cloud
services, look for the section that follows this chapter.
According to independent
third party research, a
typical large ePO customer
saves 62 percent in security
operational costs.1
1
Research conducted by InsightExpress.
2
McAfee Labs.
3
McAfee, The Security Paradox, 2009.
4
Herald Sun, August, 2009.
Intelligent Security for Every Asset
Individual McAfee products come in software, hardened appliances, or
services. The list below provides logical solution groups for the products
you install and maintain at your site. The product descriptions that follow
are alphabetical for easy navigation.
* Products ideal for small and midsize organizations, branch offices, and workgroups.
26 INTRODUCTION
McAfee Anti-spyware Enterprise
Proven spyware protection optimized for business
Undetected spyware can lead to identity theft, system and network corruption,
slower Internet access, reduced user productivity, installation of rootkits and
backdoors, and a flood of help-desk calls.
Most anti-spyware software is reactive, catching unwanted programs after
they have penetrated your systems. However, by then it is too late, since po-
tentially unwanted programs (PUPs) install in many places or introduce other
programs, such as rootkits and key loggers. McAfee on-access scanning
catches the spyware before it multiplies.
Centralized management
Security management is easy with McAfee ePolicy Orchestrator. With this
management tool, you can centrally deploy, manage, and report on activity
across your enterprise.
Strengths
• Blocks and defeats spyware before it can install and spread
• Behavioral technology detects and blocks unknown spyware
• Updates daily from McAfee Labs
• Scans processes and files running in memory
• Scans in the registry and files to block reinstallation
• PUP-specific reporting
INTERLOCKING PRODUCTS 27
McAfee Application Control
Reduced risk from unauthorized applications, plus stronger
endpoint control
Users can unintentionally introduce software that installs malware, creates
support issues, and violates software licenses — compromising systems and
your overall business.
McAfee Application Control offers an effective way to block unauthorized
applications and, unlike simple whitelisting, uses a dynamic trust model to avoid
labor-intensive lists. As enterprises face an avalanche of unknown software
from the web, this centrally managed solution adds a timely control to your
systems security strategy, attuned to the operational needs of enterprises.
Strengths
• Ensures only trusted applications run on servers and endpoints
• Trust model and dynamic whitelists save administration time and overhead
• Comprehensive code protection preserves integrity of critical systems
• Vulnerability shielding extends the lifespan of legacy systems
• Safeguards for critical systems, field units, and fixed-function devices
28 INTERLOCKING PRODUCTS
McAfee Change Control
Comprehensive change policy enforcement
How often has an unapproved or untimely change brought down a key sys-
tem? Unauthorized or untested changes can cause 80 percent of unplanned
system downtime.
McAfee Change Control prevents unauthorized changes by providing real-time
visibility into modifications and delivering technology-based policy enforcement.
Change Control continuously tracks and validates every attempted change on
your IT infrastructure. It improves accountability and eliminates violations that
affect compliance or cause outages — while lowering IT costs.
Strengths
• Real-time visibility and alerting across servers, databases, and network devices
• Instant file integrity monitoring lets you quickly identify where policies are
being challenged
• Prevents unauthorized changes, violations, and outages before they occur
• Eliminates costly manual efforts to track and account for changes
• Easily integrates with change management, data center automation,
and configuration management database solutions from HP, BMC,
IBM, and others
INTERLOCKING PRODUCTS 29
McAfee Command Line Encryption
Transfer and store your sensitive files securely
Your data is the lifeblood of your business. Files with sensitive data need to
be protected in transit and in storage for true end-to-end security. Enterprises
that routinely exchange sensitive customer information or intellectual property
with branch offices, vendors, and business partners need to keep confidential
data and applications safe and secure. More than half of all Fortune 500 com-
panies rely on McAfee E-Business Server for secure file transfer and storage.
30 INTERLOCKING PRODUCTS
McAfee Configuration Control
Audit, Control, and Enforce (ACE) for Continuous Compliance
For enterprises that must adhere to multiple compliance standards or strict
regulations, constantly maintaining and achieving compliance in dynamic
environments is both tricky and expensive.
McAfee Configuration Control offers a cost effective means to automate and
enforce individualized or standard compliance configurations. Through the
three steps of Audit, Control, and Enforcement, you can achieve continuous
compliance while dramatically cutting audit preparation, time, and costs.
Beyond saving you time and money on audit activity, it goes farther to block
unauthorized changes and limits the liability and costs associated with ad hoc
change that may affect performance, availability, or security.
Strengths
• Controls integrity of your systems with continuous tracking and alerting
of events that could compromise security or create the risk of your systems
becoming non-compliant
• Enforces a centralized or enterprise change policy so that only validated,
authorized changes are executed
• Minimizes risk by controlling system change and configurations to ensure
the highest level of security, reliability, and compliance
• Leverages your investment in McAfee ePO and other enterprise software
INTERLOCKING PRODUCTS 31
McAfee Content Security Blade Server
Highly scalable email and web security
Large enterprises require high performance and throughput, of course,
but they also have special requirements for availability and manageability.
Strengths
• Choice of eight blade or sixteen blade enclosures
• Enhanced real-time behavioral detection of Web 2.0 malicious mobile code
• Advanced zero-day and targeted attack exploit detection without a signature,
regardless of media or content type
• True context-based threat detection
• Consistently blocks 99 percent of spam
• Presents overall system status in convenient at-a-glance dashboard
• Lets you turn on different email and web features when you need them,
such as URL filtering, SSL scanning, and content inspection
32 INTERLOCKING PRODUCTS
McAfee Device Control
Fine-grained control over removable media devices on your network
USB drives, MP3 players, CDs, DVDs, and other removable media — however
useful — pose a real threat to your organization. Their small size and enormous
storage capacity make it all too easy for confidential customer data and intellec-
tual property to walk right out the front door and into the wrong hands. Theft
is not the only risk; even the most well-intentioned employees accidentally
lose devices.
Now you can monitor and control data transfer to portable storage devices
to improve compliance with data control policies and regulations. McAfee
Device Control guards against critical data leaving the corporation through
USB flash disks, iPods, CDs, DVDs, Bluetooth and IrDA devices, and other
removable storage devices that can connect to desktops and laptops.
Strengths
• Fine grained device definitions
• Content and context-aware protection
• Centralized policy deployment and management with ePO
• Easy upgrade to McAfee Host Data Loss Prevention
• Visibility, control, and user- and device-level logging to support compliance
INTERLOCKING PRODUCTS 33
McAfee Email and Web Security Appliance
Get more from your email filter
IT staff at midsize businesses fill multiple roles, so they need security made
simple. We designed a single, integrated appliance to defend your business
against the two most common sources of security threats: email and web.
Much more than the industry’s most effective spam filter,¹ McAfee Email
and Web Security Appliance lets you arm yourself against the latest email
and web-borne threats, easily manage web and email traffic and usage, and
reduce system administration requirements to just minutes a day or less,
Strengths
• Turnkey appliance with simplified installation and automated updates
• Integrated URL filtering and SiteAdvisor software to allow safe web use
• The most effective spam filter with low false positives
• One appliance scans both inbound and outbound email and attachments
¹ Anti-spam comparative review, September 2009,” Virus Bulletin, www.virusbtn.com.
34 INTERLOCKING PRODUCTS
McAfee Email Gateway
(formerly IronMail®)
Strengths
• 99 percent or better spam detection accuracy
• Protection against email-borne threats such as malware, phishing, directory
harvest, denial of service, and bounceback attacks
• The industry’s most extensive on-box data loss prevention to detect structured
and unstructured data to prevent data loss and enable regulatory compliance
• Gateway-to-gateway encryption with TLS, S/MIME, and OpenPGP included
• Integrated, on-box encryption for sending encrypted email to end-users
INTERLOCKING PRODUCTS 35
McAfee Encrypted USB
Secure devices with built-in access control and encryption
The storage capacity of USB devices has grown enormously, even while their
physical size has become smaller. Their reduced size makes them easier to
lose, and their higher storage capacity increases the potential amount of data
at risk if the device is lost or stolen. Encrypted devices, while attractive, often
carry a prohibitive per-unit cost and total cost of ownership.
Central management
You can efficiently deploy and manage McAfee Encrypted USB devices
through our integration with McAfee ePolicy Orchestrator, which also pro-
vides standardized reporting and audit facilities. Any number of devices can
be effectively managed, controlled, and bound to the corporate user from
Active Directory.
Password Authentication
Biometric Authentication
Hardware Encryption
Digital Identity
and Crypto Services
Managed by McAfee
ePolicy Orchestrator
* The Standard Driverless is supported by recovery and central management but remote recovery is not possible.
36 INTERLOCKING PRODUCTS
McAfee Endpoint Encryption
Iron-clad security for lost or stolen devices, anytime, anywhere
Rarely does a month go by without an organization revealing the loss or
theft of a laptop brimming with sensitive data. Piecemeal and full-disk-only
encryption solutions leave security holes and complicate management
and reporting.
With over 6,000 customers spread around the globe, McAfee is the leading
vendor of encryption software in the industry. McAfee Endpoint Encryption
prevents unauthorized access to an organization’s sensitive data through
industry-leading encryption technology and strong access control. Multiple
layers of protection let us cover more data loss scenarios than any other
vendor in the marketplace. We can secure lost or stolen laptops, misplaced
storage devices (CD/DVD/USB), missing smartphones, unauthorized access to
sensitive files/folders, and sensitive data leaving the organization through email.
Strengths
• Supports software-based encryption, plus self-encrypting and solid state drives
• Identical administration and policies for any mix of devices in the environment
• Support for hardware acceleration based on the Intel AES-NI technology
• Persistent encryption requires no end-user action or file renaming
INTERLOCKING PRODUCTS 37
McAfee ePolicy Orchestrator (ePO)
Intelligent security and compliance optimization
Over 35,000 customers use McAfee ePolicy Orchestrator to manage nearly
60 million PCs and servers, making it the world’s most deployed and respect-
ed security and compliance management technology. ePO brings together
information and processes to create intelligent security that is automated
and actionable. With ePO, you can make quick, effective decisions. You can
reduce operational costs with advanced reporting and policy assignment
functions. Every efficient response improves threat protection and compli-
ance management.
1
Research conducted by InsightExpress.
38 INTERLOCKING PRODUCTS
McAfee Firewall Enterprise (Sidewinder®)
Faster, easier management, plus unprecedented threat protection
Archaic firewalls are not keeping up with the continuously evolving threat
landscape, allowing unwanted and malicious traffic to penetrate the network.
McAfee Firewall Enterprise delivers unprecedented levels of threat protec-
tion combined with simple and intuitive management workflows, including
easy-to-use reporting and user-friendly rule-creation capabilities. It combines
world-class threat protection with powerful, centralized management and
reporting tools, improving your ability to monitor and secure your network.
Strengths
• High performance stateful and application inspection, integrated anti-virus,
URL filtering, and IPS
• Protection against attacks that use email, Web 2.0, SSL, VoIP, and more
• Low administration effort and reports that are more meaningful
• Geo-location lets you filter traffic and focus resources where you do business
• Optional McAfee Profiler and McAfee Control Center help you analyze
and manage complex environments
INTERLOCKING PRODUCTS 39
McAfee Firewall Enterprise Profiler
Manage firewall rule sets the easy way
According to McAfee research, firewall administrators spend up to 70 percent
of their time fixing application outages that occur when firewall rules are out
of sync with changes that affect the network or applications. Even before they
can get around to fixing the rules, administrators spend far too much time
and effort simply trying to determine whether firewall rules were actually
responsible for causing the outage in the first place.
McAfee Firewall Enterprise Profiler simplifies the task of keeping firewall rules
in sync with changing business demands.
Strengths
• Seamless interoperability with existing network infrastructures
• Real-time alerts allow quick validation and prioritization of problems
• Confirms whether or not traffic disruptions are due to firewalls to enable
quick dispatch to firewall, desktop, or server/application team
• Detailed visuals and drilldowns let you understand root causes and
immediately update firewall configurations to restore service
40 INTERLOCKING PRODUCTS
McAfee Host Data Loss Prevention
Prevent accidental and malicious loss
Your financial data, your customer information, your intellectual property,
and your employees’ personal records may be leaving your company right
now. Accidental and malicious data loss can occur through common channels
like email, web posting, USB drives, and printing, potentially putting your
organization at risk.
With McAfee Host Data Loss Prevention, you can quickly and easily monitor
real-time events, apply centrally managed security policies to regulate how
your employees use and transfer sensitive data, and generate detailed forensics
reports without affecting operations. You protect internal data loss channels,
such as email, IM, CDs, web posts, USB drives, and printouts. You will also
stop confidential data loss initiated by Trojans, worms, or file-sharing applica-
tions that hijack employee credentials without their knowledge.
Agents on duty
This agent-based protection monitors and prevents sensitive data transfer
from all desktops and laptops through the network, through applications, and
onto physical devices, even if users leave the corporate network. The ePO single
agent, single console architecture efficiently deploys or updates existing agents,
centrally manages policies, monitors events, and generates reports.
Strengths
• Prevents data loss through email, IM, FTP, HTTP, HTTPS, webmail, USB,
CD, DVD, iPod, printing, copy/paste, screen capture, peer-to-peer (P2P),
and web posting
• Lets you specify detailed content-based filtering, monitoring, and blocking
of confidential data on any removable storage device
• Manages and reports on policy compliance through ePO
• Provides consistent protection whether the endpoint is on or off the network
INTERLOCKING PRODUCTS 41
McAfee Host Intrusion Prevention
Proactively secure your desktops and servers
As an IT manager, one of your top challenges is to protect the IT assets that
support your business. You need to fend off known and unknown attacks to
protect confidential data and preserve business continuity. As the complexity
of these exploits continues to rise, you need a solution that proactively prevents
attacks from happening.
Layered protection
McAfee Host Intrusion Prevention (Host IPS) delivers complete protection
against new and unknown threats. Behavioral protection blocks zero-day
attacks that target new vulnerabilities, and signature-based protection identifies
known attacks. Both enforce proper system and application behavior. The
stateful firewall ensures compliance to application and system access policies.
For server
You can monitor and block unwanted activity and threats to maintain server
uptime and protect assets. Host IPS for server contains unique protection
engineered specifically for web and database servers, protecting against
attacks like directory traversal and SQL injection. Application shielding and
enveloping prevent compromise of applications and data and prevent
applications from being used to attack other applications, even by a user
with administrative privileges.
For desktop
Managing security and connectivity policies for endpoints can be a real IT
headache. Employees can inadvertently introduce worms, spyware, and other
threats into your network with their desktops or laptops. This can compromise
data, put employees at risk, and result in lost productivity. Host IPS for desktop
uses multiple proven methods — behavioral analysis, signature analysis, and
stateful firewall — to keep desktops safe.
42 INTERLOCKING PRODUCTS
McAfee Integrity Control
Reduce risk from unauthorized applications and change
It can be frustrating and difficult to prevent endpoints and servers from
deviating from the corporate standard. Unauthorized applications or changes
introduce malware, present compliance violations, and create software
licensing risks.
Combining industry-leading whitelisting and change control technology,
McAfee Integrity Control ensures that only trusted applications run on servers
and endpoints, while also enabling real-time change detection, accountability
to validate change activity, and change prevention to block unwanted activity.
Strengths
• McAfee ePO eases agent deployment, management, and reporting
• Provides information about every change, including the user and
program used
• Eliminates scan after scan of servers, databases, and network devices
• Low overhead footprint lets you increase control over fixed-function systems
INTERLOCKING PRODUCTS 43
McAfee Mobile Security for Enterprise
(formerly McAfee VirusScan Mobile Enterprise)
Strengths
• Always-on, real-time protection without interrupting connections
• Inline cleaning automatically removes infections
• Designed specifically for mobile threats with a minimal device footprint
• Regular over-the-air signature updates and alerts if an update fails
or a device becomes infected
• Reduces risk of sensitive data loss that can mean compliance violations
• Maintains usefulness and health of business-critical mobile devices
44 INTERLOCKING PRODUCTS
McAfee Network Access Control (for managed endpoints)
Protect your network from non-compliant or unknown systems
Visitors and contractors can introduce viruses, disrupt your networks, and
compromise your systems and data. You need to inspect each system before
it enters your network to ensure it meets minimum configuration standards,
and then monitor it to maintain and enforce compliance.
McAfee Network Access Control (NAC) for managed endpoints is a key com-
ponent of the McAfee Unified Secure Access solution. It works standalone or
in concert with the McAfee NAC Appliance or the McAfee NAC Module for
Network Security Platform.
Automatic remediation
To help remediate noncompliant systems, McAfee NAC endpoint software
can also identify and quarantine misconfigured or noncompliant systems. It
can remediate them automatically using McAfee Remediation Manager or
your existing remediation solution.
Through endpoint and network integration, it can both automatically block
attacks and remediate or quarantine non-compliant hosts, such as desktops,
servers, and handheld devices. This integration protects remote access, high-risk
branch offices, wireless networks, and critical systems that cannot run agents.
Strengths
• Support for both managed and unmanaged devices, including game
consoles, Macs, Linux systems, printers, VoIP phones, and copiers
• Broad enforcement options based on identity, system health, and more
• Centralized management and control lowers operational cost
INTERLOCKING PRODUCTS 45
McAfee Network DLP Discover Appliance
(formerly Reconnex iGuard Discover)
Strengths
• Crawls storage at two to four times the speed of other options, requiring
fewer appliances and less bandwidth than the competition
• Find the information you need to reduce risk by tuning policies, processes,
and user behavior
• Continues scanning automatically to detect new content
• Works with McAfee Network DLP Monitor and Network DLP Prevent
Appliances for comprehensive data lifecycle controls
46 INTERLOCKING PRODUCTS
McAfee Network DLP Manager
(formerly Reconnex inSight Management Console)
Enterprise-friendly operations
To cut deployment times, you can centrally create, tune, and manage policies
and distribute them out to multiple appliances. As you detect and manage
incidents, we make you more efficient with integrated incident workflow, case
management, remediation, and aggregated reporting. Through integration
with McAfee ePolicy Orchestrator, you can tap into comprehensive reporting
and auditing across systems.
Strengths
• Roles-based access control and intuitive investigation console
support collaboration
• Unified device configuration and management including health statistics,
traffic monitoring, and reporting
• Secure management access and communications
INTERLOCKING PRODUCTS 47
McAfee Network DLP Monitor Appliance
(formerly Reconnex iGuard Monitor)
Strengths
• One enterprise-class appliance inspects all ports, protocols, and content
types to scan all traffic
• Flexible policy creation enables safe, appropriate business operations
• Improve investigations and simplify case management
48 INTERLOCKING PRODUCTS
McAfee Network DLP Prevent Appliance
(formerly Reconnex iGuard Prevent)
Strengths
• Document registration allows rules to act even when content has
been modified
• Built in support for PCI, SOX, HIPAA, GLBA, FERPA, ITAR, NASD,
and other regulations
• Turnkey appliance designed for high-performance needs of enterprises
INTERLOCKING PRODUCTS 49
McAfee Network Security Manager
Simple, centralized control for multiple types of McAfee network sensors
McAfee Network Security Manager (NSM) gives you real-time visibility and
control over a complete range of McAfee network appliances, including
intrusion prevention system (IPS) sensors, network user and threat behavior
analyzers (NBA), and network access control (NAC) appliances. With its plug-
and-play operation, easy-to-use functions, and web-based management,
NSM saves you time, trouble, and operating costs.
Strengths
• Simple, granular security policy management
• Easy-to-use, preconfigured templates, recommended-for-block policies,
and out-of-the-box blocking
• Highly flexible and customizable reporting
• Automated, real-time threat updates
• Virtual IPS and always-on management
50 INTERLOCKING PRODUCTS
McAfee Network Security Platform
Advanced, proven intrusion prevention for every networked device
McAfee Network Security Platform (NSP) protects every network-connected
device by blocking attacks in real time before they cause damage. This
network-class, vulnerability-based intrusion prevention (IPS) appliance protects
an average of 80 days ahead of the threat.
A single appliance combines IPS, application and protocol anomaly, and
behavioral detection to guard against zero-day, DoS, DDoS, known exploits,
SYN flood, and encrypted attacks, plus threats like VoIP vulnerabilities, and
IM and peer-to-peer tunneling. NSP can also quarantine hosts, manage
application traffic, and — through optional Network Access Control soft-
ware — control network policy and enforce compliance.
Strengths
• The only IPS to hold the NSS Group’s 10-Gigabit IPS certification
• Carrier-class reliability and the highest port density platforms available
• Network, system, risk, and management product integrations guide actions
INTERLOCKING PRODUCTS 51
McAfee Network Threat Behavior Analysis
Network-wide threat visibility and assessment for enterprises
Attacks target your weak spots. As your network changes and grows more
intricate, threats within your network — anomalous activities, targeted attacks
including DDoS, and botnet zombies — require special attention. Gain insight
into your evolving risks by seeing the full context of threat events, including
the correlation of anomalies with host data and intrusion prevention system
(IPS) alerts and forensic-quality threat behavior data.
The McAfee Network Threat Behavior Analysis (NTBA) appliance reports
unusual network behavior by analyzing traffic from network switches and
routers called flow data. A single NTBA sensor efficiently collects traffic from
the entire network, or large segments of the network, for cost-effective,
network-wide visibility. In real time, it reviews host and application behavior
to detect unknown threats including worms, zero-day threats, spam, botnets,
and reconnaissance attacks traversing your network. When bandwidth use
spikes, instead of poring through logs, you can instantly assess the threat:
perhaps a denial-of-service attack, a worm, or innocent multimedia traffic.
Graphical views help you know with confidence how well you are mitigating
risks or pinpoint network segments and threat vectors that need a boost in
protection. You can even detect and shut down unauthorized or vulnerable
applications through NTBA integration with the McAfee Network Security
Platform (IPS), McAfee Network Access Control, and McAfee ePO.
Strengths
• Proactive, behavior-based threat detection to avoid network penetration
and disruption to business operations and productivity
• Supports switches and routers from Cisco, Juniper, and Extreme Networks
for cost-effective monitoring of network segments without IPS or firewalls
• Fully equipped with quad-core processors, RAID disk array, Gigabit
Ethernet connectivity, distinct flow capacity, and offline SAN storage
52 INTERLOCKING PRODUCTS
McAfee Network User Behavior Analysis (UBA)
The “who, what, where” solution for network user visibility
IT infrastructures and user communities change constantly, creating system and
network access and usage gaps that can be misused by insiders and partners.
Strengths
• Supports custom watch lists, behavioral thresholds, and alerts
• Validates segregation of duties and trust boundaries
• Detects anomalous, insecure, or malicious behaviors in real time
• Catches access bypasses, misrouted networks, unauthorized users on
network segments, and attack precursors such as scans and failed logins
• Leverages your existing network infrastructure and user directory
INTERLOCKING PRODUCTS 53
McAfee PCI Pro
One solution for file integrity monitoring, audit trail,
and network configuration
Sections 1, 10, and 11 of the PCI DSS 1.2 standard impose specific requirements
for network device configuration, audit trail, and file integrity monitoring.
McAfee PCI Pro helps you establish configuration standards for network
devices, then monitor servers and databases to ensure compliance in real
time — quickly, easily, and cost-effectively. It integrates file integrity monitoring
(FIM), audit trail, and network configuration to meet the requirements of
PCI DSS 1.2.
Affordable Security-as-a-Service
PCI Pro is sold via an annual subscription that minimizes up-front costs. There
is no hardware or software to purchase, install, or maintain at your site.
Strengths
• Tracks the files and registry objects most important for PCI compliance
• Real-time audit of access and changes to sensitive data and systems,
including servers, databases, network devices, and Active Directory servers
• Intuitive web interface lets you customize and search on filters and alerts
to find the events that matter
• Audit trails stored in a secure, isolated database
• Reduces the complexity of working with multiple database platforms,
multiple vendors, and multiple protocols
• Pre-packaged reports let you analyze large audit trails and prove compliance
54 INTERLOCKING PRODUCTS
McAfee Policy Auditor
Prove compliance by automating the IT audit process
These days, it’s not enough to be compliant; it’s critical to show it with a
high degree of accuracy — a daunting and time-consuming task. You spend
an inordinate amount of time and effort manually collecting data, mapping
IT controls to policy, and auditing devices, especially your mission-critical
servers, to identify policy violations and noncompliant systems. You need an
efficient and accurate alternative.
McAfee Policy Auditor simplifies the process of demonstrating compliance. It
automates manual audit processes and increases efficiency. Its proven agent,
extensive support for content standards, and transparent integration with
McAfee ePolicy Orchestrator (ePO) mean accurate, efficient audits, every time.
By mapping IT controls against predefined policy content, Policy Auditor
enables you to produce consistent and accurate reporting against internal
and external policies.
Strengths
• Fast, automated import of industry benchmarks through SCAP standard
• Real-time audit model and blackout window reduce business disruption
• Automation saves hours and days of tedious tasks
• Builds confidence with external auditors
• Enables organizations to prove compliance consistently
INTERLOCKING PRODUCTS 55
McAfee Remediation Manager
Automated remediation of noncompliant and vulnerable systems
Every day you feel squeezed by the pressures of regulatory compliance and
security threats. When a vulnerability is discovered, you know its exploit is
not far behind. Proactive vulnerability remediation is critical to reducing your
risk and maintaining compliance with regulations and policies.
By aggregating scan data from multiple sources and correlating this data with
its remedy library, McAfee Remediation Manager helps security and operational
teams rapidly assess and remediate vulnerabilities to meet compliance objectives.
Protect investments
Integrations with Policy Auditor, McAfee ePO, Vulnerability Manager, and
McAfee Network Access Control, plus support for third party vulnerability
assessment scanners, help you streamline processes and protect your IT
investments. These seamless integrations slice through the floods of data to
identify policy violations and vulnerabilities for remediation quickly — before
attacks occur.
Strengths
• Flexible enforcement, automated or on-demand
• Addresses all five classes of vulnerabilities and aligns with key regulations
• Aggregates and remediates scan data from multiple scanners
• Streamlines your workflow as you quickly evaluate, prioritize, schedule,
automate, and report on remediation activities
• Powerful reporting and centralized dashboard views
56 INTERLOCKING PRODUCTS
McAfee Risk Advisor
Take the guesswork out of securing your environment
What happens when you face an out-of-cycle patch, such as MS08-07 for
Conficker? Does your team have to scramble to test and apply patches? As
you evaluate risks, how do you know where to invest? Most organizations
rely on manual assessments to determine which threats affect which assets
and the mitigations that will make a difference.
McAfee Risk Advisor takes the guesswork out of protecting critical assets by
proactively correlating threat, vulnerability, and countermeasure information.
It pinpoints critical assets in need of immediate attention to let you direct
security efforts, while demonstrating the positive impact of deployed security
products. Its insight pays off in improved operational efficiency, reduced cost,
and an optimized security posture.
Strengths
• Reduces the cost and time associated with patching
• Demonstrates measurable ROI for existing security products
• Replaces manual tasks with real-time risk assessment to focus on
at-risk assets
• Centralized dashboard and integrated, real-time threat updates improve
situational awareness
INTERLOCKING PRODUCTS 57
McAfee Security for Email Servers
Robust content security for Microsoft Exchange and Lotus
Domino servers
Viruses and worms can spread through email attachments and data files
routinely shared through your email system and shared folder databases.
McAfee Security for Email Servers protects against these threats, blocks
spam, and filters messages containing unwanted content.
Content filtering
McAfee Security for Email Servers allows you to filter messages based on
size, attachment type, or contents. This lets you prevent inappropriate infor-
mation from coming into your network, as well as guard against compliance
violations caused by inappropriate or sensitive information traversing or leaving
your network.
Block spam
McAfee Security for Email Servers includes a built-in, optionally licensed
anti-spam capability. Third-party tests show that McAfee anti-spam blocks
approximately 98 percent of spam, with no false positives.
Strengths
• Prevents viruses and spyware from traversing your network via email
• Filters email content to preserve information security and reduce
corporate liability
• Protects all your email servers, including Windows, Linux, and AIX,
on 32 and 64 bit platforms
• Blocks spam and phishing messages (optional license)
58 INTERLOCKING PRODUCTS
McAfee Security for Microsoft SharePoint
Powerful protection for your SharePoint servers
With so much information shared throughout your business, you need
targeted security for your SharePoint document libraries. Otherwise, viruses,
worms, Trojans, and other threats can harm them.
Scalable management
McAfee Security for Microsoft SharePoint leverages your security investment in
the McAfee ePO platform. Comprehensive, graphical reports detail your security
posture and answer the question: “Are all my SharePoint servers protected with
the latest engine and virus definition files?” McAfee ePO supports remote
deployment and allows large enterprise rollouts to be managed easily from
a central location.
Strengths
• Advanced anti-virus technology
• Effective content filtering
• Centralized management and reporting
• Preset content rules
• Microsoft VSAPI support
• Automatic updating
• Enhanced quarantine management
INTERLOCKING PRODUCTS 59
McAfee SiteAdvisor® Enterprise
Worry-free web browsing and blocking for business users
While the Internet is a crucial business tool, cybercriminals are making it a
dangerous one. Now you can allow employees to surf and search the web
safely, using active technology to guide users away from malicious websites
and shield them from online threats.
With McAfee SiteAdvisor Enterprise, available in two versions, you do not have
to impose restrictive policies that keep your employees from using the web
for research and business projects. Your business users will have the freedom
to surf online, protected from web-based threats such as spyware, adware,
and phishing. Featuring an intuitive color-coded rating system — green, yellow,
red, or gray for unrated — SiteAdvisor Enterprise and SiteAdvisor Enterprise
Plus provide an extra layer of protection at the desktop.
Strengths
• Educates users for continuous protection against changing threats
• Integrated ratings support worry-free searching with Google, Yahoo!,
Bing, AOL, or Ask
• Enterprise Plus blocks access to unwanted sites based on custom blacklists
and whitelists, overall site ratings, and threat factors
• Easy to deploy, manage, and report on across the enterprise using
McAfee ePO
60 INTERLOCKING PRODUCTS
McAfee SiteAdvisor Plus (for home users)
Identifies risky websites and protects your PC
When any link can lead to a compromised website, it helps to know in
advance — before you click — if a link means trouble. McAfee SiteAdvisor
Plus goes beyond safe searching and browsing to provide active, real-time,
comprehensive protection from sites that can compromise your identity and
your PC. You and your family can safely shop and bank online, guarded by
advanced phishing protection, link checking in emails and instant messages,
and ‘Protected Mode’ to disable interaction with dangerous sites.
The core SiteAdvisor software displays simple red, yellow, and green website
safety ratings as well as McAfee SECURE™ trustmarks for sites passing rigorous
daily tests. These safety ratings reflect a massive database of test results from
millions of automated site visits, download installations, and email registrations.
Tests detect risks such as spyware, spam, phishing, and browser exploits.
Strengths
• Comprehensive advice about sites with spyware, spam, phishing, exploits,
and more, with support from McAfee computer security experts
• Simple icons appear when browsing, searching, instant messaging,
or emailing
• Password controlled Protected Mode prevents interaction with risky sites
• Updates and upgrades automatically to protect against new threats
INTERLOCKING PRODUCTS 61
McAfee SmartFilter®
Control and security for the Web 2.0 world
Today’s dynamic Web environment offers significant opportunity for increased
productivity and collaboration. However, expanded Internet use also often
translates into inappropriate use of the web at work and the associated
productivity drains, legal liability, and significant security challenges for the
enterprise. Malicious code and web-borne viruses can enter the network
when users visit an infected website — without users even knowing.
Strengths
• Includes solutions optimized for business and education
• Predefined filtering policies for over 35 million blockable websites in more
than 90 categories
• Simple installation, centralized management, and precision reporting
• Comprehensive coverage of all categories for no additional cost
62 INTERLOCKING PRODUCTS
McAfee Unified Threat Management (UTM) Firewall
All-in-one network security for small and medium-sized businesses
and branch offices
With network attacks on the rise — from both inside and outside the organiza-
tion — you must put security first. To safely leverage the Internet and enable
secure remote access to applications and content, small businesses and
remote sites need protection that does not require deep security knowledge
or onsite IT expertise.
Strengths
• Sets up in minutes and simple to use with an instant-feedback dashboard
• Unlimited user and VPN tunnel licensing
• Solid state reliability with VoIP services to ensure calls are not jittery
• One year of 24/7 phone support and hardware warranty included
• Centralized management and reporting
• High availability and load balancing (broadband, dial up, 3G, or ADSL2/2+)
INTERLOCKING PRODUCTS 63
McAfee VirusScan Enterprise
The ultimate way to keep viruses out of your desktops and servers
Enterprises cannot afford to wait for every threat to be identified and a signa-
ture file to be released. The time between attack and subsequent identification
is critical: the shorter, the better. It’s better yet if your protection technology
identifies new, unknown threats.
Strengths
• Cannot be disabled by hackers, malware, or fake anti-virus
• Centrally managed, monitored, and reported on through McAfee ePO
• Defends against threats that target Microsoft — especially Windows
services, Word, Excel, Explorer, Outlook, and SQL Server
64 INTERLOCKING PRODUCTS
McAfee VirusScan Enterprise for Linux
Always-on protection for Linux systems
Though most threats attack Windows systems, malware definitely does target
the Linux platform. Unprotected Linux systems may also act as carriers, allow-
ing viruses and malware to disrupt non-Linux operating systems throughout
the network. Even after an initial outbreak has been contained, viruses may
still be able to execute their payload and infect the entire network.
McAfee VirusScan Enterprise for Linux offers superior protection from the
growing numbers of viruses, worms, and other malicious code targeting
Linux systems. Always on the lookout for new viruses, its unique, Linux-based
on-access scanner constantly monitors the system for potential attacks. Artemis
technology blocks threats before signatures become available, and regular
automatic updates from McAfee Labs keep it abreast of the latest threats.
Strengths
• Continuous, on-access scanning
• Heuristic scanning to identify and block new variants and unknown threats
without the need to patch
• Archive scanning to discover and block viruses hidden within archived files
• Automatic updating without system reboots
• Cross-platform protection to block Windows malware
• Kernel module versioning for on-access scanning on new kernels without
having to recompile modules
INTERLOCKING PRODUCTS 65
McAfee VirusScan Enterprise for Offline Virtual Images
Purpose-built security for virtual environments
Virtualization makes enterprise applications easier to provision and deploy
than on physical servers. However, the consequence of easy deployment
is virtual machine (VM) proliferation, with more and more VMs created
throughout the IT environment. In today’s virtual environments, VMs that are
dormant for an extended time miss the latest patches. When these archived
VMs activate, their anti-malware security profiles can be precariously out of
date and their unpatched vulnerabilities put your entire infrastructure at risk.
Strengths
• Updates McAfee DAT signature files without bringing the VM online
• Integrated with VMware’s VMsafe integration tools for optimal
performance and security
• Facilitates real-time disaster recovery by securing offline virtual machines
at secondary sites
• Reduces migration issues with one solution for VMware, Microsoft,
and Citrix environments
66 INTERLOCKING PRODUCTS
McAfee VirusScan Enterprise for Storage
Unmatched virus protection for NetApp and EMC storage environments
Network-attached storage (NAS) devices hold a vast amount of business-critical
information, accessed and stored constantly by your users. Use McAfee
VirusScan Enterprise for Storage to keep viruses away with continuous,
on-access scanning that has minimal impact on filer access time.
Automatic remediation
Once it finds an infected file, VirusScan for Storage automatically cleans,
deletes, or quarantines it. By scanning files as they move to and from your
filers, you gain the ultimate in virus protection. Multiple scanners checking
multiple filers give you the power of parallel processing for optimal load
balancing and flexible failover protection.
Strengths
• Continuous, on-access scanning blocks viruses before they are stored
and prevents script-type threats, spyware, and unwanted programs
• One management platform
• Automatic updates of DAT files and scanning engines
• Rapid notification of alerts
• Works with EMC and NetApp filers, and Sun Storage devices
that support ICAP
• Enterprise-ready multi-scanner to multi-filer configurations
• Backed by the 24/7 global research team at McAfee Labs
INTERLOCKING PRODUCTS 67
McAfee VirusScan Enterprise for use with SAP
NetWeaver platform
Extending proven security to mission-critical business applications
While anti-malware software is a de facto standard with enterprise clients
globally, the vast majority of mission-critical SAP environments remain exposed
to potential security threats. With the expanding SAP product portfolio, there
are more opportunities to upload external, potentially infected, files to the SAP
NetWeaver environment, such as employment resumes, configuration files,
and templates. Infected files could potentially corrupt the entire database.
We can help with the first enterprise-class protection for this critical enterprise
asset: McAfee VirusScan Enterprise (VSE) for use with SAP NetWeaver platform.
It supports business continuity for mission-critical SAP environments and helps
ensure uploads of infected files do not corrupt the entire database.
Enterprise-class protection
McAfee is the only enterprise-class vendor to offer security that scans, quar-
antines, and remediates sensitive documents, configuration files, templates,
and other files before they ever reach the SAP environment. The product
offers real-time (on-access) scanning of any file uploaded or modified in the
environment and comes with the flexibility for deployment as a standalone
server or as a virtual machine.
Enterprise-class manageability
Use the same ePO management platform you use to control other McAfee
enterprise products. You get simple, centralized reporting, updates,
and auditing.
Strengths
• Real-time (on-access) scanning of any file uploaded or modified
in the environment
• Flexible deployment: standalone or virtual machine
• SAP certified integration partner
• Backed by 24/7 global research from McAfee Labs
68 INTERLOCKING PRODUCTS
McAfee VirusScan for Mac
Complete protection for Mac PowerPC and Intel-based systems
Leverage the award-winning McAfee scan engine to proactively hunt down
and kill Macintosh and Windows viruses, worms, Trojans, and other threats.
Automatic virus updating and cleaning protects you against infected Internet
downloads, such as spyware, adware, and other unwanted threats.
Centralized management
McAfee ePolicy Orchestrator can administer McAfee VirusScan for Mac for
easy policy configuration, deployment, enforcement, reporting, and manage-
ment across all your endpoints.
Strengths
• Familiar Apple Mac OS X Aqua user interface
• Fast on-access or convenient on-demand and full-disk scanning
• Automatic or on-demand one-click updating
• Universal deployment on either Intel-based or Power PC-based
Macintosh systems
• Kept up to date with proactive Artemis technology backed by the 24/7
global research team at McAfee Labs
• Centralized management and visibility across Mac, Windows,
and Linux clients
• Also available as part of comprehensive protection in the McAfee Endpoint
Protection for Mac suite (see Suites section of this document)
INTERLOCKING PRODUCTS 69
McAfee Vulnerability Manager
(formerly Foundstone Enterprise)
Identify exposures and policy violations, prioritize assets, and reduce risk
Network vulnerabilities and threats pose serious risks to all businesses. Com-
pound that with strict compliance and policy requirements and ever-increasing
network complexity, and you are bound to lose sleep at night.
McAfee Vulnerability Manager is more than just another network-based
scanner; it develops priorities by combining vulnerability, asset data, and
countermeasures to help you make decisions that are more informed. Threat
intelligence and correlation help you determine how emerging threats and
vulnerabilities affect your risk profile. You can deploy remediation resources
where you need them most, from assignment through resolution.
Strengths
• Helps you find and address the most business-critical threats
• Reduces the time spent managing assets through named asset scans, host to
IP binding, “air gap” network support, and management-layer integrations
• Flexible deployment options include appliance, software only (including
virtualization support), and subscription services
70 INTERLOCKING PRODUCTS
McAfee Web Gateway
(formerly Webwasher®)
Strengths
• Achieved 99.9 percent success in malware test published in PC Magazine
• Applies threat intelligence including category, reputation, signatures,
and proactive scanning and ends the blind spot of encrypted threats
• Enables expanded web use without worry of infection
or inappropriate content
¹ http://blogs.pcmag.com/securitywatch/2008/01/antimalware_performance_testin.php.
INTERLOCKING PRODUCTS 71
72 INTERLOCKING PRODUCTS
McAFEE SOLUTIONS
McAfee
Security-as-a-Service
1
http://blogs.zdnet.com/Gardner/?p=2855.
2
http://www.gartner.com/it/page.jsp?id=1223818.
3
McAfee, The Security Paradox, 2009.
The Most Comprehensive Security SaaS Portfolio
McAfee Security-as-a-Service solutions provide always-on-guard, integrated
protection for businesses of all sizes. These services protect against viruses,
spyware, spam, hackers, vulnerabilities, and web threats — with everything
managed conveniently using an online console. McAfee takes away the
burden of on-premises infrastructure from capital to maintenance costs.
74 INTRODUCTION
Service Configuration Choices
Available in three custom suites, Total Protection Service provides continuous
protection against known and unknown threats, automatic security updates
and upgrades, and around-the-clock technical support. With McAfee automat-
ed protection, there’s no need to dedicate IT staff to security maintenance or
to invest in additional security management software, on-premises hardware,
or technical support.
Web filtering of
unwanted websites
Inbound Filtering
Email Protection
Email Protection
& Continuity —
Email Security
& Continuity
McAfee SaaS
McAfee SaaS
McAfee SaaS
McAfee SaaS
McAfee Security-as-
a-Service Solutions
Centralize management
and reporting
Email Archiving
*Retain
data for 1 year,
or for multiple years
Message Continuity
*For
1 year, or for
multiple years
Security-as-a-Service 75
McAfee PCI Certification Service
PCI peace of mind from the world’s largest dedicated security company
and PCI-approved scan vendor
All organizations that capture, process, or store credit card data must dem-
onstrate proof of compliance with PCI DSS. The McAfee PCI Certification
Service provides step-by-step guidance and real-time analysis of compliance
status, so that companies can successfully navigate and complete the PCI
DSS requirements.
Tens of thousands of organizations around the world trust McAfee to audit
their PCI compliance status. McAfee PCI Certification Service includes quarterly
and on demand scanning, remediation assistance, technical support, the
self-assessment questionnaire, and a certificate of compliance. The service
is completely web-based, with Software-as-a-Service provisioning and no
hardware or software to deploy, install, or maintain.
Strengths
• Easy-to-use Software-as-a-Service
• Self-assessment questionnaire selection wizard and unlimited
technical support
• Automatic quarterly scans help you continue to demonstrate compliance
• Quarterly and on-demand scanning, includes dynamic port scanning,
port-level network services vulnerability testing, and web application vul-
nerability testing
• Generates PCI compliance reports ready to submit
76 Security-as-a-Service
McAfee SaaS Email Archiving
Get limitless storage, no hardware required
Businesses that rely on email can easily generate thousands of new messages
every day, constantly jeopardizing their ability to economically and efficiently
store email at their sites. With hardware-based solutions, such as tape
backup, companies must spend hours managing onsite servers to provide
continuous maintenance.
Strengths
• Security-as-a-Service model and multi-year licensing options let you
minimize time and capital expenditures
• Reduces your Exchange database size and maintenance burden
• Automatic, safe backup of emails to McAfee helps you easily comply
with document retention and compliance regulations
• Unlimited, in-the-cloud storage allows scalability, avoids data loss,
and ensures business continuity
• Easy online management and search tools help you satisfy discovery
needs and reduce administration efforts
• Included technical support helps resolve any issues around the clock
Security-as-a-Service 77
McAfee SaaS Email Inbound Filtering
McAfee SaaS Email Protection
Block inbound and outbound email-borne attacks in their tracks
Deploy this effective, reliable, fully Software-as-a-Service email security outside
your network to quickly and accurately prevent 99 percent of spam, phishing
scams, viruses, and other harmful content from entering your network —
without installing any hardware or software. Our redundant data centers,
with 99.98 percent availability, work non-stop as a first line of defense to
protect your email infrastructure and safeguard your communications and
information integrity.
Strengths
• Security-as-a-Service provides real-time threat checking of inbound
and/or outbound emails in the clouds
• Centrally managed the online SaaS management console
• Enforce corporate email policies while safeguarding your users, customers,
and partners.
• Our masking technology disguises your email server to thwart attacks,
while we block or quarantine spam, viruses, phishing frauds, directory
harvest attacks, mail bombs, and denial-of-service attacks.
• Support for encryption secures your email message content from
unauthorized examination.
78 Security-as-a-Service
McAfee SaaS Email Protection and Continuity
Keep your business connected and secured with email protection
Email is today’s engine of productivity as thousands of email messages pass
through a typical company’s servers every day. With all that email traffic,
managing email to reduce spam and to ensure uptime becomes a huge task
that continually diverts IT resources from strategic work.
Strengths
• Security-as-a-Service ensures inbound and outbound email availability
and protection even during a server outage
• In-the-cloud protection blocks more than 99 percent of spam and malware
before it reaches your network
• Continuous email storage, access, and use
• Automatic outbound email inspections keep your business compliant
with regulatory and workplace requirements
• Streamlines email management with a web-based portal — no need
for tape backups or on-site infrastructure
Security-as-a-Service 79
McAfee Total Protection Service
An always-on-guard Security-as-a-Service solution
Businesses of all sizes need to keep protection current while minimizing
downtime, costs, and the maintenance of multiple security products and
management systems. But with IT staff stretched thin and limited budget,
companies are looking for innovative ways to protect their users without
complex and expensive deployments and maintenance.
Strengths
• Proactive endpoint, email, web, and vulnerability assessment in a single,
integrated Security-as-a-Service eliminates the maintenance of multiple
security products
• Avoids the maintenance and costs of on-premises infrastructure as McAfee
manages your data offsite
• Fast deployment with a single, click-to-install link to all users and locations
• Automatic updates and upgrades reduce daily security maintenance
• Centralized, online management with the SecurityCenter allows for quick
security reporting, configuration, and visibility from any web browser
80 Security-as-a-Service
McAfee Vulnerability Assessment SaaS
The world’s network perimeter security standard
Protect the perimeter and you’ll defend your organization, brand, and cus-
tomers from hackers, data breaches, spyware, popups, browser exploits,
and phishing.
To help organizations around the world achieve this peace of mind, we
integrated complementary security technologies into a single service. McAfee
Vulnerability Assessment SaaS leverages our widely used vulnerability scanning
technology that currently helps protect more than 80,000 sites. We combine
this with security data gathered by continuously crawling the web, searching
for and identifying sites harboring malicious code, such as spyware.
The service helps you identify potential security issues through real-time insight
into the security status of your network perimeter, prioritize and delegate your
remediation responsibilities, and even demonstrate ROI. It provides transparent
objectivity by continually benchmarking and certifying your network perimeter
security status to widely adopted independent data security standards includ-
ing McAfee SECURE and PCI.
Strengths
• Software-as-a-Service delivery model cuts start-up time and eliminates costs
• Accurate, customizable daily audits for latest web application and network
perimeter vulnerabilities
• Includes technical and PCI DSS compliance support to ensure all the
resources you need to certify your PCI DSS compliance
• Continual benchmarks of your real-time security against the McAfee SECURE
and PCI data security standards, with meaningful reports to guide action
• Lets you promote your trustworthy status with the McAfee SECURE trustmark
Security-as-a-Service 81
McAfee Vulnerability Management Service
Quick, effective management of business-critical threats
McAfee Vulnerability Management Service provides comprehensive security
assessment through an easy-to-use web portal. It gives you a complete map
of your Internet-facing network, including wireless access points and load
balancers, along with vulnerabilities and security status. A fully hosted service,
there is no hardware or software to install or configure.
Simplified compliance
With executive-level metrics and reporting, Vulnerability Management Service
makes it easy to evaluate your security status, measure improvement, assess
costs, and compare your operational baselines against industry and govern-
ment compliance standards, including SOX, FISMA, HIPAA, and PCI DSS.
Streamlined remediation
Integrated remediation technology gives you exactly the information you
need to manage threats. It automatically creates, assigns, verifies, and closes
trouble tickets.
Automatic updates
Our Security Operations Center performs all patches and updates, giving you
up-to-the-minute threat technology and freeing your IT staff for other tasks.
Strengths
• Security-as-a-Service delivery model cuts start-up time and eliminates
hardware, software, installation, and management costs
• Shows you a hacker’s view of your network so you can detect and
close vulnerabilities in Internet-facing devices including databases
and wireless devices
• Lets you identify new threats and prioritize your response based on the asset
• Kept updated by vulnerability and threat experts, so you can focus elsewhere
• Helps you measure and prove compliance in preparation for audits
82 Security-as-a-Service
McAfee Web Protection Service
Hassle-free, 100 percent cloud-based web filtering
Web 2.0 has opened the door to sophisticated threats specifically designed
to evade detection by traditional web security measures. To protect your em-
ployees, customers, network, and intellectual assets, you need to block web
content known to be malicious as well as content containing unknown and
hidden attacks, blended threats, and spyware.
Strengths
• Software-as-a-Service lowers total cost of ownership since it is easy
to deploy with no hardware or software to buy, install, or maintain
• Number one rated malware protection stops even the latest Web 2.0
threats in the cloud¹
• Accurate reputation-based filtering with more than 90 categories
to choose from
• Simplified 24/7 web management of policies and configurations
• Customizable alerts and dashboards for instant access to the data you need
• Enforces policies based on your existing LDAP or Active Directory user groups
1
http://blogs.pcmag.com/securitywatch/2008/01/antimalware_performance_testin.php.
Security-as-a-Service 83
84 Security-as-a-Service
McAFEE SOLUTIONS
McAfee
Support and Services
1
McAfee Labs.
2
McAfee Unsecured Economies Report, January 2009.
3
McAfee, The Security Paradox, 2009.
Select the Help That Matches Your Organization
Tailor your technical support to get help fast, then add in relevant services
to be prepared and respond effectively.
• McAfee Corporate Support — Define your own technical support
experience with our a la carte software and hardware support programs.
See the comparison chart later in this section for details.
• McAfee Solution Services — Realize the full value of your McAfee
solutions. We help you assess, design, implement, and optimize your
security — all based on best practices and tools that ensure comprehen-
sive protection, minimize risk, and maximize your return on investment.
• McAfee University — Learn the real-world skills you need to effectively
fight today’s attacks and tomorrow’s threats. McAfee University combines
hands-on experience with expert instruction so you can get the most
from your McAfee security products.
• Foundstone® Professional Services, a division of McAfee — Build
a strong foundation for long-term security. Drawing from our deep and
broad experience, our experts address security issues from both a busi-
ness and technology perspective to deliver measurable protection for
your business.
• Foundstone Education — Give your in-house security team the tools
and methodologies they need to defend your business. Foundstone
combines interactive classroom demonstrations with hands-on labs.
You leave armed with a real-world understanding of how to address
critical security issues.
86 INTRODUCTION
McAfee Corporate Support
Key benefits
Security is not just about the purchase of a product. It’s about that product
keeping your business secure. With hundreds of new threats discovered
every day and data theft a big business, you need to be confident you are
protected and get help quickly if needed.
Because threats from other countries occur during their business hours, not
yours, McAfee provides follow-the-sun 24/7 support with the goal of having
you speak to an expert in less than 5 minutes. You will find highly trained and
certified security specialists and get the right information, support, service
skills, and replacement parts that you need.
Product Specialists
Multisite environments with hundreds of employees often invest in McAfee
Product Specialists whose higher level of training and experience helps them
identify and resolve complex issues faster.
Maximum Access
An assigned McAfee Labs researcher on site or located at McAfee can help
you understand how specific malware could affect your business and write
specific signatures to protect your specific infrastructure.
Assigned Technical
Resources
MISSION
CRITICAL
Global Issue
3 Management
24/7 Assistance Active Gold Active Gold Active Gold Active Gold
BUSINESS
Security Advisories Support Entitlement Support Entitlement Support Entitlement Support Entitlement
CONTINUITY
Daily Updates Required Required Required Required
GOLD SELECT
SELECT PLUS
MAXIMUM
PLATINUM
PLATINUM
PREMIUM
RESIDENT
ACCESS
ONSITE
SELECT
GOLD
Reduce risk
McAfee Solution Services help you avoid system downtime that can damage
your bottom line. Investing in the planned deployment of a centralized security
solution can not only reduce risk but also minimize your operational costs.
Faster time-to-value
Through our proven deployment methodology, customers can reduce delays in
product installation resulting from the initial learning curve of new technologies,
as well as costly problem diagnosis and remediation. Our experience enables
faster product migration so your investments deliver their full value as quickly
as possible.
• Strategize
Express packages
Pr
oa
ize
ctiv
• Security Quickstarts
Pla
im
e
Opt
ant
sig
era
De
p li
m
Co
Im ple m e n t
consulting@mcafee.com.
R e a ctiv e
Strategic Consulting
Effective information security management is more than just putting out fires.
Organizations must identify how they use information to meet their strategic
business goals, then determine the best ways to protect their information
assets throughout the information security lifecycle. Foundstone offers a wide
range of strategic security services that we customize to meet your business
needs. Our proven engagement methodology enables services ranging from risk
assessments, security governance reviews, and security roadmap development
to program development and secure software development lifecycle creation.
Foundstone is also committed to easing the pain of meeting compliance
requirements. Our experienced consultants have built methodologies and
direct approaches to assist customers to become compliant. From developing
security policies and procedures for critical infrastructure and SCADA systems
to managing ongoing compliance initiatives with regulations such as HIPAA
and GLBA, Foundstone offers a variety of services designed to help you meet
both business and regulatory compliance objectives. For example, PCI DSS
services can start with staff augmentation and include PCI quarterly scans,
source code review, and application and network assessments. When you
need a Qualified Security Assessor (QSA), Approved Scanning Vendor (ASV),
PA-DSS QSA, or support for a BITS Shared Assessment, Foundstone is ready.
Technology Consulting
Foundstone technology consulting services detail the immediate threats across
your enterprise and recommend appropriate responses, without a deluge of
irrelevant data. Foundstone methodologies identify where your organization
is vulnerable, not just where your network or applications are weak. Our
offerings can help with finding application security problems early in the
software development lifecycle through our threat modeling, code review,
and application penetration testing services. Foundstone has also traditionally
specialized in network and infrastructure testing that spans from internal and
external network testing to mobile device, VoIP, and wireless testing.
For more information, visit http://www.foundstone.com/us/index.asp.
Our instructors
Some of the world’s foremost network security experts and developers
of market-leading security technology teach Foundstone education and
training courses.
Instructors are noted experts, activists, advisors, and influencers on topics of
national security, cryptography, privacy, Critical Infrastructure Protection, and
Homeland Security issues, measures, and legislation. They have a broad range
of expertise through work with leading IT and financial services companies
and government agencies and are featured speakers at industry conferences.
For more information, visit
http://www.foundstone.com/us/education-overview.asp.
The era of complete protection from simple anti-virus has long passed.
In today’s world of sophisticated malware, targeted threats, and multi-
stage attacks, security needs to be smarter and it needs to be everywhere.
Our “Silicon to Satellite” vision is making this ubiquity a reality. Through
our technology alliances with the most relevant leaders in the IT industry,
McAfee security is being woven into the fabric of computing. We are
expanding our security footprint on almost every layer of the technology
stack, so that sensors at every layer can communicate and share information
to cover your entire enterprise.
• Through our partnership with Intel our technology will ship on processors
• McAfee security ships on two-thirds of all secure USB drives sold today
• Our whitelisting technology ships on NCR ATMs today and will soon ship
on those by Hitachi and Fujitsu, as well as multi-function devices from
other industry leaders
• More than 80 Security Innovation Alliance partners are integrating
their products with ours to maximize the value of existing investments,
reduce time to problem resolution, and lower operational costs
http://nvd.nist.gov.
1
McAfee Labs.
2
The Best Security for Your Business
Through McAfee Global Strategic Alliances and the McAfee Security
Innovation Alliance (SIA) Program, we have joined forces with some of
the most influential technology vendors in the world to help you create
a trusted technology environment.
96 INTRODUCTION
McAfee Global Strategic Alliances
Innovative joint solutions and integrated services
As technologies expand and evolve, threats change quickly, and security
must keep pace. But few individual companies have the security know-how
to match their innovations. That’s why leading vendors in every product cat-
egory, from silicon to satellites, are making McAfee their partner of choice.
With our Global Strategic Alliances, we work with select partners to
create bundled or embedded security that runs seamlessly with each part-
ner’s technology.
Only McAfee delivers industry-leading security in an open architecture, so
integration is easy and efficient. And because McAfee is a full-spectrum
security company, we offer each partner relevant expertise and capabilities
in a one-stop security solution.
TECHNOLOGY ALLIANCES 97
• Risk and Compliance — In a business world where efficiency is everything,
it no longer makes sense to see systems management and data security as
separate endeavors. Instead, top systems management vendors and their
customers are working with McAfee to build a bridge between systems
and security. A systems integration partner, for example, might deliver IT
operations solutions that include configuration and patch management.
But this partner might also need complete and automated data security,
vulnerability remediation, and proof of compliance to help customers
meet the latest guidelines for HIPAA. So that partner uses McAfee’s deep
expertise and open architecture to make full-spectrum data protection an
integral part of operations.
• Systems and Desktop Management — When systems vendors partner
with McAfee, they can offer complete systems and security management
packages. Their customers save money because they can continue to use
most of their existing technologies and processes while making their systems
far more secure — and easier to maintain. McAfee provides threat protection,
plus policy compliance, data loss prevention, and automated security up-
dates with centralized tracking and reporting, and the expertise to embed
these solutions deep into system, network, and management protocols.
• Virtualization — As companies extend their virtualized environments,
threats such as viruses, worms, spyware, and Trojans target software
vulnerabilities in virtual or offline images, and swift replication and server
sprawl threaten unsecured and unpatched servers. McAfee helps virtual-
ization partners offer their customers the benefits of virtualization with
complete and scalable security. McAfee’s centrally managed, customized
protection for online and offline virtual machines strengthens security, cuts
costs, and simplifies compliance. And McAfee’s network security products
protect VM server farms, secure virtualized desktops, and assess vulnerabilities
and identify risks as soon as they arise.
o ui
St p
P OR T FO
FEE
/
m
up
en
cA LI O
ck
tP
res
e Net w
M an c
Ba
pli or
rov
k
e M a n u fa c t u
m
o
Se
id er s
&C
cu r
Telco / ISPs
McAfee
Ri s k
it y
Strategic
Alliances
ri t y
Dat
t wa r
cu
aP
ot
Se
r
ec
ti o em
Sys t
S of
n
n
io
In
at
rn ST
US al
te
iz
R AT
et
EGIC F OC r tu
C Vi r
P
M to
an
uf uc
ac t o nd
ure
s Se mic
98 TECHNOLOGY ALLIANCES
Industry leaders teaming to secure your future
McAfee and its Global Strategic Alliance partners are ready to provide you
with better solutions that work better in your changing environment. Below
are some of the relationships that are expanding our security footprint. View
a complete, up-to-date list of partners at http://www.mcafee.com/us/partners/
global_strategic_alliances/partner_directory.html.
Adobe
Adobe revolutionizes how the world engages with ideas and information —
anytime, anywhere, and through any medium. McAfee and Adobe have
announced a global alliance to jointly deliver new solutions that will offer
more comprehensive security and allow customers to expand the reach of
data protection beyond the enterprise boundaries.
BMC
BMC and McAfee have joined forces to build the industry’s first truly enterprise-
ready solution for automated policy compliance, spanning software, patches,
service packs (for Microsoft Windows), power settings, configuration settings,
remediation of vulnerabilities, and security policy. The integrated solution
combines best-in-class technology from McAfee, through McAfee Policy
Auditor, coupled with BMC’s proven client management technology: BMC
BladeLogic Client Automation.
CommVault
McAfee and CommVault align to offer customers integrated enterprise solu-
tions that manage security beyond the endpoint to include data and network
protection. These integrated features are designed to help reduce costs and
improve threat protection and compliance management. With the availability
of the compatible McAfee-CommVault solutions, you can now more easily
manage security risk and data backup, recovery, and archival from a single
console. You gain faster and more concise decision-making about data integ-
rity, security, and protection status.
TECHNOLOGY ALLIANCES 99
HP
HP, the world’s largest technology company, simplifies the technology
experience for consumers and businesses with a portfolio that spans printing,
personal computing, software, services and IT infrastructure. HP’s Secure
Advantage portfolio provides an integrated approach to securing these plat-
forms to allow customers to more easily protect resources, protect data, and
provide compliance validation. The addition of McAfee products strengthens
HP’s Secure Advantage portfolio to enable superior business outcomes for
our joint customers. By combining best-in-class modular and interoperable
technologies from McAfee and HP, together with a full portfolio of HP and EDS
services, enterprises gain powerful and flexible end-to-end secure solutions
that meet their business needs today and tomorrow.
Intel
McAfee works with Intel technology in many key areas: data protection
technologies, security management, and system optimization. Intel is a lead-
ing technology platform company that develops advanced integrated digital
technology platforms for the computing and communications industries. Intel
offers products at various levels of integration, providing its customers and
partners the flexibility to create advanced computing and communications
systems and products. Intel’s products include chips, boards, software, and
semiconductor components that are the building blocks integral to computers,
servers, and networking and communications products.
NCR
McAfee and NCR partner to protect automated teller machines (ATMs) from
malware and unauthorized changes and ensure ATMs meet the Payment
Card Industry Data Security Standard (PCI DSS) and Sarbanes-Oxley (SOX)
compliance requirements. McAfee Embedded Security software, combined
with NCR’s APTRA software, allows NCR and its financial institution custom-
ers to enforce established software change policies and preserve the integrity
of ATM systems. McAfee Embedded Security software limits the run-time
environment of an ATM to just the code and files in the authorized inventory,
or whitelist. This ensures authorized code cannot be modified, deleted, or hi-
jacked (a process in which malicious code replaces authorized code in memory).
NCR has shipped over 70,000 ATMs with McAfee Embedded Security in over
100 countries and was named by The Banker Technology Awards as the winner
of the “Fraud Prevention Innovation in Retail Banking” category.
ity
Netw
ance
pli or
k
m
Co
Management
Se
ity Event &
Authentication
cur
Risk &
& Encryption
ity
ePO
Dat
Secur
ty
u ri
Log
aP
ec
te S
ro
c ti em
on Sy s t
OO
P EP E SE S
NNI INN T E RRFFAAC EC urity
Th
ef
,
t& TE ec es S vic
Fo er
ren
sics Oth S er
IT &
tampering • Guardium
• Secure databases against internal • Secerno
of wrong-doing
McAfee customers
Absolute Identification
Absolute ID is an innovative provider of data-centric protection products
and services. Every Absolute ID solution employs proprietary cryptography
technology that creates sophisticated, highly secure data files; dramatically
enhances data availability, confidentiality, and integrity; and prevents
unauthorized access or theft of digital data while lowering the total cost
of ownership.
AccessData
AccessData, a pioneer in the digital forensics industry, provides investigators
with the tools to preview, search for, analyze, process, and forensically pre-
serve electronic evidence for the purposes of criminal investigations, internal
investigations, incident response, and eDiscovery.
ArcSight
ArcSight (NASDAQ: ARST) is a leading global provider of compliance and security
management solutions that protect enterprises and government agencies.
ArcSight helps customers comply with corporate and regulatory policy,
safeguard their assets and processes, and control risk. The ArcSight platform
collects and correlates user activity and event data across the enterprise so
that businesses can rapidly identify, prioritize, and respond to compliance
violations, policy breaches, cybersecurity attacks, and insider threats.
Arxan
Arxan Technologies is a leading provider of application hardening solutions
that protect software applications from attacks to minimize risk to code and
data. Arxan’s advanced software protections secure enterprise applications
against unauthorized use, tampering, malware injection, and reverse engi-
neering. The GuardIT product defends, detects, alerts, and reacts to attacks
in real-time, through an approach that is threat-based, non-disruptive, proven,
and easy to use.
Bit9, Inc.
Bit9, a leader in enterprise application whitelisting, centrally controls which
applications are allowed on corporate desktops. Should an enterprise choose
to allow only approved software on its desktops, this ePO-integrated solution
delivers another layer of security, prevents desktop configuration drift, and
lowers management costs.
CommVault
A singular vision — a belief in a better way to address current and future data
management needs — guides CommVault (NASDAQ: CVLT) in the development
of Singular Information Management solutions for high-performance data
protection, universal availability, and simplified management of data on
complex storage networks. CommVault’s exclusive single-platform architecture
gives companies unprecedented control over data growth, costs, and risk.
CommVault’s Simpana software suite of products was designed to work
together seamlessly from the ground up, sharing a single code and common
function set, to deliver superlative Data Backup, Archive, Replication, Search,
and Resource Management capabilities.
eIQnetworks
eIQnetworks is redefining security and compliance management by fostering
collaboration across security, network, data center, and audit teams to more
quickly isolate the root cause of security issues and ensure compliance mandates
are being enforced. SecureVue uses information from the McAfee Network
Security Platform, ePO platform, and Vulnerability Manager, aggregating
and correlating not just logs but adding configuration, asset, performance,
vulnerability, and network flow data into a single, comprehensive enterprise view.
Guardium
Guardium, the database security company, delivers a widely used solution for
preventing information leaks from the data center and ensuring the integrity
of enterprise data. Guardium 7 addresses the entire database security and
compliance lifecycle, enabling users to assess database vulnerabilities, prevent
unauthorized access to sensitive data, monitor privileged users, enforce change
control policies, locate sensitive information, and automate the compliance
auditing process for PCI-DSS, SOX, NIST 800-53, and data protection laws.
LogRhythm
LogRhythm is a market leader in enterprise-class log and security information
and event management (SIEM) that helps organizations simplify compliance,
secure their assets, and optimize IT Operations. LogRhythm aggregates,
correlates, and archives data from a large number of endpoints and network
devices, including logs and events from a range of McAfee products.
Prevari
Prevari provides industry-leading solutions that objectively and quantitatively
measure, model, and manage technology risk. Prevari Technology Risk Man-
ager (TRM) enables organizations to lower the cost and complexity of IT risk
management by providing quantitative, actuarial-based metrics. TRM also
enables modeling and simulation, providing organizations with the ability to
determine the impact of risk mitigation activities before investing in technology,
process, or compliance initiatives.
Secerno
Secerno is a leading provider of active database security and control solutions,
delivering highly advanced and comprehensive database activity monitoring,
policy enforcement, and compliance auditing capabilities. Secerno DataWall
understands the intent of every SQL interaction with a database, allowing
Secerno DataWall to deliver accurate alerts, reports, and security policy
decisions on the fly.
Triumfant
Triumfant offers a one-of-a-kind ability to discover, diagnose, and repair
unwanted changes and unexpected conditions on endpoint computers and
servers, and automatically corrects those changes and conditions that are
problematic to the security, configuration, or performance of each machine.
Verdiem
Verdiem is an enterprise software company focused on PC Power Management
and Green IT. Verdiem’s flagship Surveyor software enables customers to
centrally control and reduce the energy used by PCs on their network by up to
60 percent without impacting end-users or IT. 400 corporations, government
agencies, and universities have deployed Surveyor on over 1 million PCs to
have a positive impact on the environment, reducing their PC energy waste
and carbon footprint.
Voltage Security
Voltage Security, Inc. provides innovative security solutions that protect
employee and customer data in email, documents, or databases. By enabling
end-to-end encryption (E2EE), Voltage’s solutions stop identity theft, enable
PCI compliance, support HIPAA/ARRA privacy guidelines, reduce risks associated
with outsourced or offshore development environments, and protect the
privacy of communications with employees, business partners, and consumers.
Voltage delivers end-to-end encryption with rapid implementation, reducing
total cost of ownership through the use of Voltage Identity-Based Encryption
(IBE) and a new innovation: Format-Preserving Encryption (FPE).
Refer to http://www.mcafee.com/sia
for the latest information on these
and other SIA partners.
Effective protection
Unlike point solution vendors, McAfee delivers broad, accurate, integrated
coverage. You protect every asset from traditional servers to mobile data
and virtual infrastructure. And research from McAfee Labs ensures that you
stay ahead of evolving threats.
Operational efficiency
Most security spending today is on operations. We emphasize integration
and management simplicity so you can cut costs and complexity. You im-
prove speed and accuracy every day, from mundane maintenance to patch
management and prompt, accurate resolution.
Sustainable compliance
When you use McAfee, you implement compliance controls as part of
effective security, and you reduce the headache, complexity, and expense
of compliance. Our experts stay current on regulations, so you can, too.
Pervasive optimizations directly target the tedious manual tasks that con-
sume time and introduce errors.
McAfee, Inc. The world’s largest dedicated security company.
3965 Freedom Circle You think about your company’s digital security
Santa Clara, CA 95054 and risk 24/7. So do we. We don’t sell storage,
1.888.847.8766 networking gear, or operating systems. We
just relentlessly tackle the world’s toughest
www.mcafee.com security challenges.
Our comprehensive solutions enable businesses
and the public sector to optimize security and
prove compliance, and we help consumers
secure their digital lives with solutions that
auto-update and are easy to install and use.
You can trust us to provide the best security
for your business. Security is all we do.