Risk
5/12/2011
03:12 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

McAfee, Intel Launch Cloud Security Platform

The security service uses data loss prevention policies to stop leakage of sensitive data via mobile devices, end users, social networks, and private cloud applications.

Intel and McAfee announced the Cloud Security Platform this week at Interop 2011 in Las Vegas, a UBM TechWeb event. The CSP service is aimed at addressing AAA (authentication, authorization, and accounting), data and device governance, and stopping leakage of sensitive data via mobile devices, end users, social networks, and private cloud applications.

The suite is manageable through McAfee's ePolicy Orchestrator and relies on the Global Threat Intelligence (GTI) service, which aggregates threat and site reputation information from all McAfee's customers. It includes email security, data loss prevention (DLP), and Web security modules. Intel contributes APIs for integration as well as identity management, including provisioning/SSO, authentication, and application access monitoring. This draws upon technology from Nordic Edge, which Intel acquired in January. Nordic specializes in identity and access management, with a focus on mobile device authentication for cloud.

The CSP monitors communications channels between enterprise users, apps, and public cloud services. IT can define policies centrally and apply them universally across the three modules. For DLP, data can be monitored even when encrypted by a SSL proxy. Mobile devices are monitored via the VPN back to the corporate network. The Web security module provides content inspection to detect malware coming in and sensitive data going out, including through social media sites. Email security includes attachment scanning and integration with GTI. Enterprises can extend identity-based access control to public cloud and SaaS provider sites; the system also supports federated identity management standards like SAML, OAUTH, and OpenID.

Marc Olesen, McAfee senior VP and GM for content and cloud security, said CSP is the only offering of its kind currently available, The platform is available now on a subscription basis in three versions: on-premises, SaaS, or hybrid. Oleson stressed the ability to easily deploy to mobile users and branch offices while maintaining centralized management, rules creation, and reporting. For 100 users per year it is $81.89 per user and for 500 users per year it is $65.95 per user.

As with any DLP technology, the CSP's success depends on IT classifying sensitive content and properly tuning the rules engine. In addition, agents must be installed on all PC clients, easy enough on enterprise-owned systems, less so to cover users storing corporate data on personal devices. Agents are planned for BlackBerry, iOS, and Android. It remains to be seen if such systems--with inevitable false positives and potential over-restrictions--can be tolerated by users who have adopted cloud and mobile technologies for purposes of agility.

While the individual features of McAfee's suite are available from a variety of point products, integrating a complete set of client security, content, and Web application policy control and federated authentication into a single bundle promises to simplify enterprise deployments and minimize cracks in security enforcement.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7407
Published: 2014-10-22
Cross-site request forgery (CSRF) vulnerability in the MRBS module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CVE-2014-3675
Published: 2014-10-22
Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet.

CVE-2014-3676
Published: 2014-10-22
Heap-based buffer overflow in Shim allows remote attackers to execute arbitrary code via a crafted IPv6 address, related to the "tftp:// DHCPv6 boot option."

CVE-2014-3677
Published: 2014-10-22
Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption.

CVE-2014-4448
Published: 2014-10-22
House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.