Risk
5/12/2011
03:12 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

McAfee, Intel Launch Cloud Security Platform

The security service uses data loss prevention policies to stop leakage of sensitive data via mobile devices, end users, social networks, and private cloud applications.

Intel and McAfee announced the Cloud Security Platform this week at Interop 2011 in Las Vegas, a UBM TechWeb event. The CSP service is aimed at addressing AAA (authentication, authorization, and accounting), data and device governance, and stopping leakage of sensitive data via mobile devices, end users, social networks, and private cloud applications.

The suite is manageable through McAfee's ePolicy Orchestrator and relies on the Global Threat Intelligence (GTI) service, which aggregates threat and site reputation information from all McAfee's customers. It includes email security, data loss prevention (DLP), and Web security modules. Intel contributes APIs for integration as well as identity management, including provisioning/SSO, authentication, and application access monitoring. This draws upon technology from Nordic Edge, which Intel acquired in January. Nordic specializes in identity and access management, with a focus on mobile device authentication for cloud.

The CSP monitors communications channels between enterprise users, apps, and public cloud services. IT can define policies centrally and apply them universally across the three modules. For DLP, data can be monitored even when encrypted by a SSL proxy. Mobile devices are monitored via the VPN back to the corporate network. The Web security module provides content inspection to detect malware coming in and sensitive data going out, including through social media sites. Email security includes attachment scanning and integration with GTI. Enterprises can extend identity-based access control to public cloud and SaaS provider sites; the system also supports federated identity management standards like SAML, OAUTH, and OpenID.

Marc Olesen, McAfee senior VP and GM for content and cloud security, said CSP is the only offering of its kind currently available, The platform is available now on a subscription basis in three versions: on-premises, SaaS, or hybrid. Oleson stressed the ability to easily deploy to mobile users and branch offices while maintaining centralized management, rules creation, and reporting. For 100 users per year it is $81.89 per user and for 500 users per year it is $65.95 per user.

As with any DLP technology, the CSP's success depends on IT classifying sensitive content and properly tuning the rules engine. In addition, agents must be installed on all PC clients, easy enough on enterprise-owned systems, less so to cover users storing corporate data on personal devices. Agents are planned for BlackBerry, iOS, and Android. It remains to be seen if such systems--with inevitable false positives and potential over-restrictions--can be tolerated by users who have adopted cloud and mobile technologies for purposes of agility.

While the individual features of McAfee's suite are available from a variety of point products, integrating a complete set of client security, content, and Web application policy control and federated authentication into a single bundle promises to simplify enterprise deployments and minimize cracks in security enforcement.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-6651
Published: 2014-07-31
Multiple directory traversal vulnerabilities in the Vitamin plugin before 1.1.0 for WordPress allow remote attackers to access arbitrary files via a .. (dot dot) in the path parameter to (1) add_headers.php or (2) minify.php.

CVE-2014-2970
Published: 2014-07-31
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5139. Reason: This candidate is a duplicate of CVE-2014-5139, and has also been used to refer to an unrelated topic that is currently outside the scope of CVE. This unrelated topic is a LibreSSL code change adding functionality ...

CVE-2014-3488
Published: 2014-07-31
The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.

CVE-2014-3554
Published: 2014-07-31
Buffer overflow in the ndp_msg_opt_dnssl_domain function in libndp allows remote routers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS Search List (DNSSL) in an IPv6 router advertisement.

CVE-2014-5171
Published: 2014-07-31
SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and other sensitive information by sniffing the network.

Best of the Web
Dark Reading Radio