Risk
5/12/2011
03:12 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

McAfee, Intel Launch Cloud Security Platform

The security service uses data loss prevention policies to stop leakage of sensitive data via mobile devices, end users, social networks, and private cloud applications.

Intel and McAfee announced the Cloud Security Platform this week at Interop 2011 in Las Vegas, a UBM TechWeb event. The CSP service is aimed at addressing AAA (authentication, authorization, and accounting), data and device governance, and stopping leakage of sensitive data via mobile devices, end users, social networks, and private cloud applications.

The suite is manageable through McAfee's ePolicy Orchestrator and relies on the Global Threat Intelligence (GTI) service, which aggregates threat and site reputation information from all McAfee's customers. It includes email security, data loss prevention (DLP), and Web security modules. Intel contributes APIs for integration as well as identity management, including provisioning/SSO, authentication, and application access monitoring. This draws upon technology from Nordic Edge, which Intel acquired in January. Nordic specializes in identity and access management, with a focus on mobile device authentication for cloud.

The CSP monitors communications channels between enterprise users, apps, and public cloud services. IT can define policies centrally and apply them universally across the three modules. For DLP, data can be monitored even when encrypted by a SSL proxy. Mobile devices are monitored via the VPN back to the corporate network. The Web security module provides content inspection to detect malware coming in and sensitive data going out, including through social media sites. Email security includes attachment scanning and integration with GTI. Enterprises can extend identity-based access control to public cloud and SaaS provider sites; the system also supports federated identity management standards like SAML, OAUTH, and OpenID.

Marc Olesen, McAfee senior VP and GM for content and cloud security, said CSP is the only offering of its kind currently available, The platform is available now on a subscription basis in three versions: on-premises, SaaS, or hybrid. Oleson stressed the ability to easily deploy to mobile users and branch offices while maintaining centralized management, rules creation, and reporting. For 100 users per year it is $81.89 per user and for 500 users per year it is $65.95 per user.

As with any DLP technology, the CSP's success depends on IT classifying sensitive content and properly tuning the rules engine. In addition, agents must be installed on all PC clients, easy enough on enterprise-owned systems, less so to cover users storing corporate data on personal devices. Agents are planned for BlackBerry, iOS, and Android. It remains to be seen if such systems--with inevitable false positives and potential over-restrictions--can be tolerated by users who have adopted cloud and mobile technologies for purposes of agility.

While the individual features of McAfee's suite are available from a variety of point products, integrating a complete set of client security, content, and Web application policy control and federated authentication into a single bundle promises to simplify enterprise deployments and minimize cracks in security enforcement.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8142
Published: 2014-12-20
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys w...

CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.