Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/12/2011
03:12 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

McAfee, Intel Launch Cloud Security Platform

The security service uses data loss prevention policies to stop leakage of sensitive data via mobile devices, end users, social networks, and private cloud applications.

Intel and McAfee announced the Cloud Security Platform this week at Interop 2011 in Las Vegas, a UBM TechWeb event. The CSP service is aimed at addressing AAA (authentication, authorization, and accounting), data and device governance, and stopping leakage of sensitive data via mobile devices, end users, social networks, and private cloud applications.

The suite is manageable through McAfee's ePolicy Orchestrator and relies on the Global Threat Intelligence (GTI) service, which aggregates threat and site reputation information from all McAfee's customers. It includes email security, data loss prevention (DLP), and Web security modules. Intel contributes APIs for integration as well as identity management, including provisioning/SSO, authentication, and application access monitoring. This draws upon technology from Nordic Edge, which Intel acquired in January. Nordic specializes in identity and access management, with a focus on mobile device authentication for cloud.

The CSP monitors communications channels between enterprise users, apps, and public cloud services. IT can define policies centrally and apply them universally across the three modules. For DLP, data can be monitored even when encrypted by a SSL proxy. Mobile devices are monitored via the VPN back to the corporate network. The Web security module provides content inspection to detect malware coming in and sensitive data going out, including through social media sites. Email security includes attachment scanning and integration with GTI. Enterprises can extend identity-based access control to public cloud and SaaS provider sites; the system also supports federated identity management standards like SAML, OAUTH, and OpenID.

Marc Olesen, McAfee senior VP and GM for content and cloud security, said CSP is the only offering of its kind currently available, The platform is available now on a subscription basis in three versions: on-premises, SaaS, or hybrid. Oleson stressed the ability to easily deploy to mobile users and branch offices while maintaining centralized management, rules creation, and reporting. For 100 users per year it is $81.89 per user and for 500 users per year it is $65.95 per user.

As with any DLP technology, the CSP's success depends on IT classifying sensitive content and properly tuning the rules engine. In addition, agents must be installed on all PC clients, easy enough on enterprise-owned systems, less so to cover users storing corporate data on personal devices. Agents are planned for BlackBerry, iOS, and Android. It remains to be seen if such systems--with inevitable false positives and potential over-restrictions--can be tolerated by users who have adopted cloud and mobile technologies for purposes of agility.

While the individual features of McAfee's suite are available from a variety of point products, integrating a complete set of client security, content, and Web application policy control and federated authentication into a single bundle promises to simplify enterprise deployments and minimize cracks in security enforcement.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9079
PUBLISHED: 2020-08-11
FusionSphere OpenStack 8.0.0 have a protection mechanism failure vulnerability. The product incorrectly uses a protection mechanism. An attacker has to find a way to exploit the vulnerability to conduct directed attacks against the affected product.
CVE-2020-16275
PUBLISHED: 2020-08-10
A cross-site scripting (XSS) vulnerability in the Credential Manager component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link.
CVE-2020-16276
PUBLISHED: 2020-08-10
An SQL injection vulnerability in the Assets component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database.
CVE-2020-16277
PUBLISHED: 2020-08-10
An SQL injection vulnerability in the Analytics component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database.
CVE-2020-16278
PUBLISHED: 2020-08-10
A cross-site scripting (XSS) vulnerability in the Permissions component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link.