Security Experts:

McAfee: Integration, Context-Aware Security Key to Strategy

LAS VEGAS - McAfee FOCUS 2012 - The security community generally can be counted on to agree on one thing – the amount of malware is growing. The question then becomes what to do about it.

At McAfee's FOCUS conference, running this week in Las Vegas, the answer being put forth involves both the application of "contextual security" and a commitment to integration.

"Context becomes critically important as we move forward and look at the diversity of devices," explained Candace Worley, senior vice president and general manager of endpoint security at McAfee.

McAfee Logo"I can do a boatload with my iPad," she continued. "I can download any app on it; I can surf the net at will on it; I can also get to my corporate email on it. Obviously on my corporate laptop, it's a much more locked down environment."

Depending on a number of factors such as where she is geographically, what device she is using and what data she is trying to access, a company administrator may want to apply a different policy, she said.

"So the direction that we're taking our endpoint security services… [is the] direction of enabling IT administrators to apply dynamic policy based on context."  

Key to this is the company's portfolio of security software stretching from the PC to the smartphone and its global threat intelligence information, she said.

The company announced several additions to its endpoint portfolio today, which are slated to be available in the fourth quarter: a new version of Deep Defender, enhanced with the ability to detect rootkits that infect the master boot record (MBR); Endpoint Encryption for PC or Mac, updated to improve performance; and McAfee Application Control, which includes the ability to control how a non-whitelisted application can be approved. In addition, the company also announced a new version of Enterprise Mobility Manager that supports Apple iOS 6 and integrates with the latest version of McAfee Secure Container for Android 2.0.

Another technology added to the mix is a new Asset Manager included in McAfee Vulnerability Manager that allows organizations to automatically discover and inspect assets as they connect to the network. This includes smartphones, tablets, servers, laptops and other devices. 

But no one vendor has the answer for all things security, company officials said. In that vein, McAfee established the Security Innovation Alliance (SIA) program a few years and created a set of APIs and SDKs to help other security vendors to integrate with ePolicy Orchestrator (ePO), Worley noted.

"The whole driver behind that was we recognized as a corporation that we will not be able to be all things to all companies from a security perspective," she said. "If we try, we probably wouldn't very good at any of it."

"That was really our first step towards enabling other vendors – some of which were competitors, some of which were not – to integrate into ePO and allow our customers to get greater value in the investment they made in ePO," she said.

As the company moves forward with its "Security Connected" platform strategy, there will be elements in that platform that will also require McAfee to work with partners in order to enable customers to get greater value, she said.

Security Connected has evolved for the company, said Michael Fey, McAfee's worldwide CTO. Today, the company wants to set up a "data exchange layer" where technologies can be integrated and data can be queried to apply context and make it more secure. The idea, he said, is to open up some of McAfee's architecture to allow partners to work with the company and enable them to deliver solutions that can be tailored to certain verticals.

"What I envision is less about McAfee and other security providers getting together and putting our stuff in one big database," said Michael Fey, worldwide CTO. "What I'm more excited about is opening up my plumbing so that customers [saying], 'I also want these guys, and this guy, and this guy' running through the veins of my solution, they can do that. I feel like that's more viable because it lets each security company maintain their identity, maintain who they are." 

Subscribe to the SecurityWeek Email Briefing
view counter
view counter