Home Business IT Security McAfee pushes 'Security Connected' vision

Get all your tech news delivered to your mail box five days a week
iTWire UPDATE - it's FREE!


McAfee senior vice president and global CTO Michael Fay used the day two keynote session at the Focus 12 conference to promote the company's Security Connected platform.

Co-president Todd Gebhart was scheduled to give the presentation but a recent bout of pneumonia meant he could not attend the event.

The underlying idea is of an open environment covering all aspects of IT security and combining local and global intelligence. For example, there will be some malicious traffic or content that McAfee can block for all its customers, while individual organisations may choose to block certain traffic that McAfee can't because of the risk of false positives.

Context and orchestration are also important. The existing point-to-point integration between security products doesn't scale, so McAfee is working towards a shared layer that everything connects to (a common approach in enterprise integration).

The significance is that information from different subsystems needs to be interpreted as a whole in order to determine its significance: a series of events may individually seem innocuous, but when viewed together may reveal a high-risk situation.

For example, the fact that someone is active while they are on holiday is not of itself suspicious in these always-on times, but if the activity or the data being accessed doesn't fit the individual's usual habits, suspicions may be raised. And even if the user is known to upload data to (say) box.net, the transfer of data encrypted in a way that is not supported by officially installed applications strongly suggests something untoward is going on.

Historical security management is no longer sufficient, Mr Fey suggested. What is needed is realtime reporting and realtime compliance.

To that end, McAfee's ePO 5.0 is able to return realtime information for natural language enquiries such as 'get stopped service contains "windows update" from all machines' to identify PCs that aren't running Windows Update.

Mr Fey showed how this could be used in a situation where a vendor releases a security patch. ePO 5.0 can find the computers open to exploits (that is, they are running affected versions but not software such as an intrusion prevention system that provides mitigation). It can then be used to patch the software or apply some other form of protection.

Disclosure: The writer travelled to Las Vegas as the guest of McAfee.

OWN THE FUTURE OF SOFTWARE

Tomorrow, 26 August we’re delivering a FREE day of high-impact content to give you the know-how to lead in the App Economy. Please don’t be sorry you missed it.

• Keynotes on how software is rewriting businesses the world over, including our own backyard

• View code level details with context and repair problems quickly

• Fix problems in minutes before they wreak havoc

• Streams covering DevOps, Security and Management Cloud from pioneers at the coalface.

Register Now - it's FREE!

CLICK TO REGISTER!

ITWIRE SERIES - IS YOUR BACKUP STRATEGY COSTING YOU CLIENTS?

Where are your clients backing up to right now?

Is your DR strategy as advanced as the rest of your service portfolio?

What areas of your business could be improved if you outsourced your backups to a trusted source?

Read the industry whitepaper and discover where to turn to for managed backup

FIND OUT MORE!

Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences, a PhD in Industrial and Business Studies, and is a senior member of the Australian Computer Society.

Connect