Home Business IT Security McAfee pushes 'Security Connected' vision

McAfee senior vice president and global CTO Michael Fay used the day two keynote session at the Focus 12 conference to promote the company's Security Connected platform.

Co-president Todd Gebhart was scheduled to give the presentation but a recent bout of pneumonia meant he could not attend the event.

The underlying idea is of an open environment covering all aspects of IT security and combining local and global intelligence. For example, there will be some malicious traffic or content that McAfee can block for all its customers, while individual organisations may choose to block certain traffic that McAfee can't because of the risk of false positives.

Context and orchestration are also important. The existing point-to-point integration between security products doesn't scale, so McAfee is working towards a shared layer that everything connects to (a common approach in enterprise integration).

The significance is that information from different subsystems needs to be interpreted as a whole in order to determine its significance: a series of events may individually seem innocuous, but when viewed together may reveal a high-risk situation.

For example, the fact that someone is active while they are on holiday is not of itself suspicious in these always-on times, but if the activity or the data being accessed doesn't fit the individual's usual habits, suspicions may be raised. And even if the user is known to upload data to (say) box.net, the transfer of data encrypted in a way that is not supported by officially installed applications strongly suggests something untoward is going on.

Historical security management is no longer sufficient, Mr Fey suggested. What is needed is realtime reporting and realtime compliance.

To that end, McAfee's ePO 5.0 is able to return realtime information for natural language enquiries such as 'get stopped service contains "windows update" from all machines' to identify PCs that aren't running Windows Update.

Mr Fey showed how this could be used in a situation where a vendor releases a security patch. ePO 5.0 can find the computers open to exploits (that is, they are running affected versions but not software such as an intrusion prevention system that provides mitigation). It can then be used to patch the software or apply some other form of protection.

Disclosure: The writer travelled to Las Vegas as the guest of McAfee.


Does your remote support strategy keep you and your CEO awake at night?

Today’s remote support solutions offer much more than just remote control for PCs. Their functional footprint is expanding to include support for more devices and richer analytics for trend analysis and supervisor dashboards.

It is imperative that service executives acquaint themselves with the new features and capabilities being introduced by leading remote support platforms and find ways to leverage the capabilities beyond technical support.

Field services, education services, professional services, and managed services are all increasing adoption of these tools to boost productivity and avoid on-site visits.

Which product is easiest to deploy, has the best maintenance mode capabilities, the best mobile access and custom reporting, dynamic thresholds setting, and enhanced discovery capabilities?

To find out all you need to know about using remote support to improve your bottom line, download this FREE Whitepaper.


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences, a PhD in Industrial and Business Studies, and is a senior member of the Australian Computer Society.