Gale told attendees at the company's Focus 2010 security conference that the business use of Mac OS X and Linux was increasing, and that "compliance" dictates the use of equivalent protection on all endpoints.
Real threats to Mac OS X have been limited to the occasional Trojan, such as RSPlug, which purported to be a QuickTime codec installer but was actually a DNS hijacker.
Gale pointed out that an unprotected device could propagate malware to a Windows computer. True enough, particularly for old-fashioned file-infecting viruses, but if he is talking about intra-organisation propagation, wouldn't such threats be picked up by the security software running on the Windows-based computers?
Anyway, McAfee's Mac and Linux products are available for those who consider such defences necessary.
Find out more about the products on page 2.
Senior technical lead Pavan Kumar explained that the application firewall was capable of distinguishing between the various binaries in an application package. One way this could be used is to grant Internet access to the main application but not its associated updater to ensure that new versions are not used until they have been vetted by the IT department.
The desktop firewall (which is really just a front end to the ipfw firewall included but left open in Mac OS X) allows rules based on port numbers, protocols, and IP addresses or domains. It includes a stealth mode to block incoming ICMP pings.
Endpoint Protection for Mac can be used in unmanaged mode, or it can be managed through ePolicy Orchestrator (ePO). In the latter case, users with administrator privileges can change the settings but they will be reset by ePO within five minutes.
VirusScan Enterprise for Linux allows on-access or on-demand scanning, optional management from ePO, and works with a variety of distributions including Red Hat Enterprise Linux, Suse, Fedora, Ubuntu, and Open Enterprise Server. It also has a web interface.
Unlike their Windows counterpart, neither version takes advantage of McAfee's Global Threat Intelligence service which provides real-time access to the latest threat information. Gale said the company was aware that customers expect parity with the Windows product, but gave no indication of when - or even if - that would be provided.
Disclosure: The writer travelled to Las Vegas as the guest of McAfee.