Home Business IT Security McAfee pushes 'Security Connected' vision

McAfee pushes 'Security Connected' vision

McAfee senior vice president and global CTO Michael Fay used the day two keynote session at the Focus 12 conference to promote the company's Security Connected platform.

Co-president Todd Gebhart was scheduled to give the presentation but a recent bout of pneumonia meant he could not attend the event.

The underlying idea is of an open environment covering all aspects of IT security and combining local and global intelligence. For example, there will be some malicious traffic or content that McAfee can block for all its customers, while individual organisations may choose to block certain traffic that McAfee can't because of the risk of false positives.

Context and orchestration are also important. The existing point-to-point integration between security products doesn't scale, so McAfee is working towards a shared layer that everything connects to (a common approach in enterprise integration).

The significance is that information from different subsystems needs to be interpreted as a whole in order to determine its significance: a series of events may individually seem innocuous, but when viewed together may reveal a high-risk situation.

For example, the fact that someone is active while they are on holiday is not of itself suspicious in these always-on times, but if the activity or the data being accessed doesn't fit the individual's usual habits, suspicions may be raised. And even if the user is known to upload data to (say) box.net, the transfer of data encrypted in a way that is not supported by officially installed applications strongly suggests something untoward is going on.

Historical security management is no longer sufficient, Mr Fey suggested. What is needed is realtime reporting and realtime compliance.

To that end, McAfee's ePO 5.0 is able to return realtime information for natural language enquiries such as 'get stopped service contains "windows update" from all machines' to identify PCs that aren't running Windows Update.

Mr Fey showed how this could be used in a situation where a vendor releases a security patch. ePO 5.0 can find the computers open to exploits (that is, they are running affected versions but not software such as an intrusion prevention system that provides mitigation). It can then be used to patch the software or apply some other form of protection.

Disclosure: The writer travelled to Las Vegas as the guest of McAfee.


Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.