McAfee’s annual FOCUS security conference usually showcases some great new product offerings, and this year they’re especially compelling. The first is an end-to-end threat protection solution to combat advanced malware. It’s dubbed Find, Freeze and Fix, and it leaves the single-feature, static analysis sandboxing products in the dust. This comprehensive solution addresses all three requirements for countering today’s stealthy threats: the ability to find advanced malware with the new McAfee Advanced Threat Defense appliance, the ability to freeze the threats with McAfee network solutions, and the ability to initiate a fix with McAfee Real Time Advanced for ePO.
I really like the simplicity of this approach; it belies the fact that there’s a whole lot of advanced technology behind it. And it’s especially useful for the public sector, where dollars are scarce. You don’t have to patch together a grab bag of different security products – many of which probably don’t integrate with each other. Instead you can save time, money and headaches with an integrated approach like Find, Freeze and Fix.
IDC’s John Grady, research manager for Security Products at IDC, speaks to this very issue: “With employees being more mobile and multi-device oriented than they’ve ever been, it is impossible to defend against all attacks with a single product. Integrated solutions that combine network and endpoint-level visibility and controls are the best way to combat targeted attacks and quickly enable remediation.”
That’s why McAfee adopted the Security Connected approach and that’s why we’re so committed to it. Find, Freeze and Fix incorporating the new McAfee Advanced Threat Defense is a great example of how this connected vision works in real settings.
In another enhancement to Security Connected, McAfee announced the industry’s first “endpoint aware” security information event management (SIEM) solution with real time system state information to enhance situational awareness and streamline incident response. This is an integration of our Enterprise Security Manager (ESM), which manages big security data, with McAfee Real Time, which provides deep system insight. With such an integrated tool, departments and agencies can proactively query, collect and analyze in real time information about the internal operations and configuration of endpoints across the enterprise.
The ability to gather this important contextual data, previously unavailable to SIEM, allows security analysts to immediately determine the root cause of attacks, identify systems subject to the same compromise and gain actionable intelligence for precise remediation – all in real time and from a single console. Furthermore, with Security Connected, security analysts can turn this actionable intelligence into intelligent action – issuing policy change, quarantine and vulnerability scan commands directly from the SIEM. This solution is just another proof point of the McAfee Security Connected platform of integrated, intelligent and connected security solutions that are needed in the battle against advanced threats.
Both these new offerings – Find, Freeze and Fix incorporating the new Advanced Threat Defense, and SIEM with real time awareness – illustrate why I’m glad I represent a company that gets it in terms of integration. Our customers in the federal and critical infrastructure markets need products that work with each other, not against each other. Their security dollars need to stretch a long way, and they can’t afford one-off solutions that don’t advance their overall security posture. I need to be confident that’s what we’re providing. It’s good to have further proof that Security Connected is not just a slogan; it’s real.