McAfee Inc. Sagena Security Day 4; 2010-09.22 Zagreb · Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1Q2 Q3 2006 2007...
Transcript of McAfee Inc. Sagena Security Day 4; 2010-09.22 Zagreb · Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1Q2 Q3 2006 2007...
September 23, 2010September 23, 2010
McAfee Inc. – Sagena
Security Day 4; 2010-09.22
Zagreb
22
Have you ever heard of McAfee Inc.? – Company intro / acquisitions
Cybercrime update
Solution overview
Value of integration and Global Threat Intelligence
3
NEWS HIGHLIGHTS:
•Intel Corporation has entered into a definitive agreement to purchase of all of
McAfee’s common stock for $48 per share in cash, valuing the deal at
approximately $7.68 billion. McAfee will operate as a wholly-owned independent
subsidiary, reporting into Intel’s Software and Services Group.
•Acquisition enables a combination of security software and hardware from one
company to ultimately better protect consumers, corporations and governments
as billions of devices - and the server and cloud networks that manage them - go
online.
•Intel elevates focus on security on par with energy-efficient performance and
connectivity. The acquisition augments Intel’s mobile wireless strategy, helping
to better assure customer and consumer security concerns as these billions of
devices connect.
•Intel has made a number of software-related acquisitions of leaders in their
respective industries that also rely on great silicon, including Wind River, Havok
and now McAfee
Intel to Acquire McAfee
4
McAfee: Securing the Digital World
Founded 1987—The World’s Largest Dedicated Security Company
- 83% of Fortune 100 companies rely on McAfee
- More than 150M user desktops protected
- Single deployments in excess of 5M desktops
- 6,102 McAfee employees globally
- Presence in 120 countries
- R&D in 26 countries- 445 patents, many more pending
Largest Dedicated Security & Compliance Vendor
$0
$300
$600
$400
$M
$100
$200
$500
17 consecutive quarters of double-digit
year-over-year revenue growth
Q3Q1 Q2 Q4 Q3Q1 Q2 Q3 Q4 Q1 Q2
2006 2007 2008
Q4 Q1
2009
Q2 Q3 Q4 Q1
2010
6
McAfee’s Customers Represent Every Industry
Trust Digital Now Part of McAfee
September 23, 20107
McAfee Acquires
Trust Digital
Advancing Mobile Security and Management
McAfee to acquire tenCube
8
WaveSecure mobile security service.
Adding WaveSecure’s locate, lock, back-
up and wipe technology to Trust Digital’s
enterprise mobility management and
McAfee’s mobile security technology,
gives McAfee the capabilities it needs to
deliver the industry’s most complete
next generation mobility platform.
Language: EnglishMobile NoSign In
September 23, 20109 ‖―The desktop internet ramp was just a warm-up act for what we’re
seeing happen on the mobile internet. The pace of mobile
innovation is ―unprecedented, I think, in world history. Mary Meeker, Morgan Stanley – April 2010
New Wave of Change Within the Enterprise
AndroidiPhone iPad
“Agents of Change”
Today’s Business Challenge: Transformation of
Enterprise Mobility
September 23, 201010
The Old Problem:
Mobile Email
Secure Mobile
Messaging
The New Problem:
Enterprise Mobility 2.0
Secure Mobile App
Management
Web and
Social Media
Enterprise and
LOB Apps
Basic
ServicesCustomer Facing
Apps
Trust Digital
• Data Protection
• Compliance
• Self-Service Provisioning
• Security Policy Management
Mobile Enterprise App Evolution is Moving Rapidly
September 23, 201011
The Right Life Cycle for Mobile Device Management
Sept
emb
er
12
Trust Digital Enterprise Mobility
Management Life Cycle Management Provisioning Self-service provisioning sets security policies,
configures network connectivity, automatically
personalizes devices for users by configuring email
and other applications.
Security & AuthenticationEach device is issued a unique digital certificate to
strongly authenticate it to the enterprise network.
Policy ManagementSecurity policies and configuration updates are pushed
in real-time to the device over-the-air including selective
and remote wipe, if the device is lost or stolen.
ComplianceDevices are automatically checked prior to network
access to ensure that only authorized, managed, and
secured devices access enterprise applications and
services.
IT Operations SupportManage policies and devices and get reports through
their web browsers. Consoles access is role based
leveraging directory authentication and groups.
IT Ops
Support Provisioning
Compliance
Mobile
Device
ManagementSecurity &
Authentication
Policy
Management
IT Ops
Support Provisioning
Compliance
Mobile
Device
ManagementSecurity &
Authentication
Policy
Management
Cybercrime Update
Unprecedented Malware Growth
Q4 threat report McAfee Labs had approx. 33.3 million pieces of malware
at the end of 2009, compared to approx. 16.3 million at the end of 2008.
That's 104% increase, or a doubling of malware in a year.35,000,000
30,000,000
25,000,000
20,000,000
15,000,000
10,000,000
0
5,000,000
Jan
2008
DecFeb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan
2009
Feb Mar Apr May Jun Jul Aug Sep Oct Nov
Source: McAfee Labs
Device Proliferation Continues
Device proliferation,
coupled with the blurring
of lines between work and
home and business and
social communications,
can put organizations at
risk. Security policies and
procedures that engage
employees to think about
not only their PCs but
their storage devices and
other mobile devices is
critical.
57%U.S. workers use social
media for business 2
1 Source: Osterman Research,
North America figures
2 Source: IDC
82%Users who check
work email at home 1
Hundreds of
millionsThumb drives
shipped annually
From 23% to 40%in 2010
Employees using company-
provided mobile devices 1
Today’s Cybercrime Landscape
Daily new malware threats10,000
More Malware Variations
Active new zombies per month4M Attack Target
Users vs. Machines
New malicious website detected
30Seconds
Malware is obfuscated85%
Web 2.0is the Catalyst!
Toolkits & Obfuscation
Of all threats are financially
motivated
90%
Sept
emb
er
18
Malicious Advertising = Malvertizing
• Space sold to ad networks
• Multiple layers of redirection
• Previously served:
–fake Anti-virus
–exploits
September 23, 2010Title
of
18
A Closer Look at poisoned Web search results and
topical news
This year’s most poisoned search topics:
• Haiti earthquake
• Chile earthquake/Hawaii tsunami warning
• Toyota recall
• Apple iPad
• 2010 NCAA bracket/March Madness
• Tiger Woods apology
• Sea World orca attack
• Olympic luge tragedy
• Groundhog Day
• U.S. Health Care Reform Bill
Jan MarFeb
2010
20,000
15,000
5,000
0
10,000
Unique Malicious Domains in Q1 2010
19
Unique Fake Anti-Virus alert Samples Discovered
During a 10-day span, we saw 45,000
new Fake Alert samples in our database.
Q1 Q1Q4Q3Q2Q1Q4Q3Q2
2008 2009 2010
700,000
600,000
500,000
400,000
0
300,000
200,000
100,000 For many products, only the name
changes. This trick maximizes the
chances of catching victims and reduces
the amount of work for the developers.
Number of samples in our database
http://www.youtube.com/watch?v=Pos58sONgco&feature=related
• McAfee free resources available to businesses, government
– McAfee Threat Resource Center (blog, podcasts, whitepapers) http://www.mcafee.com/us/threat_center/default.asp
• McAfee Support Notification Service (SNS) Subscription
Preference Center
• http://my.mcafee.com/content/SNS_Subscription_Center
• provides valuable product information via email to help you
maximize the functionality and protection capabilities of your
McAfee product includes: virus/malware outbreaks; DAT file
false-positives; product vulnerabilities; and critical remediation
updates. updates, upgrades, patches, EOS/EOL, release
notices; operational issues (password resets, portal issues;
etc.).
• McAfee free resources available to consumers
– McAfee Security Advice Center http://home.mcafee.com/securityadvice)
– H-Commerce documentary series http://www.stophcommerce.com
– McAfee Facebook security http://www.facebook.com/mcafee
McAfee Resources for you
Security
Journals
Award Nominated
Security Blog
Security Podcast
23
Security
Interlock
?
Today’s IT Security Product Landscape
StillSecureCheck Point
StonesoftTop LayerRadware
McAfeeSymantec
Credant
CiscoWebSense
SymantecConfigureSoft
(TrendMicro)
SkyReconMicrosoftG dataTrust PorteScanBitDefenderAvira
McAfee
MicrosoftIBMTrendMicro
McAfeeCisco
JuniperCheck Point
StonesoftSonicWALL
SymantecWebsense
McAfeeBarracuda
TrendMicroSymantec
Cisco
SonicWALL
McAfeeSymantec
TrendMicroSophos
Microsoft
McAfeeCiscoTrend
BarracudaCA
WntrustWinMagic
BorderWareIBMWinMagic
McAfeeSymantec
Bit9 Parity SuiteCoretrace Bouncer
Lumension App ControlSignaCert EnterpriseMicrosoft Applocker
TripwirenCircle FIM
WebSenseBorderWareMicrosoftProofPoint
CA
Check PointIBM
BigFix
Mi5(Symantec)Facetime CP Secure
SophosAppsenseLan Desk
Savant Protection
Opsware IBM/Tivoli ConfigEMC Config Solution BMC Bladelogic
HP
winMagic
Check PointSophosCredant
GuardianEdge (Symantec)
IPS
DLP
Encryption
Web
Firewall
Endpoint
RiskMgmt
WhiteListing
JuniperCiscoIBMEntrasys
McAfeeTippingPointSnortHP
McAfeeIBM
MicrosoftnCircle
24
Security
Interlock
Today’s IT Security Product Landscape
McAfee
McAfee
McAfee
McAfee
McAfee
McAfee
McAfeeMcAfee
McAfee
IPS
DLP
Encryption
Web
Firewall
Endpoint
RiskMgmt
WhiteListing
25
McAfee Security Leadership Across the Board
Ab
ilit
y t
o E
xe
cu
te
Completeness of Vision
Challengers Leaders
Niche Players Visionaries
Mobile Data Protection
Firewall
Network DLP
Web Security
Email Security
Network IPS
System Security
System Security
Network IPS
Email security
Web Security
Network DLP
Firewall
Mobile Data Protection
Inte
gra
ted
Source: Gartner
PROTECTIONREAL TIME
THREAT FEEDS
ACTIONABLE
INFORMATION
SECURITY
METRICS
ePO
DLP Web IPS SIA
Endpoint
WhiteListing
Encrypt.RiskMgmt Email Firewall
26
Security Management Platform: ePO
Executive
Security
Admin
IT
Architect
Integrates with
IT Operations Platforms
Security Management Platform
McAfee LabsMore than 350 researchers across 30 countries.
Millions of sensors across the globe.
All dedicated to protecting you from the latest threats.
You Are Not Alone In Fighting Cyberattacks
• 50,000 pieces of malware identified each day
• 4 billion queries to Global Threat Intelligence cloud a monthMalware
• Protection from vulnerabilities averaged 80 days
ahead of exploit in 2008
• 72% of Microsoft vulnerabilities in 2008 protected
at the endpoint without a host IPS-signature update
Vulnerability Analysis
• 20 billion mail reputation queries each month
• More than 10 billion messages analyzed each monthEmail Security
• 100 million IP and port reputation queries each month
• 10 million intrusion prevention system alerts monitored
and analyzed daily
Network Security
• 75 billion web reputation queries each month
• One new malicious web server identified every 60 seconds
• More than 32 million websites rated across 96 categories
• More than 5 million new zombies discovered monthly
• More than 200 million downloads analyzed daily
Web Security
28September 23, 2010
Global Threat Intelligence (GTI)
Spans the entire Internet
including millions of sensors
Complete suite of
endpoint and network
research technologies
Across all threat vectorsNetwork/IPS Signatures │ Malware
Vulnerability Management │ Spam
Outbound Web Protection
Real-time ―in the cloud‖
threat collection and
distribution model
Providing reputation
based capabilities
Dedicated
GTI research team
28
ePO
DLP Web IPS SIA
Endpoint
WhiteListing
Encrypt.RiskMgmt
Email Firewall
GLOBAL
THREAT
INTELLIGENCE
ePO
September 23, 2010
McAfee’s Extensible Management PlatformSecurity Innovation Alliance (SIA) Delivers a Rich Security Ecosystem
SIASIASecurity Event andLog Management
Authenticationand Encryption
Theft and ForensicsOther Security, IT & Services
Risk and ComplianceApplication and
Database Security
Associate Partner
Technology Partner(McAfee Compatible)
3030
INTELLIGENCE
McAfee Wants to be Your Trusted Security Partner
ePO
DLP Web IPS SIA
Endpoint
WhiteListing
Encrypt.RiskMgmt
Email Firewall
PRODUCTS
PARTNERSHIP
31
GLOBAL
THREAT
INTELLIGENCE
September 23, 2010September 23, 2010
Product Detail Slides
33
Endpoint Security
GLOBAL
THREAT
INTELLIGENCE
ePO
DLP Web IPS SIA
Endpoint
WhiteListing
Encrypt.RiskMgmt Email Firewall
Proven and robust technology
• McAfee protects over 60 million endpoints in the world’s largest enterprises
• Forrester and Gartner leader for four straight years
Proactive and real-time malware detection
• Protects against zero-day malware
• True Host IPS security makes ―Patch Tuesday‖ a non-event
Single, integrated management for diverse environments
• Controls endpoints (Windows, Linux and Mac), mobile phones, virtual machines, storage and servers with common policies under a single management console
OLD
Comparison – Old vs New suites More Bang for the Buck – Across the Board!
SAV
ePO
Anti-virus
Email server
Desktop firewall
SiteAdvisor Ent Plus
Anti-spyware
Host IPS
NAC
Policy Auditor
Device control
Web filtering
Endpoint Encryption
Mixed-platform
34
SAV EPS
ePO
Anti-virus
Email server
Desktop firewall
SiteAdvisor Ent Plus
Anti-spyware
Host IPS
NAC
Policy Auditor
Device control
Web filtering
Endpoint Encryption
Mixed-platform
OLD NEW
SAV EPS AVD TEE TEN TEA
ePO
Anti-virus
Email server
Desktop firewall
SiteAdvisor Ent Plus
Anti-spyware
Host IPS
NAC
Policy Auditor
Device control
Web filtering
Endpoint Encryption
Mixed-platform
OLDOLD NEW
SAV EPS AVD TEE TEN TEA EPA
ePO
Anti-virus
Email server
Desktop firewall
SiteAdvisor Ent Plus
Anti-spyware
Host IPS
NAC
Policy Auditor
Device control
Web filtering
Endpoint Encryption
Mixed-platform
NEW
SAV EPS AVD TEE TEN TEA EPA TEB TPE
ePO
Anti-virus
Email server
Desktop firewall
SiteAdvisor Ent Plus
Anti-spyware
Host IPS
NAC
Policy Auditor
Device control
Web filtering
Endpoint Encryption
Mixed-platform
SAV EPS AVD TEE TEN TEA EPA TEB TPE
ePO
Anti-virus
Email server
Desktop firewall Q4’10
SiteAdvisor Ent Plus
Anti-spyware
Host IPS
NAC
Policy Auditor
Device control
Web filtering
Endpoint Encryption
Mixed-platform
OLD NEW
Competition – Endpoint security suites
McAfee (Enterprise
Edition Suite)
Symantec(Enterprise
Edition Suite)
Trend
Micro(Ent sec.)
Sophos(Endpoint
& Data ste)
Kaspersky(Enterprise
Space
security)
Microsoft(Forefront
Client Security)
Real-time Anti-malware
protection (Windows,
Mac, Mobile & Linux)
Email server (Anti-
virus/Anti-spam)
Desktop firewall Optional
Host IPS
Web protection (SAE Plus)
Web filtering - Host
Network Access Control Optional Managed Only
Policy Auditing
(Compliance)Optional
Device Control
Endpoint Encryption OptionalWin 7
bitlocker
Hybrid on/off-premise
35
36September 23, 201036
Application Whitelisting
GLOBAL
THREAT
INTELLIGENCE
ePO
DLP Web IPS SIA
Endpoint
WhiteListing
Encrypt.RiskMgmt Email Firewall
• Ensures only authorized applications run on endpoint and servers
• Comprehensive code coverage protects against unauthorized specialty scripts
• Dynamic trust model avoids labor manual tracking
• Protects applications from being tampered with while running for extra security
• Automated inventory supports multiple configurations for different business needs
• Extremely small footprint enables security to fixed-function devices
• Extends the lifespan of legacy systems and reduces the need to patch these systems
• Works within complex and disconnected networks requiring no DAT updates
3737
Encryption
GLOBAL
THREAT
INTELLIGENCE
ePO
DLP Web IPS SIA
Endpoint
WhiteListing
Encrypt.RiskMgmt Email Firewall
• Comply with data breach laws by ensuring that every endpoint is encrypted
• Persistent encryption follows data wherever it is moved or copied
• Comprehensive device support for software-based as well as solid-state drives
• Single agent between endpoint encryption and endpoint security provides effortless deployment
• Secures desktops, laptops, smart phones, portable storage and removable media with common policies and single management console
• Integrated file and folder encryption so data is protected at all times
• Gartner rates McAfee as the leader in Mobile Data Protection
38
Data Loss Prevention
GLOBAL
THREAT
INTELLIGENCE
ePO
DLP Web IPS SIA
Endpoint
WhiteListing
Encrypt.RiskMgmt Email Firewall
• Complete protection for data atrest, in use, and in motion
• Discover at-risk data by scanning data repositories, servers and endpoints
• Enforces protection to eliminate abuse
• Line of business managers can manage breaches without involving IT
• Identify and resolve problems in minutes, not weeks
• Implementing policies is as easy as checking a box based on pre-defined templates
• Capture technology and real-time classification reduces false positives
• Protection extends to mobile workers on or off the network
• Appliance form-factor removes need for expensive servers and databases38
September 23, 2010
Risk & Compliance Management
GLOBAL
THREAT
INTELLIGENCE
ePO
DLP Web IPS SIA
Endpoint
WhiteListing
Encrypt.RiskMgmt Email Firewall
• Provide real-time insight into current risks by
correlating threats to vulnerabilities and deployed
countermeasures
• Direct security and resource investments where
they’ll have the greatest impact
• Spend less budget on operations, while
demonstrating more control in audits and reviews
• Automate assessments for compliance with security
and regulatory policies
• Automate risk management by preventing unwanted or
unauthorized changes
• Minimize impact from drift by providing controls to enforce
policy and security configurations for endpoints and servers
• Preserve system integrity and availability without impacting
performance
• Achieve continuous compliance by enforcing centralized
management of configurations on servers and endpoints
39
Web Security
GLOBAL
THREAT
INTELLIGENCE
ePO
DLP Web IPS SIA
Endpoint
WhiteListing
Encrypt.RiskMgmt Email Firewall
• Enables productive use of Web 2.0 applications without jeopardizing corporate security
• High performance: robust, enterprise class proxy cache including AAA proxy, SSL scanning, URL filtering, reputation filtering, anti-malware and reporting in one appliance
• Flexible deployment options include hardened appliances, virtual appliances, software-as-a-service, blades, and hybrid
Leadership:
• Gartner MQ: Leadership quadrant 3 years running
• Forrester Wave: Leader
• AV-Test.Org: #1 rated gateway anti-malware solution
• IDC: #1 in web appliance market share
SaaS
Email Security
GLOBAL
THREAT
INTELLIGENCE
ePO
DLP Web IPS SIA
Endpoint
WhiteListing
Encrypt.RiskMgmt Email Firewall
• Comprehensive email security to protect against inbound email-borne threats and outbound data loss
• Over 99% spam detection accuracy
• Solutions for companies of all sizes
• Integrated encryption
• Flexible deployment options include appliances, virtualization, software-as-a-service, blades, and hybrid
• Leadership:
• Gartner Magic Quadrant: Leadership quadrant 4 consecutive years
• Forrester Wave: Leader
• SC Magazine: Best Email Security Solution 2009
• Virus Bulletin: Platinum Award
SaaS
Network Intrusion Prevention System (IPS)
McAfee Network Security Platform
GLOBAL
THREAT
INTELLIGENCE
ePO
DLP Web IPS SIA
Endpoint
WhiteListing
Encrypt.RiskMgmt Email Firewall
• Seamless integration with network access control, internal firewalls, behavioral detection
• Proven protection from encrypted attacks, botnets, DDoS, trojans, zero day attacks and malware
• Gartner & Forrester: ―Leader‖ rated IPS vendor/solution
• True network-class intrusion prevention to enforce network, system and user security policies
• Scalable IPS performance from branch office up to 10-Gigabit ethernet
• Complete integration with McAfee ePO™, Global Threat Intelligence, Vulnerability Manager and Host Intrusion Prevention
Firew all McAfee Enterprise Firewallhttp://www.youtube.com/user/McAfeeOfficial#p/u/1/nqI6NLRnI1M
GLOBAL
THREAT
INTELLIGENCE
ePO
DLP Web IPS SIA
Endpoint
WhiteListing
Encrypt.RiskMgmt Email Firewall
• Comprehensive layer 7 policy controls designed for today’s Web 2.0 enabled applications
• Strong network protection via industry-leading IPS, anti-virus, and URL filtering
• Reputation-based filtering provides the best pro-active protection in the industry
• Scalable and flexible deployment options for the smallest and largest environments
• Only firewall with Common Criteria EAL4+ certification
• Hardened operating system that features type enforcement creates the strongest firewall available
• Only firewall that has never been breached and has an unrivaled US CERT advisory record
Thanks for your attention!
Árpád Tóth – Country Manager
Adriatics&Hungary
Email:[email protected]
Any Questions?