McAfee Security Connected Turns Analytics into Action

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

McAfee wants to rewrite the definition of security analytics, saying that the job of collecting security event data isn’t complete until an action is taken to stop an attack and prevent recurrences. It's the underlying premise of McAfee Security Connected philosophy.

[caption id="attachment_32337" align="alignright" width="150"]McAfee President Michael DeCesare McAfee President Michael DeCesare[/caption]

McAfee wants to rewrite the definition of security analytics, saying that the job of collecting security event data isn’t complete until an action is taken to stop an attack and prevent recurrences. It's the underlying premise of McAfee Security Connected philosophy.

Related articles

End-to-end security information management, situational awareness and accelerated remediation is a strong theme at this year’s McAfee Focus conference. The company is pushing the concepts of using its integrated portfolio of security technologies – from the endpoint to the network layer – as a means of providing greater insight into security posture and enabling faster reactions to attacks.

“Analytics is not reporting and data. Analytics isn’t done until an action is taken. Today we do analytics for a report. That’s going to change,” said Michael Fey, the company’s worldwide chief technology officer.

McAfee Focus is replete with messaging around its existing and new products, ranging from its security information management platform based on the Nitro technology it acquired in 2011 to new advanced antimalware endpoint technology and the next-generation firewall technology and products acquired from Stonesoft.

The vision is McAfee melting security management and responsiveness with the concepts of Big Data – the collection of event data to quickly correlate and deliver actionable intelligence.

[caption id="attachment_32338" align="alignright" width="150"]McAfee Worldwide CTO Michael Fey McAfee Worldwide CTO Michael Fey[/caption]

“We have reinvented endpoint… integrate and interact with anything in the infrastructure. This will help you move from simply reporting to an environment you and diagnose and fix in a moment’s notice,” said McAfee president Michael DeCesare in his keynote address.

The idea of leveraging copious amounts of security data and translating it into greater intelligence and, in some cases, automated responses, isn’t a new concept. McAfee has been pushing this concept from the days when it first launched its ePolicy Orchestrator (ePO) and Artemis threat intelligence network. And it falls in line with McAfee’s “Security Connected” channel theme, in which the company wants partners to sell multiple products per account.

To say McAfee has failed to deliver on its security connected and big data for security themes before would be an overstatement. While McAfee has had varying levels of technical capability in collecting and acting on security intelligence before, the maturation of the technology and the ability to integrate across the portfolio was sometimes lacking. Additionally, McAfee had gaps in the product portfolio or products that weren’t best of breed.

It’s by no accident that McAfee is marrying the term Big Data with security. McAfee is actually (and correctly) chasing the disruptive trends of software defined networks (SDN), Big Data, cloud computing mobility and “The Internet of Things.” DeCesare spoke of how security tacked onto the operating system won’t as more IP-enabled devices running diverse platforms come into the market. Not only will tablets, smart appliances and myriad connected devices increase the data volume, but also increase the attack surface area.

“What is happening to the network space is what happened to the data center space. Virtualization is coming to the network. When those networks are rebuilt, we have to figure out how to include security from the beginning. We’re pushing as much of technology as we can to the edge,” DeCesare said.

McAfee says much of this new technology is a result from the integration and development work resulting from acquisition of the company by Intel. The two companies have and continue to develop new technologies to address security concerns at multiple levels of the technology and application stack.

Although unstated, McAfee is responding to the shifting dynamics in the security market segment. The continued growth of next-generation firewall vendor Palo Alto Networks, the acquisition of SourceFire by Cisco, Hewlett-Packard making security a core component of its revitalization plan, and IBM pressing deeper into security is seen as a great competitive threat than upstarts such as Kaspersky Lab, Sophos and FireEye.

McAfee believes its ability to deliver “Security Connected” products that have native ability to communicate across multiple technologies will give it and partners a competitive advantage until rivals replicate the model and develop integrated strategies.

"The stuff we're working on today is literally changing the world, and it's very exciting. It won't be measured in hundreds of millions of dollars in sales, but how we  change how we do things," Fey said.

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  
More on Security
hack-attack

Datacenters a key target for DDoS attacks - Arbor

Latest research finds firewalls at fault in some attacks

old-new-handshake

Westcon and FireMon sign distribution deal

Security vendor and distie hop into bed together

Data security

Budgets still lacking for data management security - research

Despite high-profile data breaches, firms still not investing heavily in protection

spam

North America steals global spam crown - research

Latest figures from web security specialist AppRiver, claim North America has overtaken Europe in the spam generation stakes

Visitor comments
Add comments
blog comments powered by Disqus
In-depth
ken-shaw-infrascale

Vendor Q&A Series: Ken Shaw Jr., Infrascale

The latest channel exec to sit in the Channelnomics hotseat is Infrascale's CEO

businessman-walking-rope-outdoor-balance

MSP market saturation may lead to smaller players being dumped by vendors

Smaller players need to ensure that they don't fall prey to solution provider consolidation by vendors

Questions

Windows 10 service model raises enterprise, channel questions

Microsoft is banking on the fact that its next OS will be an improvement over prior iterations, but will the product’s sales model be as well received as the product itself?

Handshake in London

Microsoft Big Data acquisition shows willingness to embrace open platforms

The software giant embraces yet another open-source tool in R and stakes its claim in the analytics arena