McAfee Security Connected Turns Analytics into Action

McAfee wants to rewrite the definition of security analytics, saying that the job of collecting security event data isn’t complete until an action is taken to stop an attack and prevent recurrences. It's the underlying premise of McAfee Security Connected philosophy.

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

[caption id="attachment_32337" align="alignright" width="150"]McAfee President Michael DeCesare McAfee President Michael DeCesare[/caption]

McAfee wants to rewrite the definition of security analytics, saying that the job of collecting security event data isn’t complete until an action is taken to stop an attack and prevent recurrences. It's the underlying premise of McAfee Security Connected philosophy.

Related articles

End-to-end security information management, situational awareness and accelerated remediation is a strong theme at this year’s McAfee Focus conference. The company is pushing the concepts of using its integrated portfolio of security technologies – from the endpoint to the network layer – as a means of providing greater insight into security posture and enabling faster reactions to attacks.

“Analytics is not reporting and data. Analytics isn’t done until an action is taken. Today we do analytics for a report. That’s going to change,” said Michael Fey, the company’s worldwide chief technology officer.

McAfee Focus is replete with messaging around its existing and new products, ranging from its security information management platform based on the Nitro technology it acquired in 2011 to new advanced antimalware endpoint technology and the next-generation firewall technology and products acquired from Stonesoft.

The vision is McAfee melting security management and responsiveness with the concepts of Big Data – the collection of event data to quickly correlate and deliver actionable intelligence.

[caption id="attachment_32338" align="alignright" width="150"]McAfee Worldwide CTO Michael Fey McAfee Worldwide CTO Michael Fey[/caption]

“We have reinvented endpoint… integrate and interact with anything in the infrastructure. This will help you move from simply reporting to an environment you and diagnose and fix in a moment’s notice,” said McAfee president Michael DeCesare in his keynote address.

The idea of leveraging copious amounts of security data and translating it into greater intelligence and, in some cases, automated responses, isn’t a new concept. McAfee has been pushing this concept from the days when it first launched its ePolicy Orchestrator (ePO) and Artemis threat intelligence network. And it falls in line with McAfee’s “Security Connected” channel theme, in which the company wants partners to sell multiple products per account.

To say McAfee has failed to deliver on its security connected and big data for security themes before would be an overstatement. While McAfee has had varying levels of technical capability in collecting and acting on security intelligence before, the maturation of the technology and the ability to integrate across the portfolio was sometimes lacking. Additionally, McAfee had gaps in the product portfolio or products that weren’t best of breed.

It’s by no accident that McAfee is marrying the term Big Data with security. McAfee is actually (and correctly) chasing the disruptive trends of software defined networks (SDN), Big Data, cloud computing mobility and “The Internet of Things.” DeCesare spoke of how security tacked onto the operating system won’t as more IP-enabled devices running diverse platforms come into the market. Not only will tablets, smart appliances and myriad connected devices increase the data volume, but also increase the attack surface area.

“What is happening to the network space is what happened to the data center space. Virtualization is coming to the network. When those networks are rebuilt, we have to figure out how to include security from the beginning. We’re pushing as much of technology as we can to the edge,” DeCesare said.

McAfee says much of this new technology is a result from the integration and development work resulting from acquisition of the company by Intel. The two companies have and continue to develop new technologies to address security concerns at multiple levels of the technology and application stack.

Although unstated, McAfee is responding to the shifting dynamics in the security market segment. The continued growth of next-generation firewall vendor Palo Alto Networks, the acquisition of SourceFire by Cisco, Hewlett-Packard making security a core component of its revitalization plan, and IBM pressing deeper into security is seen as a great competitive threat than upstarts such as Kaspersky Lab, Sophos and FireEye.

McAfee believes its ability to deliver “Security Connected” products that have native ability to communicate across multiple technologies will give it and partners a competitive advantage until rivals replicate the model and develop integrated strategies.

"The stuff we're working on today is literally changing the world, and it's very exciting. It won't be measured in hundreds of millions of dollars in sales, but how we  change how we do things," Fey said.

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  
More on Security
sales-keyboard-button

Vendors overestimating sales as 100 percent channel

Lancope exec suggests 100 percent channel statement is overused, talks Lancope's channel strategy

why-where-when-how-what-who-question

Dell: IoT poses security conundrum and opportunity for channel

Execs tell Channelnomics MSPs and SIs may benefit from unstructured IoT arena

sew-international-ppc

Vendors going international a benefit for partners at home

Unitrends VAR says vendors without international offerings can hamper their partners

Face-to-face meeting

Channel needs to up its game to secure BYOD and IoT success

Partners can capitalize on the opportunities in both spaces by taking the right steps

Visitor comments
Add comments
blog comments powered by Disqus
In-depth
newspapers-and-glasses

Channelnomics' top five stories of the week - 28 August 2015

Check out which articles grabbed the most attention this week

jessica-m-225x300

Editor's voice: The week's channel chatter - 28 August 2015

What's been happening this week on Channelnomics?

hanshake-sunset

The $100 million tech summer

Five companies set a new standard for investment rounds, revealing a possible indicator of where the venture community sees the tech market going

success-game

MSP + SMB = Success

As their market share becomes ever more pressured, MSPs should focus their efforts on the SMB space