McAfee Security Connected Turns Analytics into Action

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

McAfee wants to rewrite the definition of security analytics, saying that the job of collecting security event data isn’t complete until an action is taken to stop an attack and prevent recurrences. It's the underlying premise of McAfee Security Connected philosophy.

[caption id="attachment_32337" align="alignright" width="150"]McAfee President Michael DeCesare McAfee President Michael DeCesare[/caption]

McAfee wants to rewrite the definition of security analytics, saying that the job of collecting security event data isn’t complete until an action is taken to stop an attack and prevent recurrences. It's the underlying premise of McAfee Security Connected philosophy.

Related articles

End-to-end security information management, situational awareness and accelerated remediation is a strong theme at this year’s McAfee Focus conference. The company is pushing the concepts of using its integrated portfolio of security technologies – from the endpoint to the network layer – as a means of providing greater insight into security posture and enabling faster reactions to attacks.

“Analytics is not reporting and data. Analytics isn’t done until an action is taken. Today we do analytics for a report. That’s going to change,” said Michael Fey, the company’s worldwide chief technology officer.

McAfee Focus is replete with messaging around its existing and new products, ranging from its security information management platform based on the Nitro technology it acquired in 2011 to new advanced antimalware endpoint technology and the next-generation firewall technology and products acquired from Stonesoft.

The vision is McAfee melting security management and responsiveness with the concepts of Big Data – the collection of event data to quickly correlate and deliver actionable intelligence.

[caption id="attachment_32338" align="alignright" width="150"]McAfee Worldwide CTO Michael Fey McAfee Worldwide CTO Michael Fey[/caption]

“We have reinvented endpoint… integrate and interact with anything in the infrastructure. This will help you move from simply reporting to an environment you and diagnose and fix in a moment’s notice,” said McAfee president Michael DeCesare in his keynote address.

The idea of leveraging copious amounts of security data and translating it into greater intelligence and, in some cases, automated responses, isn’t a new concept. McAfee has been pushing this concept from the days when it first launched its ePolicy Orchestrator (ePO) and Artemis threat intelligence network. And it falls in line with McAfee’s “Security Connected” channel theme, in which the company wants partners to sell multiple products per account.

To say McAfee has failed to deliver on its security connected and big data for security themes before would be an overstatement. While McAfee has had varying levels of technical capability in collecting and acting on security intelligence before, the maturation of the technology and the ability to integrate across the portfolio was sometimes lacking. Additionally, McAfee had gaps in the product portfolio or products that weren’t best of breed.

It’s by no accident that McAfee is marrying the term Big Data with security. McAfee is actually (and correctly) chasing the disruptive trends of software defined networks (SDN), Big Data, cloud computing mobility and “The Internet of Things.” DeCesare spoke of how security tacked onto the operating system won’t as more IP-enabled devices running diverse platforms come into the market. Not only will tablets, smart appliances and myriad connected devices increase the data volume, but also increase the attack surface area.

“What is happening to the network space is what happened to the data center space. Virtualization is coming to the network. When those networks are rebuilt, we have to figure out how to include security from the beginning. We’re pushing as much of technology as we can to the edge,” DeCesare said.

McAfee says much of this new technology is a result from the integration and development work resulting from acquisition of the company by Intel. The two companies have and continue to develop new technologies to address security concerns at multiple levels of the technology and application stack.

Although unstated, McAfee is responding to the shifting dynamics in the security market segment. The continued growth of next-generation firewall vendor Palo Alto Networks, the acquisition of SourceFire by Cisco, Hewlett-Packard making security a core component of its revitalization plan, and IBM pressing deeper into security is seen as a great competitive threat than upstarts such as Kaspersky Lab, Sophos and FireEye.

McAfee believes its ability to deliver “Security Connected” products that have native ability to communicate across multiple technologies will give it and partners a competitive advantage until rivals replicate the model and develop integrated strategies.

"The stuff we're working on today is literally changing the world, and it's very exciting. It won't be measured in hundreds of millions of dollars in sales, but how we  change how we do things," Fey said.

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  
More on Security
Concept image of a cloud question mark

Inspectors find government cloud contracts lacking

Officials from 19 federal agencies say a lack of oversight has left public data at risk.

device-security

Zscaler eyes enterprise wins with expanded partner program

Enterprise, governments, and defence to be targeted globally with enhanced internet security platform

Pikemen at a recreation of the Battle of Bosworth Field

Two states join fed suit against Symantec

Vendor is accused of overcharging government clients by not disclosing commercial discounts.

working-together-cutout

Vormetric and Couchbase join forces

The two firms say partnership will enhance compliance and sensitive data issues for customers

Visitor comments
Add comments
blog comments powered by Disqus
In-depth
healthy-heart

Microsoft Getting Healthy, Thanks to Consumers

Is it time to take the software giant off the watch list of tech companies in distress, at least on the consumer side, asks Larry Walsh

John Murdock - Kaspersky Lab

Vendor Q&A Series: John Murdock, Kaspersky Lab

The latest executive to sit in the channelnomics hotseat is John Murdock, Vice President, Channel Sales, Kaspersky Lab North America

Broken heart

An amicable split?

Where will HP and Symantec's conclusion that the sum of their parts is greater than the whole leave partners?

elvis67878787

Suspicious minds in the post-Snowden world

Investment in new technologies being avoided with security experts wary of cloud and new technologies post-Snowden