next generation endpoint protection info... · next-generation endpoint security next-generation...

38
Next Generation Endpoint Protection

Upload: others

Post on 22-May-2020

94 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

Next Generation Endpoint Protection

Page 2: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee Confidential—Internal Use Only

Desktop

Laptop

Removable

Media Storage

Workspace

The Evolving Endpoint

Source: McAfee Labs

60M

50M

40M

30M

20M

10M

05,987

7.9million

18.6million

34.8million

56.3million

January

2007

January

2008

January

2009

January

2010

January

2011

CUMULATIVE MALWARE THREATS

Datacenter

Servers

(Physical &

Virtual)

Storage

Databases

“Google removes 55 Apps from

Android market after 10’s of

thousands of users were infected

with DroidDream trojan…”

“Stuxnet computer worm appears

to have wiped out roughly a fifth

of Iran’s nuclear centrifuges…”

Smartphones

Tablets

Medical

Devices

Mobile &Fixed Function

ATM’s

Page 3: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee Confidential—Internal Use Only

Context-Aware Endpoint PlatformNext-Generation Endpoint Security

3

NEXT-GENERATION ENDPOINT SECURITY

Cloud

Application

Database

OS

Chip

Security Information and Events

Risk and Compliance

Unified Security Operations

FIRST-GENERATION

Desktop/Laptop

Blacklist Files

Focus on Devices

Windows Only

Static Device Policy

Disparate,

Disconnected Management

Deskto

p

La

pto

p

Mo

bile

Se

rve

r

Virtu

al

Em

be

dd

ed

Data

Cen

ter

Page 4: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee Confidential—Internal Use Only

Context-Aware Endpoint PlatformNext-Generation Endpoint Security

NEXT-GENERATION

ENDPOINT SECURITYDesktop

Laptop

Mobile

Server

Virtual

Embedded

Data Center

NEXT-GENERATION ENDPOINT SECURITY

Cloud

Application

Database

OS

Chip

Security Information and Events

Risk and Compliance

Unified Security Operations

Deskto

p

La

pto

p

Mo

bile

Se

rve

r

Virtu

al

Em

be

dd

ed

Data

Cen

ter

• Specific protection for core, perimeter and databases

• Optimized security increases virtualization ROI

• Server specific protection supports high performance

• Safely support consumerization programs

• Complete protection for mobile users to protect data,

reduce infection

• Cost effective solution for virtual and physical desktops

• Customized security for every situation

Page 5: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee Confidential—Internal Use Only

Context-Aware Endpoint PlatformNext-Generation Endpoint Security

Chip

OS

Database

Application

Cloud

• Security designed for email, web, storage, SAP, SharePoint

and more

• Protects against unauthorized change, malicious attack

• Protect OS and all applications and data from attack

• Innovative Deep Defender blocks the most advanced

stealth attacks

• Cloud whitelisting, grey listing, access management and

more

NEXT-GENERATION

ENDPOINT SECURITY

Page 6: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee Confidential—Internal Use Only

Context-Aware Endpoint PlatformNext-Generation Endpoint Security

Risk and

Compliance

Security Information and Events Management

Unified

Security

Management

• 15 Security categories under unified management

• Deal with threats in context of the

device, data, application and identity

• Instantly assess and prioritize risk to your critical assets

NEXT-GENERATION

ENDPOINT SECURITY

Page 7: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee Confidential—Internal Use Only

The Anatomy of All Attacks

April 15, 20137

Page 8: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

Four Phases of an Attack: Starts with the Web

8

First Contact

Physical Access

Unsolicited Message

Malicious

Website

Network Access

Local Execution

Exploit

Social Engineering

Configuration Error

Establish Presence

Download Malware

Escalate Privilege

Persist on System

Self-Preservation

Malicious Activity

Propagation

Bot Activities

Adware & Scareware

Identity &

Financial Fraud

Tampering

How the attacker first crosses path

with target.

How the attacker gets code

running first time on target

machine

How the attacker persists code on the

system, to survive reboot, stay hidden,

Hide from user and security software

The business logic, what the attacker wants to

accomplish, steal passwords, bank fraud,

purchase Fake AV

Example: Fake AV

Page 9: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee Confidential—Internal Use Only

Anatomy

of All Attacks

FAKE AV

Page 10: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee Confidential—Internal Use Only

Multi-Phase

Protection

FAKE AV PROTECTION

SITE ADVISOR ENTERPRISE

FIREWALL

DEEP DEFENDER

VIRUSSCAN ENTERPRISE

HOST IPS

APPLICATION CONTROL

Page 11: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee Confidential—Internal Use Only

Anatomy

of All Attacks

ZEUS

Page 12: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee Confidential—Internal Use Only

Multi-Phase

Protection

ZEUS PROTECTION

SITE ADVISOR ENTERPRISE

FIREWALL

DEEP DEFENDER

VIRUSSCAN ENTERPRISE

HOST IPS

APPLICATION CONTROL

Page 13: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee Confidential—Internal Use Only

Anatomy

of All Attacks

CRIDEX

Page 14: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee Confidential—Internal Use Only

Multi-Phase

Protection

CRIDEX PROTECTION

SITE ADVISOR ENTERPRISE

DEEP DEFENDER

VIRUSSCAN ENTERPRISE

HOST IPS

APPLICATION CONTROL

Page 15: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee Confidential—Internal Use Only

Anatomy

of All Attacks

STUXNET

Page 16: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee Confidential—Internal Use Only

STUXNET PROTECTION

DEVICE CONTROL

FIREWALL

DEEP DEFENDER

VIRUSSCAN ENTERPRISE

HOST IPS

APPLICATION CONTROL

Multi-Phase

Protection

Page 17: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

Global Threat Intelligence

April 15, 201320

Page 18: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

Global Threat Intelligence: GTI

ENDPOINT NETWORK

MANAGEMENT

Page 19: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

ENDPOINT NETWORK

MANAGEMENT

ENDPOINT

Network

Access Control

Server and Database Protection

Hardware-Assisted Security

Smartphone and Tablet Protection

Virtual Machine and VDI Protection

Embedded Device Protection

Malware Protection Endpoint Encryption Application Whitelisting

Desktop Firewall Device ControlEmail Protection and Anti-Spam

Page 20: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

ENDPOINT NETWORK

MANAGEMENT

Intrusion Prevention

Access Control

Next

Generation Firewall

User Behavior Analysis

Threat Behavior Analysis

NETWORK

Page 21: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

Network

IPS

300M IPS

attacks/mo.

Firewall

300M IPS

attacks/mo.

Web

Gateway

2B Botnet

C&C IP

Reputation

queries/mo.

Mail Gateway

20B Message

Reputation

queries/mo.

Host AV

2.5B Malware

Reputation

queries/mo.

Host IPS

300M IPS

attacks/mo.

3rd Party

Feed

Geo

Location

Feeds

THREAT

REPUTATION

Global Threat Intelligence: GTI

Page 22: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

Network

IPS

300M IPS

attacks/mo.

Firewall

300M IPS

attacks/mo.

Web

Gateway

2B Botnet

C&C IP

Reputation

queries/mo.

Mail Gateway

20B Message

Reputation

queries/mo.

Host AV

2.5B Malware

Reputation

queries/mo.

Host IPS

300M IPS

attacks/mo.

3rd Party

Feed

Geo

Location

Feeds

Global Threat Intelligence: GTI

Page 23: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

Gartner Magic Quadrant Summary

April 15, 201326

Page 24: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee and Intel Strategy

April 15, 201327

Page 25: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

DEEPSAFE

Page 26: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

Intel and McAfee

BETTER SECURITY SOLUTIONS & PRODUCTS

POWER EFFICIENT

PERFORMANCE

INTERNET

CONNECTIVITY SECURITYSECURITY

Page 27: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

SECURITY

• Network Security

• Cloud Security

• Security Management

• Endpoint Security

• Technology Ecosystem

• vPro

• Active Management Technology

• Advanced Encryption Standard

• Virtualization

• One Time Password

• Secure BIOS

Intel and McAfee

Page 28: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

Applications

Operating System

Anti-Virus Data Loss Prevention Intrusion Prevention System Firewall Deep Defender

DeepSAFE

Central Processing Unit

Input/Output Memory Disk Network Display

Page 29: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

Applications

Operating System

Anti-Virus Data Loss Prevention Intrusion Prevention System Firewall Deep Defender

DeepSAFE

Central Processing Unit

Input/Output Memory Disk Network Display

DeepSAFE

APPLICATION SPACE

CRITICAL SYSTEM RESOURCES

Memory I/O DisplayDisk Network

Page 30: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

DeepSAFE

APPLICATION SPACE

CRITICAL SYSTEM RESOURCES

Memory I/O DisplayDisk Network

CRITICAL SYSTEM RESOURCES

Memory

I/O

Display

Disk

Network

APPLICATION SPACE

Page 31: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

CRITICAL SYSTEM RESOURCES

Memory

I/O

Display

Disk

Network

APPLICATION SPACE

Page 32: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

CRITICAL SYSTEM RESOURCES

Memory

I/O

Display

Disk

Network

APPLICATION SPACE

XXXXX

Page 33: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

Enterprise Security Management Platform

Security

Management

SIA Associate Partner

SIA Technology Partner

McAfee Portfolio

Security

Management

Page 34: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

McAfee’s Next-Generation Endpoint Security Platform

37

PROVIDES

A Single Platform to Secure Desktops to

Data Centers

Security Technology from Chip to Cloud

Multidimensional Awareness AcrossData, Devices, and

Applications

Unified Policy Layer for Full Contextual

Visibility and Protection

A Platform for Action to Immediately

Address Threats

Page 35: Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION