preventing stealthy threats with next generation endpoint security
DESCRIPTION
Step up security management and prevent stealthy threats with integrated solutions from Intel and McAfee that work beyond the operating system to stop attacks in real time while helping you manage endpoint security.TRANSCRIPT
Preventing Stealthy Threats with Next-Generation Endpoint Security
Intel and McAfee
Pervasive Stealth Techniques
2
Threats at work below the operating system
Unfair Advantage: Rootkits
3
Software to provide privileged access while hiding
Designed to avoid detection (“slow and low”)
Used in advanced persistent threats (APTs) to steal data
Designed to evade traditional OS-based security
Kernel-mode rootkits are most difficult to detect
1,200 Detected Daily; 110,000 per Quarter*
*Source: McAfee Labs (Q1 2012).
Greater Opportunities for Attack
Larger “attack surface” of devices, data, applications, systems
Interconnected, global networks for large-scale attacks
Increased risks from IT consumerization (bring your own device, mobile) and computing trends (virtualization, cloud)
4
Malware Life Cycle
5
Primary contact sources:
Social media
Physical connection
Malicious web sites
Thumb drives
Potential Damage to Endpoints
Take over and set up a botnet that is controlled by a hijacker to send spam, launch distributed denial-of-service attacks, steal data, or rent to other cybercriminals
Propagate threats to spread infection to multiple endpoints
Tamper with files, browser settings, or database information
Install adware, scareware, or ransomware that attempts to force users to purchase a remedy
Steal and sell passwords, user names, employee data, or confidential company/customer information
6
Prevent Stealthy Threats: Next-Generation Security from Intel and McAfee
Stopping these stealthy threats from entering your systems is the most effective solution
7
The industry’s first proactive security approach Combines world-class processor technology with leading security software for an integrated security solution Designed to help stay ahead of crimeware innovation, from PCs and mobile devices to industrial controls and other intelligent clients
McAfee* Deep Defender* Hardware-Assisted Security
8
Prevent Threats in Real Time
McAfee* Deep Defender* hardware-assisted security based on Intel® Core™ vPro™ processors stops advanced stealth
attacks in real time with McAfee DeepSAFE* technology.
Unlike traditional security solutions, Deep Defender operates
beyond the operating system to provide real-time kernel monitoring to reveal and remove advanced, hidden attacks.
McAfee DeepSAFE* Technology: Beyond the Operating System
9
Technology by McAfee and Intel Industry’s first hardware-assisted security platform New vantage point on security Technology foundation for future products
A Closer Look at the Cridex Worm
10
Bot Trojan opens the back door on a compromised PC, and then installs the Necurs rootkit to prevent traditional security tools from reading its binaries
Takes control of the victim’s computer and allows it to collect data and make fraudulent transactions by manipulating legitimate bank web pages
Hardware-Assisted Security Blocks the Cridex Worm in Real Time A two-step threat:
1
2
McAfee ePO* Deep Command* Security Management
11
Enhance Endpoint Security
McAfee* ePolicy Orchestrator* (McAfee ePO*) Deep Command* security management leverages the capabilities
in the Intel® Core™ vPro™ processor to reduce security operations costs while enhancing your security posture.
Control powered-off endpoints for security updates
Perform remote remediation of security issues Easily manage mobile PCs
Proactive Security
12
Technology by McAfee and Intel Security management at the hardware level* Stay ahead of security policies Reduce operations costs and improve help-desk efficiencies
*No computer system can provide absolute security under all conditions. Built-in security features available on select Intel® Core™ processors may require additional software, hardware, services, and/or an Internet connection. Results may vary depending upon configuration. Consult your PC manufacturer for more details.
Intel® Core™ vPro™ Capabilities*
13 *Intel vPro technology is sophisticated and requires setup and activation. Availability of features and results will depend upon the setup and configuration of your hardware, software, and IT environment. To learn more, visit intel.com/technology/vpro.
Read the planning guide, Preventing Stealthy Threats with Next-Generation Endpoint Security
Find out more about Intel and McAfee security solutions designed to block attacks beyond the operating system
Legal Disclaimers
The information in this document is provided only for educational purposes and for the convenience of McAfee and Intel customers. The information contained herein is subject to change without notice, and is provided “AS IS” without guarantee or warranty as to the accuracy or applicability of the information to any specific situation or circumstance.
Intel® vPro™ technology is sophisticated and requires setup and configuration. Availability of features and results will depend upon the setup and configuration of your hardware, software, and IT environment. To learn more about the breadth of security features, visit intel.com/technology/vpro.
No computer system can provide absolute security under all conditions. Built-in security features available on select Intel® Core™ processors may require additional software, hardware, services, and/or an Internet connection. Results may vary depending upon configuration. Consult your PC manufacturer for more details.
Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark* and MobileMark*, are measured using specific computer systems, components, software, operations, and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products.
This presentation is for informational purposes only. THIS DOCUMENT IS PROVIDED “AS IS” WITH NO WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR ANY PARTICULAR PURPOSE, OR ANY WARRANTY OTHERWISE ARISING OUT OF ANY PROPOSAL, SPECIFICATION, OR SAMPLE. Intel disclaims all liability, including liability for infringement of any property rights, relating to use of this information. No license, express or implied, by estoppel or otherwise, to any intellectual property rights is granted herein.
Copyright © 2012 Intel Corporation. All rights reserved. Intel, the Intel logo, Intel Core, Intel Inside, Intel Sponsors of Tomorrow., the Intel Sponsors of Tomorrow. logo, and Intel vPro are trademarks of Intel Corporation in the U.S. and/or other countries.
McAfee, the McAfee logo, McAfee DeepSAFE, McAfee ePO, Deep Command, Deep Defender, and ePolicy Orchestrator are trademarks or registered trademarks of McAfee, Inc., in the United States and other countries.
*Other names and brands may be claimed as the property of others.
15