Data Exchange Layer
advertisement
Leading The World Into Connected Security Ruslans Barbasins| Territory Manager – CIS, Central Asia, Caucasus – History of Defining Largest Dedicated Delivering a Next Generation Architecture Security Provider Security Architecture – – Inventor of the world’s most – Broadest security product Defining innovative industry approaches forcoverage collaborative widely used –computing in the industry and adaptive security architecture – Complete portfolio focused Defining countless standardssecurity integrations which are sustainable – Introducing upon security used in everydayand lives rangingreaching broadly – Leadership position in 6 of 8 from USB, WiFi, to IoT Gartner Security Magic – Developing capabilities for new security paradigms in Top 10 Most Influential Brands Quadrants areas such as Software Defined Datacenter, Cloud, and in the World IoT McAfee Confidential . 2 Challenges Faced by Security Professionals 22% 20% Protection False Positives 11% Timely Response 9% 35% 3% Detection Damage Repair Other . McAfee Confidential Source: McAfee Survey at Black Hat USA 2013 3 Advanced Targeted Attacks—The Reality ADVANCED TARGETED ATTACKS COMPROMISE TO DISCOVERY DISCOVERY TO CONTAINMENT 2% 4% 12% Months CONTAINMENT 9% Minutes Years 23% 19% Hours Months Hours DISCOVERY 11% 14% Days Weeks COMPROMISE ATTACK 64% Weeks 42% Days $8,769 / Incident $3,840,988 / Year 1.2 incidents / Day . McAfee Confidential Sources: Verizon 2013 Data Breach Investigations Report. Securosis Malware Analysis Quant Metrics Model 4 Recent Notable Advanced Targeted Attacks Targeted attacks against Point-of-Sale (POS) systems Memory parsing/scraping malware Extracts full magnetic stripe data out of memory Not detected by traditional A/V Not detected for a significant amount of time Substantial damage – 40 million credit cards where ex-filtrated in the TARGET compromise Estimated $652 million loss in market cap after Target breach Containment took long (VISA) . McAfee Confidential 5 Building Security By Silo Technology Acquisition Process Has Delivered Security Chaos Endpoint Protection Firewall Gateway Security Network IPS Compliance Data Protection Mobility SIEM TIME . McAfee Confidential 6 Building Security By Silo Creating a False Sense of Security Lessons Learned • Well-funded organizations do not equal well-defended organizations TCO • Maintaining compliance not result in protection Layeredwill Tools CapEx + OpEx • Massive alerting in a sea of noise cannot receive action Security Posture • Defenses operating in silos are setup to fail Point Products Parity TIME Advancement . McAfee Confidential 7 Building Security By Silo Delivering Operationally Effective Security Connected Architecture TCO CapEx + OpEx Layered Tools Security Posture Point Products Parity TIME Advancement . McAfee Confidential 8 Adaptive Threat Prevention in Real-Time From Encounter to Containment in Milliseconds . McAfee Confidential 9 BPM Asset Identity Data Exchange Layer An innovative, real-time, bi-directional communications fabric providing with product integration simplicity. Security components operate as one to immediately share relevant data between endpoint, gateway, and other security products enabling security intelligence and adaptive security. Risk Threat Activity Location Data THE SECURITY CONNECTED FRAMEWORK ADAPTIVE SECURITY ARCHITECTURE . McAfee Confidential 10 Attacks Are Targeted. Security Defenses Must Be Tailor-made. . McAfee Confidential 11 Add the power of knowledge ORGANIZATIONAL INTELLIGENCE ? Other Data Sources Future Administrator Organizational Knowledge 3rd Party Feeds McAfee Threat Intelligence Exchange McAfee Web Gateway LOCAL THREAT INTELLIGENCE McAfee Global Threat Intelligence GLOBAL THREAT INTELLIGENCE McAfee Endpoint Client McAfee NGFW McAfee Email Gateway Personalized Threat Intelligence McAfee NSP Assemble, override, augment and tune the intelligence source information Optimizing Security for Your Organization . McAfee Confidential 12 Threat Intelligence Exchange Adapt and Immunize — From Encounter to Containment in Milliseconds McAfee Global Threat Intelligence McAfee TIE Server McAfee ATD 3rd Party Feeds YES NO Data Exchange Layer McAfee ePO McAfee VSE Threat Intelligence Module McAfee VSE Threat Intelligence Module . McAfee Confidential 13 Instant Protection Across the Enterprise Gateways block access based on endpoint convictions McAfee NGFW McAfee Global Threat Intelligence McAfee TIE Server McAfee NSP McAfee McAfee Web Gateway Email Gateway McAfee ATD Proactively and efficiently protect your organization as soon as a threat is revealed 3rd Party Feeds Data Exchange Layer McAfee ePO 14 McAfee Confidential McAfee ESM Security components operate as one to immediately share relevant data between endpoint, gateway, and other security products McAfee VSE Threat Intelligence Module McAfee VSE Threat Intelligence Module . 14 Threat Intelligence Exchange Adapt and Immunize—From Encounter to Containment in Milliseconds McAfee NGFW McAfee Global Threat Intelligence McAfee TIE Server McAfee NSP McAfee McAfee Web Gateway Email Gateway McAfee ATD 3rd Party Feeds YES NO Data Exchange Layer Endpoints are protected based on gateway convictions McAfee ePO 15 McAfee Confidential McAfee ESM McAfee VSE Threat Intelligence Module McAfee VSE Threat Intelligence Module . 15 Threat Intelligence Exchange Lowers TCO and Improves Your ROI Integration simplicity through McAfee’s data exchange layer Enables unmatched operation effectiveness and agility Reduces implementation and operational costs Extends existing McAfee security detection, prevention, and analytics technology investments . McAfee Confidential 16 დიდი მადლობა ! Thank you! Ruslans Barbasins Phone: +353 214672532 Ruslans_Barbasins@mcafee.com
