McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

Size: px
Start display at page:

Download "McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software"

Transcription

1 McAfee Global Threat Intelligence File Reputation Service Best Practices Guide for McAfee VirusScan Enterprise Software

2 Table of Contents McAfee Global Threat Intelligence File Reputation Service McAfee GTI File Reputation Service in McAfee VirusScan Enterprise How Does It Work? Selection criteria Protecting Privacy Data collected in a McAfee GTI File Reputation service query Data Transport, Network Traffic, and Security Data transport Network traffic Security McAfee GTI Proxy Best Practices for Managing McAfee GTI File Reputation Service in McAfee VirusScan Enterprise Software Sensitivity settings False positives Rolling out McAfee GTI File Reputation service Running reports to show McAfee GTI File Reputation detections versus.dat detections Phased approach 3 3

3 McAfee Global Threat Intelligence File Reputation Service Reputation systems have been used for years across many disciplines from doctors diagnosing illnesses to mathematical experts rating financial instruments to assess situations and make decisions. Reputation calculation tools are more critical today to cybersecurity than ever before, as more and more of our personal and professional transactions occur online. McAfee Global Threat Intelligence (McAfee GTI ) File Reputation service provides a level of assurance around identity and integrity in critical Internet-based transactions for which physical world verification is impossible. So how does the McAfee file reputation service offer value? Simply put, it provides near real-time protection against new and emerging threats using the power of McAfee GTI technology. Reputation is expected behavior over time. Reputation systems for Internet security have to be based on threat intelligence that spans the globe and all threat vectors. At McAfee, we calculate the reputations of hundreds of millions of electronic entities files, websites, web domains, messages, DNS servers, and network connections using a highly granular scoring system based on a variety of information about the entity s behaviors, characteristics, and our own experience of how comparable entities behave. Among other inputs, McAfee relies on telemetry data captured from billions of queries from tens of millions of McAfee products per day, ranging from anti-malware clients to web and gateways and firewalls. These products are deployed around the globe and act as sensors for our cloud-based analysis engine. Because of our extensive breadth, depth, and correlation of sensory and threat intelligence data across all of these threat vectors, combined with the efforts of over 00 researchers, McAfee GTI File Reputation service can stop threats not yet covered by traditional signature-based technology. McAfee GTI File Reputation Service in McAfee VirusScan Enterprise McAfee Global Threat Intelligence File Reputation service is included with McAfee VirusScan Enterprise software licenses. It is used by thousands of McAfee customers representing tens of millions of corporate workstations and servers around the globe. Figure 1. The protection gap. With traditional protection, malware is discovered, verified by a security vendor, made available and ultimately deployed. This process can take place over several hours, creating a protection gap.

4 Figure 2. Compressing the protection gap. Rather than rely solely on signature-based detection of malware where the time from discovery to protection could be hours or even longer, McAfee GTI File Reputation service provides near real-time protection by providing reputation scores for files as they are accessed or when a system is scanned, compressing the protection gap. How Does It Work? When an executable file is accessed by a user, or a manual or automated scan of a workstation or server is performed, files are checked against the McAfee.DAT files to determine if they are malicious. If the file does not match a signature or hash in the.dat file, and the file meets proprietary criteria, a query will be sent to the cloud to check the file against the McAfee GTI technology database. The same is true if a user downloads a PDF file from a website or as an attachment. On average, McAfee adds more than 100,000 new file hashes to its threat intelligence database every day. The McAfee GTI File Reputation service provides an instant reputation score that is interpreted by McAfee VirusScan Enterprise software in order to apply a policy, such as block or quarantine. The result is near real-time protection of your endpoint against new and emerging malware. Selection criteria Criteria for what executable or PDF files are deemed suspicious is determined in the.dats and regularly updated. McAfee leverages a number of proprietary techniques, such as the ability to determine if the file is packed and decision tree techniques. McAfee GTI technology selection criteria are constantly evolving, just like threats, and work is underway to identify environmental clues, such where the file was found on disk. Protecting Privacy Data collected in a McAfee GTI File Reputation service query In no stage of the file reputation communication is privacy or company confidential information provided to McAfee. No user names, files, or file names are transmitted. The primary data collected is simply a hash of the file not the entire file. In addition, the following is collected: Source of malware (disk, USB, network, location of malware on disk, sub-process of Internet Explorer) Engine version.dat version Product version Context information (on-access scan or on-demand scan)

5 Data Transport, Network Traffic, and Security Data transport Queries are transported using DNS. DNS provides several advantages: Very fast response times 100 millisecond average Small packets Just two packets averaging ~00 bytes Location awareness Queries are directed to the nearest McAfee GTI File Reputation cloud server, ensuring the fastest response times. McAfee GTI File Reputation cloud servers are located in the United States, Europe, and Asia Pacific regions Network traffic The network traffic generated by these queries is incredibly nominal. If the sensitivity setting is set to Very Low or Low, you can expect an average of 10 to 1 queries per day, per machine. If the sensitivity setting is set to Medium, High, or Very High, you can expect an average of 0 to 0 queries per day, per machine. Remember, these are DNS queries. As many as 0 DNS queries are made when a user visits a popular website. Imagine a worst case scenario where each machine is infected by a different piece of malware simultaneously. The network traffic of that case compares favorably to bringing up Microsoft Outlook in the morning. Security The McAfee GTI File Reputation service uses an obfuscated, authenticated query for hash comparison to the McAfee secure servers in the cloud and an encoded, authenticated response. If the initial request/response text record indicates malicious detection, a second record is sent. McAfee GTI Proxy McAfee GTI Proxy is an optional proxy server that can be implemented in your network to route queries from McAfee VirusScan Enterprise software to the McAfee cloud. McAfee GTI Proxy is a virtual appliance that can support up to 100,000 client workstations per server. It features a local cache and is managed by McAfee epolicy Orchestrator (McAfee epo ) software. McAfee GTI Proxy is a free download for licensed McAfee VirusScan Enterprise software customers (http://www.mcafee.com/us/downloads/). Consider using McAfee GTI Proxy if you do not permit direct DNS (UDP) queries from endpoints in your network. Best Practices for Managing McAfee GTI File Reputation Service in McAfee VirusScan Enterprise Software Sensitivity settings There are five sensitivity settings for McAfee VirusScan Enterprise software. Very Low Low Medium High Very High The setting can be managed via McAfee epo software for all workstations and servers. Sensitivity settings govern two things: What is queried Selection criteria for whether a file is deemed suspicious and should be queried are the same for the Very Low and Low settings. An extended selection criterion is used for Medium, High, and Very High. Thus, the number of files that might be queried would be more for Medium, High, and Very High settings. PDF files are queried only when downloaded from a website or as an attachment when the sensitivity setting is at Medium. As stated earlier, even at Very High, the number of queries made should have minimal impact on network bandwidth. Whether the response indicates a malware detection The response indicates the level of certainty that McAfee has in the malicious nature of the file. Thus, a response with absolute certainty would trigger as a malware detection at any sensitivity setting, but a near certain reputation score would trigger as a detection for the Low settings and above, but not for Very Low.

6 The table below provides recommended settings based on specific endpoint configurations: Configuration Level Very Low Low Medium High Very High When to Use For desktops and servers with restricted user rights and strong security footprint Minimum recommendation for laptops or desktops and servers with strong security footprint Minimum recommendation for laptops or desktops and servers For deployment to systems or areas which are regularly infected In and on-demand scans on non-operating system volumes It is strongly recommended that the McAfee GTI File Reputation service sensitivity level be set to Medium. This setting permits a strong level of detection of suspicious files while minimizing any potential false positives. False positives The historic false positive rate that McAfee has recorded for McAfee GTI File Reputation service is percent. For McAfee Platinum Support customers, McAfee also offers a free service called McAfee GetClean. This service allows you to have your trusted applications whitelisted in the McAfee cloud. Contact your McAfee Platinum Support representative for assistance with the McAfee GetClean program. Rolling out McAfee GTI File Reputation service As with any technology that you are beginning to use for the first time, testing and validation can help you and other managers make the right decisions about sensitivity settings. Running reports to show McAfee GTI File Reputation detections versus.dat detections It is possible to run reports in McAfee epo software that compare McAfee GTI File Reputation service detections to standard detections from.dats. Generally, customers report an increase in accurate detections of between 10 percent and 30 percent, but the reports will demonstrate the effectiveness in your own network. Contact your McAfee Sales Engineer to create these reports. Phased approach McAfee suggests that you start with the default sensitivity setting of Low. Monitor the reports for four to six weeks and note any false positive cases from your user base. Then, turn the sensitivity up to Medium, at least for a selected group of workstations and servers in your network, for another four to six weeks. Once again, monitor the daily, weekly, or monthly reports and dashboards and any false positive cases from your user base. About McAfee McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), is the world's largest dedicated security technology company. McAfee delivers proactive and proven solutions and services that help secure systems, networks, and mobile devices around the world, allowing users to safely connect to the Internet, browse, and shop the web more securely. Backed by its unrivaled global threat intelligence, McAfee creates innovative products that empower home users, businesses, the public sector, and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee is relentlessly focused on constantly finding new ways to keep our customers safe Mission College Boulevard Santa Clara, CA McAfee, the McAfee logo, epolicy Orchestrator, McAfee Global Threat Intelligence, McAfee epo, McAfee GTI, and McAfee VirusScan are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. Copyright 2012 McAfee, Inc. 8302wp_gti-best-practices_0812_kg

Technology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications

Technology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security

More information

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection Technology Blueprint Secure Your Virtual Desktop Infrastructure Optimize your virtual desktop infrastructure for performance and protection LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL

More information

McAfee Security Architectures for the Public Sector

McAfee Security Architectures for the Public Sector White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed

More information

GOOD PRACTICE GUIDE 13 (GPG13)

GOOD PRACTICE GUIDE 13 (GPG13) GOOD PRACTICE GUIDE 13 (GPG13) GPG13 - AT A GLANCE Protective Monitoring (PM) is based on Good Practice Guide 13 Comprises of 12 sections called Proactive Monitoring Controls 1-12 Based on four Recording

More information

McAfee Acquires NitroSecurity

McAfee Acquires NitroSecurity McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security

More information

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform McAfee Endpoint Security 10 provides customers with an intelligent, collaborative framework, enabling endpoint defenses to

More information

Email Encryption Made Simple

Email Encryption Made Simple White Paper For organizations large or small Table of Contents Who Is Reading Your Email? 3 The Three Options Explained 3 Organization-to-organization encryption 3 Secure portal or organization-to-user

More information

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work. Deployment Guide Revision C McAfee Web Protection Hybrid Introduction Web Protection provides the licenses and software for you to deploy Web Gateway, SaaS Web Protection, or a hybrid deployment using

More information

McAfee Server Security

McAfee Server Security Security Secure server workloads with low performance impact and integrated management efficiency. Suppose you had to choose between securing all the servers in your data center physical and virtual or

More information

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training McAfee Web Gateway Administration Intel Security Education Services Administration Course Training The McAfee Web Gateway Administration course from Education Services provides an in-depth introduction

More information

Endpoint Security for DeltaV Systems

Endpoint Security for DeltaV Systems DeltaV Systems Service Data Sheet Endpoint Security for DeltaV Systems Essential protection that consolidates endpoint and data security. Reduces the time and effort spent deploying and managing security

More information

McAfee Endpoint Protection for SMB. You grow your business. We keep it secure.

McAfee Endpoint Protection for SMB. You grow your business. We keep it secure. McAfee Endpoint Protection for SMB You grow your business. We keep it secure. Big Protection for Small to Medium-Sized Businesses With the Internet and connected devices now an integral part of your business,

More information

McAfee Certified Product Specialist McAfee epolicy Orchestrator

McAfee Certified Product Specialist McAfee epolicy Orchestrator McAfee Certified Product Specialist McAfee epolicy Orchestrator Exam preparation guide Table of Contents Introduction 3 Becoming McAfee Certified 3 Exam Details 3 Recommended Exam Preparation 4 Exam Objectives

More information

IBM Endpoint Manager for Core Protection

IBM Endpoint Manager for Core Protection IBM Endpoint Manager for Core Protection Device control and endpoint protection designed to guard against malware and loss of sensitive data Highlights Delivers real-time endpoint protection against viruses,

More information

Solutions Brochure. Security that. Security Connected for Financial Services

Solutions Brochure. Security that. Security Connected for Financial Services Solutions Brochure Security that Builds Equity Security Connected for Financial Services Safeguard Your Assets Security should provide leverage for your business, fending off attacks while reducing risk

More information

McAfee Web Reporter Turning volumes of data into actionable intelligence

McAfee Web Reporter Turning volumes of data into actionable intelligence McAfee Web Reporter Turning volumes of data into actionable intelligence Business today is more Internet-dependent than ever before. From missioncritical services to productivity tools, Internet access

More information

Securing the Internet of Things

Securing the Internet of Things Business Brief Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy IoT Architectural Challenges Given the diversity and scale of the IoT, new security

More information

Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy.

Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy. Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy. The number of Internet-connected smart devices is growing at a rapid pace. According to Gartner, the

More information

McAfee MOVE AntiVirus 3.6.0

McAfee MOVE AntiVirus 3.6.0 Release Notes McAfee MOVE AntiVirus 3.6.0 For use with McAfee epolicy Orchestrator Contents About this document About the product New features Installation instructions Known issues Find product documentation

More information

Solutions Brochure. Situation Control. Security Connected for the Public Sector

Solutions Brochure. Situation Control. Security Connected for the Public Sector Solutions Brochure Situation Under Control Security Connected for the Public Sector 2 Security Connected for the Public Sector Increase Availability. Strengthen Resiliency. Government entities face pressure

More information

Secure Virtualization in the Federal Government

Secure Virtualization in the Federal Government White Paper Secure Virtualization in the Federal Government Achieve efficiency while managing risk Table of Contents Ready, Fire, Aim? 3 McAfee Solutions for Virtualization 4 Securing virtual servers in

More information

Technology Blueprint. Protect Your VoIP/SIP Servers. Insulating your voice network and its servers from attacks and disruption

Technology Blueprint. Protect Your VoIP/SIP Servers. Insulating your voice network and its servers from attacks and disruption Technology Blueprint Protect Your VoIP/SIP Servers Insulating your voice network and its servers from attacks and disruption LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security

More information

Direct or Transparent Proxy?

Direct or Transparent Proxy? Direct or Transparent Proxy? Choose the right configuration for your gateway. Table of Contents Direct Proxy...3 Transparent Proxy...4 Other Considerations: Managing authentication made easier.....4 SSL

More information

Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS

Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS Traditionally, IT risk management has balanced security investment and the impact of the threat, allowing each business

More information

Database Security in Virtualization and Cloud Computing Environments

Database Security in Virtualization and Cloud Computing Environments White Paper Database Security in Virtualization and Cloud Computing Environments Three key technology challenges in protecting sensitive data Table of Contents Securing Information in Virtualization and

More information

Technology Blueprint. Protect Your Email. Get strong security despite increasing email volumes, threats, and green requirements

Technology Blueprint. Protect Your Email. Get strong security despite increasing email volumes, threats, and green requirements Technology Blueprint Protect Your Email Get strong security despite increasing email volumes, threats, and green requirements LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security

More information

Total Protection for Compliance: Unified IT Policy Auditing

Total Protection for Compliance: Unified IT Policy Auditing Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.

More information

Reputation: The Foundation Of Effective Threat Protection

Reputation: The Foundation Of Effective Threat Protection Reputation: The Foundation Of Effective Threat Protection By Jamie Barnett Table of Contents Executive Summary 3 Background 3 Catching Risky Behavior 4 Threat Dynamics 5 Gray Matters 6 Confidence Building

More information

White Paper. Scalable Network Security for the Virtualized Data Center

White Paper. Scalable Network Security for the Virtualized Data Center White Paper Scalable Network Security for the Virtualized Data Center Table of Contents As Data Centers Evolve, So Do Security Needs 3 Physical to virtual infrastructure 3 Virtualized applications to private

More information

Email Encryption Made Simple

Email Encryption Made Simple Email Encryption Made Simple For organizations large or small Table of Contents Who Is Reading Your Email?....3 The Three Options Explained....3 Organization-to-organization encryption....3 Secure portal

More information

McAfee. Firewall Enterprise. Application Note TrustedSource in McAfee. Firewall Enterprise. version 8.1.0 and earlier

McAfee. Firewall Enterprise. Application Note TrustedSource in McAfee. Firewall Enterprise. version 8.1.0 and earlier Application Note TrustedSource in McAfee Firewall Enterprise McAfee version 8.1.0 and earlier Firewall Enterprise This document uses a question and answer format to explain the TrustedSource reputation

More information

Bypassing CAPTCHAs by Impersonating CAPTCHA Providers

Bypassing CAPTCHAs by Impersonating CAPTCHA Providers White Paper Bypassing CAPTCHAs by Impersonating CAPTCHA Providers Gursev Singh Kalra, Principal Consultant McAfee Foundstone Professional Services Table of Contents Inside a CAPTCHA Provider Integration

More information

McAfee MOVE / VMware Collaboration Best Practices

McAfee MOVE / VMware Collaboration Best Practices McAfee MOVE / VMware Collaboration Best Practices Christie J. Karrels Sales Engineer Federal DoD January 11, 2013 1 P a g e Contents Introduction... 3 Traditional Anti-Malware vs. Optimized Anti-Malware...

More information

Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

Protecting Virtual Endpoints with McAfee Server Security Suite Essentials Sponsored by McAfee Protecting Virtual Endpoints with McAfee Server Security Suite Essentials December 2013 A SANS Analyst Whitepaper Written by Dave Shackleford Capability Sets for Virtualization Security

More information

Analyzing HTTP/HTTPS Traffic Logs

Analyzing HTTP/HTTPS Traffic Logs Advanced Threat Protection Automatic Traffic Log Analysis APTs, advanced malware and zero-day attacks are designed to evade conventional perimeter security defenses. Today, there is wide agreement that

More information

Microsoft SharePoint 2013 with Citrix NetScaler

Microsoft SharePoint 2013 with Citrix NetScaler Deployment Guide Microsoft SharePoint 2013 with Citrix NetScaler Deployment Guide citrix.com Table of contents Introduction 3 NetScaler value-add to SharePoint 4 Product versions and prerequisites 4 Deploying

More information

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync McAfee Enterprise Mobility Management Versus Microsoft Secure, easy, and scalable mobile device management Table of Contents What Can Do? 3 The smartphone revolution is sweeping the enterprise 3 Can enterprises

More information

McAfee Network Security Platform Administration Course

McAfee Network Security Platform Administration Course McAfee Network Security Platform Administration Course Intel Security Education Services Administration Course The McAfee Network Security Platform Administration course from McAfee Education Services

More information

Data Center Connector for vsphere 3.0.0

Data Center Connector for vsphere 3.0.0 Product Guide Data Center Connector for vsphere 3.0.0 For use with epolicy Orchestrator 4.6.0, 5.0.0 Software COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS

More information

Technology Blueprint. Protecting Intellectual Property in Email. Guarding against information-stealing malware and outbound data loss

Technology Blueprint. Protecting Intellectual Property in Email. Guarding against information-stealing malware and outbound data loss Technology Blueprint Protecting Intellectual Property in Email Guarding against information-stealing malware and outbound data loss LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4

More information

Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs

Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs Business Brief Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs McAfee Compatible Solution Autonomic Software Endpoint Manager 1.2 and McAfee epo

More information

McAfee MOVE AntiVirus (Agentless) 3.6.0

McAfee MOVE AntiVirus (Agentless) 3.6.0 Product Guide McAfee MOVE AntiVirus (Agentless) 3.6.0 For use with McAfee epolicy Orchestrator COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766,

More information

End-user Security Analytics Strengthens Protection with ArcSight

End-user Security Analytics Strengthens Protection with ArcSight Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security

More information

McAfee Threat Intelligence Exchange 1.0.1 Software

McAfee Threat Intelligence Exchange 1.0.1 Software Release Notes McAfee Threat Intelligence Exchange 1.0.1 Software Contents About this release Installation instructions New features Resolved issues Known issues Product documentation About this release

More information

Product Guide. McAfee Endpoint Security 10

Product Guide. McAfee Endpoint Security 10 Product Guide McAfee Endpoint Security 10 COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee, the McAfee logo, McAfee Active Protection, McAfee DeepSAFE,

More information

Reducing the cost and complexity of endpoint management

Reducing the cost and complexity of endpoint management IBM Software Thought Leadership White Paper October 2014 Reducing the cost and complexity of endpoint management Discover how midsized organizations can improve endpoint security, patch compliance and

More information

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4) Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware

More information

McAfee Public Cloud Server Security Suite

McAfee Public Cloud Server Security Suite Installation Guide McAfee Public Cloud Server Security Suite For use with McAfee epolicy Orchestrator COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766,

More information

Kaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management. www.kaseya.com

Kaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management. www.kaseya.com Kaseya White Paper Endpoint Security Fighting Cyber Crime with Automated, Centralized Management www.kaseya.com To win the ongoing war against hackers and cyber criminals, IT professionals must do two

More information

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments Trusted protection for endpoints and messaging environments Overview Symantec Protection Suite Enterprise Edition creates a protected endpoint and messaging environment that is secure against today s complex

More information

McAfee Application Control / Change Control Administration Intel Security Education Services Administration Course

McAfee Application Control / Change Control Administration Intel Security Education Services Administration Course McAfee Application Control / Change Control Administration Intel Security Education Services Administration Course The McAfee University Application Control / Change Control Administration course enables

More information

V1.4. Spambrella Email Continuity SaaS. August 2

V1.4. Spambrella Email Continuity SaaS. August 2 V1.4 August 2 Spambrella Email Continuity SaaS Easy to implement, manage and use, Message Continuity is a scalable, reliable and secure service with no set-up fees. Built on a highly reliable and scalable

More information

ESET Security Solutions for Your Business

ESET Security Solutions for Your Business ESET Security Solutions for Your Business It Is Our Business Protecting Yours For over 20 years, companies large and small have relied on ESET to safeguard their mission-critical infrastructure and keep

More information

Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data

Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data Patrick Gardner VP Engineering Sourabh Satish Distinguished Engineer Symantec Vision 2014 - Big Data

More information

Getting Ahead of Malware

Getting Ahead of Malware IT@Intel White Paper Intel Information Technology Security December 2009 Getting Ahead of Malware Executive Overview Since implementing our security event monitor and detection processes two years ago,

More information

Technology Blueprint. Protect Your Servers. Preserve uptime by blocking attacks and unauthorized changes

Technology Blueprint. Protect Your Servers. Preserve uptime by blocking attacks and unauthorized changes Technology Blueprint Protect Your Application Servers Preserve uptime by blocking attacks and unauthorized changes LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security Connected

More information

Cisco Advanced Malware Protection for Endpoints

Cisco Advanced Malware Protection for Endpoints Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection

More information

Proven LANDesk Solutions

Proven LANDesk Solutions LANDesk Solutions Descriptions Proven LANDesk Solutions IT departments face pressure to reduce costs, reduce risk, and increase productivity in the midst of growing IT complexity. More than 4,300 organizations

More information

McAfee epolicy Orchestrator

McAfee epolicy Orchestrator Optimizing Security Management with McAfee epolicy Orchestrator The proof is in the research Chief information officers (CIOs) at enterprises worldwide are facing a major struggle today: how to balance

More information

Technology Blueprint. Defend Against Denial of Service Attacks. Protect each IT service layer against exploitation and abuse

Technology Blueprint. Defend Against Denial of Service Attacks. Protect each IT service layer against exploitation and abuse Technology Blueprint Defend Against Denial of Service (DOS and DDOS) Attacks Protect each IT service layer against exploitation and abuse LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL

More information

Malware and Other Malicious Threats

Malware and Other Malicious Threats 21 August Thailand Securing Your Endpoints from Malware and Other Malicious Threats Steven Scheurmann Sales Leader, Tivoli Endpoint Management Products, built on BigFix, IBM Software Group, Asia Pacific

More information

The Cost of Free A Cautionary Tale

The Cost of Free A Cautionary Tale White Paper Why McAfee Security Software-as-a-Service (SaaS) is the smart selection Table of Contents Cost-Saving Security Options 4 Total Cost of Ownership 4 McAfee Security Software-as-a-Service 6 The

More information

End to End Security do Endpoint ao Datacenter

End to End Security do Endpoint ao Datacenter do Endpoint ao Datacenter Piero DePaoli & Leandro Vicente Security Product Marketing & Systems Engineering 1 Agenda 1 Today s Threat Landscape 2 From Endpoint: Symantec Endpoint Protection 3 To Datacenter:

More information

POS Security That Pays Its Own Way

POS Security That Pays Its Own Way POS Security That Pays Its Own Way The rising costs of POS system management and security Table of Contents A Pain Point for Retailers Is an Opportunity for POS Vendors...3 The Solution: McAfee Integrity

More information

McAfee Network Security Platform Services solutions for Managed Service Providers (MSPs)

McAfee Network Security Platform Services solutions for Managed Service Providers (MSPs) McAfee Network Security Platform Services solutions for Managed Service Providers (MSPs) McAfee Network Security Platform is uniquely intelligent and purpose-built to offer unmatched protection, performance,

More information

Agent or Agentless Policy Assessments: Why Choose?

Agent or Agentless Policy Assessments: Why Choose? Technical Brief Agent or Agentless Policy Assessments: Why Choose? McAfee Total Protection for Compliance Meeting newer, more stringent regulatory standards and the increasing number of IT audits requires

More information

Strategic Anti-malware Monitoring with Nessus, PVS, & LCE

Strategic Anti-malware Monitoring with Nessus, PVS, & LCE Strategic Anti-malware Monitoring with Nessus, PVS, & LCE August 2, 2012 (Revision 2) Copyright 2002-2012 Tenable Network Security, Inc. Tenable Network Security, Nessus and ProfessionalFeed are registered

More information

Technology Blueprint. Assess Your Vulnerabilities. Maintain a continuous understanding of assets and manage vulnerabilities in real time

Technology Blueprint. Assess Your Vulnerabilities. Maintain a continuous understanding of assets and manage vulnerabilities in real time Technology Blueprint Assess Your Vulnerabilities Maintain a continuous understanding of assets and manage vulnerabilities in real time LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1

More information

Cisco Advanced Malware Protection for Endpoints

Cisco Advanced Malware Protection for Endpoints Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection

More information

WildFire. Preparing for Modern Network Attacks

WildFire. Preparing for Modern Network Attacks WildFire WildFire automatically protects your networks from new and customized malware across a wide range of applications, including malware hidden within SSL-encrypted traffic. WildFire easily extends

More information

Kaspersky Endpoint Security 8 for Windows and Kaspersky Security Center

Kaspersky Endpoint Security 8 for Windows and Kaspersky Security Center Kaspersky Endpoint Security 8 for Windows and Kaspersky Security Center Reviewer s Guide Contents Introduction / Solution Headlines... 3 Getting Started... 4 Deployment... 4 Installation on an Infected

More information

McAfee MOVE AntiVirus Multi-Platform 3.5.0

McAfee MOVE AntiVirus Multi-Platform 3.5.0 Product Guide McAfee MOVE AntiVirus Multi-Platform 3.5.0 For use with epolicy Orchestrator 4.6.7, 4.6.8, 5.1.0 Software COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS

More information

McAfee - Overview. Anthony Albisser

McAfee - Overview. Anthony Albisser McAfee - Overview Anthony Albisser Channel Account Manager About McAfee Founded in 1987, McAfee is now the world s largest dedicated security company (acquired by Intel in 2011) Global research for real-time

More information

TrustDefender Mobile Technical Brief

TrustDefender Mobile Technical Brief TrustDefender Mobile Technical Brief Fraud Protection for Native Mobile Applications TrustDefender Mobile from ThreatMetrix is a lightweight SDK library for Google Android and Apple ios mobile devices.

More information

Portal Administration. Administrator Guide

Portal Administration. Administrator Guide Portal Administration Administrator Guide Portal Administration Guide Documentation version: 1.0 Legal Notice Legal Notice Copyright 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec

More information

Symantec Endpoint Protection

Symantec Endpoint Protection The next generation of antivirus technology from Overview Advanced threat protection combines AntiVirus with advanced threat prevention to deliver an unmatched defense against malware for laptops, desktops,

More information

McAfee Phishing Quiz. Partner Enablement Guide

McAfee Phishing Quiz. Partner Enablement Guide McAfee Phishing Quiz Partner Enablement Guide Use the Phishing Quiz to educate your own organization, prospects, and existing customers about phishing and how McAfee security solutions can help. This guide

More information

Data Center Connector 3.0.0 for OpenStack

Data Center Connector 3.0.0 for OpenStack Product Guide Data Center Connector 3.0.0 for OpenStack For use with epolicy Orchestrator 5.1.0 Software COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee,

More information

Cisco Security Intelligence Operations

Cisco Security Intelligence Operations Operations Operations of 1 Operations Operations of Today s organizations require security solutions that accurately detect threats, provide holistic protection, and continually adapt to a rapidly evolving,

More information

Microsoft Dynamics CRM 2015 with NetScaler for Global Server Load Balancing

Microsoft Dynamics CRM 2015 with NetScaler for Global Server Load Balancing Microsoft Dynamics CRM 2015 with NetScaler for Global Server Load Balancing Solution Guide This solution guide focuses on defining the deployment process for Microsoft Dynamics CRM with Citrix NetScaler.

More information

Technical Product Overview. Employing cloud-based technologies to address security risks to endpoint systems

Technical Product Overview. Employing cloud-based technologies to address security risks to endpoint systems Symantec Endpoint Protection.cloud Employing cloud-based technologies to address security risks to endpoint systems White Paper: Endpoint Protection.cloud - Symantec Endpoint Protection.cloud Contents

More information

Protect Critical Assets with Virtual Patching

Protect Critical Assets with Virtual Patching Protect Critical Assets with Virtual Patching Closing the vulnerability window using predictive threat protection Table of Contents Vulnerabilities Lead to Risk Exposure and Downtime.....3 Out-of-band

More information

What is Cisco Cloud Web Security?

What is Cisco Cloud Web Security? 1 At-A-GLANCE Deliver Security as a Service Cisco provides superb visibility, consistent control and advanced threat protection before, during, and after an attack. Cloud Web Security Pillars: Administrators

More information

McAfee Advanced Threat Defense 3.6.0

McAfee Advanced Threat Defense 3.6.0 Release Notes McAfee Advanced Threat Defense 3.6.0 Revision C Contents About this release New Features Enhancements Resolved issues Installation and upgrade notes Known issues Product documentation About

More information

Symantec Endpoint Protection 12.1.6

Symantec Endpoint Protection 12.1.6 Data Sheet: Endpoint Security Overview Last year, we saw 317 million new malware variants, while targeted attacks and zero-day threats were at an all-time high 1. The threat environment is evolving quickly

More information

White Paper. What the ideal cloud-based web security service should provide. the tools and services to look for

White Paper. What the ideal cloud-based web security service should provide. the tools and services to look for White Paper What the ideal cloud-based web security service should provide A White Paper by Bloor Research Author : Fran Howarth Publish date : February 2010 The components required of an effective web

More information

Symantec Endpoint Protection 12.1.4

Symantec Endpoint Protection 12.1.4 Data Sheet: Endpoint Security Overview provides unrivaled security across physical and virtual platforms and support for the latest operating systems-mac OS X 10.9 and Windows 8.1. Powered by Symantec

More information

Web Request Routing. Technical Brief. What s the best option for your web security deployment?

Web Request Routing. Technical Brief. What s the best option for your web security deployment? Web Request Routing and Redirection What s the best option for your web security deployment? Choosing the right method for redirecting traffic to your secure web gateway is absolutely essential to maximize

More information

McAfee Enterprise Mobility Management (McAfee EMM ) 12.0

McAfee Enterprise Mobility Management (McAfee EMM ) 12.0 Technical FAQ McAfee Enterprise Mobility Management (McAfee EMM ) 12.0 Frequently Asked Questions Q. What types of mobile devices does McAfee Enterprise Mobility Management (McAfee EMM ) support? A. McAfee

More information

Endpoint protection for physical and virtual desktops

Endpoint protection for physical and virtual desktops datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become

More information

Insight. Security Response. Deployment Best Practices

Insight. Security Response. Deployment Best Practices Insight Deployment Best Practices Overview Symantec Insight is a reputation-based security technology that leverages the anonymous software adoption patterns of Symantec s hundreds of millions of users

More information

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment Paul Luetje Enterprise Solutions Architect Table of Contents Welcome... 3 Purpose of this document...

More information

Protecting the un-protectable Addressing Virtualisation Security Challenges

Protecting the un-protectable Addressing Virtualisation Security Challenges Protecting the un-protectable Addressing Virtualisation Security Challenges Paul Hogan, Technical Director, Ward Solutions November 11, 2010 Top Cloud Security Challenges Secure Virtualisation Need secure

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

Symantec Endpoint Protection 12.1.2

Symantec Endpoint Protection 12.1.2 Data Sheet: Endpoint Security Overview offers comprehensive defense against complex attacks for both physical and virtual environments. It integrates ten essential security technologies in a single, high

More information

F-SECURE SECURITY CLOUD Purpose, function and benefits

F-SECURE SECURITY CLOUD Purpose, function and benefits F-SECURE SECURITY CLOUD Purpose, function and benefits October 2015 CONTENTS F-Secure Security Cloud in brief 2 Security Cloud benefits 3 How does Security Cloud work? 4 Security Cloud metrics 4 Security

More information