1 Security Secure server workloads with low performance impact and integrated management efficiency. Suppose you had to choose between securing all the servers in your data center physical and virtual or optimizing their performance? Choose security, and you help ensure high availability for your IT services, safety for your data, and a gold star on your next compliance audit. Choose performance, and you might lock in a higher return on your hardware and software investments, not to mention a thumbs-up from your CFO. Security or performance which will it be? What if you no longer had to choose but instead could have both? At the Intersection of Security and Performance In fact, the rapid virtualization of data center environments has forced many CIOs to make exactly this decision. When faced with the high processing overhead that conventional physical server security controls impose on virtual systems or the high administrative overhead of multiple point solutions with no central management interface, many have simply turned off their endpoint security tools and pinned all of their hopes on their perimeter defenses. Complex Requirements of Contemporary Server Security Leaving mission-critical servers with no onboard security is an obvious invitation to disaster, but the simple truth is that most of the available security technologies were developed to protect dedicated physical systems. They have not kept pace with virtualization and do not meet the needs of today s mixed data center environments. There is now an urgent need for server security solutions that: Support the unique and varied security demands of all core data center workloads, including database, web, application, , collaboration, and storage servers. A recent paper by the SANS Institute 1 points out that comprehensive server security requires the deployment of various technologies to securely provision servers, manage vulnerabilities over time, protect access to information, rapidly identify threats as they appear, and improve network security operations. Don t compete with business services for CPU capacity. Conventional security solutions commonly consume significant available computing resources, largely due to overdependence on signature-based blacklisting technologies that must constantly scan and re-scan the entire system image to detect threats. Key Advantages Optimize security. Minimize performance impact. Essentials and Advanced eliminate the trade-offs between server security and performance in today s virtualized data centers. Each suite combines blacklisting and virtualization support technologies to provide comprehensive security for key workloads on physical and virtual servers with total CPU processing over head of 5% or less. Security Suite Advanced provides additional protection such as whitelisting and change control. All suites support centralized management through McAfee epo software. Available suites include: Security Suite Essentials. Security Suite Advanced. McAfee for VDI. McAfee Data Center for Databases.
2 Provide optimized support for all major virtualization environments. Deliver single-console management of all security controls across the entire server environment physical and virtual. s To meet these requirements and ensure the security of today s highly virtualized data centers, McAfee offers a portfolio of server security suites designed to precisely meet the needs of specific workloads on Microsoft Windows and Linux servers. For the best possible server protection, the Advanced combines whitelisting technologies, such as application control, with signature-based blacklisting technologies, such as antivirus and host-based intrusion prevention: this integrated control suite shields freshly scanned systems from malware penetration by allowing only authorized application code to execute. This greatly reduces signature scanning frequency and limits processing overhead to a minimum a significant advantage to an enterprise. The unique combination of whitelisting, blacklisting, and virtualization support enables a previously unattainable optimization of data center operations by maximizing security for both physical and virtual servers with minimal impact on server performance. All components of every suite are tightly integrated with the McAfee epolicy Orchestrator (McAfee epo ) management platform for efficient centralized risk assessment, security management, and incident resolution. McAfee Data Center for Databases combines global database discovery and vulnerability assessment with non-intrusive, real-time activity monitoring across all threat vectors. Component controls include: McAfee Database Activity Monitoring McAfee Vulnerability Manager for Databases Essentials provides a complete set of blacklisting, and optimized virtualization support capabilities for basic security on servers of all types. Security Suite Advanced adds whitelisting and change control protection. McAfee for VDI provides comprehensive security for virtual desktop deployments that won t compromise performance or the user experience. Component controls include: McAfee Application Control for Desktops. McAfee VirusScan Enterprise. McAfee VirusScan Enterprise for Linux. McAfee MOVE AntiVirus for Virtual Desktops (VDI). McAfee epo software. Other available security solutions include: McAfee Security for Microsoft Sharepoint. McAfee Security for Servers. McAfee VirusScan Enterprise for Storage. Security 2
3 McAfee Data Center Security Solutions Essentials Advanced McAfee for VDI McAfee VirusScan Enterprise software McAfee VirusScan Enterprise for LINUX Desktop McAfee VirusScan Enterprise for LINUX Server McAfee VirusScan Command Line McAfee Application Control for Servers McAfee Application Control for Desktops McAfee MOVE AntiVirus for Virtual Desktops (VDI) McAfee MOVE AntiVirus for Virtual Servers McAfee MOVE AntiVirus Scheduler McAfee Data Center Connector for VMware vsphere McAfee Data Center Connector for Amazon AWS McAfee Data Center Connector for OpenStack McAfee Data Center Connector for Microsoft Azure McAfee Host Intrusion Prevention McAfee Change Control McAfee Agentless Firewall McAfee epo software File and removable media protection McAfee Database Activity Monitoring McAfee Vulnerability Manager for Databases License Format OS instance (= per virtual machine) OS instance (= per virtual machine) Per virtual machine McAfee Data Center Security Suite for Databases Database instance Security 3
4 The Industry s Most Complete Set of Server Security Technologies Only McAfee can deliver a set of server security solutions this comprehensive because only McAfee has the full range of technologies for securing physical and virtual servers and for centrally managing complex security solutions across mixed environments. These suites draw on the exclusive breadth of the McAfee security technology portfolio, including: McAfee VirusScan Enterprise Combines antivirus, antispyware, firewall, and intrusion prevention technologies to stop and remove malicious software. It also extends coverage to new security risks and reduces the cost of responding to outbreaks with the industry s lowest impact on system performance. McAfee VirusScan Enterprise for Linux Offers superior, continuous protection against the growing number of viruses, worms, and malicious code that target Linux systems. Designed for today s fast-moving businesses, McAfee VirusScan Enterprise for Linux scales easily, updates automatically, and can be managed centrally from a single console, the McAfee epo platform. McAfee Application Control Provides an effective way to block unauthorized applications and code on servers, corporate desktops, and fixed-function devices. This centrally managed whitelisting solution uses a dynamic trust model and innovative security features that thwart advanced persistent threats, without requiring signature updates or labor-intensive list management. McAfee Management for Optimized Virtual Environments (MOVE) AntiVirus Optimizes McAfee virus protection for virtual desktops and servers without compromising performance or security, helping you realize operational returns and manage security more effectively. McAfee MOVE AntiVirus protects your virtual environment, including your virtual machines in the cloud. McAfee Data Center Connectors Gives you complete visibility into your virtual machines. Discover not just physical servers, but also hypervisors and virtual machines in VMware vsphere, Amazon Web Services, OpenStack, and Microsoft Azure environments. When you find out when virtual machines are provisioned in your public cloud, you can determine which ones can then be protected automatically with appropriate security policies. McAfee Host Intrusion Prevention for Server McAfee Host Intrusion Prevention for Server proactively secures against known and new zero-day attacks. It boosts security and lowers costs by reducing the frequency and urgency of patching. McAfee Host Intrusion Prevention integrates with the McAfee epo platform for centralized reporting and management that s accurate, scalable, easy to use, and works with other McAfee and non-mcafee security products. McAfee Change Control Eliminates change activity in server environments that can lead to security breaches, data loss, and outages. McAfee Change Control makes it easy to meet regulatory compliance requirements. McAfee Agentless Firewall Provides visibility into all virtual network isolations. It provides the ability to control and isolate virtual machines and data due to integration with VMware vcns App Firewall. File and removable media protection Secures by encrypting the data which is at rest on both internal and removable media. It enables users to encrypt removable USB media and transfer information in a secure manner. Security 4
5 McAfee Database Activity Monitoring Automatically finds databases on your network, protects them with a set of preconfigured defenses, and helps you build a custom security policy for your environment. It cost effectively protects your data from all threats by monitoring activity locally on each database server and by alerting or terminating malicious behavior in real time, even when running in virtualized or cloud computing environments. McAfee Vulnerability Manager for Databases Provides fast, precise, and complete insights into vulnerabilities on all of your networked assets. It helps you stay ahead of evolving threats, as well as prioritize remediation efforts through a single, correlated view of your vulnerabilities. McAfee epo software Offers single-pane management for physical and virtual servers, including those in the private and public cloud. Enjoy lower total cost of ownership via management of your entire endpoint infrastructure with a single console. All components of the suite are tightly integrated with the McAfee epo security management platform for efficient, centralized risk assessment, security management, and incident resolution. Server Security Success s deliver the industry s first comprehensive solution for securing mission-critical services in today s mixed physical and virtual environments. They combine server security technologies to minimize CPU overhead, provide complete security control sets for all essential workloads, support all major virtualization environments, and centralize security management through a single administrative console. For more information, please visit McAfee online at 1. Intel and the Intel logo are registered trademarks of the Intel Corporation in the US and/or other countries. McAfee, the McAfee logo, epolicy Orchestrator, McAfee epo, and VirusScan are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the US and other countries. Other marks and brands may be claimed as the property of others. Copyright 2014 McAfee, Inc brf_server-security_1214 McAfee. Part of Intel Security Mission College Boulevard Santa Clara, CA
Trend Micro Deep Security Server Security Protecting the Dynamic Datacenter A Trend Micro White Paper August 2009 I. SECURITY IN THE DYNAMIC DATACENTER The purpose of IT security is to enable your business,
datasheet Trend Micro deep security as a service Advanced Security Built for the Cloud Organizations are embracing the economic and operational benefits of cloud computing, turning to leading cloud providers
IBM Software Thought Leadership White Paper February 2012 Automated, centralized management for enterprise servers Servers present unique management challenges but IBM Endpoint Manager is up to the job
IT@Intel White Paper Intel IT IT Best Practices Cloud Computing and Information Security January 2012 Virtualizing High-Security Servers in a Private Cloud Executive Overview Our HTZ architecture and design
Nine Essential Requirements for Web Security Enabling safe, productive access to social media and other web applications Table of Contents Executive Summary...3 Introduction...4 Web Security Concerns....4
Technology Blueprint Enforcing Endpoint Compliance on the network Police your managed and unmanaged systems with Network Access Control (NAC) LEVEL 2 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL
Virtual Patching: Lower Security Risks and Costs A Trend Micro White Paper, 2012 Trend Micro Deep Security Trend Micro, Incorporated» Hundreds of software vulnerabilities are exposed each month, and timely
w h i t e p a p e r : c l o u d s e c u r i t y Securing the Cloud for the Enterprise A Joint White Paper from Symantec and VMware White Paper: Cloud Security Securing the Cloud for the Enterprise Contents
VMware vcloud Networking and Security Overview Networks and Security for Virtualized Compute Environments WHITE PAPER Overview Organizations worldwide have gained significant efficiency and flexibility
White Paper Information Security, Virtualization, and the Journey to the Cloud By Jon Oltsik August, 2010 This ESG White Paper was commissioned by Trend Micro and is distributed under license from ESG.
Symantec Backup Exec 12 for Windows Small Business Server Premium and Standard Editions Comprehensive data protection and system recovery for Microsoft Windows Small Business Server Today s small businesses
White Paper Secure Network Access for Personal Mobile Devices What You Will Learn People around the globe are enamored with their smartphones and tablet computers, and they feel strongly that they should
SecuRity technologies for mobile and Byod. Executive summary 1.0 the mobile challenges The volume of new malware that is specifically targeting mobile devices is growing at an almost 1.1 increasing threat
A COALFIRE WHITE PAPER Using s Cloud & Data Center Security Solution to meet PCI DSS 3.0 Compliance Implementing s Deep Security Platform in a Payment Card Environment April 2015 Page 1 Executive Summary...
White Paper Addressing the Full Attack Continuum: Before, During, and After an Attack It s Time for a New Security Model Today s threat landscape is nothing like that of just 10 years ago. Simple attacks
VMware vsphere 5 Licensing, Pricing and Packaging W H I T E P A P E R Table of Contents Executive Summary................................................... 3 VMware vsphere Licensing Overview...................................
Kaseya White Paper Managing the Complexity of Today s Hybrid IT Environments There are many factors driving the increasing complexity of IT today. The rapid adoption of cloud computing, big data and mobile