McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software
|
|
- Everett Harrison
- 8 years ago
- Views:
Transcription
1 McAfee Global Threat Intelligence File Reputation Service Best Practices Guide for McAfee VirusScan Enterprise Software
2 Table of Contents McAfee Global Threat Intelligence File Reputation Service McAfee GTI File Reputation Service in McAfee VirusScan Enterprise How Does It Work? Selection criteria Protecting Privacy Data collected in a McAfee GTI File Reputation service query Data Transport, Network Traffic, and Security Data transport Network traffic Security McAfee GTI Proxy Best Practices for Managing McAfee GTI File Reputation Service in McAfee VirusScan Enterprise Software Sensitivity settings False positives Rolling out McAfee GTI File Reputation service Running reports to show McAfee GTI File Reputation detections versus.dat detections Phased approach 3 3
3 McAfee Global Threat Intelligence File Reputation Service Reputation systems have been used for years across many disciplines from doctors diagnosing illnesses to mathematical experts rating financial instruments to assess situations and make decisions. Reputation calculation tools are more critical today to cybersecurity than ever before, as more and more of our personal and professional transactions occur online. McAfee Global Threat Intelligence (McAfee GTI ) File Reputation service provides a level of assurance around identity and integrity in critical Internet-based transactions for which physical world verification is impossible. So how does the McAfee file reputation service offer value? Simply put, it provides near real-time protection against new and emerging threats using the power of McAfee GTI technology. Reputation is expected behavior over time. Reputation systems for Internet security have to be based on threat intelligence that spans the globe and all threat vectors. At McAfee, we calculate the reputations of hundreds of millions of electronic entities files, websites, web domains, messages, DNS servers, and network connections using a highly granular scoring system based on a variety of information about the entity s behaviors, characteristics, and our own experience of how comparable entities behave. Among other inputs, McAfee relies on telemetry data captured from billions of queries from tens of millions of McAfee products per day, ranging from anti-malware clients to web and gateways and firewalls. These products are deployed around the globe and act as sensors for our cloud-based analysis engine. Because of our extensive breadth, depth, and correlation of sensory and threat intelligence data across all of these threat vectors, combined with the efforts of over 00 researchers, McAfee GTI File Reputation service can stop threats not yet covered by traditional signature-based technology. McAfee GTI File Reputation Service in McAfee VirusScan Enterprise McAfee Global Threat Intelligence File Reputation service is included with McAfee VirusScan Enterprise software licenses. It is used by thousands of McAfee customers representing tens of millions of corporate workstations and servers around the globe. Figure 1. The protection gap. With traditional protection, malware is discovered, verified by a security vendor, made available and ultimately deployed. This process can take place over several hours, creating a protection gap.
4 Figure 2. Compressing the protection gap. Rather than rely solely on signature-based detection of malware where the time from discovery to protection could be hours or even longer, McAfee GTI File Reputation service provides near real-time protection by providing reputation scores for files as they are accessed or when a system is scanned, compressing the protection gap. How Does It Work? When an executable file is accessed by a user, or a manual or automated scan of a workstation or server is performed, files are checked against the McAfee.DAT files to determine if they are malicious. If the file does not match a signature or hash in the.dat file, and the file meets proprietary criteria, a query will be sent to the cloud to check the file against the McAfee GTI technology database. The same is true if a user downloads a PDF file from a website or as an attachment. On average, McAfee adds more than 100,000 new file hashes to its threat intelligence database every day. The McAfee GTI File Reputation service provides an instant reputation score that is interpreted by McAfee VirusScan Enterprise software in order to apply a policy, such as block or quarantine. The result is near real-time protection of your endpoint against new and emerging malware. Selection criteria Criteria for what executable or PDF files are deemed suspicious is determined in the.dats and regularly updated. McAfee leverages a number of proprietary techniques, such as the ability to determine if the file is packed and decision tree techniques. McAfee GTI technology selection criteria are constantly evolving, just like threats, and work is underway to identify environmental clues, such where the file was found on disk. Protecting Privacy Data collected in a McAfee GTI File Reputation service query In no stage of the file reputation communication is privacy or company confidential information provided to McAfee. No user names, files, or file names are transmitted. The primary data collected is simply a hash of the file not the entire file. In addition, the following is collected: Source of malware (disk, USB, network, location of malware on disk, sub-process of Internet Explorer) Engine version.dat version Product version Context information (on-access scan or on-demand scan)
5 Data Transport, Network Traffic, and Security Data transport Queries are transported using DNS. DNS provides several advantages: Very fast response times 100 millisecond average Small packets Just two packets averaging ~00 bytes Location awareness Queries are directed to the nearest McAfee GTI File Reputation cloud server, ensuring the fastest response times. McAfee GTI File Reputation cloud servers are located in the United States, Europe, and Asia Pacific regions Network traffic The network traffic generated by these queries is incredibly nominal. If the sensitivity setting is set to Very Low or Low, you can expect an average of 10 to 1 queries per day, per machine. If the sensitivity setting is set to Medium, High, or Very High, you can expect an average of 0 to 0 queries per day, per machine. Remember, these are DNS queries. As many as 0 DNS queries are made when a user visits a popular website. Imagine a worst case scenario where each machine is infected by a different piece of malware simultaneously. The network traffic of that case compares favorably to bringing up Microsoft Outlook in the morning. Security The McAfee GTI File Reputation service uses an obfuscated, authenticated query for hash comparison to the McAfee secure servers in the cloud and an encoded, authenticated response. If the initial request/response text record indicates malicious detection, a second record is sent. McAfee GTI Proxy McAfee GTI Proxy is an optional proxy server that can be implemented in your network to route queries from McAfee VirusScan Enterprise software to the McAfee cloud. McAfee GTI Proxy is a virtual appliance that can support up to 100,000 client workstations per server. It features a local cache and is managed by McAfee epolicy Orchestrator (McAfee epo ) software. McAfee GTI Proxy is a free download for licensed McAfee VirusScan Enterprise software customers ( Consider using McAfee GTI Proxy if you do not permit direct DNS (UDP) queries from endpoints in your network. Best Practices for Managing McAfee GTI File Reputation Service in McAfee VirusScan Enterprise Software Sensitivity settings There are five sensitivity settings for McAfee VirusScan Enterprise software. Very Low Low Medium High Very High The setting can be managed via McAfee epo software for all workstations and servers. Sensitivity settings govern two things: What is queried Selection criteria for whether a file is deemed suspicious and should be queried are the same for the Very Low and Low settings. An extended selection criterion is used for Medium, High, and Very High. Thus, the number of files that might be queried would be more for Medium, High, and Very High settings. PDF files are queried only when downloaded from a website or as an attachment when the sensitivity setting is at Medium. As stated earlier, even at Very High, the number of queries made should have minimal impact on network bandwidth. Whether the response indicates a malware detection The response indicates the level of certainty that McAfee has in the malicious nature of the file. Thus, a response with absolute certainty would trigger as a malware detection at any sensitivity setting, but a near certain reputation score would trigger as a detection for the Low settings and above, but not for Very Low.
6 The table below provides recommended settings based on specific endpoint configurations: Configuration Level Very Low Low Medium High Very High When to Use For desktops and servers with restricted user rights and strong security footprint Minimum recommendation for laptops or desktops and servers with strong security footprint Minimum recommendation for laptops or desktops and servers For deployment to systems or areas which are regularly infected In and on-demand scans on non-operating system volumes It is strongly recommended that the McAfee GTI File Reputation service sensitivity level be set to Medium. This setting permits a strong level of detection of suspicious files while minimizing any potential false positives. False positives The historic false positive rate that McAfee has recorded for McAfee GTI File Reputation service is percent. For McAfee Platinum Support customers, McAfee also offers a free service called McAfee GetClean. This service allows you to have your trusted applications whitelisted in the McAfee cloud. Contact your McAfee Platinum Support representative for assistance with the McAfee GetClean program. Rolling out McAfee GTI File Reputation service As with any technology that you are beginning to use for the first time, testing and validation can help you and other managers make the right decisions about sensitivity settings. Running reports to show McAfee GTI File Reputation detections versus.dat detections It is possible to run reports in McAfee epo software that compare McAfee GTI File Reputation service detections to standard detections from.dats. Generally, customers report an increase in accurate detections of between 10 percent and 30 percent, but the reports will demonstrate the effectiveness in your own network. Contact your McAfee Sales Engineer to create these reports. Phased approach McAfee suggests that you start with the default sensitivity setting of Low. Monitor the reports for four to six weeks and note any false positive cases from your user base. Then, turn the sensitivity up to Medium, at least for a selected group of workstations and servers in your network, for another four to six weeks. Once again, monitor the daily, weekly, or monthly reports and dashboards and any false positive cases from your user base. About McAfee McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), is the world's largest dedicated security technology company. McAfee delivers proactive and proven solutions and services that help secure systems, networks, and mobile devices around the world, allowing users to safely connect to the Internet, browse, and shop the web more securely. Backed by its unrivaled global threat intelligence, McAfee creates innovative products that empower home users, businesses, the public sector, and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee is relentlessly focused on constantly finding new ways to keep our customers safe Mission College Boulevard Santa Clara, CA McAfee, the McAfee logo, epolicy Orchestrator, McAfee Global Threat Intelligence, McAfee epo, McAfee GTI, and McAfee VirusScan are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. Copyright 2012 McAfee, Inc. 8302wp_gti-best-practices_0812_kg
Technology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications
Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security
More informationTechnology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection
Technology Blueprint Secure Your Virtual Desktop Infrastructure Optimize your virtual desktop infrastructure for performance and protection LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL
More informationMcAfee Security Architectures for the Public Sector
White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed
More informationGOOD PRACTICE GUIDE 13 (GPG13)
GOOD PRACTICE GUIDE 13 (GPG13) GPG13 - AT A GLANCE Protective Monitoring (PM) is based on Good Practice Guide 13 Comprises of 12 sections called Proactive Monitoring Controls 1-12 Based on four Recording
More informationHow To Buy Nitro Security
McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security
More informationHow McAfee Endpoint Security Intelligently Collaborates to Protect and Perform
How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform McAfee Endpoint Security 10 provides customers with an intelligent, collaborative framework, enabling endpoint defenses to
More informationEmail Encryption Made Simple
White Paper For organizations large or small Table of Contents Who Is Reading Your Email? 3 The Three Options Explained 3 Organization-to-organization encryption 3 Secure portal or organization-to-user
More informationWhen your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.
Deployment Guide Revision C McAfee Web Protection Hybrid Introduction Web Protection provides the licenses and software for you to deploy Web Gateway, SaaS Web Protection, or a hybrid deployment using
More informationMcAfee Server Security
Security Secure server workloads with low performance impact and integrated management efficiency. Suppose you had to choose between securing all the servers in your data center physical and virtual or
More informationMcAfee Certified Product Specialist McAfee epolicy Orchestrator
McAfee Certified Product Specialist McAfee epolicy Orchestrator Exam preparation guide Table of Contents Introduction 3 Becoming McAfee Certified 3 Exam Details 3 Recommended Exam Preparation 4 Exam Objectives
More informationEndpoint Security for DeltaV Systems
DeltaV Systems Service Data Sheet Endpoint Security for DeltaV Systems Essential protection that consolidates endpoint and data security. Reduces the time and effort spent deploying and managing security
More informationMcAfee Endpoint Protection for SMB. You grow your business. We keep it secure.
McAfee Endpoint Protection for SMB You grow your business. We keep it secure. Big Protection for Small to Medium-Sized Businesses With the Internet and connected devices now an integral part of your business,
More informationIBM Endpoint Manager for Core Protection
IBM Endpoint Manager for Core Protection Device control and endpoint protection designed to guard against malware and loss of sensitive data Highlights Delivers real-time endpoint protection against viruses,
More informationMcAfee Web Gateway Administration Intel Security Education Services Administration Course Training
McAfee Web Gateway Administration Intel Security Education Services Administration Course Training The McAfee Web Gateway Administration course from Education Services provides an in-depth introduction
More informationMcAfee Web Reporter Turning volumes of data into actionable intelligence
McAfee Web Reporter Turning volumes of data into actionable intelligence Business today is more Internet-dependent than ever before. From missioncritical services to productivity tools, Internet access
More informationSolutions Brochure. Security that. Security Connected for Financial Services
Solutions Brochure Security that Builds Equity Security Connected for Financial Services Safeguard Your Assets Security should provide leverage for your business, fending off attacks while reducing risk
More informationSecuring the Internet of Things
Business Brief Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy IoT Architectural Challenges Given the diversity and scale of the IoT, new security
More informationHow To Protect Your Data From Attack
Solutions Brochure Situation Under Control Security Connected for the Public Sector 2 Security Connected for the Public Sector Increase Availability. Strengthen Resiliency. Government entities face pressure
More informationSecuring the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy.
Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy. The number of Internet-connected smart devices is growing at a rapid pace. According to Gartner, the
More informationTechnology Blueprint. Protect Your VoIP/SIP Servers. Insulating your voice network and its servers from attacks and disruption
Technology Blueprint Protect Your VoIP/SIP Servers Insulating your voice network and its servers from attacks and disruption LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security
More informationDirect or Transparent Proxy?
Direct or Transparent Proxy? Choose the right configuration for your gateway. Table of Contents Direct Proxy...3 Transparent Proxy...4 Other Considerations: Managing authentication made easier.....4 SSL
More informationSecure Virtualization in the Federal Government
White Paper Secure Virtualization in the Federal Government Achieve efficiency while managing risk Table of Contents Ready, Fire, Aim? 3 McAfee Solutions for Virtualization 4 Securing virtual servers in
More informationTechnology Blueprint. Protect Your Email. Get strong security despite increasing email volumes, threats, and green requirements
Technology Blueprint Protect Your Email Get strong security despite increasing email volumes, threats, and green requirements LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security
More informationTotal Protection for Compliance: Unified IT Policy Auditing
Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.
More informationSeven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS
Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS Traditionally, IT risk management has balanced security investment and the impact of the threat, allowing each business
More informationDatabase Security in Virtualization and Cloud Computing Environments
White Paper Database Security in Virtualization and Cloud Computing Environments Three key technology challenges in protecting sensitive data Table of Contents Securing Information in Virtualization and
More informationReputation: The Foundation Of Effective Threat Protection
Reputation: The Foundation Of Effective Threat Protection By Jamie Barnett Table of Contents Executive Summary 3 Background 3 Catching Risky Behavior 4 Threat Dynamics 5 Gray Matters 6 Confidence Building
More informationWhite Paper. Scalable Network Security for the Virtualized Data Center
White Paper Scalable Network Security for the Virtualized Data Center Table of Contents As Data Centers Evolve, So Do Security Needs 3 Physical to virtual infrastructure 3 Virtualized applications to private
More informationMcAfee. Firewall Enterprise. Application Note TrustedSource in McAfee. Firewall Enterprise. version 8.1.0 and earlier
Application Note TrustedSource in McAfee Firewall Enterprise McAfee version 8.1.0 and earlier Firewall Enterprise This document uses a question and answer format to explain the TrustedSource reputation
More informationBypassing CAPTCHAs by Impersonating CAPTCHA Providers
White Paper Bypassing CAPTCHAs by Impersonating CAPTCHA Providers Gursev Singh Kalra, Principal Consultant McAfee Foundstone Professional Services Table of Contents Inside a CAPTCHA Provider Integration
More informationEmail Encryption Made Simple
Email Encryption Made Simple For organizations large or small Table of Contents Who Is Reading Your Email?....3 The Three Options Explained....3 Organization-to-organization encryption....3 Secure portal
More informationMcAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync
McAfee Enterprise Mobility Management Versus Microsoft Secure, easy, and scalable mobile device management Table of Contents What Can Do? 3 The smartphone revolution is sweeping the enterprise 3 Can enterprises
More informationMcAfee MOVE / VMware Collaboration Best Practices
McAfee MOVE / VMware Collaboration Best Practices Christie J. Karrels Sales Engineer Federal DoD January 11, 2013 1 P a g e Contents Introduction... 3 Traditional Anti-Malware vs. Optimized Anti-Malware...
More informationAnalyzing HTTP/HTTPS Traffic Logs
Advanced Threat Protection Automatic Traffic Log Analysis APTs, advanced malware and zero-day attacks are designed to evade conventional perimeter security defenses. Today, there is wide agreement that
More informationProtecting Virtual Endpoints with McAfee Server Security Suite Essentials
Sponsored by McAfee Protecting Virtual Endpoints with McAfee Server Security Suite Essentials December 2013 A SANS Analyst Whitepaper Written by Dave Shackleford Capability Sets for Virtualization Security
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationProduct Guide. McAfee Endpoint Security 10
Product Guide McAfee Endpoint Security 10 COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee, the McAfee logo, McAfee Active Protection, McAfee DeepSAFE,
More informationPower, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs
Business Brief Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs McAfee Compatible Solution Autonomic Software Endpoint Manager 1.2 and McAfee epo
More informationData Center Connector for vsphere 3.0.0
Product Guide Data Center Connector for vsphere 3.0.0 For use with epolicy Orchestrator 4.6.0, 5.0.0 Software COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS
More informationMicrosoft SharePoint 2013 with Citrix NetScaler
Deployment Guide Microsoft SharePoint 2013 with Citrix NetScaler Deployment Guide citrix.com Table of contents Introduction 3 NetScaler value-add to SharePoint 4 Product versions and prerequisites 4 Deploying
More informationMcAfee Network Security Platform Administration Course
McAfee Network Security Platform Administration Course Intel Security Education Services Administration Course The McAfee Network Security Platform Administration course from McAfee Education Services
More informationMcAfee MOVE AntiVirus (Agentless) 3.6.0
Product Guide McAfee MOVE AntiVirus (Agentless) 3.6.0 For use with McAfee epolicy Orchestrator COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766,
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationTechnology Blueprint. Protecting Intellectual Property in Email. Guarding against information-stealing malware and outbound data loss
Technology Blueprint Protecting Intellectual Property in Email Guarding against information-stealing malware and outbound data loss LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4
More informationMcAfee Threat Intelligence Exchange 1.0.1 Software
Release Notes McAfee Threat Intelligence Exchange 1.0.1 Software Contents About this release Installation instructions New features Resolved issues Known issues Product documentation About this release
More informationReducing the cost and complexity of endpoint management
IBM Software Thought Leadership White Paper October 2014 Reducing the cost and complexity of endpoint management Discover how midsized organizations can improve endpoint security, patch compliance and
More informationV1.4. Spambrella Email Continuity SaaS. August 2
V1.4 August 2 Spambrella Email Continuity SaaS Easy to implement, manage and use, Message Continuity is a scalable, reliable and secure service with no set-up fees. Built on a highly reliable and scalable
More informationBig Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data
Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data Patrick Gardner VP Engineering Sourabh Satish Distinguished Engineer Symantec Vision 2014 - Big Data
More informationMcAfee MOVE AntiVirus Multi-Platform 3.5.0
Product Guide McAfee MOVE AntiVirus Multi-Platform 3.5.0 For use with epolicy Orchestrator 4.6.7, 4.6.8, 5.1.0 Software COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS
More informationMcAfee Application Control / Change Control Administration Intel Security Education Services Administration Course
McAfee Application Control / Change Control Administration Intel Security Education Services Administration Course The McAfee University Application Control / Change Control Administration course enables
More informationGetting Ahead of Malware
IT@Intel White Paper Intel Information Technology Security December 2009 Getting Ahead of Malware Executive Overview Since implementing our security event monitor and detection processes two years ago,
More informationTechnology Blueprint. Protect Your Servers. Preserve uptime by blocking attacks and unauthorized changes
Technology Blueprint Protect Your Application Servers Preserve uptime by blocking attacks and unauthorized changes LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security Connected
More informationKaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management. www.kaseya.com
Kaseya White Paper Endpoint Security Fighting Cyber Crime with Automated, Centralized Management www.kaseya.com To win the ongoing war against hackers and cyber criminals, IT professionals must do two
More informationThe Cost of Free A Cautionary Tale
White Paper Why McAfee Security Software-as-a-Service (SaaS) is the smart selection Table of Contents Cost-Saving Security Options 4 Total Cost of Ownership 4 McAfee Security Software-as-a-Service 6 The
More informationMcAfee epolicy Orchestrator
Optimizing Security Management with McAfee epolicy Orchestrator The proof is in the research Chief information officers (CIOs) at enterprises worldwide are facing a major struggle today: how to balance
More informationData Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments
Trusted protection for endpoints and messaging environments Overview Symantec Protection Suite Enterprise Edition creates a protected endpoint and messaging environment that is secure against today s complex
More informationAgent or Agentless Policy Assessments: Why Choose?
Technical Brief Agent or Agentless Policy Assessments: Why Choose? McAfee Total Protection for Compliance Meeting newer, more stringent regulatory standards and the increasing number of IT audits requires
More informationCisco Security Intelligence Operations
Operations Operations of 1 Operations Operations of Today s organizations require security solutions that accurately detect threats, provide holistic protection, and continually adapt to a rapidly evolving,
More informationMcAfee Public Cloud Server Security Suite
Installation Guide McAfee Public Cloud Server Security Suite For use with McAfee epolicy Orchestrator COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766,
More informationESET Security Solutions for Your Business
ESET Security Solutions for Your Business It Is Our Business Protecting Yours For over 20 years, companies large and small have relied on ESET to safeguard their mission-critical infrastructure and keep
More informationPortal Administration. Administrator Guide
Portal Administration Administrator Guide Portal Administration Guide Documentation version: 1.0 Legal Notice Legal Notice Copyright 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationTechnology Blueprint. Defend Against Denial of Service Attacks. Protect each IT service layer against exploitation and abuse
Technology Blueprint Defend Against Denial of Service (DOS and DDOS) Attacks Protect each IT service layer against exploitation and abuse LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL
More informationTrustDefender Mobile Technical Brief
TrustDefender Mobile Technical Brief Fraud Protection for Native Mobile Applications TrustDefender Mobile from ThreatMetrix is a lightweight SDK library for Google Android and Apple ios mobile devices.
More informationMalware and Other Malicious Threats
21 August Thailand Securing Your Endpoints from Malware and Other Malicious Threats Steven Scheurmann Sales Leader, Tivoli Endpoint Management Products, built on BigFix, IBM Software Group, Asia Pacific
More informationMcAfee Phishing Quiz. Partner Enablement Guide
McAfee Phishing Quiz Partner Enablement Guide Use the Phishing Quiz to educate your own organization, prospects, and existing customers about phishing and how McAfee security solutions can help. This guide
More informationTechnical Product Overview. Employing cloud-based technologies to address security risks to endpoint systems
Symantec Endpoint Protection.cloud Employing cloud-based technologies to address security risks to endpoint systems White Paper: Endpoint Protection.cloud - Symantec Endpoint Protection.cloud Contents
More informationSymantec Endpoint Protection
The next generation of antivirus technology from Overview Advanced threat protection combines AntiVirus with advanced threat prevention to deliver an unmatched defense against malware for laptops, desktops,
More informationMcAfee Network Security Platform Services solutions for Managed Service Providers (MSPs)
McAfee Network Security Platform Services solutions for Managed Service Providers (MSPs) McAfee Network Security Platform is uniquely intelligent and purpose-built to offer unmatched protection, performance,
More informationWildFire. Preparing for Modern Network Attacks
WildFire WildFire automatically protects your networks from new and customized malware across a wide range of applications, including malware hidden within SSL-encrypted traffic. WildFire easily extends
More informationTechnology Blueprint. Assess Your Vulnerabilities. Maintain a continuous understanding of assets and manage vulnerabilities in real time
Technology Blueprint Assess Your Vulnerabilities Maintain a continuous understanding of assets and manage vulnerabilities in real time LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1
More informationKaspersky Endpoint Security 8 for Windows and Kaspersky Security Center
Kaspersky Endpoint Security 8 for Windows and Kaspersky Security Center Reviewer s Guide Contents Introduction / Solution Headlines... 3 Getting Started... 4 Deployment... 4 Installation on an Infected
More informationInsight. Security Response. Deployment Best Practices
Insight Deployment Best Practices Overview Symantec Insight is a reputation-based security technology that leverages the anonymous software adoption patterns of Symantec s hundreds of millions of users
More informationProven LANDesk Solutions
LANDesk Solutions Descriptions Proven LANDesk Solutions IT departments face pressure to reduce costs, reduce risk, and increase productivity in the midst of growing IT complexity. More than 4,300 organizations
More informationData Center Connector 3.0.0 for OpenStack
Product Guide Data Center Connector 3.0.0 for OpenStack For use with epolicy Orchestrator 5.1.0 Software COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee,
More informationHow To Use A Microsoft Mobile Security Software For A Corporate Account On A Mobile Device
Technical FAQ McAfee Enterprise Mobility Management (McAfee EMM ) 12.0 Frequently Asked Questions Q. What types of mobile devices does McAfee Enterprise Mobility Management (McAfee EMM ) support? A. McAfee
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationEnterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect
Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment Paul Luetje Enterprise Solutions Architect Table of Contents Welcome... 3 Purpose of this document...
More informationMcAfee - Overview. Anthony Albisser
McAfee - Overview Anthony Albisser Channel Account Manager About McAfee Founded in 1987, McAfee is now the world s largest dedicated security company (acquired by Intel in 2011) Global research for real-time
More informationAbout Help Desk. McAfee Help Desk 2.0 Software. Product Guide. Functions of McAfee Help Desk software. Quarantine release.
Product Guide McAfee Help Desk 2.0 Software About Help Desk McAfee Help Desk is an extension installed in McAfee epolicy Orchestrator (McAfee epo ). Administrators use McAfee Help Desk to issue challenge/response
More informationEnd to End Security do Endpoint ao Datacenter
do Endpoint ao Datacenter Piero DePaoli & Leandro Vicente Security Product Marketing & Systems Engineering 1 Agenda 1 Today s Threat Landscape 2 From Endpoint: Symantec Endpoint Protection 3 To Datacenter:
More informationTrend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.
Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files,
More informationMicrosoft Dynamics CRM 2015 with NetScaler for Global Server Load Balancing
Microsoft Dynamics CRM 2015 with NetScaler for Global Server Load Balancing Solution Guide This solution guide focuses on defining the deployment process for Microsoft Dynamics CRM with Citrix NetScaler.
More informationWeb Request Routing. Technical Brief. What s the best option for your web security deployment?
Web Request Routing and Redirection What s the best option for your web security deployment? Choosing the right method for redirecting traffic to your secure web gateway is absolutely essential to maximize
More informationInternet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT
Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT TESTED PRODUCTS: AVG Internet Security Network Edition v8.0 Kaspersky Total Space Security v6.0 McAfee Total Protection for Endpoint Sophos
More informationSymantec Endpoint Protection 12.1.6
Data Sheet: Endpoint Security Overview Last year, we saw 317 million new malware variants, while targeted attacks and zero-day threats were at an all-time high 1. The threat environment is evolving quickly
More informationAnalyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More informationAchieving Actionable Situational Awareness... McAfee ESM. Ad Quist, Sales Engineer NEEUR
Achieving Actionable Situational Awareness... McAfee ESM Ad Quist, Sales Engineer NEEUR The Old SECURITY Model Is BROKEN 2 Advanced Targeted Attacks The Reality ADVANCED TARGETED ATTACKS COMPROMISE TO
More informationHow To Protect Your Data From Being Hacked On Security Cloud
F-SECURE SECURITY CLOUD Purpose, function and benefits October 2015 CONTENTS F-Secure Security Cloud in brief 2 Security Cloud benefits 3 How does Security Cloud work? 4 Security Cloud metrics 4 Security
More informationMcAfee Advanced Threat Defense 3.6.0
Release Notes McAfee Advanced Threat Defense 3.6.0 Revision C Contents About this release New Features Enhancements Resolved issues Installation and upgrade notes Known issues Product documentation About
More informationSecuring Data Center Servers: A Review of McAfee Data Center Security Suite Products
Sponsored by Mcfee Securing Data Center Servers: Review of Mcfee Data Center Security Suite Products ugust 2012 SNS Whitepaper Written by: Jim D. Hietala Bull s-eye on Servers Page 2 Products Reviewed
More informationSymantec Endpoint Protection 12.1.4
Data Sheet: Endpoint Security Overview provides unrivaled security across physical and virtual platforms and support for the latest operating systems-mac OS X 10.9 and Windows 8.1. Powered by Symantec
More informationProduct Guide. McAfee Endpoint Security for Mac Threat Prevention 10.1.0
Product Guide McAfee Endpoint Security for Mac Threat Prevention 10.1.0 COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766, www.intelsecurity.com
More informationMcAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.
Optimize your defense, resilience, and efficiency. Table of Contents Need Stronger Network Defense? Network Concerns Security Concerns Cost of Ownership Manageability Application and User Awareness High
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationIntel Security Certified Product Specialist Security Information Event Management (SIEM)
Intel Security Certified Product Specialist Security Information Event Management (SIEM) Why Get Intel Security Certified? As technology and security threats continue to evolve, organizations are looking
More information