McAfee Security Architectures for the Public Sector



Similar documents
McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

How To Buy Nitro Security

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Total Protection for Compliance: Unified IT Policy Auditing

Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy.

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform

GOOD PRACTICE GUIDE 13 (GPG13)

How To Protect Your Data From Attack

Solutions Brochure. Security that. Security Connected for Financial Services

Endpoint Security for DeltaV Systems

McAfee Endpoint Protection for SMB. You grow your business. We keep it secure.

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

McAfee Server Security

White Paper. Network Management and Operational Efficiency

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.

Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS

Strengthen security with intelligent identity and access management

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

IBM QRadar Security Intelligence April 2013

McAfee Public Cloud Server Security Suite

Technology Blueprint. Assess Your Vulnerabilities. Maintain a continuous understanding of assets and manage vulnerabilities in real time

Proven LANDesk Solutions

McAfee - Overview. Anthony Albisser

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

White Paper. Emergency Incident Response: 10 Common Mistakes of Incident Responders

Leading The World Into Connected Security. Paolo Florian Sales Engineer

Encryption Made Simple

Encryption Made Simple

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync

McAfee Phishing Quiz. Partner Enablement Guide

North American Electric Reliability Corporation (NERC) Cyber Security Standard

Direct or Transparent Proxy?

Leading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

BlackRidge Technology Transport Access Control: Overview

Trend Micro Cloud Security for Citrix CloudPlatform

Security Information & Event Management (SIEM)

Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs

Payment Card Industry Data Security Standard

V1.4. Spambrella Continuity SaaS. August 2

Database Security in Virtualization and Cloud Computing Environments

McAfee Network Security Platform Administration Course

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

McAfee Network Security Platform

The User is Evolving. July 12, 2011

Securing the endpoint and your data

How To Use A Microsoft Mobile Security Software For A Corporate Account On A Mobile Device

White Paper. Scalable Network Security for the Virtualized Data Center

McAfee Web Reporter Turning volumes of data into actionable intelligence

How To Protect Your Network From Attack From A Network Security Threat

INSERT COMPANY LOGO HERE

Safeguarding the cloud with IBM Dynamic Cloud Security

Find the needle in the security haystack

WEBSENSE TRITON SOLUTIONS

Data Center Connector for OpenStack

MOBILITY & INTERCONNECTIVITY. Features SECURITY OF INFORMATION TECHNOLOGIES

Provide access control with innovative solutions from IBM.

Solving the Security Puzzle

Secure Your Success. Intel Security Partner Program

A Modern Framework for Network Security in Government

Product Factsheet MANAGED SECURITY SERVICES - FIREWALLS - FACT SHEET

Technology Blueprint. Protect Your Servers. Preserve uptime by blocking attacks and unauthorized changes

Data Loss Prevention Best Practices for Healthcare

Enterprise Security Platform for Government

Data Center Connector for vsphere 3.0.0

FIREWALL. Features SECURITY OF INFORMATION TECHNOLOGIES

The Benefits of an Integrated Approach to Security in the Cloud

WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect

Information Security Services. Achieving PCI compliance with Dell SecureWorks security services

External Supplier Control Requirements

McAfee Certified Product Specialist McAfee epolicy Orchestrator

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Protecting productivity with Plant Security Services

Frost & Sullivan s. Aerospace, Defence & Security Practice. Global Industrial Cyber Security Trends

Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.

EXTENDING THREAT PROTECTION AND CONTROL TO MOBILE WORKERS

CASE STUDY. AUSTRIAN AIRLINES Modernizes Network Security for First Class Performance

What is Security Intelligence?

White Paper. McAfee Multi-Link. Always-on connectivity with significant savings

Service management White paper. Manage access control effectively across the enterprise with IBM solutions.

IBM Security QRadar Vulnerability Manager

e2e Secure Cloud Connect Service - Service Definition Document

TECHNOLOGY PARTNER CERTIFICATION BENEFITS AND PROCESS

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

Transcription:

White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework

Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed 4 Integration 4 Reference Architecture 5 Assessment 5 Implementation 5 Summary 6 2 McAfee Security Architectures for the Public Sector

Cabinet Office is driving a series of programmes with a view to making government ICT more streamlined, more cost effective, and less complex. One of these programmes is End User Device Strategy: Security Framework and Controls (EUD Security Framework). EUD Security Framework represents a simple set of guidelines for the security architecture for devices that will connect to government services. At its highest level, EUD Security Framework is about the use of transparent and open industry standards (for example, IPsec and SSL/TLS) along with a good deal of common sense. In this white paper, we explain, at a strategic and tactical level, how McAfee assists customers in achieving these standards and guidelines with its portfolio of products and implementation methodology included in the Security Connected platform. We also demonstrate the results of using the Security Connected platform. Business Value The EUD Security Framework, produced by UK Cabinet Office, represents a set of control requirements and architecture standards that will help government agencies tangibly improve technology adoption, the user computing experience, and cyberdefense capability. Providing flexibility to use purpose-built tools, such as laptops or tablets, will improve the user experience, but that does not remove the requirement for the user to act responsibly with respect to security. Additionally, the controls framework provides consistent security capability across ministries, improving the overall cyber resilience of the government infrastructure. This white paper explains why McAfee represents the best business and technology value to implement the required security controls in the EUD Security Framework. Although the name of the framework implies device-specific security, it is actually a system-based approach to protecting those devices. The Security Connected platform yields the best value by delivering comprehensive protection and visibility across multiple device types, networks, and applications, resulting in less complexity and a more effective security architecture. Agility In general, agility is the capability of a system to change in response to a new condition. For resilience, agility is characterised by integration and interoperability. Integration is the ability of the system to rapidly adopt new technology or new security capability. An agile solution has the ability to easily interoperate with other technology through the adoption of open standards or an extensible management framework. The McAfee security management portfolio, specifically McAfee epolicy Orchestrator (McAfee epo ) software and McAfee Enterprise Security Manager, provides an agile foundation for an agency to comply with the EUD Security Framework through: Flexibility to choose multiple device types, operating systems, or suppliers and still maintain the security functions. A foundational platform to build new capability for a future framework or threat response requirements. Easy integration with existing security or management architecture to extend the value of a current investment Assurance In terms of cybersecurity, digital service assurance requires establishing the standards, processes, and capabilities to ensure the survivability of the system against a threat. The Security Connected platform, with integrated intelligence and real-time response actions, delivers comprehensive security capability to rapidly enforce policy, defend the system from both external and internal threats, and detect new threat conditions. McAfee endpoint and network security portfolios, along with McAfee Control and McAfee Web Gateway, provide strong assurance to prevent or detect advanced malware. The McAfee security management portfolio, specifically McAfee epo software and McAfee Enterprise Security Manager, provide central event collection and control, enabling real-time response to detected threats. Benefits include: Flexibility to deliver comprehensive capability from a single security platform. Comprehensive solution for advanced malware across endpoint, network, and services. Integrated technology that delivers strong security beyond compliance. 3 McAfee Security Architectures for the Public Sector

Cost reduction Many operating systems provide basic security controls, such as antivirus and host-based firewalls. While these features are initially attractive from a cost perspective, cost is not the only defining factor for value. In some cases, the built-in operating system tools are purpose-built. However, they often create more complexity, offer lesser or no central visibility, provide lower security functionality, and require additional investment in personal, training or integration services than originally anticipated. The Security Connected platform can yield better value by meeting the design, technology, security, and framework principles under a single platform. Domain Full Support Partial Support Assured Data in Transit Assured Data at Rest Platform Integrity Incident Response Authentication Secure Boot Whitelisting Device Update Interface Protection Malware Protection Policy Enforcement Trust Delivering assured security products is a foundational step towards establishing a trusted digital infrastructure. As a critical supplier, McAfee leadership made the executive commitment to deliver verifiable, trusted security platforms by ensuring the integrity of our supply chain, protecting our intellectual property from theft, and finally by certifying our product security levels against international standards. In the global economy, an assured platform starts well before the software development cycle. Because of our understanding of the threat landscape and close partnership with government, McAfee has established a verifiably secure hardware supply chain. The critical first step towards a trusted infrastructure is having the confidence that the security technology protecting the enterprise is assured. Building confidence also means verification. McAfee has made the executive commitment to certify all products against the rigorous international accreditation standards of Common Criteria. Every product line within McAfee has the responsibility to meet and maintain Common Criteria certification through every product release. Technology Value The EUD Security Framework is a capability roadmap that outlines the technology and operational security requirements for a device to access government services. However, as with other guidelines, the value is achieved through operationalising the security capability. In addition to full alignment to the controls framework, the Security Connected platform offers several key elements necessary to operationalise the EUD Security Framework into real security value. Speed The Security Connected platform represents a faster time-to-operational value through consolidation of security operations and visibility that provides a centralised view of capability. Through integrated intelligence, centralised event analytics, and real-time response capability, the platform enables the speed of decision, response, and acquisition needed for system resilience. Integration The EUD Security Framework expands legacy security best practices to meet the risk to official networks today. As the new requirements are implemented, new security technology must integrate with existing infrastructures to avoid operational silos and higher costs. The Security Connected platform is open to hundreds of technology partners, allowing for immediate expansion of capability without infrastructure changes. In addition, McAfee supports and promotes the use of 4 McAfee Security Architectures for the Public Sector

open technology standards such as IPsec, SSL/TLS, RESTful Web Services, and SCAP. These standards ease integration with existing architecture, expand analytical capability for incident response, and allow machine-to-machine data collection for improved visibility and decision-making. Reference Architecture Our reference architecture offers a guide to implementing the EUD Security Framework using the Security Connected platform. Since many of the framework controls may already be in place across the customer landscape, McAfee recommends a process to integrate additional capability for our platform. Assessment It is important to analyse current security capability against requirements of the framework. A best practice is to divide the control framework into functional areas like security foundations, prevention, and situational awareness. This will allow for incremental integration, measurement, and implementation based on security capability. Implementation Implementation will vary depending on the assessment phase results. However, it will be easiest to integrate situational awareness capability first, as it generally does not have an effect on operations. For example, implementation of McAfee Enterprise Security Manager, a security information and event management (SIEM) system for event collection and incident response, will have immediate operational benefits without impact on end user experience. Additionally, implementation of audit tools, such as McAfee Policy Auditor and McAfee Vulnerability Manager, will help provide risk assessment to the current environment. Finally, prioritisation of preventative controls is key. Most malware and advanced threats use the web to both initially infect an user system and then to remotely control that system. Therefore, implementation of McAfee Web Gateway, which provides operational as well as security benefits, is strongly recommended. The following diagram shows a representative architecture for implementation of the Security Connected platform against EUD Security Framework requirements. EUD Security Services Network Security Services Security Services Policy Enforcement (McAfee Control, McAfee Change Control, McAfee Policy Auditor) Platform Integrity (McAfee Control, McAfee Change Control, McAfee Deep Defender) Anti-Malware (McAfee Antivirus, McAfee Control) (McAfee Agent) Whitelisting (McAfee Control) Data at Rest (McAfee Endpoint Encryption) External Interface (McAfee Host Intrusion Prevention) User Authentication (McAfee Identity Management) IPsec VPN (OS or Third-Party Client) IPsec VPN (McAfee Enterprise Firewall) External Interface Protection (McAfee Enterprise Firewall) Anti-Malware (McAfee Web Gateway) User Authentication (McAfee Identity Management) (McAfee Receiver) Identity and Access Management (McAfee Cloud Identity Manager) Policy Enforcement (McAfee Control, McAfee Change Control, McAfee Policy Auditor) Anti-Malware (McAfee Antivirus, McAfee MOVE, McAfee Control) Whitelisting (McAfee Control) External Interface (McAfee Host Intrusion Prevention) Policy Enforcement (McAfee Database Security) (McAfee Agent) EUD Management and Response (McAfee epo and Real Time for McAfee epo) Log Management (McAfee Enterprise Log Manager) EUD Management and Response (McAfee epo and Real Time for McAfee epo) Security Audit Network Security IdM Security Audit Security Information and Event Management (McAfee Enterprise Security Manager) and Incident Response Services Figure 1. EUD Security Framework requirements mapped to the Security Connected platform from McAfee. 5 McAfee Security Architectures for the Public Sector

The following chart maps the Security Connected Platform against EUD Security Framework domains: Domain McAfee Solution McAfee Value Assured Data in Transit McAfee Enterprise Firewall High-assurance firewall specifically designed for high threat environments. Assured Data at Rest McAfee Endpoint Encryption Central management and visibility, broad platform support. Authentication: User to service McAfee Cloud Identity Manager Single sign-on improves user experience. Support for multiple platforms. Secure Boot McAfee Deep Defender Simplified and consolidated identity event collection. Software configuration and execution control. McAfee Control Detect threats beyond the operating system. Platform Integrity and McAfee Change Control Software configuration and execution control. Sandbox McAfee Control Supports multiple platforms. Whitelisting McAfee Control Software configuration and execution control. Malicious Code Detection and Prevention McAfee antivirus McAfee Control Supports multiple platforms. Comprehensive malware protection. Integrated file, IP, and URL reputation. McAfee Client Proxy McAfee Web Gateway Web and EUD work together to ensure protection on and off the network. Security Policy Enforcement McAfee Policy Auditor Enterprise view of security policy. External Interface Protection McAfee Host Intrusion Prevention Integrated IP, URL reputation. Device Update Policy and Analysis McAfee Web Gateway McAfee Policy Auditor McAfee Vulnerability Manager McAfee epo software McAfee Log Receiver McAfee Enterprise Log Manager Malware protection for web services. Centralised audit of device, server, application, and data security policy. Centralised security policy management, configuration, and event collection across multiple platforms and mobile devices. Rapid data access to data and correlation reduces IR time. McAfee Enterprise Security Manager Incident Response McAfee Foundstone Services Comprehensive programme development, forensic training, or services. Summary As the role of security changes from an asset-based approach to a service enabler, agencies should engage with security providers as strategic partners who can enable cyber resilience of government services. The Security Connected platform s broad portfolio of standards-based security products, services, and implementation methodologies, combined with our long-standing commitment to the UK government s extensive efforts to provide optimal technological and security assurance, reduced complexity, lower costs, and a good user experience, position it as a premier UK government supplier and partner. About McAfee McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ: INTC), empowers businesses, the public sector, and home users to safely experience the benefits of the Internet. The company delivers proactive and proven security solutions and services for systems, networks, and mobile devices around the world. With its visionary Security Connected strategy, innovative approach to hardware-enhanced security, and unique global threat intelligence network, McAfee is relentlessly focused on keeping its customers safe. http://www.mcafee.com 2821 Mission College Boulevard Santa Clara, CA 95054 888 847 8766 www.mcafee.com McAfee, the McAfee logo, epolicy Orchestrator, McAfee epo, and McAfee Foundstone are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. Copyright 2013 McAfee, Inc. 60318wp_public-sector-security_0613_fnl_ETMG

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information