Introducing MVISION Cohesive Cloud-based Management of Threat Countermeasures and Devices Leveraging Built-in Device Controls Jon Parkes McAfee 1
All information provided here is subject to non-disclosure agreements. It is for informational purposes only and should not be deemed an offer by McAfee or create an obligation on McAfee. McAfee reserves the right to discontinue products at any time, add or subtract features or functionality, or modify its products, at its sole discretion, without notice and without incurring further obligations. McAfee and the McAfee logo are trademarks of McAfee, LLC in the U.S. and/or other countries. *Other names and brands may be claimed as the property of others. 2018 McAfee, LLC
Complexity is the fundamental obstacle to security There are too many s with too much data and not enough insight or integration to pivot efficiently into action. EPP Native Security agents #!$ Firewall Web agents IPS Mobile Messaging SIEM agents DLP CASB IAM Encryption EDR agents agents agents
Clarity to act. Simplicity to execute. Simple Modern SaaS infrastructure, streamlined workspaces and consolidated policies Flexible Leverage both McAfee and native OS controls Comprehensive Defend an expansive device ecosystem including mobile Fast Comprehend and pivot to action with less effort from a single platform Devices Clarity to act SOC Simplicity to execute Cloud Control where it matters most
MVISION epo MVISION - First Wave A dramatically simple cloud-based SaaS management service SECURITY OPERATIONS MVISION Endpoint Advanced augmented defense for Windows 10 with a unified management experience DEVICE CLOUD CLOUD MVISION Mobile Centrally manage and defend IOS and Android just like any other device Emphasis on Device Security & Cloud Management
MVISION epo I want a zero-effort SaaS management service and don t want to worry about handling infrastructure updates. MVISION Endpoint MVISION Mobile Multi-tenant, globally scaled SaaS, maintained by McAfee
Simplified experience High level numbers Contextual Details Compliance Overview Threat Statistics and Trends
MVISION epo I need to fortify my Microsoft defenses, but I don t want additional security s. Single Management Experience MVISION Endpoint McAfee Advanced Protection Machine learning Fileless defense Windows Defender Anti-Malware MVISION Mobile Collective defense & consistent control of McAfee and Windows native security controls
Native signature-based security & network traffic management Native control augmentation with Common Management THEIRS + OURS = YOURS Windows Defender Global Threat Intelligence Local Cached Intelligence Pre-Execution Behavior Execution Behavior Attack Behavior Blocking Credential Theft Protection Remediation Augmented by Behavioral Machine Learning and File-less threats protection
Simplified Policy Management Optimized Day-to-day Productivity Vs occasional high Protection Unified Unified Policy for McAfee & MS Rationalized Reduced controls w/ default 100+ to ~30
Non-Deterministic Scanning Real Protect (ML) Static Analysis Real Protect (ML) Behavioral Analysis Attack Behavior Blocking Credential Theft Protection Future Protections How MVISION Endpoint works MVISION Endpoint checks to see if Windows Defender Service is running and starts it if not MVISION Endpoint client performs both static and behavioral analysis while providing extensive remediation capabilities MVISION ENDPOINT SCAN ORCHESTRATOR Remediation Windows Defender determines if executable is safe to run Quarantine Remove Roll Back Windows Defender provides findings to MVISION Endpoint McAfee Agent Reports Events to epo
MVISION Endpoint: Reduced complexity Complex Heavy Manual FROM Multi-day deployment & upgrade cycle for customers 300-400 MB Client Download with Traditional EPPs Customers have to make sure they are on latest Simple Light Automatic TO Within Minutes Fast, simple new deployments & existing migrations at scale 40 MB Client Download with MVISION Endpoint Management & Client automatically on latest version 10X+ 10X 100%
Flexible Deployment Options to suit your Environment Threat Intelligence Regular cadence for content Signatures and Engine Behavioral protection rules Machine learning models static and dynamic Monthly product update user control Annual major release Win 7/8/10, macos, Linux ENS Traditional client Threat Protection for long tail of existing devices. Full control for power users. Management & Orchestration On-Prem, Cloud, Hosted Open DXL, Partner Ecosystem Data protection Encryption Application Control Win 10 Native Protection +Lightweight Advanced Protect MVISON Endpoint Always up-to-date security Product and content both automatically updated Monthly cadence Advanced Threat Protection to augment Native OS controls, starting windows 10. Reduced complexity for Simplicity seeker.
MVISION epo I want to centrally protect the mobile assets in my environment just like any other device. MVISION Endpoint MVISION Mobile ios and Android Threat Defense
It Just Makes Sense to Focus on Protecting Windows Examples of Severe Common Vulnerabilities & Exposures (CVEs): CVE Score Risk CVE-2017-0507 CVSS 7.8: HIGH Elevation of Privileges (EOP) to permanently compromise the system CVE_2017_5054 CVSS 8.8: HIGH Heap buffer overflow allowing memory overwriting and enabling code execution CVE-2017-6979 CVSS 7.0: HIGH Elevation of Privileges (EOP) to completely compromise system & expose data Major In the Wild Threats Over The Last 12-18 Months: Privilege escalation vulnerability exposes 21 million systems to compromise Banking Trojan exposes millions of users of 400 banks to theft 14 million systems infected with malware that gains root access & maintains persistency
Wait a minute.these are Mobile! Examples of Severe Common Vulnerabilities & Exposures (CVEs): CVE Score Risk CVE-2017-0507 CVSS 7.8: HIGH Elevation of Privileges (EOP) to permanently compromise the system CVE_2017_5054 CVSS 8.8: HIGH Heap buffer overflow allowing memory overwriting and enabling code execution CVE-2017-6979 CVSS 7.0: HIGH Elevation of Privileges (EOP) to completely compromise system & expose data Major In the Wild Threats Over The Last 12-18 Months: Privilege escalation vulnerability exposes 21 million systems to compromise Banking Trojan exposes millions of users of 400 banks to theft 14 million systems infected with malware that gains root access & maintains persistency Dirty Cow BankBot CopyCat
MDM/EMM vs. Mobile Threat Defense
MVISION Mobile Protection DEVICE NETWORK APPLICATION OS Exploit Detection Reconnaissance Scans Malware Detection Automated Risk & Vulnerability Assessment Device Forensics USB Exploit Detection Man-in-the-Middle Attacks SSL Decryption / Stripping App Risk Analysis App Privacy Analysis Vulnerability & Risk Rogue Access Points App Forensic Reports Unsecured WiFi Proactive Threat Detection Proactive warning of previously attacked networks
MVISION Mobile Solution Overview MVISION Mobile Console MVISION epolicy Orchestrator MVISION Mobile App MDM\EMM Console
MVISION Mobile Application MVISION Mobile runs on devices ios (via ios App Store) Android (via Google Play Store) Device Safety OS Vulnerability Rooted/Jailbroken Compromised Risky Device Settings Network Safety Rogue or Suspicious Wi-Fi Access Point Identification App Safety Scanning of installed Apps Identify suspicious or malicious apps Prompt user with recommendation to remove
MVISION Mobile epo Integration Compliance Reporting Mobile Threat Data Threat Event Details Most Attacked Networks Risk Management Device Information OS Distribution MVISION Version Vulnerable OS Upgradeable OS Non-Upgradeable OS
Simple Modern SaaS infrastructure, streamlined workspaces and consolidated policies Flexible Leverage both McAfee and native OS controls Comprehensive Defend an expansive device ecosystem including mobile Simple Flexible SaaS, AWS or on-prem Native controls + 3rd party countermeasures Out-of-the box integrations Open integration fabric epo - a single to defend your expansive device ecosystem Distilled understanding Collective defense Fast Comprehend and pivot to action with less effort from a single platform Comprehensive Advanced fileless and malware-based defense Traditional Endpoints Servers, Containers Mobile Embedded IoT Complete landscape
For more information on this presentation please email anz_marketing@mcafee.com
McAfee, the McAfee logo, McAfee epolicy Orchestrator and McAfee epo are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the U.S. and/or other countries. Other names and brands may be claimed as the property of others. Copyright 2018 McAfee, LLC.