McAfee Endpoint Security

Similar documents
McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

Intelligent, Collaborative Endpoint Security

Defend Against the Unknown

McAfee Endpoint Threat Defense and Response Family

McAfee Endpoint Security Migration Guide. (McAfee epolicy Orchestrator)

Building Resilience in a Digital Enterprise

McAfee Public Cloud Server Security Suite

McAfee Embedded Control

McAfee Advanced Threat Defense

Reducing Operational Costs and Combating Ransomware with McAfee SIEM and Integrated Security

McAfee Endpoint Security

McAfee MVISION Endpoint 1811 Installation Guide

Petroleum Refiner Overhauls Security Infrastructure

McAfee MVISION Endpoint 1808 Installation Guide

McAfee Host Intrusion Prevention Administration Course

Reference Guide Revision B. McAfee Cloud Workload Security 5.0.0

McAfee Embedded Control for Retail

Introducing MVISION. Cohesive Cloud-based Management of Threat Countermeasures and Devices Leveraging Built-in Device Controls. Jon Parkes.

McAfee Endpoint Security

Securing the Software-Defined Data Center

Integrated McAfee and Cisco Fabrics Demolish Enterprise Boundaries

McAfee Web Gateway Administration

Understanding the McAfee Endpoint Security 10 Threat Prevention Module

Comprehensive Database Security

Sustainable Security Operations

Easily Managed, Advanced Endpoint Security Results in 125,000 Safer Desktops and Happier Users

The McAfee MOVE Platform and Virtual Desktop Infrastructure

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

Product Guide. McAfee Web Gateway Cloud Service

Securing Your Microsoft Azure Virtual Networks

Installation Guide. McAfee Web Gateway Cloud Service

Product Guide. McAfee Web Gateway Cloud Service

Sandboxing and the SOC

McAfee epolicy Orchestrator

White Paper. New Gateway Anti-Malware Technology Sets the Bar for Web Threat Protection

Product Guide Revision B. McAfee Cloud Workload Security 5.0.0

McAfee Total Protection for Data Loss Prevention

McAfee Virtual Network Security Platform

SentinelOne Technical Brief

McAfee MVISION Cloud. Data Security for the Cloud Era

McAfee Embedded Control

Power, Patch, and Endpoint Managers Expand McAfee epolicy Orchestrator Platform Capabilities While Cutting Costs

McAfee Endpoint Security Threat Prevention Product Guide - Windows

McAfee Content Security Reporter 2.6.x Migration Guide

Migration Guide. McAfee Content Security Reporter 2.4.0

McAfee Endpoint Security for Servers Product Guide. (McAfee epolicy Orchestrator)

McAfee Embedded Control for Healthcare

McAfee Endpoint Security

SIEM Solutions from McAfee

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

IT-Security Symposium in Stuttgart. Workshop McAfee Device-to-Cloud, Erweiterte Endpunktsicherheit für Microsoft Umgebungen

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

Product Guide. McAfee Endpoint Upgrade Assistant 1.5.0

Release Notes - McAfee Deep Defender 1.0

Symantec Client Security. Integrated protection for network and remote clients.

Global Manufacturer MAUSER Realizes Dream of Interconnected, Adaptive Security a Reality

Product overview. McAfee Web Protection Hybrid Integration Guide. Overview

McAfee Database Security Insights

McAfee Endpoint Upgrade Assistant Product Guide. (McAfee epolicy Orchestrator 5.9.0)

Securing Your Amazon Web Services Virtual Networks

McAfee Endpoint Upgrade Assistant Product Guide. (McAfee epolicy Orchestrator)

McAfee Endpoint Upgrade Assistant 2.3.x Product Guide

McAfee Skyhigh Security Cloud for Citrix ShareFile

McAfee Network Security Platform Administration Course

Services solutions for Managed Service Providers (MSPs)

McAfee Endpoint Security for Servers Product Guide

Unmask Evasive Threats

SentinelOne Technical Brief

How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis

: Administration of Symantec Endpoint Protection 14 Exam

Migration Guide. McAfee File and Removable Media Protection 5.0.0

McAfee Cloud Workload Security Product Guide

Product Guide Revision A. McAfee Client Proxy 2.3.2

McAfee Cloud Workload Security Suite Amazon Machine Image Installation Guide

Deploying the hybrid solution

Protecting Your Enterprise Databases from Ransomware

Installation Guide. McAfee Endpoint Security for Servers 5.0.0

McAfee Client Proxy Product Guide. (McAfee epolicy Orchestrator)

McAfee Embedded Control for Aerospace and Defense

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

McAfee Network Security Platform 8.3

McAfee Application Control/ McAfee Change Control Administration

McAfee Network Security Platform

McAfee Content Security Reporter Release Notes. (McAfee epolicy Orchestrator)

RSA INCIDENT RESPONSE SERVICES

McAfee MVISION Mobile Microsoft Intune Integration Guide

McAfee Skyhigh Security Cloud for Amazon Web Services

Product Guide. McAfee Endpoint Upgrade Assistant 1.4.0

McAfee Network Security Platform 8.3

RSA INCIDENT RESPONSE SERVICES

Installing Client Proxy software

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

TREND MICRO SMART PROTECTION SUITES

Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs

Vidant Health Shifts from Security Alert Overload to Automated Detection and Correction

McAfee Endpoint Security for Linux Threat Prevention Interface Reference Guide

White Paper April McAfee Protection-in-Depth. The Risk Management Lifecycle Protecting Critical Business Assets.

Whitepaper. Advanced Threat Hunting with Carbon Black Enterprise Response

McAfee Network Security Platform 8.3

McAfee MVISION Mobile epo Extension Product Guide

Transcription:

McAfee Endpoint Security Frequently Asked Questions Overview You re facing new challenges in light of the increase of advanced malware. Limited integration between threat detection, network, and endpoint technologies lengthens your response time and complicates remediation. In addition, it s often difficult to translate malware information into action and remediation. To help arm you with the defenses and tools today s advanced threats require, our endpoint protection defenses are built upon an integrated security framework: McAfee Endpoint Security. Below are a few frequently asked questions (FAQs): Q. What is it? A. McAfee Endpoint Security is our collaborative protection for McAfee Endpoint Protection Suite customers. It provides a framework that allows multiple endpoint defense technologies to communicate in real time to analyze and collaborate against new and advanced threats. Q. What is new in McAfee Endpoint Security version 10.5? A. McAfee Endpoint Security provides a collaborative security framework that reduces the complexity of endpoint security environments, delivers better performance that protects productivity, and offers visibility into advanced threats that speeds detection and remediation responses. Its extensible architecture provides a framework for IT teams who are burdened with multiple solutions to more easily view, respond to, and manage the threat defense lifecycle. Our 10.5 release introduces several new technologies and improvements: Real Protect. 1 Applies state-of-the-art machine learning techniques to identify malicious code based on both what it looks like and what it might do (pre-execution analysis) and what it does (dynamic behavioral analysis) all without signatures. Dynamic Application Containment. 2 This release includes the ability to contain a single instance of a process. Connect With Us 1 McAfee Endpoint Security

McAfee Client Proxy integration. McAfee Endpoint Security is now ready for Multi-Layered Web Gateway Security which provides pervasive protection wherever a user travels, eliminating the gap of off-network protection by connecting endpoints to the Web Gateway cloud service. Migration Assistant. The automatic migration capability now includes McAfee epolicy Orchestrator (McAfee epo ) system tree groups and McAfee VirusScan Enterprise policies for workstations and servers. The assistant will also now generate equivalent McAfee Endpoint Security Web Control multi-slotted policies during migration. Firewall Module. HTTPS suffix now available for domain reachability location criteria. Threat Prevention Module. On-Demand Scans now include a registry scanning option. Administrators can create custom services Access Protection rules and Access Protection rules now include Windows Services. Custom Application Exploit Prevention is available along with McAfeesupplied intrusion prevention system (IPS) signatures. Lastly, Windows Application protection has been added to Exploit Prevention rules. Q. What are the key areas of improvement? A. McAfee Endpoint Security version 10.5 continues the positive improvements that we ve already witnessed in prior releases: Zero-impact user scans only run when the device is idle and resumes after shutdown or restart. Our framework allows us to deploy future scanners and content without requiring point product binary updates. Idle CPU use is 18% faster than McAfee VirusScan Enterprise. Boot time is 18% faster than McAfee legacy endpoint security. CPU utilization is 89% better than McAfee legacy endpoint security. First-time scans for McAfee Endpoint Security 10.1 run more than 30% faster over our legacy endpoint security solutions. Version 10.2 Improvements: Initial on-demand scans are 48% faster over McAfee VirusScan Enterprise. Applications launch 57% faster compared to McAfee Endpoint Security 10.1. Endpoints shut down 27% faster than McAfee Endpoint Security 10.1. File copy with McAfee Endpoint Security 10.2 is 32% faster than deployments of McAfee VirusScan Enterprise/McAfee Host Intrusion Prevention for Server/McAfee SiteAdvisor Enterprise. 2 McAfee Endpoint Security

Version 10.5 Improvements over McAfee legacy endpoint security: The user interface launches 34% faster. Web browsing is 17% faster. Reduced impact to endpoint performance. File Copy is performed 17% faster. Installation of applications occurs 38% faster. System boot times are 12% faster. Q. What is included with McAfee Endpoint Security? A. There are three core modules: Threat Prevention Module. Includes several new advanced malware scanning features to defend against emerging and targeted attacks. It is a replacement for McAfee VirusScan Enterprise, however unlike VirusScan Enterprise, it includes exploit prevention capabilities similar to those found in Host Intrusion Prevention. Web Security Module. Prevents users from browsing to malicious or unauthorized websites and serves as a replacement for McAfee SiteAdvisor Enterprise. Firewall Module. Stops malicious inbound and outbound network traffic and replaces the Host Intrusion Prevention System Firewall feature of Host IPS. The Adaptive Threat Protection module is a new module which is available as part of the Complete Endpoint Threat Protection suite (formerly Complete Endpoint Protection Enterprise). This module houses Dynamic Application Containment (DAC) and Real Protect technologies. Both DAC and Real Protect integrate with the McAfee Endpoint Security framework. Customers interested in obtaining DAC and Real Protect should contact a sales representative or their partner for information on how they can migrate from their current suites to obtain these capabilities. Q. What is Dynamic Application Containment (DAC)? A. DAC is a capability that traces and contains threats like greyware and secures patient-zero. It is lightweight and doesn t require a cloud connection so users are protected no matter their location. DAC detects and contains greyware immediately to stop infection before it begins for endpoints both on and off the network. It is available as part of the McAfee Complete Endpoint Threat Protection suite. Q. What is Real Protect? A. Real Protect uses machine-learning behavior classification to detect zero-day threats in near real time enabling actionable threat intelligence. It stops known threats by comparison and analysis of established malware attributes, then combats and convicts the unknown using behavioral and memory analysis. It unpacks executables to detect sophisticated threats with obfuscated code variants, undetected by static detection methods. 3 McAfee Endpoint Security

Q. Do either Real Protect or DAC require an internet connection? A. Dynamic Application Containment works with or without a connection while Real Protect requires a connection. However, because Real Protect and DAC leverage McAfee Global Threat Intelligence to get the latest information on threat behaviors and the Real Protect cloud aids in the decision process when determining the intent of behaviors, an internet connection is recommended to help avoid any false positive convictions and to combat the newest emerging threats as they appear in real time globally. Q. How does the web gateway cloud service work with McAfee Endpoint Security? A. Integration of McAfee Client Proxy into McAfee Endpoint Security enables the endpoint the ability to redirect HTTP and HTTPS traffic transparently to McAfee Web Gateway or McAfee Web SaaS cloud. The re-directed traffic can be scanned for malware, reputation and category-based filtering along with SSL decryption all managed by McAfee epo or cloud epo software for an integrated user experience. Customers using McAfee Client Proxy with McAfee Endpoint Security will see a dramatic reduction in infected endpoints, pervasive protection wherever their users travel, and elimination of the gap caused by off-network protection. Q. What are the advantages of the common architecture in the McAfee Endpoint Security platform? A. Along with higher performance and better protection, the common architecture allows the modules to work together to provide improved security. For example, when a file gets downloaded, the Web Control module sends a file hash to the Threat Prevention module. The Threat Prevention module triggers an immediate on-demand scan on the file. You can also configure McAfee Global Threat Intelligence sensitivity in McAfee epo software for these types of scenarios. Based on the results of the scan, the product will take the necessary action. Q. Does McAfee Endpoint Security offer full Host Intrusion Prevention for Server functionality? A. Customers that use Host Intrusion Prevention for Server currently with McAfee content or who manage signatures provided through McAfee updates will find that McAfee Endpoint Security version 10.5 will meet their needs. Version 10.5 offers most of the Host Intrusion Prevention for Server functionality customers require including the following: 1. Custom Access Protection Rules (File/Registry/ Process), including user-based inclusions/ exclusions. 2. Exploit Prevention now has enhanced exclusions as well as support for General Privilege Escalation Protection. 3. Data Execution Protection. 4. Supervisor Mode Execution Protection. 4 McAfee Endpoint Security

Customers will be able to operate McAfee Endpoint Security and Host Intrusion Prevention for Server on the same machine as there is co-existence of both. It is also worth noting that there are advanced features of the Threat Prevention module (Generic Buffer Overflow Protection, Data Execution Prevention, and advanced Access Protection rules) that provide protection against advanced targeted attacks. Lastly, the Threat Intelligence Exchange module can also be added to the McAfee Endpoint Security platform providing further advanced threat protection capabilities. Q. Are Macintosh and Linux systems supported? A. Yes, McAfee Endpoint Security supports both Mac OS and Linux. Also, both Windows and Macintosh systems can now be managed by the same policy configurations in McAfee epo software and Cross- OS Threat Prevention Extensions exist to simplify management. Administrators no longer need to manage Threat Prevention policies for the Macintosh platform separately. Q. Is there an additional charge or cost? A. Current Endpoint Suites customers are entitled to McAfee Endpoint Security at no additional cost. The Adaptive Threat Protection module is available only to Complete Endpoint Threat Protection (formerly CEE suite) customers. Customers may purchase or migrate to the Complete Endpoint Threat Protection suite using cross-grade paths or at the time of renewal. Two additional add-on packages are also available for purchase McAfee Endpoint Threat Defense and McAfee Endpoint Threat Defense and Response which offer these technologies along with others like McAfee Active Response. Contact your sales representative or partner for more information and for help determining what best fits the requirements of your environment. Q. What is available to aid in migrating our existing policies? A. We have created a Migration Assistant tool that will aid you in migrating data to the McAfee Endpoint Security platform. There are two approaches that can be taken: Automatic Migration. Customers can create new policies and client tasks automatically, based on current product settings, and assign them to groups and managed systems based on current assignments. Manual Migration. Customers select the settings to migrate and, optionally, edit them. Manual migration does not retain assignments. Help is also available from the McAfee Professional Services team including upgrade assessment, design, pilot planning, and optimization. 5 McAfee Endpoint Security

Q. How do we get access to McAfee Endpoint Security? A. You simply log in to McAfee epo software, and it will be available within Software Manager. You can also get access by using your grant number to download the software package in order to install it via McAfee epo software. Q. Where can I go to learn more about McAfee Endpoint Security? A. Additional materials can be found on the McAfee Endpoint Security landing page and within online help. 1. The solution includes hosted data centers located in the United States used to check file reputations and store data relevant to suspicious file detection. Although not required, Dynamic Application Containment will perform optimally with a cloud connection. Full Dynamic Application Containment and Real Protect product capabilities require cloud access, active support and are subject to Cloud Service Terms and Conditions. 2. Ibid. 2821 Mission College Blvd. Santa Clara, CA 95054 888.847 8766 www.mcafee.com McAfee and the McAfee logo, epolicy Orchestrator, McAfee epo, SiteAdvisor, and VirusScan are trademarks or registered trademarks of McAfee, LLC or itssubsidiaries in the US and other countries. Other marks and brands may be claimed as the property of others. Copyright 2017 McAfee, LLC. 1873_1016 OCTOBER 2016 6 McAfee Endpoint Security

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback