McAfee Embedded Control

Similar documents
McAfee Embedded Control for Retail

McAfee Embedded Control

McAfee Embedded Control for Healthcare

McAfee Embedded Control for Aerospace and Defense

McAfee Public Cloud Server Security Suite

McAfee Application Control/ McAfee Change Control Administration

Defend Against the Unknown

Comprehensive Database Security

McAfee Endpoint Security

McAfee Endpoint Threat Defense and Response Family

The McAfee MOVE Platform and Virtual Desktop Infrastructure

McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

Building Resilience in a Digital Enterprise

McAfee epolicy Orchestrator

Reducing Operational Costs and Combating Ransomware with McAfee SIEM and Integrated Security

McAfee Network Security Platform Administration Course

McAfee Advanced Threat Defense

Understanding the McAfee Endpoint Security 10 Threat Prevention Module

Release Notes McAfee Application Control 6.1.2

McAfee Web Gateway Administration

McAfee Host Intrusion Prevention Administration Course

Integrated McAfee and Cisco Fabrics Demolish Enterprise Boundaries

Securing the Software-Defined Data Center

United Automotive Electronic Systems Co., Ltd Relies on McAfee for Comprehensive Security

White Paper. Closing PCI DSS Security Gaps with Proactive Endpoint Monitoring and Protection

McAfee Endpoint Security

Sustainable Security Operations

Expand Virtualization. Maintain Security.

McAfee Virtual Network Security Platform

Symantec Endpoint Protection 14

Intelligent, Collaborative Endpoint Security

Petroleum Refiner Overhauls Security Infrastructure

Securing Your Microsoft Azure Virtual Networks

Symantec Endpoint Protection

McAfee Application Control Windows Product Guide. (McAfee epolicy Orchestrator)

McAfee VirusScan and McAfee epolicy Orchestrator Administration Course

Total Protection for Compliance: Unified IT Policy Auditing

Product Guide. McAfee Web Gateway Cloud Service

Product Guide. McAfee Web Gateway Cloud Service

McAfee Total Protection for Data Loss Prevention

Securing Your Amazon Web Services Virtual Networks

Global Manufacturer MAUSER Realizes Dream of Interconnected, Adaptive Security a Reality

Securing Today s Mobile Workforce

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

Trend Micro. Apex One as a Service / Apex One. Best Practice Guide for Malware Protection. 1 Best Practice Guide Apex One as a Service / Apex Central

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

GDPR: An Opportunity to Transform Your Security Operations

Product overview. McAfee Web Protection Hybrid Integration Guide. Overview

Protecting the Internet of Things

SIEM: Five Requirements that Solve the Bigger Business Issues

Imperva Incapsula Website Security

Carbon Black PCI Compliance Mapping Checklist

Maximum Security with Minimum Impact : Going Beyond Next Gen

White Paper. New Gateway Anti-Malware Technology Sets the Bar for Web Threat Protection

Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs

McAfee MVISION Cloud. Data Security for the Cloud Era

Security by Default: Enabling Transformation Through Cyber Resilience

White Paper April McAfee Protection-in-Depth. The Risk Management Lifecycle Protecting Critical Business Assets.

The Convergence of Security and Compliance

Reference Guide Revision B. McAfee Cloud Workload Security 5.0.0

Quick Heal Microsoft Exchange Protection

Services solutions for Managed Service Providers (MSPs)

Introducing MVISION. Cohesive Cloud-based Management of Threat Countermeasures and Devices Leveraging Built-in Device Controls. Jon Parkes.

Changing face of endpoint security

McAfee Endpoint Security

Sandboxing and the SOC

Securing the Modern Data Center with Trend Micro Deep Security

Product Guide Revision B. McAfee Cloud Workload Security 5.0.0

IT-Security Symposium in Stuttgart. Workshop McAfee Device-to-Cloud, Erweiterte Endpunktsicherheit für Microsoft Umgebungen

Endpoint Security for DeltaV Systems

Power, Patch, and Endpoint Managers Expand McAfee epolicy Orchestrator Platform Capabilities While Cutting Costs

PCI DSS v3.2 Mapping 1.4. Kaspersky Endpoint Security. Kaspersky Enterprise Cybersecurity

SIEM Solutions from McAfee

Symantec Endpoint Protection Family Feature Comparison

McAfee Database Security Insights

AND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING

McAfee Drive Encryption Administration Course

McAfee Endpoint Security Migration Guide. (McAfee epolicy Orchestrator)

McAfee MVISION Endpoint 1811 Installation Guide

AT&T Endpoint Security

McAfee Network Security Platform 8.3

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS

McAfee Skyhigh Security Cloud for Amazon Web Services

McAfee Endpoint Security Threat Prevention Product Guide - Windows

Managed Endpoint Defense

Network Security Platform Overview

CA Security Management

Agenda. Today s IT Challenges. Symantec s Collaborative Architecture. Symantec TM Endpoint Management Suite. Connecting Symantec Technologies Today

McAfee Endpoint Security

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Symantec Client Security. Integrated protection for network and remote clients.

McAfee MVISION Endpoint 1808 Installation Guide

McAfee Data Loss Prevention Endpoint 10.0

Symantec Multi-tier Protection

McAfee Advanced Threat Defense Release Notes

Interface Reference. McAfee Application Control Windows Interface Reference Guide. Add Installer page. (McAfee epolicy Orchestrator)

McAfee EMM Best Practices Document Upgrading your High Availability EMM installation

WatchGuard Total Security Complete network protection in a single, easy-to-deploy solution.

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

Transcription:

McAfee Embedded Control System integrity, change control, and policy compliance in one solution McAfee Embedded Control maintains the integrity of your system by only allowing authorized code to run and only authorized changes to be made. It automatically creates a dynamic whitelist of the authorized code on the embedded system. Once the whitelist is created and enabled, the system is locked down to the known good baseline no program or code outside the authorized set can run, and no unauthorized changes can be made. McAfee Integrity Control which combines McAfee Embedded Control and the McAfee epolicy Orchestrator (McAfee epo ) console provides integrated audit and compliance reports to help you satisfy multiple compliance regulations. Key Advantages Minimizes your security risk by controlling what runs on your embedded devices and protecting the memory in those devices Enables you to give access, retain control, and reduce support costs Selective enforcement Deploy and forget Allows you to make your devices McAfee Embedded Control focuses on solving the problem of increased security risk arising from the adoption of commercial operating systems in embedded McAfee Embedded Control is a small-footprint, low-overhead, application-independent solution that provides deploy-and-forget security. McAfee Embedded Control converts a system built on a commercial operating system into a black box so it looks like a closed proprietary operating system. It prevents any unauthorized program that is on disk or injected into memory from executing and prevents unauthorized changes to an authorized baseline. This solution enables manufacturers to enjoy the benefits of using a commercial operating system without incurring additional risk or losing control over how systems are used in the field. Assured System Integrity Executable control With McAfee Embedded Control, only programs contained in the McAfee dynamic whitelist can execute. Other programs (exes, dlls, scripts) are considered unauthorized. Their execution is prevented, and the failure is logged by default. This prevents worms, viruses, spyware, and other malware that install themselves from executing illegitimately. Memory control Memory control ensures that running processes are protected from malicious attempts to hijack them. Unauthorized code injected into a running process is trapped, halted, and logged. This way, attempts to gain control of a system through buffer overflow, heap compliance and audit ready Real time visibility Comprehensive audit Searchable change archive Closed-loop reconciliation 1 McAfee Embedded Control

overflow, stack execution, and similar exploits are rendered ineffective and are logged. 1 McAfee Global Threat Intelligence Integration: The Smart Way to Deal with Global Threats for Air-Gap Environments McAfee Global Threat Intelligence (McAfee GTI) is an exclusive McAfee technology that tracks the reputation of files, messages, and senders in real time using millions of sensors worldwide. This feature uses cloud-based knowledge to determine the reputation of all files in your computing environment, classifying them as good, bad, and unknown. With McAfee GTI integration, you ll know with certainty when any malware has been inadvertently whitelisted. The GTI reputation is accessible in Internet connected as well as isolated McAfee epo software environments. control McAfee Embedded Control detects changes in real time. It provides visibility into the sources of change and verifies that changes were deployed onto the correct target It also provides an audit trail of changes and allows changes to be made only through authorized means. McAfee Embedded Control allows you to enforce change control processes by specifying the authorized means of making changes. You may control who can apply changes, which certificates are required to allow changes, what may be changed (for example, you may restrict changes to certain files or directories), and when changes may be applied (for example, update Microsoft Windows may only be opened during certain times of the week). Proactive change verifies each change before it is applied on target With this module enabled, updates to software systems may only be made in a controlled manner. The real-time change tracking module logs all changes to system state, including code, configuration, and the registry. events are logged as they occur, in real time, and sent to the system controller for aggregation and archival purposes. Real-Time Tracking McAfee Control Layer Agent Deployed on Endpoints Figure 1. The McAfee control layer. Proactive Validation The system controller module manages communication between the system controller and the agents. It aggregates and stores change event information from the agents in the independent system of record. 2 McAfee Embedded Control

Reporting Search and Analytics s Control Integration Independent System of Record McAfee Control Layer Agent Deployed on Endpoints Figure 2. Reporting, search, and analytics modules. McAfee Embedded Control delivers integrated, closedloop, real-time compliance and audit, complete with a tamperproof system of record for the authorized activity and unauthorized attempts. About McAfee Embedded Security McAfee Embedded Security solutions help manufacturers ensure that their products and devices are protected from cyberthreats and attacks. McAfee solutions span a wide range of technologies, including application whitelisting, antivirus and anti-malware protection, device management, encryption, and risk and compliance and all leverage the industry-leading McAfee Global Threat Intelligence. Our solutions can be tailored to meet the specific design requirements for a manufacturer s device and its architectures. Next Steps For more information, visit www.mcafee.com/embeddedsecurity or contact your local McAfee representative. Audit and Policy Compliance McAfee Integrity Control provides dashboards and reports that help you meet compliance requirements. These are generated through the McAfee epo console, which provides a web-based user interface (UI) for users and administrators. 3 McAfee Embedded Control

Feature Description Benefit Guaranteed System Integrity External threat defense Internal threat defense Advanced Control Secure authorized updates by manufacturer Verify changes that occurred within approved window Ensures that only authorized code can run. Unauthorized code cannot be injected into memory. Authorized code cannot be tampered with. Local administrator lockdown gives the flexibility to disable even administrators from changing what is authorized to run on a protected system, unless presented by an authentic key. Ensures that only authorized updates can be implemented on in-field embedded Ensure that changes were not deployed outside of authorized change windows. Authorized updaters Ensure that only authorized updaters (people or processes) can implement changes on production Real-Time, Closed Loop, Audit and Compliance Real-time change tracking Track changes as soon as they happen across the enterprise. Comprehensive audit Capture complete change information for every system change: who, what, where, when, and how. Identify sources of change Link every change to its source: who made the change, the sequence of events that led to it, the process/program that affected it. Eliminates emergency patching, reduces number and frequency of patching cycles, enables more testing before patching, reduces security risk for difficult-to-patch Reduces security risk from zero-day, polymorphic attacks via malware such as worms, viruses, and Trojans and code injections like buffer-overflow, heap overflow, and stack-overflow. Maintains integrity of authorized files, ensuring the system in production is in a known and verified state. Reduces the cost of operations by limiting unplanned patching and recovery downtime and improves system availability. Protects against internal threat. Locks down what runs on embedded systems in production and prevents change even by administrators. Ensures that no out-of-band changes can be deployed on systems in the field. Prevents unauthorized system changes before they result in downtime and generate support calls. Manufacturers can choose to retain control over all changes themselves, or authorize only trusted customer agents to control changes Prevent unauthorized change during fiscally sensitive time windows or during peak business hours to avoid operational disruption and/ or compliance violations. Ensure that no out-of-band changes can be deployed on production Ensure that no out-of-band changes can be deployed on production An accurate, complete, and definitive record of all system changes. Validate approved changes, quickly identify unapproved changes, and increase change success rate. 4 McAfee Embedded Control

Feature Description Benefit Low Operational Overhead Deploy and forget Software installs in minutes, no initial It works out of the box and is effective immediately after installation no configuration or setup necessary and no ongoing configuration necessary. ongoing maintenance overhead, thereby favorable choice for a low OPEX security solution configuration. Rules-free, signature-free, no learning period, application independent Does not depend on rules or signature databases and is effective across all applications immediately with no learning period. Needs very low attention from an administrator during server lifecycle. Protects server until patched or unpatched server with low ongoing OPEX Effectiveness not dependent on quality of any rules or policies Small footprint, low runtime overhead Guaranteed no false positives or false negatives It takes up less than 20 MB disk space and does not interfere with an application s runtime performance. Only unauthorized activity is logged. It s ready to be deployed on any mission-critical production system without impacting its run-time performance or storage requirements. Accuracy of results reduces OPEX as compared to other host intrusion prevention solutions by dramatically reducing the time needed to analyze logs daily/weekly. Improves administrator efficiency, reduces OPEX. 1. Only available on Microsoft Windows platforms. 2821 Mission College Boulevard Santa Clara, CA 95054 888 847 8766 www.mcafee.com McAfee and the McAfee logo, epolicy Orchestrator, and McAfee epo are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the US and other countries. Other marks and brands may be claimed as the property of others. Copyright 2017 McAfee, LLC. 60745ds_embedded-control_1213B DECEMBER 2013 5 McAfee Embedded Control

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback