McAfee Embedded Control for Aerospace and Defense

Similar documents
McAfee Embedded Control

McAfee Embedded Control

McAfee Embedded Control for Healthcare

McAfee Embedded Control for Retail

McAfee Public Cloud Server Security Suite

Comprehensive Database Security

McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

The McAfee MOVE Platform and Virtual Desktop Infrastructure

McAfee Endpoint Security

Reducing Operational Costs and Combating Ransomware with McAfee SIEM and Integrated Security

McAfee Endpoint Threat Defense and Response Family

Building Resilience in a Digital Enterprise

McAfee Application Control/ McAfee Change Control Administration

Defend Against the Unknown

Security by Default: Enabling Transformation Through Cyber Resilience

McAfee epolicy Orchestrator

McAfee Advanced Threat Defense

Integrated McAfee and Cisco Fabrics Demolish Enterprise Boundaries

Sustainable Security Operations

Global Manufacturer MAUSER Realizes Dream of Interconnected, Adaptive Security a Reality

Securing the Software-Defined Data Center

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS

SIEM: Five Requirements that Solve the Bigger Business Issues

Symantec Client Security. Integrated protection for network and remote clients.

Symantec Endpoint Protection 14

Expand Virtualization. Maintain Security.

United Automotive Electronic Systems Co., Ltd Relies on McAfee for Comprehensive Security

Securing Your Microsoft Azure Virtual Networks

McAfee Total Protection for Data Loss Prevention

White Paper April McAfee Protection-in-Depth. The Risk Management Lifecycle Protecting Critical Business Assets.

Services solutions for Managed Service Providers (MSPs)

Securing Your Amazon Web Services Virtual Networks

Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs

SIEM Solutions from McAfee

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Security: The Key to Affordable Unmanned Aircraft Systems

White Paper. New Gateway Anti-Malware Technology Sets the Bar for Web Threat Protection

McAfee Virtual Network Security Platform

PROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Intelligent, Collaborative Endpoint Security

McAfee Host Intrusion Prevention Administration Course

Symantec Endpoint Protection

White Paper. Closing PCI DSS Security Gaps with Proactive Endpoint Monitoring and Protection

McAfee Network Security Platform Administration Course

Endpoint Security for DeltaV Systems

Power, Patch, and Endpoint Managers Expand McAfee epolicy Orchestrator Platform Capabilities While Cutting Costs

McAfee Web Gateway Administration

GDPR: An Opportunity to Transform Your Security Operations

Changing face of endpoint security

Securing Today s Mobile Workforce

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

MAXIMIZE SOFTWARE INVESTMENTS

Key Features. DATA SHEET

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

Agenda. Today s IT Challenges. Symantec s Collaborative Architecture. Symantec TM Endpoint Management Suite. Connecting Symantec Technologies Today

Petroleum Refiner Overhauls Security Infrastructure

PCI DSS v3.2 Mapping 1.4. Kaspersky Endpoint Security. Kaspersky Enterprise Cybersecurity

McAfee VirusScan and McAfee epolicy Orchestrator Administration Course

Securing Devices in the Internet of Things

McAfee Endpoint Security

Imperva Incapsula Website Security

Total Protection for Compliance: Unified IT Policy Auditing

Reference Guide Revision B. McAfee Cloud Workload Security 5.0.0

THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS

SECURING DEVICES IN THE INTERNET OF THINGS

IT-Security Symposium in Stuttgart. Workshop McAfee Device-to-Cloud, Erweiterte Endpunktsicherheit für Microsoft Umgebungen

Symantec Multi-tier Protection

Product Guide. McAfee Web Gateway Cloud Service

Trend Micro. Apex One as a Service / Apex One. Best Practice Guide for Malware Protection. 1 Best Practice Guide Apex One as a Service / Apex Central

Traditional Security Solutions Have Reached Their Limit

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

TRAPS ADVANCED ENDPOINT PROTECTION

Symantec Protection Suite Add-On for Hosted Security

Automating the Top 20 CIS Critical Security Controls

McAfee Cloud Workload Security Product Guide

Managed Endpoint Defense

Maximum Security with Minimum Impact : Going Beyond Next Gen

Endpoint Protection : Last line of defense?

FOR FINANCIAL SERVICES ORGANIZATIONS

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

Securing the Modern Data Center with Trend Micro Deep Security

ENDPOINT SECURITY STORMSHIELD PROTECTION FOR WORKSTATIONS. Protection for workstations, servers, and terminal devices

SECURING DEVICES IN THE INTERNET OF THINGS

The Convergence of Security and Compliance

JUST WHAT THE DOCTOR ORDERED: A SOLUTION FOR SMARTER THERAPEUTIC DEVICES PLACEHOLDER IMAGE INNOVATORS START HERE.

Security and PCI Compliance for Retail Point-of-Sale Systems

Introducing MVISION. Cohesive Cloud-based Management of Threat Countermeasures and Devices Leveraging Built-in Device Controls. Jon Parkes.

Release Notes McAfee Application Control 6.1.2

Product Guide. McAfee Web Gateway Cloud Service

Protecting the Internet of Things

BUFFERZONE Advanced Endpoint Security

Five Steps to Improving Security in Embedded Systems

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

CA ARCserve Backup. Benefits. Overview. The CA Advantage

McAfee MVISION Cloud. Data Security for the Cloud Era

Understanding the McAfee Endpoint Security 10 Threat Prevention Module

Symantec Endpoint Protection

BUFFERZONE Advanced Endpoint Security

AND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING

CA Host-Based Intrusion Prevention System r8

Transcription:

McAfee Embedded Control for Aerospace and Defense A single solution for system integrity, change control, and policy compliance McAfee Embedded Control for Aerospace and Defense Systems part of the McAfee product offering maintains the integrity of your system by only allowing authorized code to run and only authorized changes to be made to a system. It automatically creates a dynamic whitelist of the authorized code on the embedded system. Once the whitelist is created and enabled, the system is locked down to the current, known good baseline, and no program or code snippet outside the authorized set can run and no unauthorized changes can be made. We provide the required availability of the mission s operations in distributed control systems environments while providing the security foundations for today s critical avionics, weapons control and electronic warfare, and multilevel secure systems. McAfee Embedded Control is a small-footprint, lowoverhead, application-independent solution that provides deploy-and-forget security on embedded systems by converting a system built on a commercial operating system into a black box with the characteristics of a closed proprietary operating system. It prevents any unauthorized program on disk or injected into memory from executing and prevents unauthorized changes to an authorized baseline. Assured System Integrity Executional control With McAfee Embedded Control enabled, only programs contained in the McAfee dynamic whitelist are allowed to execute. Any other programs are considered unauthorized, and their execution is prevented and the failure is logged by default. This enforcement prevents unauthorized programs such as worms, viruses, and spyware from executing illegitimately. Key Advantages Minimizes your security risk by controlling what runs on your embedded devices and protecting the memory in those devices Enables you to provide access, retain control, reduce support costs Selective enforcement Deploy and forget Allows you to make your devices compliance- and audit-ready Real-time visibility Comprehensive audit Searchable change archive Closed-loop reconciliation 1 McAfee Embedded Control for Aerospace and Defense

Memory control It assures that running processes are protected from malicious attempts to hijack them. Unauthorized code injected into a running process is trapped, halted, and logged. Attempts to gain control of a system through buffer/heap overflow, and similar exploits are rendered ineffective and logged. 1 Change Control McAfee Embedded Control detects changes in real time. It provides visibility into the sources of change and verifies that changes are deployed onto the correct target systems. It also provides an audit trail of all changes and allows changes to be made only through authorized means. McAfee Embedded Control allows you to enforce change control processes by specifying the authorized means of making changes. You may control who (people or processes) can apply changes, which certificates are required to allow changes, and when changes may be applied. Audit and Policy Compliance McAfee Integrity Control provides dashboards and reports that help you meet compliance requirements. These reports and dashboards are generated through the McAfee epolicy Orchestrator (McAfee epo ) console, which provides a web-based user interface for users and administrators. McAfee Embedded Control delivers integrated, closed-loop, real-time compliance and audit, complete with a tamperproof system-ofrecord for the authorized activity and unauthorized attempts. McAfee Global Threat Intelligence Integration: The Smart Way to Deal with Global Threats for Air-Gap Environments McAfee Global Threat Intelligence (McAfee GTI) is an exclusive McAfee technology that tracks the reputation of files, messages, and senders in real time using millions of sensors worldwide. This feature uses cloud-based knowledge to determine the reputation of all files in your computing environment, classifying them as good, bad, and unknown. With McAfee GTI integration, you ll know with certainty when any malware has been inadvertently whitelisted. The McAfee GTI reputation is accessible in internet-connected as well as isolated McAfee epo software environments. Aerospace and Defense Proven Threats and Needed Protections Aerospace and defense device developers build large, complex systems on tight and demanding schedules. While you may develop the specifications for your project, it s often impossible to commit resources or build teams until a contract is awarded. Then the clock starts ticking your team needs to come up to speed quickly. Government standards and certifications have to be addressed. Your piece of the solution must interoperate with all the pieces that other teams are building and tie into the end user s environment. When the technology is mission-critical, your device has to perform with unerring reliability and predictability and cannot allow compromise of data or security on the enduser system. You need to ask yourself these questions: We Understand the Aerospace and Defense Environment Applicable Standards FIPS Eclipse DISR LSB SCA Common Criteria IPv6 POSIX CGL 4.0 Europe RTCA ED-124 ED-80B ED-12B DO-297 DO-278 DO-178B ARINC 653 Weapons control and electronic warfare Avionics Multilevel Secure Systems FIPS 180-3 compliant Common Criteria-Tested to EAL 3 Can be integrated into host-based security systems (HBSS) 2 McAfee Embedded Control for Aerospace and Defense

How will you deliver new devices on the latest silicon without compromising on safety and security? How do you plan to reduce development costs and compress delivery time in the face of increasing systems complexity? How will you differentiate your products while meeting strict performance and reliability specifications? How will you integrate into your customer s environment and HBSS and FIPs compliance requirements? Human lives are at stake when it comes to aerospace and defense applications. There is no room for error safety and security are paramount. Yet time-to-market and increased capability must be achieved. Delivering safe and secure systems in an increasingly complex and connected world is a daunting challenge. Increasingly, the systems in the aerospace and defense arena face significant security challenges from outside threats, especially those that may result in compromising the ability of the system to function when needed and/or loss of data. During the past decade, the aerospace and defense embedded-software market transitioned to accept commercial-off-the-shelf (COTS) software and now expects the COTS software suppliers to provide solutions for safety-critical environments. This further heightens the security requirements, since the COTS vendors often have not had to grapple with the threat environment of the aerospace and defense arena. Against this backdrop, the embedded systems world is adopting leading-edge technologies, such as partitioning, virtualization, and multicore to take advantage of more powerful integrated CPUs, multicore and multiple operating system capability, and small and robust separation kernels managing multiple virtual execution environments. There is also increasing demand to run embedded applications on Linux and Microsoft Windows on systems that also have to support safety and/or security functions. The continuing demand in the aerospace and defense communities to reduce space, weight, and power (SWaP) as a way of saving costs and increasing payload capability has led to greater reliance on fewer, more powerful embedded computing systems along with greater systems reliability, lower cost of maintenance, and easier upgrade capability for obsolescence management. There is also an accompanying increased demand for security. With the approval and initial deployment of the Future Combat Systems (FCS) in the US, the NATO Network Enabled Capability (NNEC), and other systems in various countries, the move toward a fully connected military arena is no longer a trend but a reality. This has resulted in: Greater connectivity to IP networks for WAN communications Greater connectivity to defense IT infrastructure where threats tend to be more pervasive due to greater IP connectivity and users 3 McAfee Embedded Control for Aerospace and Defense

Greater remote access to the control systems environment Greater sensitivity to use of security technologies that could compromise war fighting ability Above all else, nation states must maintain prioritized focus on availability. Ultimately, our enemy s increased interest and their research and knowledge revolves around proprietary control of these embedded systems. About McAfee Embedded Security McAfee Embedded Security solutions help manufacturers ensure that their products and devices are protected from cyberthreats and attacks. Our solutions span a wide range of technologies, including application whitelisting, antivirus and anti-malware protection, device management, encryption, and risk and compliance and all leverage the industry-leading McAfee GTI. Our solutions can be tailored to meet the specific design requirements for a manufacturer s device and its architectures. Next Steps For more information, visit www.mcafee.com/embeddedsecurity or contact your local McAfee representative. Feature Description Benefit Guaranteed System Integrity External threat defense Internal threat defense Advanced Change Control Secure authorized updates by manufacturer Verify that changes occurred within approved window It ensures that only authorized code can run. Unauthorized code cannot be injected into memory. Authorized code cannot be tampered with. Local administrator lockdown gives the flexibility to disable even administrators from changing what is authorized to run on a protected system, unless presented by an authentic key. Ensures that only authorized updates can be implemented on in-field embedded systems. Ensure that changes were not deployed outside of authorized change windows. Eliminates emergency patching, reduces number and frequency of patching cycles, enables more testing before patching, reduces security risk for difficult-to-patch systems Reduces security risk from zero-day, polymorphic attacks via malware such as worms, viruses, and Trojans and code injections like bufferoverflow, heap-overflow, and stack-overflow Maintains the integrity of authorized files, ensuring the system in production is in a known and verified state Reduces cost of operations via both planned patching and unplanned recovery downtime and improves system availability Protects against internal threat. Locks down what runs on embedded systems in production and prevents change even by administrators Ensures that no out-of-band changes can be deployed on systems in the field. Prevents unauthorized system changes before they result in downtime and generate support calls. Manufacturers can choose to retain control over all changes themselves, or authorize only trusted customer agents to control changes. Prevent unauthorized change during fiscally sensitive time windows or during peak business hours to avoid operational disruption and/or compliance violations. 4 McAfee Embedded Control for Aerospace and Defense

Feature Description Benefit Authorized updaters Ensure that only authorized updaters Ensure that no out-of-band changes can be deployed on production (people or processes) can implement changes on production systems. systems. Real-Time, Closed Loop, Audit and Compliance Real-time change tracking Comprehensive audit Identify sources of change Low Operational Overhead Deploy and forget Rules-free, signature-free, no learning period, application independent Track changes as soon as they happen across the enterprise. Capture complete change information for every system change: Who, what, where, when, and how. Link every change to its source: Who made the change, the sequence of events that led to it, the process/ program that affected it. Software installs in minutes, no initial configuration or setup necessary, and no ongoing configuration necessary. It does not depend on rules or signature databases, and is effective across all applications immediately with no learning period. Ensure that no out-of-band changes can be deployed on production systems. An accurate, complete, and definitive record of all system changes. Validate approved changes, quickly identify unapproved changes, and increase change success rate. It works out of the box and is effective immediately after installation. There is no ongoing maintenance overhead, thereby a favorable choice for a low operating expense (OPEX) security solution configuration. Needs very low attention from an administrator during server lifecycle Protects server until patched or unpatched server with low ongoing OPEX Its effectiveness not dependent on quality of any rules or policies Small footprint, low runtime overhead Guaranteed no false positives or false negatives It takes up less than 20 MB disk space and does not interfere with an application s runtime performance. Only unauthorized activity is logged. It s ready to be deployed on any mission-critical production system without impacting its run-time performance or storage requirements. Accuracy of results reduces OPEX as compared to other host intrusion prevention solutions by dramatically reducing the time needed to analyze logs daily/weekly. Improves administrator efficiency, reduces OPEX. 1. Only available on Microsoft Windows platforms. 2821 Mission College Boulevard Santa Clara, CA 95054 888 847 8766 www.mcafee.com McAfee and the McAfee logo, epolicy Orchestrator are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the US and other countries. Other marks and brands may be claimed as the property of others. Copyright 2017 McAfee, LLC. 60743ds_embedded-control-aerospace_1213B DECEMBER 2013 5 McAfee Embedded Control for Aerospace and Defense

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback