Transcript DO MORE!

Francisco Argüelles Arredondo
Systems Engineer
April 13, 2015
McAfee Security-as-a-Service
Keeping communications safe and secure
Francisco Argüelles actualmente se desempeña como Systems Engineer en
McAfee.
Previo a McAfee , Francisco trabajó en Computer Associates, Cabletrón
Systems (ahora Enterasys Networks) y en Symantec
Francisco Argüelles obtuvo la Licenciatura con honores en Matemáticas
Aplicadas y Computación por la Universidad Nacional Autónoma de
México.
Securing the Digital World
Founded 1987
The World’s Largest Dedicated Security Company
- 83% of Fortune 100 companies
rely on McAfee
- More than 150M user
desktops protected
- Single deployments in
excess of 5M desktops
- 445 patents, many more
pending
- 6,102 McAfee employees
globally
- R&D in 26 countries
- Presence in 120 countries
AGENDA
1
2
3
4
5
• The Security Landscape
• Email Security
• Web Security
• Endpoint Security
• Summary and Q&A
The very technologies that empower us to create and to
build also empower those who would disrupt and destroy
- U.S. President Barack Obama
Organizations worldwide lost approximately $1 trillion in
intellectual property last year due to cybercrime
- McAfee Labs
More Sophisticated
& Complex
Emerging
Technologies
Emerging
Technologies
Worldwide IT Spending Declining
DO MORE!
SPEND LESS!
Cloud Computing
A New Direction
• SaaS is forecasted to grow at
five times the rate of software
applications through 2013.
– Source: Gartner
• In 2008, SaaS deployments
grew thirty-three percent in
Enterprises.
– Source: Forrester
• Twenty-one percent of
enterprises are either piloting
or currently deploying SaaS.
– Source: Forrester
DO MORE!
SPEND LESS!
Security-as-a-Service
What is Security-as-a-Service?
Security controls that are available by subscription
and are managed and delivered via the internet
by a software vendor.
Why Security-as-a-Service?
Greater Return on Investment
• Faster time to value
• Reduce total cost of
ownership
Less Risk
• Focus on securing business,
not managing software
• Unburden IT resources
How “Optimized” is your Security Architecture?
Security Maturity Model
Reactive
•Event driven
•Reactive
protection
•Basic security
Compliant
Proactive
•Policy
development
•Some
standardization
•External
compliance met
•Proactive security
•Centralized view
•Security enables
compliance
•Audit once, report
many
•More integration
DO MORE!
SPEND LESS!
Optimized
•Multi-layered,
correlated
•Global threat
intelligence
•Automated
compliance
•Cost efficiencies
McAfee Security-as-a-Service
McAfee is the world’s leading
provider of cloud-based security,
offering the most complete security
SaaS portfolio in the industry
McAfee’s Unique
Position
Instant Access
Real Time Protection
Peace of Mind
DIVERSITY – Broadest Security-as-a-Service portfolio in the industry
RELIABILITY – Real-time protection with Global Threat Intelligence
FLEXIBILITY – Deployment options to fit your dynamic business
Security-as-a-Service
Broadest Security-as-a-Service portfolio in the Industry
Real-time Protection with Global Threat Intelligence
Global Threat Intelligence™
McAfee SaaS Management Console
http://
!
Email
Email
Continuity
Email
Archiving
Web
Endpoint
Website
PCI
Vulnerability
Certification Compliance Assessment
Multi-tenant , Scalable Service Platform
Expanding Role of Email Security
Deliver a business
critical service
• Increase productivity by
eliminating noise and
malware
• Eliminate downtime
• Easy user intelligence
definitions, and bottom-less
user inbox sizes
Protect the email
lifecycle
Build trust in
communications
• Protect sensitive data &
intellectual property
• Enable safe, two-way,
B2B/B2C communication
• Eliminate underground
message stores
• Maintain competitive
advantage
• Reduce cost of message
restores & audit
• Protect reputation & reduce
penalties
• Easily comply with multiple
regulations
The Many Facets of Email Security Incidents
“10,006 full names and dates of birth lost
after accidentally email a file detailing
results of criminal record checks…blaming
human error”
“In one day, a phishing
attack accounted for as
much as 25% of all spam
email within a 15 minute
period”
“Since e-mail is not a secure form of
communication, we are unable to answer
the following types of questions by email”
“Piper Jaffray and Co. was
fined $700,000 by FINRA
for failing to retain emails”
“Top mayoral aide doubledeleting emails for the last 5
years… recovery could cost
$250,000
Malware continues
to grow
How do you size for spam?
Benefits of Security-as-a-Service
Email volume
(B)
Spam (B)
% Spam
Oct 2005
25.6
9
35%
Jun 2009
237
196
82%
July 2010
110.4
100.7
91.2%
Unique Benefits of McAfee SaaS infrastructure
Elastic capacity
• Processing Power
• Bandwidth
• Storage
Robust infrastructure
• Full redundancy
• Reliable, robust email
environment
• Managed by security
experts
Optimize bandwidth
• 90% of email is spam,
viruses, worms, directory
harvest attacks,
denial of service attacks,
spyware
Ease-of-use – Intuitive management efficiency & ultimate visibility
Compliance – in/outbound policies, accuracy, encryption, retention, eDiscovery
Security– Powered by McAfee Global Threat Intelligence
Decade of experience l Best Practices encapsulated
24/7 phone support l SLA
McAfee Global Threat Intelligence in Action
Intelligence Across All Threat Vectors Thwarts Attacks
CORRELATES
•Threat data in the
cloud
•100B queries per
month
•120m nodes across
all threat vectors
Global Threat Intelligence
1
DELIVERS
#
•Reputation based
real-time threat
intelligence across all
threat vectors: file,
web, message,
network
# = www = 192.168…
3
2
4
INTEGRATES
5
SaaS
Desktop
Email
Gateway
Web
Gateway
www…
Firewall
•Into most
comprehensive
security portfolio in
the industry
•Most “intelligence
services” mappings
Broadest Security-as-a-Service Portfolio
Real Time Protection with Global Threat Intelligence
McAfee Security-as-a-Service Portfolio
http://
Email
Filtering
Email
Continuity
Email
Encryption
Email
Archiving*
Endpoint
Edge Solutions
McAfee Email
SaaS
Firewall
Web
!
Website
PCI
Vulnerability
Certification* Compliance* Assessment*
Internal
Customer Network
McAfee Email
Appliance
Email
Server
Users
Centralized management
Mobile
Mobile user
McAfee SaaS Email
Security Solutions
Email Protection
• Offloads spam, malware & phishing filtering to the cloud
• Outbound data protection
• Up to 5 day spooling during email server outage
Email Continuity
• Outage protection
• Web email
• Intelligent post-outage synchronization of email
Email Encryption
Email Archiving
Email Inbound &
Continuity
• Safeguards confidential information assets
• Comply with sensitive data encryption regulations
• Bi-directional encryption, even from mobile devices
• Regulatory compliance, eDiscovery, legal holds
• Exchange and PST consolidation
• Unlimited storage
• Offloads spam, malware & phishing filtering to the cloud
• Combines w/exiting appliance for full in/outbound coverage
• Outage protection
Cloud-based
Technology
McAfee SaaS
Email Protection
Bi-directional email security with spooling
Inbound Filtering
1
Over 90% of
emails are spam
and malware.
Optimize
bandwidth
utilization
Customer Network
SaaS
•Content sensitive Firewall
filtering
•Malware protection
2
3
Outbound Filtering
Outage Spooling
Up to 5 days of email
data protection
Email
server
Users
Business Continuity
Business continuity during (un)planned
server outages
1
Email flows to
customer
2
Email server suffers
outage
Customer Network
SaaS
3
SaaS Email Continuity
automatically activates.
Users have instant web
access to email for
business as usual
4
Emails delivered back to
email server upon
recovery
Firewall
Email
server
Users
Benefits of McAfee SaaS
Email Encryption
IT
benefits
• Unlimited encryption at
predictable costs
• Key-management free
solution
• Easy administration through
familiar McAfee central
console
• Support policy-driven
compliance
User
benefits
Business
benefits
•Designed for business users
•Transparent to sender &
receiver (TLS encryption)
•User intelligence proactive
encryption
•Optimized for send/receive
on mobile devices
• Privacy, regulatory &
corporate compliance
• Bi-directional encryption to
take ownership of protection
• Tamper-proof delivery &
reduced risk of
eavesdropping
Email Encryption
Evaluate trust with bi-directional push/pull
encryption
Proactive encryption
Policy-driven encryption
Email Inbound &
Continuity
Combining the best of
on premises & the cloud
1
Email flows to
customer
2
Inbound emails filtered
in the cloud
Outbound emails
filtered on-premises
3
Customer Network
SaaS
3
SaaS Email
Continuity
automatically
activates. Users have
instant web access to
email for business as
usual
4
Emails delivered
back to email server
upon recovery
Email security
appliance
Firewall
4
Email
server
Email server
suffers outage
* Manual activation also available
Users
McAfee SaaS Web
Protection
Axtel Data
Centers
Filtering
User authentication
Reputation analysis
Anti-virus
Anti-malware
Content inspection
McAfee SaaS Web
Protection
Protection against the Gap
Protection gap with current on-premise solutions
t0
Malware in
the wild
t1
Malware
discovered
t2
Protection is
available
t3
Protection is
downloaded
Category-based URL’s and signatures are NOT enough!
• No pro-active anti-malware
• No pro-active reputation services
t4
Protection is
deployed
Traditional Endpoint
Protection Moves to the
Cloud
Cloud Computing
More protection than just
AV
Consolidated licensing
costs
Global Threat Intelligence
Outsourced hardware for
management
Automatic Updates and
Upgrades stays ahead of
threats
Centralized mgmt for
reporting & compliance
DO MORE!
SPEND LESS!
Less maintenance by IT
staff
Less time setting
protection policies
McAfee SaaS Endpoint
Protection*
IDC rated McAfee as the #1 SaaS Endpoint vendor
SaaS Endpoint Protection
Anti-Virus
Anti-Spyware
McAfee SaaS
Infrastructure
Firewall
Artemis
Email Server Anti-Spam
Safe Searching
Host Web Filtering
McAfee Global Threat Intelligence
McAfee protects over 5 million endpoints!
SecurityCenter
INTERNET
SaaS Endpoint
Protection
Single Client for multi-layered
protection
• Easy to understand enduser prompts
• Non-intrusive alerts
• Pull down actions menu
for end-user
• Customizable user
interface
(simple/advanced
Real time updates via
McAfee Global Threat
Intelligence: Artemis
Technology
Enabled on endpoints without any additional client side installation
1
User receives
new file via
e-mail or Web 2
Internet
6
VirusScan processes
information and
removes threat
3
Artemis
4
5
Artemis identifies threat
and notifies client
No detection with
existing DATs, but
the file is “suspicious”
Fingerprint of file
is created and sent
using Artemis
Artemis reviews this
fingerprint and other inputs
statistically across threat
landscape
Customer Value
• Dramatically reduces the protection gap
• Real-time malware protection leveraging community threat intelligence
• Zero-cost, zero-touch, seamless enablement
How SiteAdvisor Works
2. Sign-up forms are completed
using a one-time use e-mail
address so any subsequent
spam can be tracked.
1. Websites are tested for excessive pop-ups
and other annoyances, and browser exploits.
SiteAdvisor’s ‘crawlers’
continually patrol the Web to
test sites.
95% coverage already.
Sites added to McAfee
maintained categories as well
as safety ratings.
3. Downloads are tested for viruses and
bundled adware, spyware or other unwanted
programs.
4. Feedback from individual users and
analysis by SiteAdvisor staff enhances
SiteAdvisor's automated testing.
Francisco Argüelles Arredondo
Systems Engineer
April 13, 2015
McAfee Security-as-a-Service
Keeping communications safe and secure