McAfee's new security platform looks to protect enterprise data as businesses migrate to the cloud.
McAfee is launching a new security platform designed to
protect content and data traffic as businesses and IT departments move from
physical to cloud computing infrastructures. These new security tools also come
as the IT industry is digesting how secure the cloud after two notable failures
The McAfee Cloud Security Platform is designed to secure all
inbound and outbound email, Web and identity traffic, according to McAfee,
which officially launched the new platform on May 9. Enterprises are ultimately
trying to protect one of those three types of network traffic when accessing
cloud-based data and services, Girish Juneja, director Intel Application and
Identity Products told eWEEK. Authentication traffic includes single sign-on,
redirects when customers use third-party login services to access the
application, and logging in directly to the cloud provider, said Juneja.
McAfee has a number of security offerings that touch upon
all three elements, but CSP marks the first time the company can offer
protection for all three types on a single modular platform, Marc Oleseon, senior
vice-president and general manager of content and cloud security, told eWEEK. The
individual modules handle Web, mobile, e-mail and Web services security as well
as cloud access control.
The goal is to "capture all the traffic going between the
business and cloud," said Oleseon.
Customers are interested in trying out cloud applications,
such as using Salesforce or developing their own, but were nervous about the
security implications. Compliance regulations
were one factor as well as the
recent rash of data breaches
this year. Customers are concerned about moving
"safely," according to Oleson.
"Once you move data or applications to the cloud, you
essentially lose most - if not all - of your security visibility," said Olesen.
The Web security module protects incoming and outgoing
traffic using reputation and intent-based scanning and analysis tools. The
mobile security modules applies anti-malware and Web filtering capabilities on
all data from mobile devices such as smartphones by directing the traffic
through the McAfee Web Gateway. The e-mail security module protects outbound
and inbound emails. McAfee is also using its data loss prevention technology to
track the "critical data, the data we don't ever want to leave the company," said
The CSP modules would work alongside the McAfee Global
Threat Intelligence network for up-to-date threat intelligence and threat
analysis. The layered approach will protect both mobile and enterprise users
accessing the cloud as well as cloud-to-cloud traffic.
For cloud access control, enterprises can use their own
identity information to launch single-sign-on to the cloud via the Intel
Expressway Cloud Access 360, according to Juneja. The Web services security
module uses Intel's Expressway Service Gateway to offload application level API
security, data transformation and identity token exchange to protect
application to application data.
CSP will be a part of McAfee and Intel's go-forward
strategy, and will be a significant part of future offerings, said Juneja.
The security modules can be managed by McAfee's ePolicy
Orchestrator or McAfee SaaS Control Console and can be used within on-premises
appliances, as software-as-a-service, or a hybrid of both cloud and on-premise
infrastructure, according to Oleson. The platform is also flexible enough to
work with any public or private cloud infrastructure regardless of the
Oleson said that enterprise customers are likely to lean
toward a hybrid implementation and small to midsized companies would most likely
prefer a pure SAAS (software as a service) environment.