McAfee is launching a new security platform designed to protect content and data traffic as businesses and IT departments move from physical to cloud computing infrastructures. These new security tools also come as the IT industry is digesting how secure the cloud after two notable failures at Sony and Amazon.
The McAfee Cloud Security Platform is designed to secure all inbound and outbound email, Web and identity traffic, according to McAfee, which officially launched the new platform on May 9. Enterprises are ultimately trying to protect one of those three types of network traffic when accessing cloud-based data and services, Girish Juneja, director Intel Application and Identity Products told eWEEK. Authentication traffic includes single sign-on, redirects when customers use third-party login services to access the application, and logging in directly to the cloud provider, said Juneja.
McAfee has a number of security offerings that touch upon all three elements, but CSP marks the first time the company can offer protection for all three types on a single modular platform, Marc Oleseon, senior vice-president and general manager of content and cloud security, told eWEEK. The individual modules handle Web, mobile, e-mail and Web services security as well as cloud access control.
The goal is to "capture all the traffic going between the business and cloud," said Oleseon.
Customers are interested in trying out cloud applications, such as using Salesforce or developing their own, but were nervous about the security implications. Compliance regulations were one factor as well as the recent rash of data breaches this year. Customers are concerned about moving "safely," according to Oleson.
"Once you move data or applications to the cloud, you essentially lose most - if not all - of your security visibility," said Olesen.
The Web security module protects incoming and outgoing traffic using reputation and intent-based scanning and analysis tools. The mobile security modules applies anti-malware and Web filtering capabilities on all data from mobile devices such as smartphones by directing the traffic through the McAfee Web Gateway. The e-mail security module protects outbound and inbound emails. McAfee is also using its data loss prevention technology to track the "critical data, the data we don't ever want to leave the company," said Oleson.
The CSP modules would work alongside the McAfee Global Threat Intelligence network for up-to-date threat intelligence and threat analysis. The layered approach will protect both mobile and enterprise users accessing the cloud as well as cloud-to-cloud traffic.
For cloud access control, enterprises can use their own identity information to launch single-sign-on to the cloud via the Intel Expressway Cloud Access 360, according to Juneja. The Web services security module uses Intel's Expressway Service Gateway to offload application level API security, data transformation and identity token exchange to protect application to application data.
CSP will be a part of McAfee and Intel's go-forward strategy, and will be a significant part of future offerings, said Juneja.
The security modules can be managed by McAfee's ePolicy Orchestrator or McAfee SaaS Control Console and can be used within on-premises appliances, as software-as-a-service, or a hybrid of both cloud and on-premise infrastructure, according to Oleson. The platform is also flexible enough to work with any public or private cloud infrastructure regardless of the provider.
Oleson said that enterprise customers are likely to lean toward a hybrid implementation and small to midsized companies would most likely prefer a pure SAAS (software as a service) environment.