connect to the cloud for pervasive web security
TRANSCRIPT
Tech Talk
Connect to the Cloud for Pervasive Web Security
Daniel Flaherty | Manager, Web Security Corporate Products
Central visibility and control of a CapEx-driven, isolated architecture
Common Centralized IT Model
2
ServicesOn-prem apps
WorkloadsPhysical datacenter
End UsersIn-house and VPN
EndpointsCorporate owned
Corp Boundary
Easy to control
Slower to deploy
Front-loaded cost model
WorkloadsPhysical datacenter
End UsersIn-house and VPN
EndpointsCorporate owned
Corp Boundary
End UsersRemote
EndpointsBYOD
Fragmented visibility and control of an OpEx-driven, agile architecture
Today’s Decentralized Reality
3
Services
Difficult to control
Faster to deploy
Fluid cost model
On Prem
ServicesOn-prem apps
URL Filtering and AV stop known threats, letting the rest hit endpoints and sandbox Threat Prevention Focused on the “Known”
4
Filter Known Bad Sandbox (zero-day)
Web Gateways Sandbox
Dynamic Analysis
URL Category
AVURL Rep.
~.05ms
Input Quantity
Depth of Inspection
~.08ms ~8ms
~90s
(~80% detected) (~20% detected)
Speed and detection rates are test calculations. Actual figures will vary in each organization.
Threats are Increasingly “Unknown”
52. Verizon's 2015 Data Breach Investigations Report (DBIR)
Inefficient and Costly Architecture Traffic backhaul drives unnecessary cost
Main Office
Appliance
(vm/hw)
Remote Office
Appliance (vm/hw)
Remote Office
MPLS CircuitMobile User
VPN Tunnel
MPLS/VPN backhaul: all traffic
Immediately Reduce Backhaul CostsRoute external web traffic through the cloud
Main Office
Appliance
(vm/hw)
Remote Office
Appliance (vm/hw)
Remote Office
MPLS+CloudMobile User
VPN+CloudTunnel to
Cloud
Tunnel to
Cloud
MPLS/VPN backhaul: internal traffic only
Connect Endpoints Directly to the Cloud Proxy function within Endpoint Security 10.5 travels with the client everywhere
Client Proxy
• Location-aware agent provides consistent protection on and off-network
• Browser agnostic, port-level routing
• Transparent authentication
Off-network
ENS
On-network
ENS
8
22 datacenters providing local internet content in 61 locations across 41 countriesWeb Security Around The World
Integrate multiple layers of security to mitigate risk
Prevent the Unknown
10
Stop “Known Bad”
Sandbox Remaining Zero-DaysStop Zero-
Days/Exploits/File-less Attacks
Dynamic and Static Analysis (ATD)
Emulation (Web GW)
~8ms
~5ms
~90s
(≤80% prevented)
(≤99.5% prevented)
(≤100% prevented)
Speed and detection rates are test calculations. Actual figures will vary in each organization.
URL Filtering and AV (Web GW)
TIE Endpoint Module
DAC/Real Protect
ENS
Integrate Solutions For Efficiency and Performance
11
McAfeeWeb Protection
Endpoint Security
McAfee Advanced Threat Defense
McAfeeActive Response
McAfee Enterprise Security Manager (SIEM) McAfee ePO
McAfee Threat Intelligence Exchange/Data Exchange Layer
McAfeeActive Response
McAfee EnterpriseSecurity Manager (SIEM)
McAfee ePO
McAfee Threat Intelligence Exchange/Data Exchange Layer
Protect
DetectCorrect
McAfee Advanced Threat Defense
Threat Intelligence Exchange McAfee ePO
SIA Partners
McAfee Advanced Threat Defense
Architect Security for the Borderless Enterprise
12
McAfee Cloud
Corp Boundary
On Prem
End Users
Endpoints
On-premdefense
Central visibility, understanding, and control
Remote device defense
CloudAssistedSecurity
DeviceRouting
Central Control in ePO Cloud
Pervasive protection everywhere
Connect Endpoints to the Cloud
13
EndpointsEnd Users
Threat Defense |Visibility| Data Protection
Globally distributed, multi-tenant, SLA-driven
McAfee Cloud
More threats prevented, less resources needed to manage, and costs are down
Security Shared Between Endpoints and Cloud
• Drive down costs
• Reduce cost of MPLS backhaul
• Stop managing hardware
• Prevent the unknown
• Integrate defenses to maximize prevention
• Less intrusions = more efficient detection and response
• Manage complementary security functions together
• Go to one place for cloud-delivered security services – ePO Cloud
• Stop manually integrating and take advantage of natively-connected solutions
