Cloud Security Strategy by McAfee

McAFEE AND McAFEE PARTNER USE
McAfee MVISION
Security Management
Simplify. Accelerate. Orchestrate.
Jorge Ernesto Sánchez Andrade | SE Perú & Bolivia

2McAFEE AND McAFEE PARTNER USE
New strategic charter and turning point for the McAfee portfolio focuses on making
our products simpler to deploy and use, and even more interoperable with third-party
solutions and multiple platforms
https://www.mcafee.com/enterprise/en-us/solutions/mvision.html

Cloud-Native
Insight-Driven
Open Architecture
The first cloud-based product family that protects
data and stops threats across devices, networks,
clouds (IaaS, PaaS, and SaaS), and on-premises
environments.
#ProtectionPeru2019

Simple
Modern SaaS infrastructure, streamlined workspaces
and consolidated policies
Flexible
Incorporate existing investments
including native and 3rd-party controls
Comprehensive
Defend your diverse ecosystem and
drill-down into contextual insights
Fast
Accomplish more with less effort through tactical
automation and AI guidance
Clarity to act. Simplicity to execute.
Devices Cloud
Clarity to act
Control where it matters most
SOC
Simplicity to execute

MVISION ePO
A dramatically simple cloud-based SaaS
management service.
MVISION Endpoint
Advanced augmented defense for Windows 10
with a unified management experience.
MVISION EDR
Powerful threat detection, investigation, and
response – simplified.
MVISION Cloud
Cloud-Native Data and Application Security
Across SaaS, IaaS, and PaaS.
MVISION Mobile
Centrally manage and defend IOS and Android just
like any other device.

DRAMATICALLY SIMPLE
• Zero Deployment
• Up in minutes, migrate in days
• Continuous updates
• Enhanced customer
experience
• New security posture
dashboard
COMPREHENSIVE DEVICE SECURITY
• Concentrate on
critical security
• McAfee Device Security
• McAfee MVISION Endpoint or ENS
• Augment Windows
Defender
#ProtectionPeru2019

Over 74% of F100 using ePO with over 60M nodes
Proven advanced security management
OPEN EXTENSIBLE PLATFORMAUTOMATED RESPONSE AND
REMEDIATION
INTEGRATED PANE OF
GLASS
McAfee MVISION ePO
Cloud Deployment Options
#ProtectionPeru2019

Easy to Use, Intuitive Management Dashboard
Easily navigate to urgent
needs
Get details on threats, your security
posture, processes, devices and actions
taken

Single
Management ExperienceMcAfee Advanced Protection
Machine learning
Fileless defense
Rollback
Windows 10
Anti-Malware, Exploit
Guard and Firewall
+ THEIRS
Why McAfee MVISION Endpoint?
I need to augment my Microsoft investment, but I don’t want additional security consoles.
Fast, simple deployment | No additional complexity | Superior security posture
OURS = YOURS

The Benefits of Native Security
Why adoption is increasing
Signature-based defenses within the Operating System offload the need for a
solution to protect against known threats
As part of an existing investment, time and money can be
saved by leveraging them
The impact to networks and bandwidth can be
reduced with less frequent updates
Minimal impact to users and productivity

A Way to Effectively Leverage Native Security is Missing
No converged management for native
and advanced defenses
Multiple products,
vendors, management tools
and software bloat
Limited to no options for integrating third
parties
Manual maintenance
and patching
How many hours a week would you save with consolidated management?
#ProtectionPeru2019

What can MVISION Endpoint do for you?
Centralize management
across your entire environment
Speed up remediation with a
simplified, contextual user interface
Leverage your existing investment,
improve your TCO
Save time with simplified, cohesive
policy management
Low impact, balanced performance for your users

Centralized Management
McAfee
Advanced
Protection
Traditional
Native
Security
Windows Defender*
McAfee MVISION Endpoint
Reduced Complexity = Reduced TCO
Always Up-to-date Security
Regular Automatic updates
Single Threat Protection Policy
Optimized, Rationalized and Unified
Simplified UX
Fewer Clicks, Outcome visibility
Lightweight security
Up to 75% Smaller footprint
On-Prem | On AWS | Multi-tenant SaaS
Lightweight Common Agent
Antivirus Firewall Exploit Guard
Machine
Learning
Reputation/Script
Scanning
Credential Theft
Prevention
Remediation

McAfee enables organizations to accelerate their
business by giving them total control over their data
in the cloud
Gain complete visibility into data, context, and user
behavior across all cloud services, users, and devices
Take real-time action to enforce policies across cloud
services and apply persistent data protection
Remediate security threats by eliminating security
misconfigurations and correcting high-risk user
activities.

Network security fails to protect data in the cloud & mobile era
Data created natively in
cloud is invisible to network
security
Data uploaded to cloud from
mobile is invisible to network
security
50% of cloud traffic is cloud-to-
cloud and invisible to network
security

McAfee MVISION Cloud Architecture
Ground Link
Sky Gateway
Email Mode
Sky Gateway
Universal Mode
Lightning Link
Sky Link

Enforce data loss prevention (DLP) policies
across data in the cloud
Prevent unauthorized sharing of sensitive data
with the wrong people
Block sync/download of corporate data to
personal devices
Detect compromised accounts, insider threats,
and malware
Encrypt cloud data with encryption keys that
only you control
Audit and tighten the security settings of cloud
services
Understand cloud services in use and their risk
profile

Detection engine uses machine learning and behavioral analysis to provide real-time, on-device
protection against both known and unknown threats
Device Attacks Network Attacks Application Attacks

Our Digital Life
Personal Life Work Life

Mobile Threats are Real
In 2017, Apple and Google released record number of security patches1
Two-thirds of mobile devices are running vulnerable operating systems2
10% of devices have experienced “man-in-the-middle” attacks3
By 2019, mobile malware will amount to 1/3 of total malware2
1 CVE.Mitre.org. CVEDetails.com: Android and iOS CVEs
2 Zimperium Global Threat Intelligence, 3Q 2017
3 Market Guide for Mobile Threat Defense Solutions, Gartner, 22 August 2017, ID: G00314969

MVISION Mobile Protection
Proactive Threat Detection
Automated Risk & Vulnerability
Assessment
DEVICE
OS Exploit Detection
Device Forensics
USB Exploit Detection
Vulnerability & Risk
APPLICATION
Malware Detection
App Risk Analysis
App Privacy Analysis
App Forensic Reports
NETWORK
Reconnaissance Scans
Man-in-the-Middle Attacks
SSL Decryption / Stripping
Rogue Access Points
Unsecured WiFi
Proactive warning of previously
attacked networks

MVISION Mobile Solution Overview
MVISION Mobile Console
MVISION ePolicy Orchestrator
MVISION Mobile AppMDM/EMM Console

MVISION Mobile ePO Integration
Compliance Reporting
• Mobile Threat Data
• Threat Event Details
• Most Attacked Networks
• Risk Management
• Device Information
• OS Distribution
• MVISION Version
• Vulnerable OS
• Upgradeable OS
• Non-Upgradeable OS

Do more with existing staff by reducing the expertise and effort
needed to perform investigations
Detect& act on advanced threats faster to stop breaches and
improve security posture
Respond with speed using one console, single-click containment and
ecosystem integration

What is MVISION EDR?
McAfee Active Response
Endpoint visibility and data
collection
Suspicious behavior
detection
Fast search
Robust response
McAfee Investigator
Dynamic Investigation
Guides
Automated Analysis
Enterprise-wide data
collection
Enhancements
Simplified, cloud-centric
architecture
Extended data collection
and retention
MITRE ATT&CK™
framework driven
identification and mapping
MVISION EDR
Powerful threat detection,
investigation, and response
- simplified

Detect Threats and Act Faster
 Detection based on and mapped to the MITRE ATT&CK™
framework
 Faster, consistent process to determine phase of a threat, associated
risk, and response priority
 Alert ranking speeds triage by helping analysts understand risk
severity
 Data visualization helps analysts quickly understand why an alert was
raised and determine next steps: dismiss, respond, investigate.
 Behavior-based
 File-based and fileless threats
 Prevalence
 Rapid adoption of new analytics engines and techniques
Response
MVISION EDR
Endpoint
Continuous
monitoring

McAfee’s Approach to EDR
Faster resolution with higher fidelity
Respond
Validate
High Confidence
Gather Data / Assess / Scope
Dynamic, Guided
Investigation
Alert
Analytics
Data/Context
Data
Hunting

Do More with Existing Staff
Expert system dynamically guides investigation
Surface Findings
Automatically gather, summarize, and
visualize evidence from multiple sources.
Automatically ask and answer questions
to prove or disprove the hypotheses.
Dynamically adjust to case at hand,
combine different strategies and data.
Explore many hypotheses in parallel for
maximum speed and accuracy.
Faster resolution with higher fidelity

Respond with Speed
Increase efficiency with a single workspace for entire the
process: detection-investigation-response
Quickly take action at scale with a clear understanding of the threat
Integration optimizes security operationsworkflow
#ProtectionPeru2019

McAfee, the McAfee logo, ePolicy Orchestrator and ePO are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the US and other countries.
Other marks and brands may be claimed as the property of others.
Copyright © 2018 McAfee, LLC.
#ProtectionPeru2019

Cloud Security Strategy by McAfee

More Related Content

What's hot

Similar to Cloud Security Strategy by McAfee

More from Cristian Garcia G.

Recently uploaded

Cloud Security Strategy by McAfee