McAfee SaaS Web Protection Introduction Presenter’s Name Presenter’s Title
August 26, 2013
Agenda Web 2.0 – Value and Threats Web Protection – Delivery Mechanisms McAfee SaaS Web Protection Global Threat Intelligence (GTI) Anti-malware Capability Resources
2
Web 2.0 Value and Threats New Marketing Channels
“Twitter hack raises flags on security” The New York Times
“Facebook hit by another version of Koobface worm”
Employee Life / Work Balance
USA Today
“Facebook and YouTube dominate workplace traffic and bandwidth” SC Magazine
Collaboration Tools / Business Apps
“Salesforce.com employee hands customer list to phisher” eWeek.com
“Loudmouth workers leaking data through social networking sites”
Find Employees
3
The Register
Web 2.0 Security Challenges
4
August 26, 2013
Malware attacking via Facebook, Twitter and MySpace Video links resulting in requirement to download fake flash player updates
5
August 26, 2013
Trusted Sites Deliver Malware via Ads
6
August 26, 2013
McAfee delivers Flexible Web Security Deployment options to fit your dynamic business
SaaS
Virtual
7
Appliance
August 26, 2013
Don’t Forget about Hybrid… On-Premises
+
Cloud Computing
HYBRID Delivery 8
August 26, 2013
Web Protection in the Cloud • • • • •
Multi-tenant Architecture Headless Scalability Global Datacenters Thousands of Customers >50 Million Requests/day
http://www http://www
http://www
http://www
http://www
http://www
Productive Browsing http://www
http://www
http://www
http://www http://www
August 26, 2013
McAfee SaaS Web Protection Content Threat Control Control Total Control
McAfee SaaS Web Protection Cloud-based service • Faster to deploy, less expensive to own • Zero-footprint, Always-on security URL filtering based on Trusted Source categories (GTI)** • Remove inappropriate content, reduce distraction, optimize bandwidth • Over 100 granular categories State-of-the-art Malware removal** • Behavior and intent based code analysis • Much more effective than signature based approaches Bandwidth management • Allocate resources to business focused activities • Protect vital access from bandwidth hogs Flexible rules allow for appropriate controls • Different access based on directory users and groups • Change restrictions based on time of day
How McAfee Global Threat Intelligence Works Delivering the Most Comprehensive Intelligence in the Market Threat Intelligence Feeds Endpoints
Appliances
Servers
Firewalls
Other feeds & analysis
McAfee Labs
Email Reputation Engine
File Reputation Engine
Web Reputation Engine
Network Reputation Engine
Vulnerability Information
ePO
12
IPS
Firewall
Email
Web
AV
AWL
DLP
Mobile
Why McAfee is Best Positioned to Deliver GTI The Most Robust Telemetry Data in the Market
Queries
• • • • • • •
2.5B Malware Reputation Queries/Month 20B Email Reputation Queries/Month 75B Web Reputation Queries/Month 2B IP Reputation Queries/Month 300M IPS Attacks/Month 100M Ntwk Conn Rep Queries/Month 100+ BILLION QUERIES
Nodes
• • • • •
Malware: 40M Endpoints Email: 30M Nodes Web: 45M Endpoint and Gateway Users Intrusions: 4M Nodes 100+ MILLION NODES, 120 COUNTRIES
13
August 26, 2013
McAfee GTI Recognition Highest total detection rate with lowest false positive rate
Multiple products, including Best Enterprise Security Solution
McAfee Labs, the McAfee security research organization that created Global Threat Intelligence
Only one of seven leading vendors to thwart Operation Aurora
The McAfee Anti-Malware PROACTIVE Difference
Web Reputation (McAfee® GTI)
15
Behavioral Analysis
Exploit Detection
Proactive Real-time Protection
Executable Behavioral Analysis • What is this content doing?
• Constantly Learning New Behaviors
• Analyses 100,000s Of “Behaviors”
• Disinfect Where Possible
• Context Aware XSS Steals from clipboard
Redirects to exploit 16
Vulnerable ActiveX
Disinfect page
Infecte
Sample Malicious Traffic from Financial Institution 1%
0.5%
5%
McAfee Anti-Malware: Proactive coverage
16%
47%
30% McAfee AV: Signature coverage HTML Documents (Incl. embedded scripts) Standalone JavaScript Graphics (JPEG, GIF) Windows Executables 17
McAfee SaaS Web Protection
August 26, 2013
Security: Malware Detection Leadership Average Response Time/Hrs: Q2 2010
0
100
200
300
Proactive Detections: Q2 2010
McAfee GW Edition
McAfee GW Edition
Sophos
Sophos
Kaspersky
Kaspersky
Symantec
Fortinet
Fortinet
Trend Micro
Trend Micro
Symantec
0
100
200
300
• AV-Test is one of the worldwide leading providers of test scenarios analyzing effectiveness, behavior and speed of IT-security solutions • Quarterly tests on 36 anti-malware products • McAfee Web Security consistently leads 18
Anti-malware Awards and Testing Note: McAfee SaaS Web Protection and Web Gateway utilize the same Anti-malware engine
Network World Magazine Clear Choice Winner for Anti-malware Gateway Dec 2009
2009 Readers’ Choice Award from Information Security Magazine and SearchSecurity.com
SC Magazine Awards 2010 Best Anti-Malware Solution
Network World: “McAfee's Web Gateway appliance is our Clear Choice winner…McAfee's appliance thwarted more malware—with lower latency—than the other gateways.” 19
McAfee Web Gateway
August 26, 2013
Resources • • • • • • • •
20
Product data sheets Case studies Whitepapers Web based training Videos, etc. Demonstration System 30 Day Evaluations www.mcafeesaas.com