McAfee Strengthens Integration Among it's Cloud Security Products

It's a good start with the products and how they tied them together, but the roadmap is where things are going to get really interesting. It could really work toward eliminating the stigma of security and cloud Phil Hochmuthanalyst, IDC

McAfee has tightened the integration between components of its cloud security platform to improve reporting on web traffic and the ability to wrap policies around data leaving an organization to social media sites.

The enhancements, available as of Monday, are upgrades to Intel-owned McAfee's Web Gateway technology and ePolicy Orchestrator security management software. The improvements are reflective of the company's ongoing evolution of its security platform to keep pace with customers' increasing use of software delivered over the internet.

McAfee sells Web Gateway as an on-premise appliance, as software that runs on VMware's virtual machine and as an application available over the internet.

For appliance customers, McAfee has added the ability to set policies for information that is posted on blogs and social networks, such as Twitter or LinkedIn. In addition, the appliance lets customers set in advance the video categories that employees can access on Google's YouTube, which recently released the application programming interface (API) to make this capability possible.

For customers who want to control data movement from employees' laptops when they are out of the office, McAfee released an agent called the Client Proxy that's installed on the notebook. Traffic from the laptop is directed through the company's Web Gateway in the cloud to enforce the same policies for data leaving the corporate network.

In general, organizations use web gateways mostly for URL filtering and malware detection, with support for mobile devices, application control and data loss prevention emerging as market drivers, Gartner said in a report released last month. McAfee's gateway provides "strong on-box malware protection," because of the company's signature engine and the gateway's ability to detect malware based on behavior and context within web traffic.

However, McAfee has been late with important features in its cloud-based gateway, including support for secure sockets layer (SSL), security assertion markup language (SAML) and IPsec termination, which is helpful for mobile devices, Gartner said. "Some customers complained about the scalability of Web Gateway logging and reporting functions."

Within ePolicy Orchestrator, McAfee has added a web traffic reporting component called the Content Security Reporter, which had been available separately as the McAfee Web Reporter. "Rather than have a separate interface, it's all done through ePO," Anne Aarness, senior marketing manager for McAfee, said. Reporting can now be done on web traffic from the on-premise and the Software-as-a-Service (SaaS) gateways through the same interface.

The latest release is the first step in McAfee's three- or four-year roadmap of not just integrating its own products, but also tightly connecting its technology to the cloud security features in parent company Intel's microprocessors, said Phil Hochmuth, and analyst for IDC.

That integration will be much more important, given how Intel-processors are what most cloud services are built on today, he said.

"It's a good start with the products and how they tied them together, but the roadmap is where things are going to get really interesting," Hochmuth said. "It could really work toward eliminating the stigma of security and cloud."

At the Intel Developer Forum last September, McAfee provided an early look at its plans for building security protections using Intel technology. The roadmap included making use of chip-level hooks to spot malicious software called rootkits that hide deep within an operating system and are undetectable by antivirus software.