Ensures Critical Data is Protected while Maintaining Server Performance and Availability
MARKHAM, ON – June 7, 2010 – McAfee, Inc. has announced McAfee Total Protection(TM) for Server software, a comprehensive solution for security and compliance. Breaking traditional models, the solution is designed to ensure that mission-critical data and applications are protected with minimal impact to the performance and availability requirements of high-transaction servers. McAfee Total Protection for Server software protects against both targeted and insider attacks and ensures that only authorized processes and code can run, providing continuous compliance.
Due to the performance and availability requirements of business and mission-critical servers, most organizations have made the trade-off to forgo security on servers and assume the data and applications are secure because they are behind the firewall. However, as attacks have become more sophisticated and targeted the real profit to be made is by acquiring the most valuable data in a business, which is sitting on those back-office servers. To protect that data, McAfee designed a proactive whitelisting solution that blocks any code or changes from happening unless it is part of the already trusted software on the server.
“Organizations are at risk because they assume their servers are adequately protected,” said Stuart McClure, senior vice president and general manager, risk and compliance for McAfee. “No one wanted to put security software on the server itself because those were mission-critical applications that required the highest performance and availability, and configurations never changed much anyway. But as hackers have become more targeted and sophisticated, servers are increasingly becoming targets, prompting us to develop a lightweight solution that preserves application and server performance while ensuring compliance.”
Malware Defense, Policy Enforcement and Continuous Compliance
McAfee Total Protection for Server software is comprised of application whitelisting, change policy management, and policy auditing functionality that ensures that only authorized processes and applications can run. The solution offers strong change management controls that further mitigate the risk of data breaches, foul plays, and compliance drift. In addition, enterprise anti-virus is included in the package, so that organizations can provide an extra layer of defense by running on-demand scans during off-peak hours on weekends or at night. McAfee is helping organizations optimize security and sustain compliance against key policies with its McAfee Total
Protection for Server software:
- Malware defense and integrity control – Through dynamic application whitelisting, the software blocks binaries, drivers, Java and scripts on the server by locking in the good (authorized) server state at the time the McAfee Total Protection software is deployed. Any attempt to load an executable that is not part of the dynamic whitelist from day one is denied. As an additional layer of defense, antivirus blacklisting can be run on-demand during non-peak hours. Continuous integrity control and alerting takes place when any unauthorized change is detected, preventing the types of attacks used in incidents such as Conficker and Operation Aurora.
- Policy Enforcement – McAfee Total Protection for Server software ensures that the server is administered in compliance with verified and approved procedures. For example, a policy that forces wireless communications on your company’s mobile devices to be encrypted at all times can be easily enforced at the server. No one except a pre-authorized administrator will be able to change the policy or the registry entry on the wireless entry ports. This enforcement can also be used to ensure that centralized management of the servers is adhered to, lowering the overall administration costs for distributed systems.
- Policy Assessment and Continuous Compliance – McAfee Total Protection for Server software lets IT departments gain visibility that can mitigate risks. The solution captures detailed changes, and processes them as part of the emergency update process, while providing auditable accounting of the procedure. Regulatory compliance becomes easier as the ability to assess configuration and management of the system against policy drives down the cost of management. McAfee Total Protection for Server software allows IT to report on the time someone logged into a system, what files were touched, and whether the actions taken were within the scope of that person’s job description. Organizations can set the policy and minimize exposure and performance issues due to ad-hoc changes.
McAfee Total Protection for Server software helps organizations save time and cut costs with simplified centralized management. The solution protects and manages servers across the entire enterprise with the McAfee(R) ePolicy Orchestrator(R) platform, the scalable and centralized platform for deployment, management, reporting, and auditing. Organizations can customize server security with flexible deployment options, easily adding and removing components with a single agent and platform.