McAfee Threat Intelligence Exchange

McAfee Threat Intelligence Exchange

Adaptive threat prevention

Next Steps:

Overview

McAfee Threat Intelligence Exchange delivers a cohesive framework where security products collectively pinpoint threats and act as a unified threat defense system providing security resilience and immunity to infections. Threat Intelligence Exchange significantly optimizes threat prevention by narrowing the gap from encounter to containment from days, weeks, and months down to milliseconds.

Apply the power of knowledge — Threat Intelligence Exchange makes it possible for administrators to easily tailor comprehensive threat intelligence from multiple intelligence data sources. This customization empowers administrators to assemble, override, and tune the intelligence source information so that they can modify protection for their environment and organization.

Orchestrate in real time — Threat Intelligence Exchange is the first solution to use the McAfee data exchange layer, a bidirectional communications fabric enabling security intelligence, and adaptive security through product integration simplicity and context sharing. The data exchange layer (DXL) supports the automatic configuration of products, reducing errors and eliminating effort to lower implementation and operational costs of integration.

Supercharge existing endpoint protection — Threat Intelligence Exchange provides breakthrough endpoint protection, using McAfee VirusScan Enterprise to make accurate file execution decisions. Endpoints will also be protected based on malware detected by network gateways, while network gateways block access based on endpoint convictions.

SIEM tools are key to improving incident response

Read SANS Report

Advanced targeted attacks: It takes a system

Read White Paper

Features & Benefits

Comprehensive threat intelligence

McAfee Threat Intelligence Exchange makes it possible for administrators to easily tailor comprehensive threat intelligence from global data sources, such as McAfee Global Threat Intelligence (GTI) and third-party feeds, with local threat intelligence sourced from real-time and historical event data coming from endpoints, gateways, and other security components.

Immediate visibility into the presence of advanced targeted attacks

The McAfee data exchange layer enables security components to dynamically join the McAfee Threat Intelligence Exchange. Shared insights bring deeper awareness of the threats targeting an organization. Attacks are discovered through the endpoints, gateways, and other security components united in providing real-time surveillance.

Proactive threat protection

Threat details collected from malware encounters at endpoints and network gateways can propagate through the data exchange layer in milliseconds, educating all security components to proactively immunize against newly detected threats.

Unmatched operational effectiveness lowers security cost of ownership

While increasing security resiliency, security cost of ownership is lowered by extending existing McAfee security detection, prevention, and analytic technology investments to proactively and efficiently protect your organization as soon as a threat is revealed.

System Requirements

McAfee Threat Intelligence Exchange consists of the following components:

  • McAfee Threat Intelligence Exchange Server 1.0
  • McAfee Data Exchange Layer Client 1.0
  • McAfee Threat Intelligence Exchange Module 1.0 for VSE

Additional requirements for McAfee Threat Intelligence Exchange include:

  • McAfee Endpoint Protection
    • McAfee VirusScan Enterprise 8.8, Patch 4 with Hotfix 929019
  • McAfee Security Management
    • McAfee ePolicy Orchestrator 5.1.1
  • Virtualization Infrastructure
    • VMWare ESXi 5.1.0 and above (McAfee Threat Intelligence Exchange Server is a hardened virtual appliance delivered as an OVA that is pre-configured with 16 GB of RAM and 8CPU)

Videos

Videos

McAfee Threat Intelligence Exchange integrates, automates, and simplifies to decisively reduce TCO and optimize enterprise security. It eliminates complexity, provides instantaneous speed, and illuminated knowledge that can lower operating costs while streamlining protection and response ― all while freeing valuable security team resources.

Resources

Data Sheets

McAfee Threat Intelligence Exchange

For a technical summary on the McAfee product listed above, please view the product data sheet.

Infographics

Connected Security Yields Smarter Defenses

Stop emerging threats with applied knowledge — everywhere, instantly.

Reports

SANS Analytics and Intelligence Survey

This paper explores the use of analytics and intelligence today and exposes the impediments to successful implementation. Organizations that are deploying analytics and intelligence properly are experiencing faster response and detection times, as well as greater visibility. However, many are confused about how to integrate and automate their intelligence collection processes.

Solution Briefs

McAfee Enterprise Security Manager and McAfee Threat Intelligence Exchange

There’s no doubt that organizations face significant challenges protecting their intellectual property and critical assets from the emerging threats that target their environments. This solutions brief highlights how McAfee® Enterprise Security Manager and McAfee Threat Intelligence Exchange work together to provide organizations with exactly what they need to fight today’s advanced threats.

McAfee Threat Intelligence Exchange and Endpoint Protection

McAfee Threat Intelligence Exchange and McAfee Advanced Threat Defense work together to provide enterprises with automated, adaptive threats response, which reduces time-to-containment of malicious files. The moment a file is convicted, the entire security infrastructure is informed and updated immediately, providing greatly enhanced visibility and control, from endpoint to network.

Security in Unison

McAfee Threat Intelligence Exchange and McAfee Advanced Threat Defense work together to provide enterprises with automated, adaptive threat response, which reduces time-to-containment of malicious files. The moment a file is convicted, the entire security infrastructure is informed and updated immediately, providing greatly enhanced visibility and control, from endpoint to network.

White Papers

Advanced Targeted Attacks: It Takes a System

Adaptive intelligence and real-time communications orchestrate protection in the McAfee Security Connected Platform.

Community

Blogs

Threats and Risks