McAfee Threat Intelligence Exchange

McAfee Threat Intelligence Exchange

Adaptive threat prevention

Next Steps:

Overview

McAfee Threat Intelligence Exchange delivers a cohesive framework where security products collectively pinpoint threats and act as a unified threat defense system providing security resilience and immunity to infections. Threat Intelligence Exchange significantly optimizes threat prevention by narrowing the gap from encounter to containment from days, weeks, and months down to milliseconds.

Apply the power of knowledge — Threat Intelligence Exchange makes it possible for administrators to easily tailor comprehensive threat intelligence from multiple intelligence data sources. This customization empowers administrators to assemble, override, and tune the intelligence source information so that they can modify protection for their environment and organization.

Orchestrate in real time — Threat Intelligence Exchange is the first solution to use the McAfee data exchange layer, a bidirectional communications fabric enabling security intelligence, and adaptive security through product integration simplicity and context sharing. The data exchange layer (DXL) supports the automatic configuration of products, reducing errors and eliminating effort to lower implementation and operational costs of integration.

Supercharge existing endpoint protection — Threat Intelligence Exchange provides breakthrough endpoint protection, using McAfee VirusScan Enterprise to make accurate file execution decisions. Endpoints will also be protected based on malware detected by network gateways, while network gateways block access based on endpoint convictions.

SIEM tools are key to improving incident response

Read SANS Report

Advanced targeted attacks: It takes a system

Read White Paper

Features & Benefits

Comprehensive threat intelligence

McAfee Threat Intelligence Exchange makes it possible for administrators to easily tailor comprehensive threat intelligence from global data sources, such as McAfee Global Threat Intelligence (GTI) and third-party feeds, with local threat intelligence sourced from real-time and historical event data coming from endpoints, gateways, and other security components.

Immediate visibility into the presence of advanced targeted attacks

The McAfee data exchange layer enables security components to dynamically join the McAfee Threat Intelligence Exchange. Shared insights bring deeper awareness of the threats targeting an organization. Attacks are discovered through the endpoints, gateways, and other security components united in providing real-time surveillance.

Proactive threat protection

Threat details collected from malware encounters at endpoints and network gateways can propagate through the data exchange layer in milliseconds, educating all security components to proactively immunize against newly detected threats.

Unmatched operational effectiveness lowers security cost of ownership

While increasing security resiliency, security cost of ownership is lowered by extending existing McAfee security detection, prevention, and analytic technology investments to proactively and efficiently protect your organization as soon as a threat is revealed.

System Requirements

McAfee Threat Intelligence Exchange consists of the following components:

  • McAfee Threat Intelligence Exchange Server 1.0
  • McAfee Data Exchange Layer Client 1.0
  • McAfee Threat Intelligence Exchange Module 1.0 for VSE

Additional requirements for McAfee Threat Intelligence Exchange include:

  • McAfee Endpoint Protection
    • McAfee VirusScan Enterprise 8.8, Patch 4 with Hotfix 929019
  • McAfee Security Management
    • McAfee ePolicy Orchestrator 5.1.1
  • Virtualization Infrastructure
    • VMWare ESXi 5.1.0 and above (McAfee Threat Intelligence Exchange Server is a hardened virtual appliance delivered as an OVA that is pre-configured with 16 GB of RAM and 8CPU)

Videos

Videos

McAfee Threat Intelligence Exchange integrates, automates, and simplifies to decisively reduce TCO and optimize enterprise security. It eliminates complexity, provides instantaneous speed, and illuminated knowledge that can lower operating costs while streamlining protection and response ― all while freeing valuable security team resources.

Resources

Data Sheets

McAfee Threat Intelligence Exchange

For a technical summary on the McAfee product listed above, please view the product data sheet.

Infographics

Connected Security Yields Smarter Defenses

Stop emerging threats with applied knowledge — everywhere, instantly.

Reports

SANS Analytics and Intelligence Survey

This paper explores the use of analytics and intelligence today and exposes the impediments to successful implementation. Organizations that are deploying analytics and intelligence properly are experiencing faster response and detection times, as well as greater visibility. However, many are confused about how to integrate and automate their intelligence collection processes.

Solution Briefs

McAfee Enterprise Security Manager and McAfee Threat Intelligence Exchange

There’s no doubt that organizations face significant challenges protecting their intellectual property and critical assets from the emerging threats that target their environments. This solutions brief highlights how McAfee® Enterprise Security Manager and McAfee Threat Intelligence Exchange work together to provide organizations with exactly what they need to fight today’s advanced threats.

McAfee Threat Intelligence Exchange and Endpoint Protection

McAfee Threat Intelligence Exchange and McAfee Advanced Threat Defense work together to provide enterprises with automated, adaptive threats response, which reduces time-to-containment of malicious files. The moment a file is convicted, the entire security infrastructure is informed and updated immediately, providing greatly enhanced visibility and control, from endpoint to network.

Security in Unison

McAfee Threat Intelligence Exchange and McAfee Advanced Threat Defense work together to provide enterprises with automated, adaptive threat response, which reduces time-to-containment of malicious files. The moment a file is convicted, the entire security infrastructure is informed and updated immediately, providing greatly enhanced visibility and control, from endpoint to network.

White Papers

SANS White Paper: Be Ready for a Breach with Intelligent Response

How do we get more visibility into attacks across our environments, improve our response, and reduce response time? The solution is automating functions that should be automated and connecting the dots between detection systems and response. Connecting these dots and applying intelligence provides responders rich context into the observed behaviors for taking action. Integrating these processes improves accuracy, while reducing time, manpower, and costs involved in detecting and managing events. This white paper explores how to achieve this.

Advanced Targeted Attacks: It Takes a System

Adaptive intelligence and real-time communications orchestrate protection in the McAfee Security Connected Platform.

Community

Blogs

  • A New Cyber Education Program, a New Level of Our Commitment
    Tom Gann - November 21, 2014

    When we launched the Intel Security Digital Safety Program recently, it marked a new era in our commitment to cyber education. Since 2009, McAfee has sent employee volunteers into schools to teach digital safety. We reached 250,000 students but we weren’t satisfied. So we partnered with one of the most exciting brands in digital education – […]

    The post A New Cyber Education Program, a New Level of Our Commitment appeared first on McAfee.

  • Microsoft MS14-068 Out-Of-Band Hotfix
    PageOne Pr - November 19, 2014

    Hello everyone, This is Greg Blaum again with a special update regarding a Microsoft OOB (Out-Of-Band) Hotfix that was released on November 18th, 2014. If you recall from our November 2014 Microsoft Patch Tuesday analysis, one of the patches that Microsoft mentioned in their initial advance notification for November was MS14-068. I said at the time […]

    The post Microsoft MS14-068 Out-Of-Band Hotfix appeared first on McAfee.

  • When Your Organization is Under Attack, Minutes Count
    Karl Klaessig - November 19, 2014

    In 2014, companies continued to be shaken out of their contented relationship with corporate security efforts. Retailers were hacked. Millions of emails were lifted. Thousands of Social Security numbers were stolen. Gone is the era of “set it and forget it” security, where enterprises use only default security settings. This epiphany, motivated by news headlines, […]

    The post When Your Organization is Under Attack, Minutes Count appeared first on McAfee.

  • Seven Favorite FOCUS Sessions: Ready to Replay
    Barbara Kay - November 17, 2014

    FOCUS 14 is a wrap!  Another great year of interesting content, good conversation and great networking.  With over a third more customers presenting in 2014 than last year, our breakout sessions had record attendance, with a few sessions standing room only. In addition to the perennial favorite Endpoint and ePO sessions, this year saw a […]

    The post Seven Favorite FOCUS Sessions: Ready to Replay appeared first on McAfee.

  • Twelve Ho, Ho, Holiday Scams and Your Business
    Barbara Kay - November 17, 2014

    As both a consumer and an enterprise security pro, I encourage you to take a few minutes to look through our annual “12 SCAMS OF THE HOLIDAYS” list. Four of the top tricks might spark an enterprise incident that could take you away from your holiday festivities. All of these scams are things employees, family, […]

    The post Twelve Ho, Ho, Holiday Scams and Your Business appeared first on McAfee.

Threats and Risks