Defesa contra ameaças avançadas da McAfee

Defesa contra ameaças avançadas da McAfee

Detecção avançada de malware furtivo de dia zero

Próximas etapas:

Visão geral

Os ataques direcionados de hoje são projetados para subjugar sistemas de segurança por meio de diversas abordagens que confundem as defesas ou as evitam completamente.

Como parte da solução McAfee Advanced Threat Defense, a McAfee transformou o ato de detecção, conectando recursos de análise de malware avançado às defesas (da borda da rede até o terminal) e compartilhando informações de ameaças com todo o ambiente de TI. Compartilhando informações de ameaças entre os sistemas de gerenciamento, rede e terminais, a McAfee encerra imediatamente as comunicações de comando e controle, põe sistemas comprometidos em quarentena, bloqueia instâncias adicionais do mesmo malware ou de ameaças semelhantes, avalia onde pode ter ocorrido dano e toma uma atitude.

O McAfee Advanced Threat Defense permite às organizações não só detectar os ataques furtivos de hoje como também converter informações em ações e, finalmente, em proteção.

Atenda aos três principais requisitos para atingir os objetivos atuais de prevenção contra ameaças avançadas: encontrar, imobilizar e corrigir. O McAfee Advanced Threat Defense encontra o malware avançado e se integra às soluções de segurança da McAfee para imobilizar a ameaça, identificar máquinas vulneráveis e iniciar ações de correção ou remediação.

Best Practices Against Advanced Threats

Gartner Digital Newsletter

Read Now

See McAfee Advanced Threat Defense in action: Videos, demos & technical guides

Learn More

Fighting advanced threats one layer at a time

View Infographic

Recursos e vantagens

Garanta maior precisão na detecção de ameaças avançadas

Reduza as chances de falha na detecção de malware ou de falsos positivos. O McAfee Advanced Threat Defense usa código estático sofisticado e análise dinâmica (sandboxing) para oferecer os dados e as avaliações mais detalhadas para a classificação do malware. O malware indetectável e as ameaças persistentes de dia zero são empacotados ou ocultados para evitar a detecção. O Advanced Threat Defense emprega uma descompactação sólida para triunfar sobre as técnicas de evasão, permitindo uma análise detalhada e uma classificação precisa. Com um amplo suporte a sistemas operacionais, as ameaças são analisadas sob as mesmas condições do perfil do host real, para que você possa capturar mais malware com menos alarmes falsos.

Responda a ameaças com mais rapidez

Migre de forma rápida e tranquila da análise e da confirmação de malware avançado para a proteção contra ameaças avançadas e sua devida resolução, em uma solução mais abrangente e eficiente diante do problema do malware. A seleção simplificada (primeiro usando uma combinação de assinaturas, reputação e emulação em tempo real) ajuda a identificar rapidamente uma vasta gama de malware, produzindo resultados rápidos de detecção e reduzindo a quantidade de arquivos que exigem análise mais detalhada em sandbox.

Custo total de propriedade mais baixo

A distribuição centralizada permite que vários dispositivos de rede da McAfee compartilhem o mesmo appliance de análise de malware, reduzindo a quantidade necessária de appliances de proteção contra ameaças avançadas, simplificando a administração e dimensionando a segurança com economia de custos em toda a sua rede. O Advanced Threat Defense pode aproveitar suas soluções existentes de segurança da McAfee, reduzindo a necessidade de uma nova arquitetura para a rede e minimizando os custos operacionais.

Use um único fornecedor de segurança, com forte integração de produtos

A McAfee oferece todos os componentes essenciais para que você localize o malware avançado, imobilize a ameaça e inicie uma correção. Oferecendo uma solução completa que integra análise de ameaças avançadas, produtos de rede e soluções para terminais, a McAfee oferece visibilidade de toda a organização e contexto para ameaças, ao mesmo tempo que reduz o tempo de resposta e simplifica as correções.

Requisitos de sistema

O McAfee Advanced Threat Defense é um dispositivo autônomo. Não há nenhum software ou hardware mínimo exigido.

Componentes de hardware de appliance ATD-6000 ATD-3000
Dimensões 2RU montável em rack 43,79 cm (L) x 8,71 cm (A) x 71,12 cm (P) 1RU montável em rack 43,82 cm (L) x 4,32 cm (A) x 73,66 cm (P)
Peso 22,7 kg 15 kg
Armazenamento Espaço em disco HD: 4 x 4 TB
SSD: 2 x 800 GB
Espaço em disco HD: 2 x 4 TB
SSD: 2 x 400 GB
Consumo máximo de energia 2x 1.600 W 2x 750 W
Fonte de alimentação redundante CA redundante, com hot swap
Tensão de CA 100-240 V a 50–60 Hz e 8,5 A 100-240 V a 50–60 Hz e 5,8 A
Temperatura 10 °C a 35 °C (em funcionamento) -40 °C a 70 °C (fora de funcionamento)
Umidade relativa (sem condensação) Em funcionamento: 10% a 90%; Fora de funcionamento: 50% a 90%
Altitude 0 a 3048 m
Certificação de segurança UL 1950, CSA-C22.2 Nº 950, EN-60950, IEC 950, EN 60825, 21CFR1040 CB, licença e relatório abrangendo todas as variações de cada país
Certificação EMI FCC Parte 15, Classe A (CFR 47) (USA), ICES-003 Classe A

Vídeos

Vídeos

Learn how McAfee Advanced Threat Defense works with your current security from network to endpoint to protect against threats.

Malware is becoming more evasive than ever before, making sandbox detection difficult. Ensure your team catches stealth, zero-day malware with McAfee Advanced Threat Defense.

Jon Oltsik, Sr. Principle analyst, Security at ESG talks about today’s trends in advanced malware, detection options, and the importance of integration between endpoint and network solutions for protection, context and increased ability to respond. Jon shares his impression of McAfee Advanced Threat Defense.

Prêmios / Análises

Resultados dos testes do McAfee Advanced Threat Defense
Resultados dos testes do McAfee Advanced Threat Defense

A AV-Test realizou um teste com o McAfee Advanced Threat Defense Appliance para determinar seus recursos de detecção de malware.

CRN classifica McAfee como uma das 25 melhores empresas para se fazer parcerias em 2013
CRN classifica McAfee como uma das 25 melhores empresas para se fazer parcerias em 2013

Consultando provedores de soluções de TI, a CRN Research classifica os 25 fornecedores de tecnologia essenciais dentre uma lista de quase 230 empresas em 12 categorias de produtos que os provedores de soluções precisam considerar ao formalizar suas parcerias hoje e no futuro. 1.000 provedores de soluções únicos de todos os tipos e tamanhos foram entrevistados.

SC Magazine
Prêmio Readers Trust da SC Magazine: melhor proteção contra APT

SC Magazine seleciona McAfee como finalista do prêmio Readers Trust, na categoria de melhor proteção contra ameaças persistentes avançadas (APT).

Produtos relacionados

O McAfee Advanced Threat Defense é um componente principal do portfólio de segurança de rede da McAfee e do framework Security Connected. A McAfee transformou o ato de detecção, conectando recursos de análise de malware avançado às defesas (da borda da rede até o terminal) e compartilhando informações de ameaças com todo o ambiente de TI.

McAfee Next Generation Firewall
O McAfee Next Generation Firewall protege as empresas contra os ataques mais avançados com a última palavra em proteção altamente disponível, expansível e flexível, sempre com o apoio do Security Connected, o mais amplo e sofisticado ecossistema antiameaças do setor.

McAfee Network Security Platform
A plataforma McAfee Network Security é uma solução de segurança inteligente e exclusiva que descobre e bloqueia ameaças sofisticadas na rede. Usando técnicas avançadas de detecção de ameaças, ele protege contra ataques ocultos com extrema precisão, a velocidades de até 80 Gbps, e ainda oferece dados contextuais avançados sobre usuários, dispositivos e aplicativos para respostas rápidas e precisas a ataques via rede.

McAfee Threat Intelligence Exchange
O McAfee Threat Intelligence Exchange agiliza consideravelmente a prevenção contra ameaças avançadas, reduzindo o período entre o encontro e a contenção de ataques direcionados avançados de dias, semanas ou meses para milissegundos.

McAfee Enterprise Security Manager
O McAfee Enterprise Security Manager proporciona a velocidade e o contexto avançado necessários para que você identifique ameaças críticas, responda rapidamente e lide com os requisitos de conformidade com facilidade. Canais contínuos de ameaças globais e riscos empresariais proporcionam gerenciamento de risco adaptável e autônomo, permitindo a correção de ameaças e a geração de relatórios de conformidade em minutos, e não em horas.

McAfee Web Gateway
O McAfee Web Gateway, distribuído no local com appliances ou em um ambiente virtual, oferece uma proteção poderosa e proativa contra ameaças de dia zero, spyware e ataques dirigidos. O Web Gateway combina essa segurança avançada com um controle flexível e granular, permitindo que a sua empresa tire máximo proveito da Web sem comprometimentos.

McAfee Email Gateway
O McAfee Email Gateway consolida proteção contra ameaças recebidas, criptografia no envio, conformidade avançada, prevenção de perda de dados e administração em um único appliance fácil de usar e distribuir. Ele acaba com as defesas fragmentadas e ineficazes, simplifica os ambientes de segurança com vários fornecedores, reduz os custos operacionais e fortalece consideravelmente a segurança de e-mail.

McAfee ePolicy Orchestrator
O McAfee ePolicy Orchestrator (McAfee ePO) é um componente essencial da plataforma McAfee Security Management e o único software de grande porte a fornecer gerenciamento unificado de segurança de dados, rede e terminal. Com visibilidade total e uma automações eficientes que reduzem drasticamente os tempos de reação, o software McAfee ePO reforça muito a proteção e reduz o custo e a complexidade de gerenciar riscos e segurança.

Notícias / Eventos

Casos de Clientes

City of Chicago (English)

Chicago protects its critical infrastructure with an integrated solution from McAfee, combining SIEM, endpoint, and network security.

Destaques
  • Maximized staff resources.
  • Malware incidents reduced by 2,000%.
  • Centralized management and analysis.
  • Integrated security event logging that captures events throughout the environment.

Eagle Rock Energy (English)

Eagle Rock strengthens its security infrastructure with the addition of new security management and network security solutions.

Destaques
  • Integrated security architecture paves the way for business expansion.
  • Comprehensive threat detection ensures that security events from every source are noted and logged.
  • The combination of McAfee Web Gateway and McAfee Advanced Threat Defense thwarts inbound threats from the Internet.
  • Intrusion prevention monitors both external and internal activity.

Recursos

Diagramas tecnológicos

Find, Freeze, and Fix Advanced Threats (English)

Your organization is asking for an advanced malware detection and response strategy that’s sophisticated and adaptive against hacker attacks. Several design trends in advanced malware security affect the performance, efficacy, cost, and management complexity of an overall solution. What’s your next step?

Documentos

SANS Survey: Incident Response – How to Fight Back (English)

SANS recently surveyed incident response (IR) teams to get a clearer picture of what they're up against today. The results are in; most organizations lack formalized IR plans, they expressed a need to collect and correlate threat intelligence and SIEM tools are their focus for improving IR capabilities.

Preventing Targeted Attacks with McAfee's Advanced Threat Defense (English)

In this white paper, IDC outlines McAfee Advanced Threat Defense (ATD) within the context of the specialized threat analysis and protection market. Our centralized approach to malware analysis, deep integrations across the product portfolio, and three-pronged focus on "Find, Freeze, Fix" as a way of dealing with threats is unique within the market and provides a more holistic approach than other detection-oriented products.

Conquer the Top 20 Critical Security Controls (English)

Critical Security Controls (CSCs) help organizations break down operational silos by providing a pragmatic blueprint detailing where to focus efforts to achieve the greatest results. This white paper maps the quick wins within the first five CSCs to associated McAfee products, services, and partner solution capabilities — all part of the Security Connected platform.

Crie uma sandbox melhor

As malware becomes more sophisticated and evasive, new technologies are emerging to uncover threats no matter how well they’re camouflaged. This white paper proposes a logical design strategy for dynamic malware analysis that optimizes detection effectiveness, efficiency, and economics.

Advanced Targeted Attacks: It Takes a System (English)

Adaptive intelligence and real-time communications orchestrate protection in the McAfee Security Connected Platform.

Especificações

McAfee Advanced Threat Defense

Para um resumo técnico do produto McAfee listado acima, consulte o data sheet do produto.

Infographics

SANS Top 20 Critical Controls Poster (English)

The top 20 critical controls for effective cyberdefense.

Deeper Inspection. Better Threat Protection. (English)

Malware is becoming more complicated, covert, and clever. Your advanced threat protection solution needs to have just as cunning of a response.

Bury Threats Before They Bury Your Business (English)

Bury threats with McAfee’s Network Security Platform comprehensive signature-less approach to malware detection.

ADOTE UMA ABORDAGEM INTEGRADA CONTRA AS AMEAÇAS AVANÇADAS

With today's advanced malware threats, IT departments need to expand their coverage with an appropriately configured security infrastructure. Finding, freezing and fixing advanced exploits fast requires a fully integrated, well managed approach to IT security.

Survey Says You Have Big Concerns about Advanced Malware (English)

You spoke and we listened. Today’s advanced malware threats have you spending a lot of resources fighting an uphill battle. The answer is McAfee Advanced Threat Defense—so you can find, freeze, and fix threats.

Relatórios

ESG Report: Tackling Attack Detection and Incident Response (English)

This report examines organizations’ security strategies, cyber-attack environments, incident response challenges and needs. A survey found that security professionals are inundated with security incidents and struggle with timely identification and resolution of targeted attacks. A lack of visibility into user and network activity, shortage of investigative skills and experience, and poor security analytics capabilities are key factors in slowing organizations’ response to incidents.

Gartner Digital Newsletter: Best Practices Against Advanced Threats (English)

The newsletter includes access to Gartner research ‘Five Styles of Advanced Threat Defense’ and discusses how Intel Security solutions help organizations with every aspect of their advanced threat defense strategy and has uniquely integrated them to provide a powerful security platform.

NSS Labs Product Assessment Brief: McAfee Advanced Threat Defense (English)

This report reviews McAfee Advanced Threat Defense, outlining strengths, weaknesses, opportunities and threats.

SANS Analytics and Intelligence Survey (English)

This paper explores the use of analytics and intelligence today and exposes the impediments to successful implementation. Organizations that are deploying analytics and intelligence properly are experiencing faster response and detection times, as well as greater visibility. However, many are confused about how to integrate and automate their intelligence collection processes.

SANS Report: Critical Security Controls: From Adoption to Implementation (English)

A recent SANS survey provides an in-depth look at the primary industries adopting critical security controls and how they approach implementation.

McAfee Advanced Threat Defense Test Results (English)

AV-TEST performed a test of the McAfee Advanced Threat Defense appliance to determine its malware detection capabilities.

ESG Lab Validation Report: McAfee Advanced Threat Defense (English)

This ESG Lab Validation report documents hands-on testing of McAfee Advanced Threat Defense, a key component of McAfee’s end-to-end solution for addressing advanced malware. Testing was designed to explore how the solution accurately detects advanced malware using a layered approach, the speed and effectiveness of responding to an attack, and the operational efficiencies of this integrated solution.

Webtorials State-of-the Market Report: Doing Battle with Advanced Malware

While enterprises appear to be aware of advanced malware and its security challenges, the measures to defend against it need some attention and investment. This report presents survey results that gauge enterprise awareness of advanced malware and what’s measures are being taken to defend against it.

Gartner Report: Designing an Adaptive Security Architecture for Protection from Advanced Attacks (English)

Most enterprise security protection efforts and products have focused primarily on blocking and prevention techniques as well as on policy-based controls to block threats. However, perfect prevention is impossible. Advanced targeted attacks are easily bypassing traditional firewalls and signature-based prevention mechanisms. All organizations should now assume that they are in a state of continuous compromise.

McAfee IPS Appliance Test (English)

AV-TEST performed a review of McAfee’s IPS solution for the enterprise to determine malware detection and blocking capabilities.

The Economic Impact of Cybercrime and Cyber Espionage (English)

This report discusses how to estimate the cost of malicious cyber activity, and its effect on trade, technology and competitiveness.

Resumos de soluções

Advanced Threat Defense for SIEM (English)

When advanced detection solutions, known as sandboxes, collaborate with SIEM solutions, enterprises can better understand and respond to unknown, advanced attacks. McAfee Advanced Threat Defense and McAfee Enterprise Security Manager work in concert to extract relevant data from advanced malware and dramatically reduce time to response by minimizing uncertainty and accelerating remediation.

A Well-Connected Sandbox (English)

A well-connected sandbox that is integrated from the network edge to endpoints is one of the most effective defenses against today’s constantly morphing and evasive advanced threats. This brief explains how McAfee Advanced Threat Defense, when integrated with other Intel Security solutions, provides an effective defense against zero-day threats.

Advanced Threat Defense for the Email Gateway (English)

Email is a vital communication vehicle for just about every business these days—and it is also a key threat vector for cybercrooks who are looking to steal valuable data or execute inbound attacks. As part of our unified, integrated Security Connected framework, McAfee Email Gateway and McAfee Advanced Threat Defense work together to find and freeze new, unknown, and stealthy advanced threats. For a complete end-to-end solution, add McAfee Real Time to the mix to quickly identify and fix systems impacted by advanced malware.

McAfee Advanced Threat Defense for McAfee Web Gateway (English)

Social networks, cloud applications, and content-sharing sites have become essential business tools and IT organizations are struggling to make them safely accessible from inside and outside the corporate environment. Read this Solution Brief and see how McAfee Threat Defense for McAfee Web Gateway helps overcome the obstacles.

Abuso de confiança

Attackers prey upon the institution of trust in many ways, with exploiting unsuspecting victims the primary pursuit. Learn how McAfee security technology can help protect against attacks seeking to abuse the trust your company has in its day-to-day operations.

Advanced Threat Defense for Next-Generation Firewalls (English)

Next-generation firewalls certainly offer expanded network security for branch offices and remote locations, but they can’t find and block stealthy, advanced malware. Through the Security Connected approach from McAfee, Advanced Threat Defense and McAfee Next Generation Firewall work hand-in-hand to find and freeze today’s evasive and targeted cyberattacks.

Segurança em conjunto

McAfee Threat Intelligence Exchange and McAfee Advanced Threat Defense work together to provide enterprises with automated, adaptive threat response, which reduces time-to-containment of malicious files. The moment a file is convicted, the entire security infrastructure is informed and updated immediately, providing greatly enhanced visibility and control, from endpoint to network.

McAfee Delivers Comprehensive Threat Protection for the Financial Services Industry (English)

This solution brief explains how the McAfee Security Connected approach provides advanced threat protection for the financial services industry and prevents targeted attacks.

Advanced Threat Defense para IPS de rede

Many of today’s unknown, zero-day threats evade traditional defenses like intrusion prevention systems (IPS). The addition of third-party sandbox appliances can help, but they have several limitations: high cost of deployment, reliance on a generic virtual execution environment that may overlook target-specific attacks, and reliance solely on dynamic analysis, making the sandbox vulnerable to malware can detect secure environments and delay execution. McAfee Network Security Platform IPS and McAfee Advanced Threat Defense work together to find sophisticated threats, freeze them so they cannot infiltrate, and fix the damage done.

McAfee Advanced Threat Defense: Services solutions for Managed Service Providers (MSP) (English)

IT organizations are focused on shifting budgets from capital expenditures (CAPEX) to operational expenditures (OPEX) in an environment where in-house investments can easily get outpaced by an increasingly sophisticated cybercrime ecosystem. McAfee Advanced Threat Defense can help you to differentiate your services and protect customers against zero-day attacks by offering the industry’s most comprehensive threat protection.

Advanced Malware: Protecting Federal Agencies with a Layered Defense Strategy (English)

Determined cyberattackers are striking US federal agencies with malware that is both more malicious and smarter than ever before. This malware is targeted, stealthy, evasive, and adaptive—enabling these characteristics in advanced persistent threats. Sure, known threats are still with us, but lurking in their midst are complex zero-day attacks that elude traditional defenses such as signatures. We are faced with designer rootkits and Trojans that can hide and move around US government networks, go unnoticed for long periods of time as they do their dirty work, infiltrating those networks and systems to steal vital government and citizen data assets. It’s a big and continually evolving problem that must be foremost in the minds of those entrusted to secure our government’s most sensitive and vital information and communication assets.

Advanced Malware: Nowhere to Hide with a Layered Defense Strategy (English)

Smart and malicious advanced malware is targeted stealthy, evasive, and adaptive. Sandboxing and other stand-alone products can't do the job on their own. This editorial brief explains why you need an arsenal of layered, integrated defenses to protect against these sophisticated threats.

Comunidade

Blogs