- Chat with McAfee Ready to make a purchase or have questions before you buy? Chat with a McAfee expert. Available Monday to Friday.
- Contact Me
- Find a Reseller
- Call: 1-888-847-8766
Overview
Readiness requires continuous awareness of what assets and data are on the network and what is going on inside and outside the network — right now. It depends on a common operational picture: visibility and situational awareness across defense and tactical networks, comparison of internal activity and external activity on similar networks, and knowledge of restricted and unrestricted networks away from the battlefield.
Overcome obstacles — A single picture can be difficult for organizations using compartmentalized controls and processes. For example, defense networks, especially military networks, rely on responsiveness and rapid access to data. Users and administrators perceive standard process-heavy security controls to be obstacles to agility. For this reason, many tactical systems are exempt from security audits and excluded from traditional risk management. Complicating change, stakeholders often hesitate to relinquish control over their cyberenvironments. However, weak controls and siloed systems prevent timely action against advanced targeted attacks and data breaches, including insider threats.
View a complete operational picture — McAfee cyber readiness solutions enable a continuous understanding of the entire protected network and the ability to assess risk dynamically across three key dimensions: on the network (network devices, endpoints, users, and data), inside the network (behavior), and outside the network (threat intelligence). McAfee combines solutions for discovery, prevention, detection, response, and audit within a centralized management console enriched with threat intelligence feeds. Collectively, these solutions help detect and remediate threats sourced from inside and outside the network — even advanced stealth attacks and zero-day threats.
Act on intelligence — An extensible data collection and monitoring framework within McAfee solutions fuses machine-to-machine (M2M) and threat intelligence with IT and mission data from endpoints, servers, databases, and applications — including network and system logs. These data streams feed rich analytics that support a proactive risk management posture: continuous monitoring, assessments, and forensic investigations on a large scale. They provide cyber readiness across the cybersecurity battlefield — on the front lines and throughout the networks that enable the mission behind the scenes.
Key Benefits
- Silently detect and monitor assets as they traverse your networks
Passively discover and monitor assets (endpoints and servers), devices, applications, and data moving onto and between domains to reduce the chance of network disruption, data loss, and compliance violations — without intruding on operations or affecting battle command system performance. - Build continuous asset intelligence
Understand your true risk posture through a complete inventory of assets with an up-to-date assessment of each device’s vulnerability, behavior, configuration, active countermeasures, and impact on your state. - Collect machine-to-machine intelligence from every source
Use a proven, scalable, and standards-based framework to capture the data required for consistent, holistic situational awareness spanning from secret and enterprise networks to battle command systems and tactical combat systems. Every component of the network is a producer and consumer of intelligence, creating a smarter, connected ecosystem that uses its own network as an intelligence source. This intelligence combines with indicators from other networks worldwide to help you pinpoint relevant internal and external activity that affects risk. - Facilitate data protection
Use pre-integrated systems and policy-based enforcement from McAfee and TITUS to efficiently identify, classify, label, catalog, monitor, and control sensitive data throughout your network. - Link cyber risk to overall mission risk decisions
Incorporate local asset intelligence and global threat intelligence in decision making to manage risk more intelligently and confidently based on a complete, contextual, and accurate view of dynamic assets, risks, and countermeasures in IT and operational networks. - Centralize security data and operations to speed assessment and inform response
Streamline device management, threat monitoring, real-time analysis, and forensic investigation within a “single pane of glass” environment that includes data mined from network and system logs. Use tools to automate tactical processes so your team can focus on the events that matter most. - Integrate management and reporting across systems and vendors
Connect your cyber-ready environment to higher-level decision support systems, external data sources, and third-party solutions to facilitate decision-making under pressure while improving operational efficiency.
Products
McAfee DLP Discover
Uses advanced network crawling technology to index sensitive data stored anywhere on your network and allows you to mine this information to quickly understand your sensitive data, how it is used, who owns it, and where it has proliferated.
McAfee DLP Endpoint
Protects against insider threats. Recognizes TITUS metadata markings on any document and can use these markings as well as “fingerprints” to control the movement of sensitive data to removable devices or through email messaging (takes action such as release, block, restrict, or encrypt).
McAfee DLP Prevent
Enforces data policies within domains and across Internet, enterprise, and partner boundaries to help prevent data loss and misuse. Integrates with McAfee Email Gateway and McAfee Web Gateway to block leakage or theft of sensitive and TITUS-marked data through protocols including HTTP, IMAP, and FTP.
Database Security
McAfee Database Activity Monitoring
Provides predefined defenses and threat monitoring to secure database applications against exploitation and misuse. Works with McAfee ePolicy Orchestrator to improve data readiness through centralized policy management and event collection. Can discover and identify critical repositories.
McAfee Vulnerability Manager for Databases
Scans the network for databases and also uses preset patterns to identify tables containing restricted information. Determines if the latest patches have been applied, tests for weaknesses, and then prioritizes and recommends remediations.
Risk and Compliance
McAfee Asset Manager (part of McAfee Vulnerability Manager)
Passively monitors network traffic to detect and characterize devices hidden on your network as well as smartphones, tablets, and laptops that come and go between scheduled scans, updating the asset database in McAfee ePO.
McAfee Policy Auditor
Checks and reports endpoint compliance using an agent integrated with McAfee ePO.
McAfee Risk Advisor
Works with McAfee Policy Auditor, McAfee Vulnerability Manager, and McAfee ePO to dynamically correlate threat, vulnerability, and countermeasure information across systems, data, and applications. This continuous monitoring helps you pinpoint at-risk assets, direct resources, and optimize patching. Risk assessments feed into McAfee Enterprise Security Manager for a unified view.
McAfee Vulnerability Manager
Using traditional active scanning plus the passive monitoring of the McAfee Asset Manager feature, this appliance delivers unrivaled scalability and performance that can keep track of the presence, configurations, and potential weaknesses of every asset and device on your network.
Security Management
McAfee ePolicy Orchestrator (McAfee ePO)
Centrally manages endpoint security and data usage controls, providing a view of host state information alongside active countermeasures. Integrates with McAfee Enterprise Security Manager and third-party products to provide real-time visibility into asset inventory, risk, and cyber readiness.
SIEM
McAfee Enterprise Security Manager
Provides a common operational dashboard and rich, high-speed analytics that promote early threat detection and forensic readiness. Scales to absorb vast and varied data feeds — from asset and threat intelligence to machine-to-machine, network, and system logs — which it correlates with other security-related events to present a unified and coherent picture of risk.
Related Partners
- Solera Networks
Offers full network forensics, analytics, and data retention for breach and forensic readiness. Solera Networks products can feed network logs into McAfee Enterprise Security Manager, adding these network data sources to the system logs of McAfee Enterprise Log Manager to give investigators rapid access to required data to assist response in the event of a breach. - TITUS
TITUS provides data classification, data awareness, and data policy enforcement for defense, government, and commercial enterprises. TITUS leverages the user to make real-time decisions about sensitive data classification. TITUS solutions integrate tightly with McAfee control and monitoring solutions to improve decision accuracy and data readiness.
Resources
Intelligence-Driven Response
Learn more about intelligence-driven response and how it helps to build a resilient cyberdefense strategy.
Solution Briefs
Identify Sensitive Data and Prevent Data Leaks
The interoperability between TITUS Document Classification software and McAfee Data Loss Prevention (DLP) further reduces your risk of data loss by capturing end users’ inherent knowledge about the sensitivity of documents and making that information available to McAfee host and network-based DLP as visual classification labels and corresponding metadata.
See Network Threats to Prevent Future Attacks
Solera Networks, a platform for network security analytics, provides full context to any security event identified by the McAfee Network Security Platform.
Real-time Threat Detection for Defense in Depth and Information Assurance
McAfee delivers comprehensive network intrusion prevention to protect the Army's network.
Brochures
Security Connected Reference Architecture
Community
Forums
No results foundBlogs
- Continuous Monitoring at GFIRST (Part 2)
Archive - August 23, 2012
Yesterday I blogged about a presentation I gave at GFIRST in Atlanta, Georgia where I demonstrated a number of application and database attacks and referenced how this is extremely relevant to Continuous Monitoring (CM) for federal agencies. McAfee’s Approach to Continuous Monitoring Risk Awareness Risk awareness across all subsystems enables agencies to understand real-time activities Read more... - Continuous Monitoring at GFIRST (Part 1)
Archive - August 22, 2012
At GFIRST in Atlanta, Georgia, I just gave an application and database hacking demonstration. I demonstrated various attacks such as: SQL Injection XSS Session Hijacking Parameter Tampering Database Protocol Hacking I also gave a demonstration of a targeted Phishing attack that brought together Metasploit, Stuxnet, Bit.ly, Facebook…oh, and Cameron Diaz. These demonstrations were meant Read more... - Meeting with the Pennsylvania Department of Community and Economic Development
Archive - August 16, 2012
A team from the Pennsylvania Governor Tom Corbett’s Department of Community and Economic Development recently joined us in Silicon Valley at McAfee HQ to discuss information security. Overall, state governments are taking a more proactive stance as is relates to information security; this is a welcome and much needed trend. One of topics we discussed Read more... - 10 Days of Rain in Korea
Archive - July 05, 2011
On March 4th of this year, exactly 20 months to the day of a similar incident on US Independence Day in 2009, a botnet based out of South Korea launched Distributed Denial of Service (DDoS) attacks against 40 sites affiliated with South Korean government, military and civilian critical infrastructure as well as U.S. Forces Korea Read more... - My Recent Travels to Italy and Spain
Gert Jan Schenk - May 19, 2011
Recently I have been meeting with customers and resellers throughout Italy and Spain and it was interesting to hear that their needs from a security partner are very similar to those from the other countries I have recently visited. I have started to see strong interest in the McAfee DLP, Database Protection and Encryption technologies Read more...