McAfee Global Threat Intelligence Proxy (McAfee GTI Proxy)

McAfee Global Threat Intelligence Proxy (McAfee GTI Proxy)

Enable McAfee GTI to operate in DNS proxy environments

Next Steps:

Overview

McAfee Global Threat Intelligence Proxy (McAfee GTI Proxy) enables McAfee VirusScan Enterprise nodes to perform McAfee GTI file reputation (formerly known as Artemis) queries from within the enterprise network without requiring direct access to the public McAfee cloud from all McAfee VirusScan Enterprise (version 8.7 or later) endpoint systems. With McAfee GTI Proxy, organizations ensure that they have up-to-date threat protection and robust virus detection capabilities, including a strong defense against advanced persistent threats and botnets, even if Internet access is limited.

Consolidated cloud communications — Driven by compliance or other factors, organizations often have unique requirements for allowing applications to access resources on the Internet. For organizations operating limited Internet access environments, McAfee GTI Proxy consolidates communications between McAfee VirusScan Enterprise clients that have McAfee GTI file reputation queries activated and the McAfee cloud via a set of auditable proxy servers.

Streamlined deployment and management — McAfee GTI Proxy is delivered as a VMware virtual appliance and managed by the McAfee ePolicy Orchestrator (ePO) platform. Optimized for efficiency, McAfee GTI Proxy requires little additional network overhead.

Real-time threat protection — Leveraging McAfee GTI via the cloud to resolve real-time file reputation queries, McAfee GTI Proxy identifies suspicious files that may contain malware.

Features & Benefits

Leverage local intelligence

McAfee GTI Proxy supports custom reputation entries enabling local intelligence to override the McAfee Global Threat Intelligence reputation response. Administrators can specify whether a triggered file should have a clean or unclean response regardless of the reputation given by McAfee, enabling rapid response to suspected threats and false positive prevention.

Stop malware in real time

Close the protection gap with McAfee Global Threat Intelligence (GTI). McAfee GTI offers comprehensive, real-time protection against both known and emerging threats and McAfee GTI Proxy enables GTI support for VirusScan Enterprise clients. McAfee GTI, a cloud-based service using reputation-based threat protection in addition to other techniques, correlates real-world data collected from millions of sensors globally and delivers automated intelligence to VirusScan Enterprise via the GTI Proxy.

Implement a highly scalable, cost-effective solution

Support up to 100,000 PCs per virtual appliance, reducing management costs.

Ensure secure data transmission

Communications between GTI Proxy and the McAfee cloud are handled via UDP wrapped in SSL (which is DTLS on port 443).

System Requirements

These are minimum system requirements. Actual requirements will vary depending on the nature of your environment.

McAfee Components

  • McAfee ePolicy Orchestrator (ePO), version 4.6
  • McAfee VirusScan Enterprise, version 8.7 or 8.8
  • McAfee Global Threat Intelligence file reputation (formerly known as Artemis) technology

VM Infrastructure

  • VMware Workstation 8
  • VMware ESX 4.x
  • VMware ESXi 4.x/5.x

Server

  • Distributed as VMware appliance image
  • 64-bit guest operating system running McAfee Linux (MLOS)
  • Disk space: Minimum of 35 GB available
  • Minimum of 2 GB RAM available
  • 64-bit CPU

Resources

Data Sheets

McAfee GTI Proxy

For a technical summary on the McAfee product listed above, please view the product data sheet.

FAQ

McAfee Global Threat Intelligence FAQ

Get answers to commonly asked questions about McAfee Global Threat Intelligence and McAfee GTI Proxy.

Community

Blogs

  • Four Ways to Stretch Your SIEM For Complete Protection
    Karl Klaessig - May 11, 2015

    Organizations and enterprises today are more aware than ever of the dangers posed by cybercriminals and advanced persistent threats (APTs). So, how can they fight back against these online threats in a situation where one size never fits all? One solution that we tout in our ‘When Minutes Count’ report: stretch your Security Information and […]

    The post Four Ways to Stretch Your SIEM For Complete Protection appeared first on McAfee.

  • Brazilian Banking Malware Hides in SQL Database
    Guilherme Venere - May 8, 2015

    Spam is a plague that has given headaches to system administrators and users for years. A lot of spam tries to sell “performance enhancement” medicine or lure us to suspicious websites. But one of the main uses of spam, which appears to be making a comeback, is the distribution of malware through email attachments. This […]

    The post Brazilian Banking Malware Hides in SQL Database appeared first on McAfee.

  • Your Network Security Diagnosis
    Steve Smith - April 21, 2015

    How are you feeling right now about your network security? Are you worried about stealth attacks across multiple vectors? Trying to keep to a long-term security strategy that is constantly changing due to evolving attacks and hopeful new products? Struggling to stitch together a cohesive view from all of the previously promising new products? Constantly […]

    The post Your Network Security Diagnosis appeared first on McAfee.

  • Botnet to Cybersecurity: Catch Me If You Can
    Raj Samani - April 15, 2015

    Tracking and disrupting the crime ring behind a polymorphic botnet.  On April 8, global law enforcement, with the assistance of Intel Security/McAfee, took down the Beebone botnet, which propagates a particularly tricky polymorphic worm. Law enforcement and criminals often act like predators and prey, each evolving and adapting, trying to gain an advantage. A few […]

    The post Botnet to Cybersecurity: Catch Me If You Can appeared first on McAfee.

  • Reducing your breach risk through vendor consolidation
    Simone Spencer - April 9, 2015

    With organizations falling victim to costly cyber-attacks at an increasing rate, there is growing concern from information security professionals on how to reduce breach exposure.  The recent high-profile data breaches are wake up calls for organizations and consumers alike. According to Ponemon Institute’s annual study on data breach preparedness 43% of companies have experienced a […]

    The post Reducing your breach risk through vendor consolidation appeared first on McAfee.

Threats and Risks