McAfee Aims to Protect Critical Infrastructure from Increased Attacks

McAfee and Intel® Develop “Joint Implementation” to Demonstrate Situational Awareness and Multi-zone Protection for Energy Infrastructure

SANTA CLARA, Calif., 15 May, 2012 - McAfee announced a collaboration with Intel to better protect the world’s energy utility ecosystem, including generation, transmission and distribution, from increased cyber attacks. The two companies have provided a blueprint for a comprehensive solution of multiple products that create layers of security and operate together without great complexity or without impacting availability.

Solutions from McAfee and Intel deliver a variety of technologies for securing the energy infrastructure environments, decreasing chances of malicious attacks, increasing uptime and decreasing resource-intensive responses to fix and update systems. The “reference implementation” created mirrors real-world energy infrastructure platforms and environments so customers can see the technology implemented fully and integrated across endpoint, network and cloud. The solution is focused on satisfying the energy industries need for situational awareness, seamless multi-zone protection, native supervisory control and data acquisition (SCADA) support, and remote device management.

Joint Reference Implementation
McAfee and Intel created a “reference implementation” that integrates a number of McAfee security solutions relevant to substations and network operations centers with selected Intel processors and hardware-based security and manageability technologies. The reference implementation emulates the components and functionality commonly found in a critical infrastructure environment. The added capability of end-point security, network security and security management solutions can deliver a secure environment with increased reliability.

The "reference implementation" allows the audience to witness the system response of an unsuccessful cyber-attack thwarted by McAfee Embedded Control and the impact of a successful attack on an "improperly configured" system. The audience can see how the critical infrastructure operator can remotely and securely mitigate the threat of the comprised "improperly configured" system with McAfee's ePolicy Orchestrator coupled with Intel® vPro™ Technology.

Protecting utility infrastructure is challenging for many reasons including network diversity, data overload, complex endpoint management and tools that lack the right security context for energy. McAfee unifies situational awareness and multi-zone protection using purpose-built, compliance-oriented solutions to prevent attacks in real-time. This end-to-end security solution features remote management using Intel AMT to lower device support costs.

"To adequately secure critical systems against cyber attacks, the right products and technologies must be integrated into the entire infrastructure—from the enterprise, to the SCADA and control systems, and even to the automated device networks—without impacting reliability or interfering with operations,” Eric Knapp, critical infrastructure expert at McAfee. “McAfee, together with Intel, has combined commercially-available chipset capabilities and cyber security products into the perfect recipe for substation security, providing advanced protection while removing operational complexity, and improving reliability through remote manageability."

Challenges Facing Energy Infrastructure
The complexity and diversity of the electrical power delivery systems make protecting them from cyber attacks very difficult. Energy provider’s infrastructure is comprised of a diverse set of networks that cannot be effectively secured by simply adding technologies designed for typical enterprise IT environments. Many of the power grids’ aging assets predate the internet revolution and are particularly vulnerable from attack and unable to identify or report malicious activity up the network chain. Substations, known as one of the most vulnerable parts of the smart grid, are particularly at risk from attack. Meanwhile, hackers have grown more sophisticated, increasing the need to defuse or deter zero-day and more sophisticated attacks.

Securing electric power delivery is an enormous task because of:

  • Multiple zones included: Corporate IT, SCADA, and device networks: Each different zone has unique technical challenges.

  • Coping with “big data” overload: Security devices on the network produce incredibly large number of logs, overwhelming stretched IT departments.

  • Simplifying endpoint manageability and improving visibility: Energy endpoints are spread geographically and rarely updated and, many times, lack the ability to detect or communicate and identify a security breach. Device failures can be costly especially when they require updates if not properly managed.

  • Providing the right security context for the grid: Standard IT products don’t have the right features to identify issues within the energy infrastructure or don’t understand the unique utility lexicon making it difficult to apply specialized measures need for control systems.

For more information go to: http://www.mcafee.com/us/enterprise/reference-architecture/protect-critical-infrastructure.aspx

About McAfee
McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), is the world's largest dedicated security technology company. McAfee delivers proactive and proven solutions and services that help secure systems, networks, and mobile devices around the world, allowing users to safely connect to the Internet, browse and shop the Web more securely. Backed by its unrivaled Global Threat Intelligence, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee is relentlessly focused on constantly finding new ways to keep our customers safe. http://www.mcafee.com

Note: McAfee and ePolicy Orchestrator are trademarks or registered trademarks of McAfee, Inc. in the United States and other countries. Other names and brands may be claimed as the property of others.

McAfee
Sal Viveros, 408-346-5624
Sal_Viveros@mcafee.com
or
H3O Communications
Heather Edell, 415-618-8814
heather@h3ocommunications.com