McAfee Advanced Threat Defense

McAfee Advanced Threat Defense

Detección avanzada del malware persistente de día cero

Próximos pasos:

Descripción general

Hoy día, los ataques selectivos se diseñan para vencer a los sistemas de seguridad con distintas tácticas que confunden a las defensas o las esquivan.

Como parte de la solución McAfee Advanced Threat Defense, McAfee ha transformado la detección conectando funciones de análisis de malware avanzado con defensas —desde el perímetro de las redes hasta los puntos terminales— y compartiendo la información sobre amenazas con todo el ambiente de TI. Al compartir dicha información sobre amenazas con los sistemas de administración, redes y puntos terminales, McAfee cierra de inmediato las comunicaciones de mando y control, pone en cuarentena los sistemas expuestos a riesgos, bloquea las instancias adicionales de la misma amenaza o de amenazas similares, evalúa dónde han podido producirse daños y toma medidas.

McAfee Advanced Threat Defense permite a las organizaciones no solo detectar los ataques sigilosos actuales, sino también convertir la información en acción y, por último, en protección.

Aborde los tres requerimientos clave necesarios para resolver el problema de las amenazas avanzadas de hoy día: detectar, bloquear y corregir. McAfee Advanced Threat Defense descubre el malware avanzado y se integra con las soluciones de seguridad de McAfee para bloquear amenazas, identificar equipos vulnerables e iniciar acciones correctoras.

Best Practices Against Advanced Threats

Gartner Digital Newsletter

Read Now

See McAfee Advanced Threat Defense in action: Videos, demos & technical guides

Learn More

Fighting advanced threats one layer at a time

View Infographic

Características y beneficios

Garantiza que las amenazas avanzadas se detecten con mayor precisión

Reduzca la posibilidad de que se pase por alto la detección de malware así como de que se produzcan falsos positivos. McAfee Advanced Threat Defense usa un sofisticado sistema de análisis de código estático y dinámico (sandboxing) para realizar evaluaciones más detalladas y ofrecer información sobre la clasificación del malware. El malware sigiloso y las amenazas persistentes de tipo zero-day se empaquetan u ocultan para pasar desapercibidos. McAfee Advanced Threat Defense emplea un potente sistema de descompresión para romper la protección a través de técnicas de evasión, lo que permite un análisis y una clasificación precisa. Gracias a su gran compatibilidad con distintos sistemas operativos, las amenazas se analizan en las mismas condiciones que se haría en el perfil del host real, por lo que se captura más malware con menor cantidad de falsos positivos.

Responde a las amenazas con mayor rapidez

Pase rápidamente y sin problemas del análisis y la detección del malware avanzado a la protección y solución de las amenazas avanzadas, una estrategia más completa y eficiente para abordar el problema del malware. Selección degradada: primero se utiliza una combinación de las firmas, la reputación y la emulación en tiempo real, para poder identificar rápidamente una amplia gama de malware, gracias a lo cual se consigue una detección rápida y la reducción de la cantidad de archivos que requieren un análisis más exhaustivo de forma aislada.

Menor costo total de propiedad

La implementación centralizada de la solución permite que varios dispositivos de red de McAfee compartan el mismo dispositivo de análisis de malware, lo que reduce la cantidad necesaria de dispositivos de protección contra las amenazas avanzadas. Simplifica así la administración y permite ampliar la seguridad de la red de forma rentable. McAfee Threat Defense Advanced puede sacar partido de las soluciones de seguridad de McAfee existentes, lo que reduce la necesidad de rehacer la arquitectura de la red y minimiza los costos de operaciones.

Mejor coordinación: los componentes de seguridad funcionan como uno solo.

La estrecha integración reduce el tiempo que transcurre entre la detección y la contención y la protección. Gestiona las alertas de forma eficiente gracias a flujos de trabajo simplificados, y mantiene el rendimiento y la implementación de políticas. Admite OpenIOC y STIX, dos estándares abiertos para indicadores de peligro e información sobre amenazas, lo que refuerza aún más la integración.

Requisitos del sistema

McAfee Advanced Threat Defense es un dispositivo autosuficiente. No hay requisitos mínimos del sistema de software o hardware.

Componentes de hardware del dispositivo ATD-6000 ATD-3000
Dimensiones 2RU montados en bastidor 43,79 cm (ancho) x 8,74 cm (alto) x 73,05 cm (profundidad) 1RU montado en bastidor 43,81 cm (ancho) x 4,31 cm (alto) x 73,06 cm (profundidad)
Peso 22,7 kg. 15 kg
Almacenamiento Espacio en disco: 4 x 4 TB
SSD (unidad de estado sólido): 2 x 800 GB
Espacio en disco: 2 x 4 TB
SSD (unidad de estado sólido): 2 x 400 GB
Consumo eléctrico máximo 1.600 W cada unidad 750 W cada unidad
Fuentes de alimentación redundantes CA redundante, intercambiables en caliente
Voltaje de CA 100-240 V a 50-60 Hz y 8,5 amperios 100-240 V a 50-60 Hz y 5,8 amperios
Temperatura De 10 a 35 °C (en funcionamiento) De -40 a 70 °C (inactivo)
Humedad relativa (sin condensación) En funcionamiento: de 10 % a 90 % Inactivo: de 50 % a 90 %
Altitud De 0 a 3.000 metros
Certificado de seguridad Licencia UL 1950, CSA C22.2 Nº 950, EN-60950, IEC 950, EN 60825, 21CFR1040 CB e informe que cubre todas las desviaciones por país
Certificación EMI FCC sección 15, Clase A (CFR 47) (Estados Unidos), ICES-003 Clase A

Videos

Vídeos

Learn how McAfee Advanced Threat Defense works with your current security from network to endpoint to protect against threats.

Malware is becoming more evasive than ever before, making sandbox detection difficult. Ensure your team catches stealth, zero-day malware with McAfee Advanced Threat Defense.

Jon Oltsik, Sr. Principle analyst, Security at ESG talks about today’s trends in advanced malware, detection options, and the importance of integration between endpoint and network solutions for protection, context and increased ability to respond. Jon shares his impression of McAfee Advanced Threat Defense.

Premios y reseñas

Miercom
Miercom: Advanced Threat Analysis — Capabilities and Catch Rates

Existe una amplia variedad de estrategias tecnológicas para vencer a las amenazas sofisticadas, y sus opciones de implementación y grados de eficacia son diferentes. ¿Cuál es la solución adecuada para su red? Este webcast explica qué funciones buscar en las soluciones de análisis de amenazas avanzadas. Rob Smithers, presidente y gerente general de Miercom, habla extensamente de la experiencia práctica que ha tenido probando la eficacia de los sistemas de análisis de amenazas avanzadas más importantes.

Resultados de las pruebas de McAfee Advanced Threat Defense
Resultados de las pruebas de McAfee Advanced Threat Defense

AV-TEST realizó una prueba del dispositivo McAfee Advanced Threat Defense para determinar su capacidad de detección de malware.

CRN clasifica a McAfee entre las 25 mejores empresas de 2013 con las que asociarse
CRN clasifica a McAfee entre las 25 mejores empresas de 2013 con las que asociarse

Las clasificaciones de CRN, elaboradas a partir de la puntuación otorgada por proveedores de soluciones de TI, seleccionan a los 25 proveedores tecnológicos imprescindibles de un listado de cerca de 230 empresas, con 12 categorías de productos que los proveedores de soluciones han de tener en cuenta al formalizar sus asociaciones hoy y en el futuro. Se encuestó a 1000 proveedores de soluciones de todo tipo y tamaño.

SC Magazine
Premios de SC Magazine a la fiabilidad otorgada por los lectores, en la categoría de "mejor protección contra amenazas avanzadas y persistentes"

SC Magazine sitúa a McAfee entre los finalistas a los premios a la fiabilidad otorgada por los lectores, en la categoría de "mejor protección contra amenazas avanzadas y persistentes".

Productos relacionados

McAfee Advanced Threat Defense forma parte de la cartera de productos de seguridad para la red de McAfee y de nuestro marco integrado McAfee Security Connected. McAfee ha transformado la detección conectando funciones de análisis de malware avanzado con defensas —desde el perímetro de las redes hasta los puntos terminales— y compartiendo la información sobre amenazas con todo el ambiente de TI.

McAfee Next Generation Firewall
McAfee Next Generation Firewall protege a las empresas contra los ataques más avanzados con defensas innovadoras, de alta disponibilidad, escalables y flexibles, respaldadas por Security Connected, el ecosistema antiamenazas más amplio y sofisticado.

McAfee Network Security Platform
McAfee Network Security Platform es una solución de seguridad exclusiva que descubre y bloquea las amenazas sofisticadas a las redes. Mediante el uso de técnicas de detección avanzadas, defiende de los ataques silenciosos con gran precisión a velocidades de hasta 80 Gbps, además de proporcionar información contextual completa de usuarios, dispositivos y aplicaciones para responder de forma más rápida y exacta a los ataques dirigidos contra las redes.

McAfee Threat Intelligence Exchange
McAfee Threat Intelligence Exchange optimiza significativamente la prevención de amenazas y reduce de días, semanas y meses a milisegundos el tiempo que transcurre entre la detección y la contención de los ataques selectivos avanzados.

McAfee Enterprise Security Manager
McAfee Enterprise Security Manager proporciona la velocidad y el contexto completo necesarios para identificar las amenazas más graves, responder con rapidez y abordar con facilidad los requisitos para cumplir con las normativas. La continua información global de amenazas y del riesgo empresarial proporciona una gestión de riesgos adaptativa y autónoma. Las medidas correctivas contra las amenazas y la generación de reportes de cumplimiento se realizan en cuestión de minutos en lugar de horas.

McAfee Web Gateway
McAfee Web Gateway, que puede implementarse en sus propias instalaciones a través de aplicaciones o bien en un entorno virtual, ofrece una potente protección proactiva contra las amenazas de día cero, el spyware y los ataques dirigidos a un objetivo. McAfee Web Gateway combina esta seguridad avanzada con un control granular y flexible, lo que permite a su empresa aprovechar al máximo la Web sin exponerse a ningún riesgo.

McAfee Email Gateway
McAfee Email Gateway consolida la protección contra las amenazas entrantes, la encriptación, las funciones avanzadas de cumplimiento de normativas, la prevención de pérdida de datos y la administración a través de un único dispositivo fácil de instalar y de utilizar. Acaba con la defensa ineficaz que proporcionan los productos independientes, simplifica los ambientes de seguridad que cuentan con productos de varios proveedores y reduce los costos operativos, al tiempo que refuerza notablemente la seguridad del correo electrónico.

McAfee ePolicy Orchestrator
McAfee ePolicy Orchestrator (ePO) es un componente clave de la plataforma McAfee Security Management y el único software de categoría empresarial que ofrece una gestión unificada de la seguridad de los puntos terminales, las redes y los datos. Con una visibilidad integral y una potente automatización que reducen drásticamente los tiempos de respuesta a incidentes, el software McAfee ePO refuerza la protección de forma espectacular y reduce el costo y la complejidad de administrar los riesgos y la seguridad.

Noticias y acontecimientos

Experiencias de los clientes

City of Chicago (English)

Chicago protects its critical infrastructure with an integrated solution from McAfee, combining SIEM, endpoint, and network security.

Aspectos destacados
  • Maximized staff resources.
  • Malware incidents reduced by 2,000%.
  • Centralized management and analysis.
  • Integrated security event logging that captures events throughout the environment.

Eagle Rock Energy (English)

Eagle Rock strengthens its security infrastructure with the addition of new security management and network security solutions.

Aspectos destacados
  • Integrated security architecture paves the way for business expansion.
  • Comprehensive threat detection ensures that security events from every source are noted and logged.
  • The combination of McAfee Web Gateway and McAfee Advanced Threat Defense thwarts inbound threats from the Internet.
  • Intrusion prevention monitors both external and internal activity.

Recursos

Fichas técnicas

McAfee Advanced Threat Defense

Si desea ver un resumen técnico del producto McAfee indicado, consulte la ficha técnica del mismo.

Infographics

SANS Top 20 Critical Controls Poster (English)

The top 20 critical controls for effective cyberdefense.

Deeper Inspection. Better Threat Protection. (English)

Malware is becoming more complicated, covert, and clever. Your advanced threat protection solution needs to have just as cunning of a response.

Bury Threats Before They Bury Your Business (English)

Bury threats with McAfee’s Network Security Platform comprehensive signature-less approach to malware detection.

ADOPTE UNA ESTRATEGIA INTEGRADA PARA LAS AMENAZAS AVANZADAS

With today's advanced malware threats, IT departments need to expand their coverage with an appropriately configured security infrastructure. Finding, freezing and fixing advanced exploits fast requires a fully integrated, well managed approach to IT security.

Libros blancos

SANS Survey: Incident Response – How to Fight Back (English)

SANS recently surveyed incident response (IR) teams to get a clearer picture of what they're up against today. The results are in; most organizations lack formalized IR plans, they expressed a need to collect and correlate threat intelligence and SIEM tools are their focus for improving IR capabilities.

Preventing Targeted Attacks with McAfee's Advanced Threat Defense (English)

In this white paper, IDC outlines McAfee Advanced Threat Defense (ATD) within the context of the specialized threat analysis and protection market. Our centralized approach to malware analysis, deep integrations across the product portfolio, and three-pronged focus on "Find, Freeze, Fix" as a way of dealing with threats is unique within the market and provides a more holistic approach than other detection-oriented products.

Conquer the Top 20 Critical Security Controls (English)

Critical Security Controls (CSCs) help organizations break down operational silos by providing a pragmatic blueprint detailing where to focus efforts to achieve the greatest results. This white paper maps the quick wins within the first five CSCs to associated McAfee products, services, and partner solution capabilities — all part of the Security Connected platform.

Build a Better Sandbox (English)

As malware becomes more sophisticated and evasive, new technologies are emerging to uncover threats no matter how well they’re camouflaged. This white paper proposes a logical design strategy for dynamic malware analysis that optimizes detection effectiveness, efficiency, and economics.

Advanced Targeted Attacks: It Takes a System (English)

Adaptive intelligence and real-time communications orchestrate protection in the McAfee Security Connected Platform.

Planes detallados de tecnología

Find, Freeze, and Fix Advanced Threats (English)

Your organization is asking for an advanced malware detection and response strategy that’s sophisticated and adaptive against hacker attacks. Several design trends in advanced malware security affect the performance, efficacy, cost, and management complexity of an overall solution. What’s your next step?

Reportes

Market Quadrant: McAfee Advanced Threat Defense is Top Player (English)

This edition of Radicati Market Quadrants reviews products that offer protection from advanced persistent threats.

ESG Report: Tackling Attack Detection and Incident Response (English)

This report examines organizations’ security strategies, cyber-attack environments, incident response challenges and needs. A survey found that security professionals are inundated with security incidents and struggle with timely identification and resolution of targeted attacks. A lack of visibility into user and network activity, shortage of investigative skills and experience, and poor security analytics capabilities are key factors in slowing organizations’ response to incidents.

Gartner Digital Newsletter: Best Practices Against Advanced Threats (English)

The newsletter includes access to Gartner research ‘Five Styles of Advanced Threat Defense’ and discusses how Intel Security solutions help organizations with every aspect of their advanced threat defense strategy and has uniquely integrated them to provide a powerful security platform.

NSS Labs Product Assessment Brief: McAfee Advanced Threat Defense (English)

This report reviews McAfee Advanced Threat Defense, outlining strengths, weaknesses, opportunities and threats.

SANS Analytics and Intelligence Survey (English)

This paper explores the use of analytics and intelligence today and exposes the impediments to successful implementation. Organizations that are deploying analytics and intelligence properly are experiencing faster response and detection times, as well as greater visibility. However, many are confused about how to integrate and automate their intelligence collection processes.

SANS Report: Critical Security Controls: From Adoption to Implementation (English)

A recent SANS survey provides an in-depth look at the primary industries adopting critical security controls and how they approach implementation.

McAfee Advanced Threat Defense Test Results (English)

AV-TEST performed a test of the McAfee Advanced Threat Defense appliance to determine its malware detection capabilities.

ESG Lab Validation Report: McAfee Advanced Threat Defense (English)

This ESG Lab Validation report documents hands-on testing of McAfee Advanced Threat Defense, a key component of McAfee’s end-to-end solution for addressing advanced malware. Testing was designed to explore how the solution accurately detects advanced malware using a layered approach, the speed and effectiveness of responding to an attack, and the operational efficiencies of this integrated solution.

Gartner Report: Designing an Adaptive Security Architecture for Protection from Advanced Attacks (English)

Most enterprise security protection efforts and products have focused primarily on blocking and prevention techniques as well as on policy-based controls to block threats. However, perfect prevention is impossible. Advanced targeted attacks are easily bypassing traditional firewalls and signature-based prevention mechanisms. All organizations should now assume that they are in a state of continuous compromise.

McAfee IPS Appliance Test (English)

AV-TEST performed a review of McAfee’s IPS solution for the enterprise to determine malware detection and blocking capabilities.

The Economic Impact of Cybercrime and Cyber Espionage (English)

This report discusses how to estimate the cost of malicious cyber activity, and its effect on trade, technology and competitiveness.

Resúmenes de soluciones

Advanced Threat Defense for SIEM (English)

When advanced detection solutions, known as sandboxes, collaborate with SIEM solutions, enterprises can better understand and respond to unknown, advanced attacks. McAfee Advanced Threat Defense and McAfee Enterprise Security Manager work in concert to extract relevant data from advanced malware and dramatically reduce time to response by minimizing uncertainty and accelerating remediation.

A Well-Connected Sandbox (English)

A well-connected sandbox that is integrated from the network edge to endpoints is one of the most effective defenses against today’s constantly morphing and evasive advanced threats. This brief explains how McAfee Advanced Threat Defense, when integrated with other Intel Security solutions, provides an effective defense against zero-day threats.

Advanced Threat Defense for the Email Gateway (English)

Email is a vital communication vehicle for just about every business these days—and it is also a key threat vector for cybercrooks who are looking to steal valuable data or execute inbound attacks. As part of our unified, integrated Security Connected framework, McAfee Email Gateway and McAfee Advanced Threat Defense work together to find and freeze new, unknown, and stealthy advanced threats. For a complete end-to-end solution, add McAfee Real Time to the mix to quickly identify and fix systems impacted by advanced malware.

McAfee Advanced Threat Defense for McAfee Web Gateway (English)

Social networks, cloud applications, and content-sharing sites have become essential business tools and IT organizations are struggling to make them safely accessible from inside and outside the corporate environment. Read this Solution Brief and see how McAfee Threat Defense for McAfee Web Gateway helps overcome the obstacles.

Abuse of Trust (English)

Attackers prey upon the institution of trust in many ways, with exploiting unsuspecting victims the primary pursuit. Learn how McAfee security technology can help protect against attacks seeking to abuse the trust your company has in its day-to-day operations.

Advanced Threat Defense for Next-Generation Firewalls (English)

Next-generation firewalls certainly offer expanded network security for branch offices and remote locations, but they can’t find and block stealthy, advanced malware. Through the Security Connected approach from McAfee, Advanced Threat Defense and McAfee Next Generation Firewall work hand-in-hand to find and freeze today’s evasive and targeted cyberattacks.

Seguridad en conjunto

McAfee Threat Intelligence Exchange and McAfee Advanced Threat Defense work together to provide enterprises with automated, adaptive threat response, which reduces time-to-containment of malicious files. The moment a file is convicted, the entire security infrastructure is informed and updated immediately, providing greatly enhanced visibility and control, from endpoint to network.

McAfee Delivers Comprehensive Threat Protection for the Financial Services Industry (English)

This solution brief explains how the McAfee Security Connected approach provides advanced threat protection for the financial services industry and prevents targeted attacks.

Advanced Threat Defense para IPS de redes

Many of today’s unknown, zero-day threats evade traditional defenses like intrusion prevention systems (IPS). The addition of third-party sandbox appliances can help, but they have several limitations: high cost of deployment, reliance on a generic virtual execution environment that may overlook target-specific attacks, and reliance solely on dynamic analysis, making the sandbox vulnerable to malware can detect secure environments and delay execution. McAfee Network Security Platform IPS and McAfee Advanced Threat Defense work together to find sophisticated threats, freeze them so they cannot infiltrate, and fix the damage done.

Advanced Threat Defense para IPS de redes

Many of today’s unknown, zero-day threats evade traditional defenses like intrusion prevention systems (IPS). The addition of third-party sandbox appliances can help, but they have several limitations: high cost of deployment, reliance on a generic virtual execution environment that may overlook target-specific attacks, and reliance solely on dynamic analysis, making the sandbox vulnerable to malware can detect secure environments and delay execution. McAfee Network Security Platform IPS and McAfee Advanced Threat Defense work together to find sophisticated threats, freeze them so they cannot infiltrate, and fix the damage done.

McAfee Advanced Threat Defense: Services solutions for Managed Service Providers (MSP) (English)

IT organizations are focused on shifting budgets from capital expenditures (CAPEX) to operational expenditures (OPEX) in an environment where in-house investments can easily get outpaced by an increasingly sophisticated cybercrime ecosystem. McAfee Advanced Threat Defense can help you to differentiate your services and protect customers against zero-day attacks by offering the industry’s most comprehensive threat protection.

Comunidad

Blogs

  • Government Agencies Should Turn to CDM During 30-Day Sprint
    Tom Gann - junio 29, 2015

    The fallout from the OPM breach continues with news that clearance information may have been stolen and that more than 10 million federal employee records may have been breached. In response, the White House has ordered every agency to engage in a “30 day sprint” to shore up and bolster their defensive cybersecurity capabilities. During […]

    The post Government Agencies Should Turn to CDM During 30-Day Sprint appeared first on McAfee.

  • Hackers Gonna Hack! Here’s How to Fight Back
    Paul Zimski - junio 23, 2015

    Nobody ever said network defense was easy. If you’re in charge of protecting your enterprise’s digital assets, the one thing you always seem to be fighting is time. Even after you have read every security analyst report on the market and deployed best-of-breed security products, if your IT security and data protection tools don’t work […]

    The post Hackers Gonna Hack! Here’s How to Fight Back appeared first on McAfee.

  • Securing Private and Hybrid Clouds
    Raja Patel - junio 5, 2015

    As-a-service models offer huge opportunities, but also complicate security. Sometimes the easiest way to migrate to a new architectural modelis to let others do the work, others who are experts in their field. This has given rise to many as-a-service models throughout the industry and across the entire technology stack, from software to infrastructure. While […]

    The post Securing Private and Hybrid Clouds appeared first on McAfee.

  • ESG Lab Spotlight on SIEM
    Karl Klaessig - junio 2, 2015

    It’s no secret that today’s attack surface is growing. Everywhere you turn there’s news of a new breach or targeted attack. Look around you – is your mobile device nearby? The answer is most likely yes. In a world of connected devices and people on the go, our affinity for multi-tasking is in turn causing […]

    The post ESG Lab Spotlight on SIEM appeared first on McAfee.

  • Did a Hacker Take Control of a Commercial Airplane?
    Gary Davis - mayo 20, 2015

    As the popular saying goes, what goes up must come down. And if you’re on a flight, both elements should be done in a controlled manner. Thankfully, we have a lot of people working across industries to make sure that all flights take off and land safely — and that includes the cybersecurity industry. But […]

    The post Did a Hacker Take Control of a Commercial Airplane? appeared first on McAfee.