Readiness requires continuous awareness of what assets and data are on the network and what is going on inside and outside the network — right now. It depends on a common operational picture: visibility and situational awareness across defense and tactical networks, comparison of internal activity and external activity on similar networks, and knowledge of restricted and unrestricted networks away from the battlefield.
Overcome obstacles — A single picture can be difficult for organizations using compartmentalized controls and processes. For example, defense networks, especially military networks, rely on responsiveness and rapid access to data. Users and administrators perceive standard process-heavy security controls to be obstacles to agility. For this reason, many tactical systems are exempt from security audits and excluded from traditional risk management. Complicating change, stakeholders often hesitate to relinquish control over their cyberenvironments. However, weak controls and siloed systems prevent timely action against advanced targeted attacks and data breaches, including insider threats.
View a complete operational picture — McAfee cyber readiness solutions enable a continuous understanding of the entire protected network and the ability to assess risk dynamically across three key dimensions: on the network (network devices, endpoints, users, and data), inside the network (behavior), and outside the network (threat intelligence). McAfee combines solutions for discovery, prevention, detection, response, and audit within a centralized management console enriched with threat intelligence feeds. Collectively, these solutions help detect and remediate threats sourced from inside and outside the network — even advanced stealth attacks and zero-day threats.
Act on intelligence — An extensible data collection and monitoring framework within McAfee solutions fuses machine-to-machine (M2M) and threat intelligence with IT and mission data from endpoints, servers, databases, and applications — including network and system logs. These data streams feed rich analytics that support a proactive risk management posture: continuous monitoring, assessments, and forensic investigations on a large scale. They provide cyber readiness across the cybersecurity battlefield — on the front lines and throughout the networks that enable the mission behind the scenes.
Uses advanced network crawling technology to index sensitive data stored anywhere on your network and allows you to mine this information to quickly understand your sensitive data, how it is used, who owns it, and where it has proliferated.
Protects against insider threats. Recognizes TITUS metadata markings on any document and can use these markings as well as “fingerprints” to control the movement of sensitive data to removable devices or through email messaging (takes action such as release, block, restrict, or encrypt).
Enforces data policies within domains and across Internet, enterprise, and partner boundaries to help prevent data loss and misuse. Integrates with McAfee Email Gateway and McAfee Web Gateway to block leakage or theft of sensitive and TITUS-marked data through protocols including HTTP, IMAP, and FTP.
Provides predefined defenses and threat monitoring to secure database applications against exploitation and misuse. Works with McAfee ePolicy Orchestrator to improve data readiness through centralized policy management and event collection. Can discover and identify critical repositories.
Scans the network for databases and also uses preset patterns to identify tables containing restricted information. Determines if the latest patches have been applied, tests for weaknesses, and then prioritizes and recommends remediations.
Passively monitors network traffic to detect and characterize devices hidden on your network as well as smartphones, tablets, and laptops that come and go between scheduled scans, updating the asset database in McAfee ePO.
Checks and reports endpoint compliance using an agent integrated with McAfee ePO.
Works with McAfee Policy Auditor, McAfee Vulnerability Manager, and McAfee ePO to dynamically correlate threat, vulnerability, and countermeasure information across systems, data, and applications. This continuous monitoring helps you pinpoint at-risk assets, direct resources, and optimize patching. Risk assessments feed into McAfee Enterprise Security Manager for a unified view.
Using traditional active scanning plus the passive monitoring of the McAfee Asset Manager feature, this appliance delivers unrivaled scalability and performance that can keep track of the presence, configurations, and potential weaknesses of every asset and device on your network.
Centrally manages endpoint security and data usage controls, providing a view of host state information alongside active countermeasures. Integrates with McAfee Enterprise Security Manager and third-party products to provide real-time visibility into asset inventory, risk, and cyber readiness.
Provides a common operational dashboard and rich, high-speed analytics that promote early threat detection and forensic readiness. Scales to absorb vast and varied data feeds — from asset and threat intelligence to machine-to-machine, network, and system logs — which it correlates with other security-related events to present a unified and coherent picture of risk.
Learn more about intelligence-driven response and how it helps to build a resilient cyberdefense strategy.
The interoperability between TITUS Document Classification software and McAfee Data Loss Prevention (DLP) further reduces your risk of data loss by capturing end users’ inherent knowledge about the sensitivity of documents and making that information available to McAfee host and network-based DLP as visual classification labels and corresponding metadata.
Solera Networks, a platform for network security analytics, provides full context to any security event identified by the McAfee Network Security Platform.
McAfee delivers comprehensive network intrusion prevention to protect the Army's network.
Through its optimized, connected security architecture and global threat intelligence, learn how McAfee delivers security that addresses the needs of the military, civilian government organizations, critical sectors, and systems integrators.
Learn about the three cyber-readiness solution requirements: continuous asset intelligence, risk assessment across IT and operational assets, and integration with computerized decision support systems.
Continuous monitoring is a network lifestyle for greater resilience. It requires a shift in mindset, from reaction and documentation to proactive, data-centric, risk-based action.
Learn about the three frameworks required for intelligence-driven response to be effective — decision, detection, and analysis.
For efficient vulnerability assessment, it is necessary to step beyond point products and disparate tools and integrate vulnerability assessment into a broader enterprise workflow. An ideal solution combines the following capabilities into a cohesive framework: asset discovery and management, comprehensive vulnerability scanning, flexible reporting, and remediation workflows into a single vulnerability assessment solution.
To attain situational awareness, your organization must break down technical walls that keep teams and critical data separated. You must allow the decision makers managing your risk to see not only your internal infrastructure as a whole, but see beyond your perimeter to external actors, external dependencies, and all associated threats.
The McAfee solution has two primary components: McAfee Firewall Enterprise and McAfee Network Security Platform. The McAfee Firewall and the IPS appliance both have add-on features that can optimize your visibility into the network. McAfee SIEM and other optional products help extend visibility and analytics to more aspects of network traffic.
McAfee works closely with a partner, TITUS, to provide resilient data governance solutions that enable government customers to meet regulatory requirements, prevent sensitive data leakage, monitor user compliance, and respond quickly to security incidents.