內嵌安全軟體及解決方案

保護全球的嵌入式系統及裝置

後續步驟:

概觀

McAfee 嵌入式安全性解決方案能夠協助製造商確保本身的產品和裝置免於遭受網路威脅和攻擊。 McAfee 內嵌系統及裝置安全解決方案涵蓋多樣化技術,包括應用程式白名單、防毒與防惡意軟體保護、裝置管理和加密,所有技術均採用業界領先的 McAfee Global Threat Intelligence。我們的解決方案都能彈性調整,以滿足製造商內嵌裝置及其架構的特定設計需求。

透過 McAfee 內嵌裝置解決方案,製造商能夠實作全系列的安全性功能,其中包括:

  • 防惡意軟體保護 - McAfee 的應用程式白名單解決方案可避免惡意軟體侵害和感染內嵌裝置。 
  • 全面性威脅感知與分析 - 只要裝置需要存取網際網路,並透過網路進行通訊,McAfee 強大的 Global Threat Intelligence 即可確保透過網路傳輸的流量可供裝置安全使用。
  • 強大的資料加密 - 裝置需要進行安全的通訊時,McAfee 內嵌安全軟體可保護儲存與傳輸中的資料。
  • 簡化的裝置管理 - 輕鬆監測、管理和維護大規模全球分散部署的內嵌裝置。
  • 符合美國聯邦與產業規範 - 確保裝置符合各種規範與法規架構。
  • 資料遺失防護 - 確保裝置上的機密資料得到最高程度的防護。

Protect critical infrastructure and industrial controls

Read White Paper

Challenges and best practices for securing POS systems

Read Report

Security that’s built-in not bolted on

McAfee Embedded Control

Read White Paper

我們解決的問題

  • 缺少零時差防護
    駭客及網路竊賊不斷製造和發佈比起以往更加特別且具有破壞力的惡意軟體,因此必須運用可防範零時差攻擊的解決方案保護內嵌系統安全。McAfee 的白名單解決方案是解決嵌入式裝置安全性威脅的全新方法。
  • 生產裝置上未經授權的軟體變更
    所有類型嵌入式裝置和設備若有未經核准的變更,會導致系統關閉而造成重大損失,並可能引發資料遺失、非預期地失去裝置的控制力,以及各種法規罰款與處分。 應用程式白名單及變更控制可避免這些問題並提升裝置安全。
  • 與裝置安全問題相關的高額合作夥伴支援成本
    未經授權的裝置變更會導致裝置製造商耗費資源,以解決系統錯誤及故障。 強大的裝置變更控制功能有助於避免這類情況發生,確保不需要將支援人員派遣至客戶的設備現場。
  • 經常進行且所費不貲的作業系統修補
    每天都有新的安全性弱點被發現並公佈於網際網路。 這表示製造商及其客戶難以確保裝置能安全且不受到最新的入侵攻擊。 透過應用程式白名單之類的內嵌安全軟體,製造商即可鎖定執行階段環境,而有助於避免所費不貲的作業系統修補過程。
  • 未經授權的變更會導致高昂的現場維護成本損失
    當昂貴設備 (例如,CT 與 PET 掃描器等大型醫療裝置或自動化機械式製造設備) 上執行的軟體出現未經授權的變更時,裝置製造商及客戶都會遭受重大的財務影響。 對於製造商而言,將技術人員派遣至客戶現場解決問題不僅所費不貲,而且可能損及公司品牌形象及產品信用評價。 McAfee 推出的白名單及變更控制安全解決方案,可確保這些高成本的未經授權變更永不發生。
  • 滿足 PCI 法規遵循需求
    處理客戶交易所用的零售裝置通常需要嚴格遵循一系列的 PCI 要求。 應用程式白名單及變更控制有助於裝置製造商以及在商店中使用這些裝置的客戶達到和維持 PCI 法規遵循的狀態。
  • 資源密集的多重安全裝置解決方案,可提供安全並有助於法規遵循作業
    公司通常部署來自多個安全性廠商的眾多系列防禦產品,但是更新和維護如此複雜的網路防禦產品極為不易。變更企業安全做法以採用內嵌裝置安全保護,能夠有效降低成本,同時改善公司的安全狀況。使用白名單的做法能夠大幅減少公司內部複雜的安全性系統,並強化惡意零時差攻擊的防範效果。
  • 未經授權的變更會導致無法使用系統
    若昂貴的製造、醫療和財務系統發生未經授權的系統變更而停止運作時,公司會蒙受重大的財務損失,並且讓客戶產生不滿情緒。 在製造商的裝置中設計內嵌系統安全保護,能夠造福裝置製造商以及使用這些系統的客戶。

我們防護的裝置

McAfee 技術支援的內嵌裝置數量日益增加,且跨越多種產業。適用於嵌入式系統及裝置的 McAfee 安全性解決方案可提供有彈性的開放式架構,讓您依照需求加以自訂。

  • 航太工業/軍事:防護通訊系統、機械控制、導引系統、航空設備、定位和控制系統,以及無線網路。  
  • 汽車:防護偵測器、機械、系統對系統、遠端資訊服務、資訊娛樂系統、無線通訊,以及網路。
  • 數位生活:確保電視和家用網路裝置完全不會遭受惡意軟體的攻擊。
  • 遊戲:防護掌上型遊戲裝置和博奕機台。
  • 產業控制:防護重要設備、偵測器、監視器、自動控制和機械系統、通訊系統及網路系統。
  • 醫療:防護泵浦、監視器、通訊、網路、診斷、檢驗及掃描系統。
  • 零售/銷售點/數位招牌:防護自動櫃員機、收銀機、銷售點系統、機台、網路連線裝置、無線通訊系統、數位顯示器及照明。

 

支援的系統

架構

  • Intel
  • AMD
  • Power PC

作業系統

  • Windows
  • Linux
  • Wind River Linux
  • Android

示範

示範

This demo details how McAfee Embedded Control helps protect ATMs, registers and other retail systems and devices protected with built-in application whitelisting, change control, and integrated security management.

This demo explains how McAfee Embedded Control helps keep devices secure and operational with built-in application whitelisting, change control, and integrated security management for various industries.

This demo explains how McAfee Antivirus SDK and McAfee Embedded Reputation SDK help keep the data flow within communication devices secure.

This demo explains how McAfee Embedded Control helps keeps office devices secure and operational with built-in application whitelisting, change control, and integrated security management.

影片

McAfee、Intel 與 WindRiver 在 IoT 上攜手合作物聯網 (The Internet of Things, IoT) 提供所有大小企業近乎橫跨所有產業的新商機,以發展新服務、提高產能、改善即時決策、解決重要問題,並創造新的消費者體驗。當每天都有新連線的裝置在使用各式作業系統並蒐集各種資料時,公司面臨的是如何解決分割、互通性與最新情報的挑戰。為了解決這些挑戰,McAfee Embedded 團隊與 Intel 和 Wind River 合作,提供全方位的硬體與軟體策略,將裝置中的資料透過網路解鎖至雲端。

Embedded Security at Design West Conference 2013安全性架構設計人員 Mike Cioffi 探討 Embedded Security 的重要性,以及 McAfee 在這個領域中所提供的解決方案。

適用於醫療裝置的內嵌安全性瞭解 McAfee 在醫療裝置上內嵌安全性的方法與實作策略。特色技術包括:Embedded Control 及 McAfee ePO Deep Command。

保護您的印表機不致產生安全性漏洞、避免資料受到威脅McAfee 與 Xerox 已合作,於最新款的 Xerox 多功能印表機上提供並啟用 McAfee 的 Embedded Control,保護您的印表機不致產生安全性漏洞、避免機密資料受到威脅。

保護零售業的內嵌式系統Mike Cioffi 主講 (IDF 2012)。

醫療裝置的網路安全Tony Magallanez 主講 (IDF 2012)。

Intel 和 McAfee 結合技術以保護智慧型電網此影片展示 McAfee 與 Intel 如何結合系統及技術,以便在智慧網路間毫無瑕疵地管理與保護智慧型電網,避免未經授權的存取,且允許在發生漏洞時有容錯移轉功能。

使用 McAfee、Intel 及 Wind River 的醫療裝置安全性示範這項示範取自於 2011 年 Intel 的開發人員論壇,影片中顯示 Intel、Wind River 及 McAfee 在保護醫療裝置的安全上如何合作。裝置會受到 McAfee Embedded Control 保護,此為 McAfee 的白名單技術。

防護堆疊的安全性
McAfee 技術長 George Kurtz 將於 2011 年 RSA 會議發表主題簡報。

McAfee 和 Wind River 的合作夥伴關係
Wind River 總裁 Ken Klein 探討 McAfee 值得成為合作夥伴的關鍵要素。

客戶案例

Amada (English)

Amada relies on McAfee Embedded Control to provide a stable environment for their customer sheet metal machinery.

重點功能
  • Protects Amada machinery and allows for long-term software use.

Grass Valley (English)

Grass Valley Secures Real-Time Broadcasting and Video Production with McAfee Embedded Control

重點功能
  • Protects against viruses and other known threats as well as zero-day and advanced persistent threats.
  • Provides robust protection in an environment in which performance without latency is critical.
  • Requires minimal to no administration, maintenance, or updates.

HelpSystems (English)

HelpSystems is a global provider of solutions that optimize IBM environments.

重點功能
  • Virus protection across all platforms.
  • McAfee Labs research enables global, real-time protection.
  • McAfee brand and reputation help sales efforts.

Ricoh (English)

Ricoh depends on McAfee Embedded control to protect business content displayed on networked whiteboards.

重點功能
  • Whitelist approach provides comprehensive security while facilitating rapid startup and use.
  • Whiteboards can be shipped with security pre-configured and without requiring later updates that might affect performance.
  • McAfee Embedded Control offers scalable security to support future product enhancements.

Sodick (English)

Sodick relies on McAfee Embedded Control to provide networked electric discharge machining (EDM) solutions that comply with customers’ internal security policies.

重點功能
  • Whitelist approach provides comprehensive security without affecting system performance.
  • EDM systems can be confidently installed in customer sites with compliance and IT approval.
  • Embedded security offers protection for today’s highly efficient networked manufacturing environments.

Sysmex (English)

Sysmex securely tests devices in a networked setting with McAfee Embedded Control

重點功能
  • Whitelist approach provides ideal solution for closed lab testing devices.
  • Market leadership based on ability to provide the industry’s most secure solutions.

Thecus Technology Corporation (English)

Thecus Technology Corporation is a leading multinational provider of high-performance digital storage systems, well-known among global customers for its network-attached storage (NAS) solutions.

重點功能
  • Provided simple and fast downloading and installation in minutes without requiring IT support.
  • Integrated seamless and easily with Linux OS.
  • Blocked malware with an impressive success rate of 99%.

Xerox (English)

Xerox was drawn to the McAfee solution, track record in embedded, and relationship with Intel.

重點功能
  • Proactively blocked malicious behavior.
  • Protected against unauthorized access.
  • Provided a comprehensive audit trail.

產品

應用程式白名單

McAfee Embedded Control
McAfee Embedded Control

McAfee Embedded Control 著重在解決內嵌系統中採用商業作業系統所出現安全性風險增加的問題。Embedded Control 佔用空間低、低成本負荷、獨立於應用程式的解決方案,可提供「deploy-and-forget」(部署隨即忘記) 的安全性。

內嵌裝置管理

McAfee ePolicy Orchestrator
McAfee ePolicy Orchestrator

McAfee ePolicy Orchestrator (ePO) 是 McAfee Security Management 平台的主要元件之一,也是唯一可以統一管理端點、網路和資料安全的企業級軟體。McAfee ePO 軟體具備端對端可見度以及可以大幅縮短事件回應時間的強大自動化功能,能大幅強化內嵌裝置的防護,並且促進管理風險及安全的成本與複雜性降低。

Global Threat Intelligence

以 McAfee Global Threat Intelligence 為後盾的 McAfee GTI SDK
以 McAfee Global Threat Intelligence 為後盾的 McAfee GTI SDK

McAfee Global Threat Intelligence (GTI) 提供市場上最全方位的威脅情報。該產品使用多種偵測器,可充分掌握所有威脅媒介 (檔案、Web、訊息及網路)。McAfee® GTI SDK 為軟體檔案庫,提供 API 以便取得電子郵件、IP 位址、網路連線及 URL 的可信任度評等。這些評等可由內嵌裝置製造商直接整合入產品中,通常用來保護透過其裝置傳送的資料。

新聞 / 活動

資源

報告

Store Systems Security: Preparing for the Paradigm Shift (English)

McAfee and IHL Group surveys retailers on their top concerns for POS System Security.

Retail Reputations: A Risky Business (English)

As a consumer, you can research products, find out about return policies, general pricing, or service issues, but there’s one important piece of information missing—can you trust the retailer’s security and how they protect your information?

Smarter Protection for the Smart Grid (English)

Learn how securing the energy grid requires action on three fronts: technical, cultural, and political.

常見問題

Maintain Security for XP Systems (English)

Learn about how application whitelisting can maintain security for Microsoft Windows XP systems no longer supported by Microsoft.

Maintain PCI Retail Compliance for Systems No Longer Supported (English)

Learn about how to maintain PCI retail compliance for systems no longer supported.

白皮書

Strengthening Security, Control, and Compliance for Retail OEMs and Their Customers (English)

This white paper provides retail OEMs and their customers with insights into the technologies that are part of the McAfee embedded security solution, along with security, management, and compliance benefits made possible by shipping retail devices with security built in. You’ll learn how this integrated solution goes beyond device protection and extends security across the entire retail environment.

POS Security That Pays Its Own Way (English)

Adding McAfee Integrity Control to your POS solution simply makes your offering more appealing to your retailer customers.

解決方案概要

Securing the Internet of Things (English)

The Internet of Things (IoT, or Internet-connected smart devices) is rapidly changing the way we live and the way we do business. McAfee is working closely with OEMs to address the expanding security requirements of IoT devices for every layer—devices, connections, the cloud, and data centers.

Intel Gateway Solutions for the Internet of Things (English)

Discover the connectivity and interoperability benefits of intelligent gateways

McAfee Application Control Extends the Life of Legacy Microsoft Windows XP Systems (English)

McAfee Application Control provides an effective way to block unauthorized applications from running and will continue to support Windows XP systems even after Microsoft’s phase-out of support has taken effect.

Security for Military Grade Google Android Devices (English)

This solution brief looks at mobile device management and lockdown security from McAfee and Harris Corporation for Android tablets.

Security Consideration for Retail Systems OEMs (English)

Helping OEMs and retailers address a wide range of security challenges, Intel and McAfee have developed solutions that take advantage of leading-edge hardware and software technologies.

Increasing Utility Security, Multi-zone Protection, and Awareness of Industrial and Utility Infrastructure (English)

This combined solution uses Intel Core processor-based platforms, Intel vPro technology, and McAfee security solutions to unify situational awareness and multi-zone protection.

資料工作表

McAfee 5700 Scan Engine and .DATs (English)

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Embedded Control

若需上述 McAfee 產品的技術摘要,請檢視產品資料工作表。

McAfee 5600 Scan Engine and .DATs

若需上述 McAfee 產品的技術摘要,請檢視產品資料工作表。

McAfee Embedded Reputation SDK (English)

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Embedded Control - Retail (English)

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Embedded Control for Aerospace and Defense (English)

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Embedded Control for Consumer and Home Networking (English)

For a technical summary on the McAfee product listed above, please view the product data sheet.

社群

部落格

  • How Much Are Your Assets Worth?
    Cybermum Australia - 九月 26, 2013

    Now, if your tax returns are up to date and you have a healthy relationship with a financial planner, I have no doubt you could answer this question in an instant. But what about your other assets? And I am not referring to your children because clearly they are priceless – most of the time!! […]

    The post How Much Are Your Assets Worth? appeared first on McAfee.

  • What is Encryption?
    Robert Siciliano - 九月 10, 2013

    Encryption is the science of encoding and decoding secret messages.  It began as cryptography—the ancient Greeks used it to protect sensitive information that might fall into the hands of their enemies. More recently, governments have used encryption for military purposes, but these days the term if often used in reference to online security. Encryption is […]

    The post What is Encryption? appeared first on McAfee.

  • Hesperus (Evening Star) Shines as Latest ‘Banker’ Trojan
    Vikas Taneja - 九月 6, 2013

    Hesperus, or Hesperbot, is a newly discovered banker malware that steals user information, mainly online banking credentials. In function it is similar to other “bankers” in the wild, especially Zbot. Hesperus means evening star in Greek. It is very active in Turkey and the Czech Republic and is slowly spreading across the globe. This sophisticated […]

    The post Hesperus (Evening Star) Shines as Latest ‘Banker’ Trojan appeared first on McAfee.

  • Cidox Trojan Spoofs HTTP Host Header to Avoid Detection
    Umesh Wanve - 九月 3, 2013

    Lately, we have seen a good number of samples generating some interesting network traffic through our automated framework. The HTTP network pattern generated contains a few interesting parameters, names like “&av” (for antivirus?) and “&vm=”(VMware?), The response received looked to be encrypted, which drew my attention. Also, all the network traffic contained the same host […]

    The post Cidox Trojan Spoofs HTTP Host Header to Avoid Detection appeared first on McAfee.

  • Five Website Security Do’s and Don’ts for Online Merchants
    McAfee - 八月 30, 2013

    As we get closer to the end of summer, most merchants are already in the midst of preparing for another busy fall/winter shopping season. However, amid the chaos, it’s important to take a look at your website’s current features—most importantly security—in order to assess what needs improvement before it’s too late. Aside from cosmetic and […]

    The post Five Website Security Do’s and Don’ts for Online Merchants appeared first on McAfee.