McAfee Advanced Threat Defense

McAfee Advanced Threat Defense

Advanced detection for stealthy, zero-day malware

Next Steps:

Overview

McAfee Advanced Threat Defense detects today’s stealthy, zero-day malware with an innovative, layered approach. It combines low-touch antivirus signatures, reputation, and real-time emulation defenses with in-depth static code and dynamic, malware analysis (sandboxing) to analyze the actual behavior of malware. Combined, this represents the strongest advanced anti-malware technology in the market, and effectively balances the need for both security and performance.

With the addition of Advanced Threat Defense to the McAfee security portfolio, McAfee addresses the three key requirements to solve today’s advanced malware problem: find, freeze, and fix. Advanced Threat Defense finds advanced malware and integrates with McAfee network security solutions to freeze the threat, while McAfee Real Time initiates a fix or remediation actions.

SIEM tools are key to improving incident response
Best Practices Against Advanced Malware
Take an Integrated Approach to Advanced Threats

Features & Benefits

Ensure more accurate threat detection

Reduce the chances of missed malware or false positives. McAfee Advanced Threat Defense uses advanced static code and dynamic analysis (sandboxing) to provide the most detailed assessment and data on malware classification. Stealthy malware and zero-day threats are packed or obfuscated to evade detection. Advanced Threat Defense employs strong unpacking to break through evasive techniques, enabling thorough analysis and accurate classification. With broad operating system support, threats are analyzed under the same conditions as the actual host profile, so you catch more malware with fewer false alerts.

Respond to threats faster

Quickly and seamlessly move from advanced malware analysis and conviction to protection and resolution — a more comprehensive, efficient approach to the malware problem. Down selection — first using a mix of signatures, reputation, and real-time emulation — helps quickly identify a broad range of malware, producing fast detection results and reducing the number of files requiring more thorough sandbox analysis.

Lower TCO

Centralized deployment enables multiple McAfee network devices to share the same malware analysis appliance, reducing the number of required appliances, simplifying administration, and cost-effectively scaling security across your network. Advanced Threat Defense can leverage your existing McAfee security solutions, reducing the need for network rearchitecture and minimizing operational costs.

Leverage a single security vendor with tight product integration

McAfee offers all essential components to find advanced malware, freeze the threat, and initiate a fix. Offering an end-to-end solution that integrates advanced threat analysis, network products, and endpoint solutions, McAfee provides organization-wide visibility and context for threats, while reducing response time and simplifying remediation.

System Requirements

McAfee Advanced Threat Defense is a self-contained device. There are no minimum software or hardware system requirements.

Appliance Hardware Components ATD-6000 ATD-3000
Dimensions 2RU Rack Mountable 17.24"W x 3.43"H x 28"L 1RU Rack Mountable 17.25"W x 1.70"H x 29"L
Weight 50 lbs. 33 lbs.
Storage Disk space HDD: 4 x 4TB
SSD: 2 x 800 GB
Disk space HDD: 2 x 4TB
SSD: 2 x 400 GB
Maximum Power Consumption 2x 1,600W 2x 750W
Redundant Power Supply AC redundant, hot swappable
AC Voltage 100-240 V at 50–60Hz and 8.5 Amps 100-240 V at 50–60Hz and 5.8 Amps
Temperature +10° to +35° C (operating) -40° to +70° C (non-operating)
Relative Humidity (Non-Condensing) Operational: 10% to 90%; Non-operational: 50% to 90%
Altitude 0–10,000 feet
Safety Certification UL 1950, CSA-C22.2 No. 950, EN-60950, IEC 950, EN 60825, 21CFR1040 CB license and report covering all national country deviations
EMI Certification FCC Part 15, Class A (CFR 47) (USA), ICES-003 Class A

Videos

Videos

Outdated methods of malware detection leave crucial data at risk. Learn how McAfee solutions can prevent advanced malware attacks and protect valued assets.

Malware is becoming more evasive than ever before, making sandbox detection difficult. Ensure your team catches stealth, zero-day malware with McAfee Advanced Threat Defense.

Jon Oltsik, Sr. Principle analyst, Security at ESG talks about today’s trends in advanced malware, detection options, and the importance of integration between endpoint and network solutions for protection, context and increased ability to respond. Jon shares his impression of McAfee Advanced Threat Defense.

Awards / Reviews

McAfee Advanced Threat Defense Test Results
McAfee Advanced Threat Defense Test Results

AV-TEST performed a test of the McAfee Advanced Threat Defense appliance to determine its malware detection capabilities.

CRN Ranks McAfee in their 2013 Top 25 Best Companies to Partner With
CRN Ranks McAfee in their 2013 Top 25 Best Companies to Partner With

Ranked by IT solution providers (SPs), CRN Research ranks the Top 25 must-have technology suppliers from a list of nearly 230 companies in 12 product categories that SPs need to consider when formalizing their partnerships today and for the future. 1,000 unique SPs of all types and sizes were surveyed.

SC Magazine
SC Magazine Readers Trust Awards – Best APT Protection

SC Magazine selects McAfee as a finalist for the Readers Trust Awards — Best Advanced Persisten Threat (APT) Protection category.

Related Products

McAfee Advanced Threat Defense is a core component of the McAfee network security portfolio and the Security Connected framework. Advanced Threat Defense can operate as a standalone network security appliance or in conjunction with McAfee intrusion prevention systems and advanced web protection solutions — all managed through a centralized console.

McAfee Email Gateway
McAfee Email Gateway consolidates inbound threat protection, outbound encryption, advanced compliance, data loss prevention, and administration into a single, easy-to-deploy, and user-friendly appliance. It eliminates ineffective piecemeal defenses, simplifies multivendor security environments, and reduces operating costs — while significantly strengthening email security.

McAfee Network Security Platform
McAfee Network Security Platform is a uniquely intelligent security solution that discovers and blocks sophisticated threats in the network. Using advanced threat detection techniques, it defends against stealthy attacks with extreme accuracy at speeds of up to 80 Gbps, while providing rich contextual data about users, devices, and applications for fast, accurate responses to network-borne attacks.

McAfee Web Gateway
McAfee Web Gateway, deployed on-premises with appliances or in a virtual environment, offers powerful, proactive protection against zero-day threats, spyware, and targeted attacks. Web Gateway combines this advanced security with flexible, granular control, enabling your business to take maximum advantage of the web without compromise.

McAfee ePolicy Orchestrator
McAfee ePolicy Orchestrator (McAfee ePO) is a key component of the McAfee Security Management Platform, and the only enterprise-class software, to provide unified management of endpoint, network, and data security. With end-to-end visibility and powerful automations that slash incident response times, McAfee ePO software dramatically strengthens protection and drives down the cost and complexity of managing risk and security.

McAfee Threat Intelligence Exchange
McAfee Threat Intelligence Exchange significantly optimizes threat prevention, closing the gap from encounter to containment for advanced targeted attacks from days, weeks, and months down to milliseconds.

Resources

Infographics

Deeper Inspection. Better Threat Protection.

Malware is becoming more complicated, covert, and clever. Your threat defense needs to have just as cunning of a response.

Bury Threats Before They Bury Your Business

Bury threats with McAfee’s Network Security Platform comprehensive signature-less approach to malware detection.

Take An Integrated Approach To Advanced Threats

With today's advanced malware threats, IT departments need to expand their coverage with an appropriately configured security infrastructure. Finding, freezing and fixing advanced exploits fast requires a fully integrated, well managed approach to IT security.

Reports

McAfee Advanced Threat Defense Test Results

AV-TEST performed a test of the McAfee Advanced Threat Defense appliance to determine its malware detection capabilities.

ESG Lab Validation Report: McAfee Advanced Threat Defense

This ESG Lab Validation report documents hands-on testing of McAfee Advanced Threat Defense, a key component of McAfee’s end-to-end solution for addressing advanced malware. Testing was designed to explore how the solution accurately detects advanced malware using a layered approach, the speed and effectiveness of responding to an attack, and the operational efficiencies of this integrated solution.

Webtorials State-of-the Market Report: Doing Battle with Advanced Malware

While enterprises appear to be aware of advanced malware and its security challenges, the measures to defend against it need some attention and investment. This report presents survey results that gauge enterprise awareness of advanced malware and what’s measures are being taken to defend against it.

McAfee IPS Appliance Test

AV-TEST performed a review of McAfee’s IPS solution for the enterprise to determine malware detection and blocking capabilities.

The Economic Impact of Cybercrime and Cyber Espionage

This report discusses how to estimate the cost of malicious cyber activity, and its effect on trade, technology and competitiveness.

McAfee Web Gateway: 2013 Malware Blocking Rates

AV-Test performed a test of McAfee Web Gateway to determine its malware detection and blocking capabilities.

Solution Briefs

McAfee Delivers Comprehensive Threat Protection for the Financial Services Industry

This solution brief explains how the McAfee Security Connected approach provides advanced threat protection for the financial services industry and prevents targeted attacks.

Advanced Threat Defense for Network IPS

Many of today’s unknown, zero-day threats evade traditional defenses like intrusion prevention systems (IPS). The addition of third-party sandbox appliances can help, but they have several limitations: high cost of deployment, reliance on a generic virtual execution environment that may overlook target-specific attacks, and reliance solely on dynamic analysis, making the sandbox vulnerable to malware can detect secure environments and delay execution. McAfee Network Security Platform IPS and McAfee Advanced Threat Defense work together to find sophisticated threats, freeze them so they cannot infiltrate, and fix the damage done.

Advanced Threat Defense for the Email Gateway

Email is a vital communication vehicle for just about every business these days—and it is also a key threat vector for cybercrooks who are looking to steal valuable data or execute inbound attacks. As part of our unified, integrated Security Connected framework, McAfee Email Gateway and McAfee Advanced Threat Defense work together to find and freeze new, unknown, and stealthy advanced threats. For a complete end-to-end solution, add McAfee Real Time to the mix to quickly identify and fix systems impacted by advanced malware.

McAfee Advanced Threat Defense for McAfee Web Gateway

Social networks, cloud applications, and content-sharing sites have become essential business tools and IT organizations are struggling to make them safely accessible from inside and outside the corporate environment. Read this Solution Brief and see how McAfee Threat Defense for McAfee Web Gateway helps overcome the obstacles.

McAfee Advanced Threat Defense: Services solutions for Managed Service Providers (MSP)

IT organizations are focused on shifting budgets from capital expenditures (CAPEX) to operational expenditures (OPEX) in an environment where in-house investments can easily get outpaced by an increasingly sophisticated cybercrime ecosystem. McAfee Advanced Threat Defense can help you to differentiate your services and protect customers against zero-day attacks by offering the industry’s most comprehensive threat protection.

Advanced Malware: Protecting Federal Agencies with a Layered Defense Strategy

Determined cyberattackers are striking US federal agencies with malware that is both more malicious and smarter than ever before. This malware is targeted, stealthy, evasive, and adaptive—enabling these characteristics in advanced persistent threats. Sure, known threats are still with us, but lurking in their midst are complex zero-day attacks that elude traditional defenses such as signatures. We are faced with designer rootkits and Trojans that can hide and move around US government networks, go unnoticed for long periods of time as they do their dirty work, infiltrating those networks and systems to steal vital government and citizen data assets. It’s a big and continually evolving problem that must be foremost in the minds of those entrusted to secure our government’s most sensitive and vital information and communication assets.

Counter Stealthy Malware

The most menacing type of cyberattack is invisible. Using sophisticated techniques to hide its presence, stealthy malware may operate outside of the OS or move dynamically across endpoints to conceal the attackers’ actions. The risk to enterprises is real, with high-profile attacks such as Operation High Roller impacting companies around the globe. Traditional antivirus or intrusion prevention systems are no match for this new breed of stealthy malware; instead, enterprises need layered security controls that work together to detect the presence and actions of stealthy malware and attackers.

Neutralize Advanced Threats

Each month brings new media coverage of a targeted attack against a business, government, or critical infrastructure operator previously considered “invulnerable.” As more organizations encounter advance malware issues - the cost, disruption, and public humiliation of data breaches and targeted attacks become an executive-level discussion. Comprehensive threat protection requires coordination of anti-malware technologies deployed with sensitivity to performance and risk.

Neutralize Advanced Threats

Each month brings new media coverage of a targeted attack against a business, government, or critical infrastructure operator previously considered “invulnerable.” As more organizations encounter advance malware issues - the cost, disruption, and public humiliation of data breaches and targeted attacks become an executive-level discussion. Comprehensive threat protection requires coordination of anti-malware technologies deployed with sensitivity to performance and risk.

Advanced Malware: Nowhere to Hide with a Layered Defense Strategy

Smart and malicious advanced malware is targeted stealthy, evasive, and adaptive. Sandboxing and other stand-alone products can't do the job on their own. This editorial brief explains why you need an arsenal of layered, integrated defenses to protect against these sophisticated threats.

Technology Blueprints

Find, Freeze, and Fix Advanced Threats

Your organization is asking for an advanced malware detection and response strategy that’s sophisticated and adaptive against hacker attacks. Several design trends in advanced malware security affect the performance, efficacy, cost, and management complexity of an overall solution. What’s your next step?

White Papers

Preventing Targeted Attacks with McAfee's Advanced Threat Defense

In this white paper, IDC outlines McAfee Advanced Threat Defense (ATD) within the context of the specialized threat analysis and protection market. Our centralized approach to malware analysis, deep integrations across the product portfolio, and three-pronged focus on "Find, Freeze, Fix" as a way of dealing with threats is unique within the market and provides a more holistic approach than other detection-oriented products.

Conquer the Top 20 Critical Security Controls

The strength of the Critical Security Controls (CSCs) is their ability to reflect the consensus of successful experiences captured and refined over multiple revisions. The CSCs help organizations break down operational silos by providing a pragmatic blueprint detailing where to focus efforts to achieve the greatest results. This white paper maps the quick wins within the first five CSCs to associated McAfee products, services, and partner solution capabilities — all part of the Security Connected platform.

Build a Better Sandbox

As malware becomes more sophisticated and evasive, new technologies are emerging to uncover threats no matter how well they’re camouflaged. This white paper proposes a logical design strategy for dynamic malware analysis that optimizes detection effectiveness, efficiency, and economics.

Advanced Targeted Attacks: It Takes a System

Adaptive intelligence and real-time communications orchestrate protection in the McAfee Security Connected Platform.

Community

Blogs

  • Consumers Eager for Connected Technology
    Robert Siciliano - September 16, 2014

    Many of us are familiar with the Jetson’s TV cartoon that showed the life of a family in 2026 and how technology is a part of their everyday life. If you’re like me, some of the gadgets that George and his family had are probably things you thought were cool or would be convenient to […]

    The post Consumers Eager for Connected Technology appeared first on McAfee.

  • Network Security Perspective: One Phish, Two Phish
    Ruby Williams - September 9, 2014

    It’s hard to believe we’re already past the half way mark for the year, but I suppose that’s what happens when we live in a world with so much action and activity all around us.  As I’ve said before, the pace of business today is overwhelming.  We’re inundated with content and data coming at us […]

    The post Network Security Perspective: One Phish, Two Phish appeared first on McAfee.

  • Detection Effectiveness: the Beat Goes On
    McAfee Labs - August 27, 2014

    In May, we wrote about the breach discovery gap, which is the time it takes IT security practitioners to discover a data breach after their systems have been compromised in a cyberattack. We made this critical point: Stopping attacks before they breach and narrowing the breach discovery gap require the ability to detect threats at […]

    The post Detection Effectiveness: the Beat Goes On appeared first on McAfee.

  • Trust Is the Most Valuable Asset
    Jarno Limnell - August 15, 2014

    The most valuable asset for actors in cyberspace is trust. It is an important ingredient in successful business operations as well as in good governance. Trust and security are closely intertwined. One cannot exist without the other. Thus it is concerning that people at an increasing rate hesitate to trust the digital world. They are […]

    The post Trust Is the Most Valuable Asset appeared first on McAfee.

  • Cat “Hacker” Scouts Out Weak Wi-Fi Networks
    Gary Davis - August 12, 2014

    Man has always had an innate fascination with our feline friends. Ancient Egyptians famously worshiped them, some in the Middle Ages feared them, and today’s Internet denizens pay money to have their pictures taken with meme-generating kitties. But there’s another reason to consider the cat: it turns out that they’re expert when it comes to […]

    The post Cat “Hacker” Scouts Out Weak Wi-Fi Networks appeared first on McAfee.

Threats and Risks