“If you think of endpoint protection as a car,” says Security Engineer Jeff Bowen at the California Department of Water Resources (DWR), “with McAfee ENS, we now have the latest model, with the best instrumentation, nicest features, and all the bells and whistles.”
His CISO agrees. “With McAfee ENS, we remediate faster, have less business disruption, make better decisions, and protect neighboring workstations and our overall environment—instead of focusing all our attention on an infected workstation while another one gets hit,” notes Chief Information Security Officer Richard Harmonson.
The largest of 30 departments within the California Natural Resources Agency (CNRA), the DWR provides technology infrastructure-as-a-service to the entire state agency. Harmonson and his security team purchase, deploy, and provide multi-tenancy security solutions across the CNRA’s 16,000 endpoints. In the past, the DWR provided another vendor’s endpoint solution to CNRA departments, but that product’s limited visibility, very high false positive rate, and dated technology— “the typical anti-virus product that we’ve seen for the past two decades”— drove Harmonson and his team to seek a better solution.
The DWR information security team found what it was looking for in McAfee ENS version 10.5, which it rolled out across all 4,000 end-user physical devices within DWR. DWR will deploy ENS across the remaining CNRA departments in the coming months, and eventually across virtualized servers as well.
So why is Harmonson and his staff as delighted with McAfee ENS as with a new car?
Three main reasons.
First, improved protection and detection. “Since we rolled out McAfee ENS, we have been detecting and blocking threats we didn’t see before,” claims Harmon. That’s because its Real Protect machine learning behavioral analysis technology catches more malware and its Dynamic Application Containment (DAC) functionality immediately quarantines unknown threats so they can be analyzed and protect Patient Zero from damage.
Second, improved decision making that enables faster response and remediation. According to Harmonson, this is one of the greatest benefits thus far since deploying McAfee ENS. “McAfee ENS is providing us with more and better information to help us better understand the threats that enter our environment,” he says. Instead of having to wait 24 hours for its anti-virus vendor to create a new signature, DWR is “getting to the point where we can investigate an incident and resolve it within one to four hours.”
Third, ability to take advantage of McAfee Data Exchange Layer (DXL) integration. McAfee ENS is built to leverage DXL. With the DWR’s recent addition of a McAfee Advanced Threat Defense (ATD) sandboxing appliance and soon-to-be-deployed McAfee Threat Intelligence Exchange and McAfee Endpoint Threat Defense and Response, the organization will be able to share local and global threat information in near real-time among these systems. With these additional McAfee tools, Harmonson expects to create a more adaptive, sustainable threat defense lifecycle that reduces the administrative burden on staff even further, which is especially important since adding staff with the right skill set can be a challenge.
Because of his experience thus far, Harmonson encourages colleagues and counterparts in other California state agencies to consider McAfee ENS. “With the layers of protection that [McAfee ENS] provides, it far exceeds the stereotypical anti-virus product,” he says. “I really appreciate how it provides my staff with the relevant information at their fingertips, helps them understand what happened, accelerates response time, and mitigates risk.”