McAfee Web Gateway is a critical defense for any organization looking to protect against emerging threats over the internet. It empowers organizations with secure internet access while greatly reducing risk by analyzing all traffic over the corporate network, including traffic to and from cloud services. In this article and the accompanying video, we will explore the benefits of McAfee Web Gateway’s integration with McAfee Security Cloud (formerly Skyhigh Networks) to consistently enforce cloud-specific usage policies directly from McAfee Web Gateway.
At a high level, here are key functions available to McAfee Web Gateway customers with the addition of McAfee Security Cloud:
- Provide a detailed, independent risk assessment for each cloud service (e.g. compliance certifications, recent data breaches, security controls, legal jurisdiction).
- Enforce risk-based policies (e.g. block access to all high-risk file sharing services and display a real-time coaching message directing users to a company-approved service).
- Control access to individual user actions based on context (e.g. prevent users from downloading reports to unmanaged devices on remote networks).
- Enforce data-centric security policies (e.g. encrypting data as it is uploaded to the cloud or applying rights management protection to sensitive data on download).
- Apply machine learning to detect threats (e.g. an IT user downloading an unusual volume of sensitive data and uploading it to a personal account in another cloud app).
- Respond to cloud-based threats in real time (e.g. terminating account access in the face of an insider threat or requiring additional authentication factors to continue using a cloud service in the face of a compromised account).
- Enforce policies for data at rest in the cloud (e.g. revoking sharing permissions on files shared with a business partner or retroactively encrypting sensitive data).
McAfee Security Cloud for Shadow IT complements McAfee Web Gateway and leverages existing network infrastructure to gain visibility into cloud usage while enhancing the value of McAfee Web Gateway by making it cloud-aware. With this integration McAfee customers can:
1. Discover all cloud services in use and assess their risk against a comprehensive cloud registry.
Customers can discover all cloud services in use by employees, including the cloud services uncategorized by the McAfee Web Gateway. In addition, the solution summarizes cloud usage in aggregate and at the department and user level with traffic patterns, access count, and usage trends over time, empowering IT to securely enable cloud services that drive productivity and growth.
2. Enforce acceptable use cloud governance policies based on cloud service security risk.
McAfee delivers the largest and most accurate registry of over 20,000 cloud services with a 1-10 risk rating of each services based on a detailed security assessment across 50 objective criteria.
3. Upload and enforce security policies to McAfee Web Gateway.
McAfee Security Cloud’s registry complements and enriches McAfee Web Gateway’s URL database. With this, McAfee customers can define a service group (which is a custom url list of cloud services based on security risk criteria) in McAfee Security Cloud, which is pushed into McAfee Web Gateway for granular policy enforcement.
4. Detect and remediate policy enforcement gaps arising from proxy leakage.
Cloud services undergo frequent updates. Sometimes this comes in the form of a change in the URL structure of the service. Other times a critical security feature is added or removed, thereby impacting the service’s security risk score. McAfee Security Cloud maintains the most comprehensive and up-to-date database of cloud provider URLs and IP addresses, and tracks updates to a cloud service that may affect its security risk score. These updates are reflected in the cloud registry and simultaneously pushed to McAfee Web Gateway to close any gaps in policy enforcement.