McAfee DXL: Momentum toward an Open, Integrated Security Architecture

By on Oct 27, 2015

This blog was written by Scott Montgomery, McAfee’s previous vice president and chief technology officer of public sector.

It takes a village. With today’s vast cybercriminal network churning out sophisticated attacks by the minute, it’s virtually impossible for any single security solution to combat today’s threats alone. For years, organizations have resorted to layering security technologies and deploying best-of-breed point solutions at various control points, trying to achieve better protection. However, the lack of information sharing among multivendor products hampers any hopes of disrupting the cyberattack chain as it progresses through your network.

Our Vision
McAfee has a vision that changes this picture. We’ve provided an open security architecture, the McAfee Data Exchange Layer, which enables enterprises to integrate their solutions, gaining visibility across the entire infrastructure. Our ultimate goal is to help our customers detect more threats, faster, with an integrated and coordinated security ecosystem that can disrupt targeted attacks while lowering operational overhead.

At FOCUS 14 we demonstrated the initial steps of how we would actualize this approach. Our first solution running on the McAfee Data Exchange Layer, McAfee Threat Intelligence Exchange, became widely available and with it, McAfee solutions, such as McAfee Advanced Threat Defense connected with it.

What’s New?

In 2015, we expanded the reach of the McAfee Data Exchange Layer to an open, extensible platform that helps our customers create an integrated security ecosystem. We currently have almost every McAfee product communicating over the McAfee Data Exchange Layer to McAfee Threat Intelligence Exchange, sharing information in real time. We have also introduced McAfee Active Response, which was built on the McAfee Data Exchange Layer.

Extending beyond our own portfolio, solutions from the including Autonomic, TITUS, Avecto, Boldon James, TrapX,  Guidance, ForeScout, CloudHASH, VoIPShield and CyberArk are now running on McAfee Data Exchange Layer. These solutions not only share data with our solutions such, as McAfee Threat Intelligence Exchange and McAfee Enterprise Security Manager, but also with one another. For example, CloudHASH interacts with ForeScout CounterACT when CloudHASH detects a threat or infection, a message is sent across McAfee Data Exchange Layer to ForeScout CounterACT to quarantine and disconnect that computer from the network, while the incident is investigated.

An Open Framework

We’ve made integration with our open platform easy for our partners with simple-to-follow software development kits (SDKs) and guides.

Integration Simplicity
McAfee Data Exchange Layer is a bi-directional communications platform that enables products to join in a provider-subscriber model. Once a security product is running on McAfee Data Exchange Layer, you can decide what information to subscribe to (what this product should listen for) and what information to publish (what this product should share with the ecosystem). Point to point integrations are now a thing of the past.

What’s Next?
We know our customers use multiple vendors and want to deploy certain types of products that McAfee does not offer. By using the McAfee Data Exchange Layer, they can integrate their solutions to achieve the integrated visibility and response required to detect targeted attacks quickly. A customer SDK of McAfee Data Exchange Layer is now in alpha.

Additional partner integrations are underway, including Brocade, Mobile Iron, BufferZone, Invincea, Rapid7 and Vormetric.

See Us at FOCUS 15

This year, at FOCUS 15, you’ll see integration in action.  If you plan on attending, be sure to view the live demos of McAfee products and partner solutions running on McAfee Data Exchange Layer at the McAfee booth in the expo hall.

In fact, this year’s event is running on the Data Exchange Layer! Whenever your badge is scanned, that information will be transmitted over McAfee Data Exchange Layer over to McAfee Enterprise Security Manager.

For more information, please visit the McAfee booth at FOCUS 15, and visit our website

About the Author


We're here to make life online safe and enjoyable for everyone.

Read more posts from McAfee

Subscribe to McAfee Securing Tomorrow Blogs