Aiming to better address the security needs of businesses of all sizes that are facing increasingly complex attacks, McAfee has added two endpoint security suites to its product lineup.
The suites, announced this week, combine a wide range of McAfee technologies, including rootkit protection, dynamic whitelisting, risk intelligence, real-time security management, and mobile-device management. Some of these technologies were previously only available as separate products.
The way the security industry has responded to new types of threats over the years has been to create types of products that protect against them, so it’s become difficult for customers to understand which products they need and should buy, said Simon Hunt, vice president and chief technology officer for McAfee Endpoint Security.
The goal when designing McAfee’s new security suites, called “McAfee Complete Endpoint Protection—Business” and “McAfee Complete Endpoint Protection—Enterprise,” was to have them include the broadest range of protections people need today, but to also keep them simple and efficient, Hunt said.
How the two packages differ
The business suite includes traditional antimalware protection for Windows, Linux, and Mac machines, as well as for SharePoint and storage servers; host intrusion prevention technology that detects unusual behavior; an endpoint firewall; full disk encryption software to solve the need of being compliant with data protection regulations; mobile-device security and management; safe search and Web-filtering technologies; email security; device control; application blocking; the Deep Defender hardware-enhanced anti-rootkit technology developed by McAfee in partnership with Intel; McAfee’s ePolicy Orchestrator (ePO) software for centralized management of endpoint system security, as well as the recently launched Real Time for ePO, a technology that significantly speeds up communication between the ePO software and endpoints.
The enterprise suite contains most of the same technologies, an exception being the data encryption software. Enterprises are likely to already have the data encryption problem solved due to regulation pressure, Hunt said.
However, the enterprise suite also contains Risk Advisor, a technology that analyzes the security state of each machine and helps administrators decide which assets are at higher risk and need to be protected faster, as well as dynamic application whitelisting for desktops.
This is the first time that McAfee endpoint security suites include the Real Time for ePO data collection and real-time analytics technology and the Deep Defender anti-rootkit technology. These two technologies can add a lot of value, so the goal was to make them accessible to all customers, Hunt said.
Deep Defender is capable of protecting against some of the most nefarious attacks, like those that disable antivirus products, Hunt said. Attackers usually find a way around antivirus product protections by using rootkits, but with Deep Defender there’s no way to do that because the technology runs outside the OS, at the hardware level, using software embedded in the actual chip, he said.
The new suites also significantly decrease installation and configuration time and are around 80 percent cheaper compared to what would have cost in the past to buy all of the technologies that are now included in them, Hunt said.