McAfee has announced McAfee Total Protection for Server software, a comprehensive solution for security and compliance. Breaking traditional models, the solution is designed to ensure that mission-critical data and applications are protected with minimal impact to the performance and availability requirements of high-transaction servers.
McAfee Total Protection for Server software protects against both targeted and insider attacks and ensures that only authorised processes and code can run, providing continuous compliance.
Due to the performance and availability requirements of business and mission-critical servers, most organisations have made the trade-off to forgo security on servers and assume the data and applications are secure because they are behind the firewall. However, as attacks have become more sophisticated and targeted, the real profit to be made is by acquiring the most valuable data in a business, which is sitting on those back-office servers. To protect that data, McAfee designed a proactive white-listing solution that blocks any code or changes from happening unless it is part of the already trusted software on the server.
"Organisations are at risk because they assume their servers are adequately protected," said Stuart McClure, senior vice-president and general manager, risk and compliance for McAfee. "No one wanted to put security software on the server itself, because those were mission-critical applications that required the highest performance and availability, and configurations never changed much anyway. But as hackers have become more targeted and sophisticated, servers are increasingly becoming targets, prompting us to develop a lightweight solution that preserves application and server performance while ensuring compliance."
Malware defence, policy enforcement, continuous compliance
McAfee Total Protection for Server software comprises application white-listing, change policy management, and policy auditing functionality that ensures that only authorised processes and applications can run. The solution offers strong change management controls that further mitigate the risk of data breaches, foul plays, and compliance drift. In addition, enterprise anti-virus is included in the package, so that organisations can provide an extra layer of defence by running on-demand scans during off-peak hours on weekends or at night. McAfee is helping organisations optimise security and sustain compliance against key policies, with its McAfee Total Protection for Server software:
* Malware defence and integrity control - Through dynamic application white-listing, the software blocks binaries, drivers, Java and scripts on the server by locking in the good (authorised) server state at the time the McAfee Total Protection software is deployed. Any attempt to load an executable that is not part of the dynamic white-list from day one is denied. As an additional layer of defence, anti-virus blacklisting can be run on-demand during non-peak hours. Continuous integrity control and alerting takes place when any unauthorised change is detected, preventing the types of attacks used in incidents such as Conficker and Operation Aurora.
* Policy enforcement - McAfee Total Protection for Server software ensures that the server is administered in compliance with verified and approved procedures. For example, a policy that forces wireless communications on your company's mobile devices to be encrypted at all times can be easily enforced at the server. No one except a pre-authorised administrator will be able to change the policy or the registry entry on the wireless entry ports. This enforcement can also be used to ensure that centralised management of the servers is adhered to, lowering the overall administration costs for distributed systems.
* Policy assessment and continuous compliance - McAfee Total Protection for Server software lets IT departments gain visibility that can mitigate risks. The solution captures detailed changes, and processes them as part of the emergency update process, while providing auditable accounting of the procedure. Regulatory compliance becomes easier as the ability to assess configuration and management of the system against policy drives down the cost of management. McAfee Total Protection for Server software allows IT to report on the time someone logged into a system, what files were touched, and whether the actions taken were within the scope of that person's job description. Organisations can set the policy and minimise exposure and performance issues due to ad-hoc changes.
McAfee Total Protection for Server software helps organisations save time and cut costs with simplified centralized management. The solution protects and manages servers across the entire enterprise with the McAfee ePolicy Orchestrator platform, the scalable and centralised platform for deployment, management, reporting, and auditing. Organisations can customise server security with flexible deployment options, easily adding and removing components with a single agent and platform.
Share