McAfee Flexes Muscles In Network, Mobile, Cloud Security

At the opening of McAfee's Partner Summit in Las Vegas, company executives gave channel partners their clearest view yet of the profound impact that network, mobile and cloud security is having on the Intel-McAfee product roadmap.

McAfee's Partner Summit attendance has grown from 250 in 2009 to 650 at this year's event. Alex Thurber, McAfee's senior vice president of worldwide channel operations, told attendees Intel shares McAfee's view that a partner-led model is the best approach to tackling security market opportunities.

"What's truly exciting about Intel and McAfee is that Intel is just as focused on partners as we are," Thurber said. "They support us and our partner model, and they know how important [partners] are to our business."

When McAfee launched its first wave of next generation firewall products in June 2009, some channel partners wondered whether it was wise for the company to be entering such a rapidly commoditizing market.

Now, network security has emerged as one of the most important parts of McAfee's business, Greg Brown vice president of marketing for McAfee Network Security, told Partner Summit attendees.

"There's change afoot in way we think about security technology, and it's moving from finding and blocking threats to understanding what's happening inside the environment. It's a new process that's centered on root cause analysis," Brown said.

Brown described McAfee's Global Threat Intelligence as "the most powerful asset we bring to bear as a security company" and an important differentiator for McAfee in the network security space.

While other vendors use packet capture, McAfee can understand source code of the attacks and reverse engineer them to figure out what toolkits were used. The result, Brown said, is a predictive threat protection capability.

This allowed McAfee to provide 423 days of advanced protection for the massive 'Liza Moon' SQL injection attack in April, and also helped McAfee identify Operation Aurora, a January 2010 attack that targeted Google and several other companies and exploited a vulnerability in Internet Explorer.

McAfee has launched a Next Generation Data Center solutions campaign that seeks to educate partners on how to capture more network security revenue. Brown said that on average, decisions about security in the data center are made more than 50 percent of the way through the project lifecycle, leaving a $24 billion opportunity until the late stages.

There is around $400 million in margin available to partners annually in this space, according to Brown.

Consumerization of IT and mobility are another area McAfee has set its sights on, and Brian Foster, senior vice president of product management at McAfee, said this trend is having a spillover effect on the company's security business.

"The consumerization of IT is actually driving organizations to invest more in network security," Foster said. "A lot of what consumerization is about is IT losing control over an endpoint."

Next: The Future of Mobile Security

The growth of mobile malware points to a need for contextual security, which accounts for the identity of the person using a device and their history. Foster noted that Android malware is up 238 percent since December 2010, including DroidDream, the first major data-stealing Trojan, which also serves as a 'listener' for command-and-control infrastructure.

But in McAfee's view, mobile security isn't just about the devices, but also applications, and so the company has earmarked mobile device management as an ongoing source of business.

In fact, mobility is the number one priority inside McAfee, and the engineering team driving mobile security is the largest within the company, Foster said. "Mobile has become a huge focus for us, and security, policy and compliance are the biggest pain points," he said. McAfee is integrating mobile security with ePolicy Orchestrator (ePO), and its goal is to treat mobile devices like other endpoints in the network. The next step, Foster said, is integrating antimalware protection with Enterprise Mobility Management (EMM).

McAfee is working on a cloud-based version of EMM. "We see this as an important way to manage mobile devices," Foster said.

DeepSafe, a combination of hardware and software that detects unknown rootkits and prevents them from wreaking havoc on machines that Intel and McAfee unveiled at the Intel Developer Forum last month, will also be used to protect mobile devices, he said.

"Providing security below the OS is critical to our success going forward," Foster said.

Marc Oleson, senior vice president and general manager of content and cloud security, said partners that are able to cut through the noise around cloud computing and steer customers to the services they need stand to benefit the most.

"Customers want more transparency into their cloud providers. Cloud is like a black box they can’t see into, and they don't know what security controls their cloud provider is delivering," he said. "Customers are looking for guidance, and they're looking for you to take their hand and walk them to the cloud."

McAfee in May launched its Cloud Security Platform, which is designed to protect Web, e-mail and identity data as it travels between an organization and the public cloud. It's a combination of assets from McAfee and Intel, and it can be deployed in the cloud, on-premise, or as a hybrid solution, according to Oleson.

"We want to extend corporate security policies into the cloud so that we're consistently applying policy regardless of where the data is," he said.