Upload
dwain-douglas
View
220
Download
1
Tags:
Embed Size (px)
Citation preview
McAfee Embedded SecurityMcAfee Embedded Security
We relentlessly tackle the world’s toughest security challenges to liberate customers and ready
businesses to overcome security
When you think of McAfee Products…
ANTI-VIRUS?
ANTI-SPAM?
AppliancesSCADA
Industrial Controllers
Car Navigation/HMI
ATM
Medical Systems
Control/Automation
VOIP Phones
Thin Clients
Kiosks
Web Server Self Checkout
Set-Top Box
Retail POS
Gaming & Gambling
Multifunction Printers
Smart Displays
Embedded Systems are Everywhere
The Surge of the Malware Explosion
Source: McAfee Labs
60M
50M
40M
30M
20M
10M
0 6 million
8million
19million
35million
56million
January2007
January2008
January2009
January2010
January2011
CUMULATIVE MALWARE THREATS
66000 unique new malwares are found
daily
Security Pain in Embedded worldSecurity Pain in Embedded world Retail – remote attack, local technician (internal threat, accidental or
intentional), new code, IP breach, payment account data compliance requirement (PCI)
Medical – out of band change of critical files, local technician (internal threat, accidental or intentional), out of date DAT, medical compliance requirement (HIPAA)
Industrial – exploit of known/unknown attacks, remote control, IP breach, APT
Office – access point to network, prevent critical server from down time, reduce OS patching
Comms (network) – exploit of known/unknown attacks, IP breach, connection reputation
Mil/Aero - exploit of known/unknown attacks, confidential/top secret data loss/breach, remote control
Embedded Device ChallengesEmbedded Device Challenges
McAfee Embedded Security SolutionsMcAfee Embedded Security Solutions
Application & Change Control
(McAfee Embedded Control)
Content Security(McAfee Embedded
Reputation)
Security Management (McAfee Embedded
Management)
Virus Detection and Remediation
(McAfee Embedded Anti-Virus)
Comparing to the traditional Anti-Virus- It’s simply more than AV….Comparing to the traditional Anti-Virus- It’s simply more than AV….
AV continually requires updating High performance impact to the system Heuristic, not deterministic Medical device requires continual V&V (validation and verification) post
updates – HIGH PAIN Large maintenance effort Virus detection and remediation not 100% Impact of quarantine/cleaning the system unknown Patient Safety always trumps security & privacy, not the opposite Zero-day attacks not mitigated – HIGH PAIN
Application control• Control what software installs and runs• Prevent malware• Reduce patching frequency
Change control and Integrity Control• Enforce software change policy• Prevent out-of-policy changes• File integrity monitoring for compliance
GainControl
McAfee Embedded SecurityKey features
The right technology for your device
DYNAMIC STATIC
REPUTATION-BASED
MSP
Firewall
Medical Devices
SCADA Systems
Servers
Point of Sale
ATMs
Kiosks
COEDesktop
Smart Meter
Printer
Email/Web Gateway
Web Servers
Mobile
NetBook
Consumer PC
Global leader in assisted and self-service retail and financial systems, shipping 60,000+ ATMs/year with McAfee Embedded Security
“With this technology and compliance-ready ATMs, our bank customers don’t have to worry about security issues affecting their business or their consumer.”
• Problem• Lack of zero-day security• Unauthorized software changes on production ATMs
• Solution – Phase 1• Provide zero-day comprehensive security• Transparent, small footprint & no overhead• Deploy and forget, without ongoing updates• Cost effective
• Solution – Phase 2• Insider threat mitigation, no unauthorized changes• Complete ATM channel change control• Standardized on NCR APTRA platform• Helps assure PCI compliance
OEM Case Study: NCR Financial Solutions
Global leader in developing integrated business solutions, shipping more than 15,000 MX-series MFPs in Japan with McAfee Embedded Security
“McAfee locks-down our office automation printers and multifunction peripherals by preventing unauthorized access and software changes.”
• Problem• Needed more control with compromising security• Field maintenance costs tied to unauthorized changes• PCI compliance• Zero-day protection
• Solution • Application Control prevents zero-day attacks• Transparent, small footprint ideal for XPe OS• Application Control eliminates extra maintenance• Change Control allows for controlled configuration changes• Improved service availability once deployed• Helps assure PCI compliance
OEM Case Study: Sharp MFPs
Confidential McAfee Internal Use Only
NEC Infrontia is a leading developer of point-of-sale systems, and currently ships more than 15,000 POS systems in Japan with McAfee Embedded Security
“Embedding McAfee gives us complete control and certainty over what changes on each device.”
• Problem• Reduce patching on Windows XP Embedded OS• No performance draining security• Need for service provider partners to make changes• Low touch - Reduce support costs• Compliance
• Solution • Prevents unapproved installs to reduce in-field breakage• Reduces number of touch points to the device• Application control reduces patching cycles• Runs quietly in the background on light-weight systems• Change control provides tight control over what is installed• Delivers PCI compliant device to retailers
OEM Case Study: NEC Infrontia POS
Confidential McAfee Internal Use Only
Merge Healthcare’s CADstream™, the standard in CAD for magnetic resonance imaging (MRI), ships with McAfee Embedded Security
“Integrating McAfee Embedded Security into CADstream improved CADstream security, availability, and support.”
• Problem• Unavailability caused by unauthorized changes• Reduce field maintenance and software modifications• No performance draining security software• Reduce support costs• Compliance
• Solution • Blocking unapproved installs to reduce in-hospital breakage• Application control reduces patching cycles• Low overhead keeps system running smooth at hospitals• Provides zero-day protection for sustainable FDA compliance • Change control dictates what can be changed or installed
OEM Case Study: Merge Healthcare MRI
Confidential McAfee Internal Use Only
Advantech PartnershipAdvantech PartnershipOEM/ODM Success
– Partnership since 2012– SUSIAccess incorporating McAfee Embedded Security– Design wins in Digital Signage, ATM, more to come
VAD Relationship– Partnership as of 2013 (NEW!)– Various verticals (i.e Industrial Automation,
Surveillance, Banking,)
The Advantech Advantage– McAfee Authorized Partner– Strong Intel/McAfee relationship– Access to Technology– Support/Services (i.e. Integration)
McAfee Embedded Security DistributionBusiness Model
McAfee Embedded Security Selling RuleMcAfee Embedded Security Selling Rule
Target Customer:
Customer who use anit-virus on embedded device
Where we should sell for:
Embedded Product is sold to device maker or related SI.
Key Concept Key Concept Solidify the whole hard disk
Prevent malware/hacker
White List ProtectionControl what software installs and runs, only authorized application on the list can be run on device
One time license chargeUnlike anti-virus need to pay annual fee
Products Datasheet Web-site
MIC McAfee Integrity Control(McAfee Embeded Control + ePO) http://www.mcaf
ee.com/tw/products/embedded-control.aspx
MEC McAfee Embedded Control
MAC w/ePO McAfee Application Control with ePOhttp://www.mcafee.com/tw/products/application-control.aspx
MAC w/o ePO McAfee Application Control without ePO
McAfee Embedded Security
ds-embedded-control
ds-application-control
MIC MECMAC w/ePO
MAC w/o ePO
Dynamic Whitelisting X X X XMemory Protection X X X XWrite Protection of System Binaries X X X XWrite Protection of Other Files X X File Integrity Monitoring X X Read Protection X X ePO management X X Reporting (ePO related) X X Inventory Analytics (ePO related) X X Image Deviation (ePO related) X X
McAfee Embedded SecurityFeatures Matrix
How to license?How to license?
Product Introduction
NDASigned with
McAfee
Product Evaluation & Development
Indirect OEM Software License
AgreementSigned with
McAfee
License Order
Product Distribution
Pricing TablePricing Table
McAfee Embedded
Security(USD)
MIC MEC MAC w/ ePO
MAC w/o ePO
(SUSIAccess version)
968EMLMIC1 968EMLMEC1 968EMLMAP1 968EMLMAC2
McAfee Integrity Control
(MEC with ePO)
McAfee Embedded
Control(MEC w/o ePO)
McAfee Application Control with
ePO
McAfee Application
Control without ePO
List Price 180 140 90 50Selling Price 152.0 109.2 70.2 39.0
*Listed Price is based on annual volume 1 ~ 99 Units*Please contact PM/PSM for special price if volume is greater than 100pcs
Comparison Table
McAfee Embedded Control
McAfee Application Control Anti-Virus Internet Security
968EMLMEC1 968EMLMAC2Technology Whitelisting Whitelisting Blacklisting Blacklisting
FeaturesFile Read & Integrity
,Anti-Virus & Prevent Hacking
Anti-Virus & Prevent Hacking Anti-Virus Prevent Hacking
Need Frequency Update No No Yes Yes
Unit Price (USD) 140 50 30/year 30/year
Our current McAfee Embedded Security Distribution Products
Other Distribution Channel Products
AppendixAppendix
Requirement Blacklisting Whitelisting
Embedded systems using built-in or legacy OS*
XAssuming you can implement latest antivirus on latest OS, there are support restrictions for legacy or built-in OS in the long term.
☑
Does not need virus signatures to protect, can be used for long-term support of built-in and legacy OS.
Impact on performance of embedded systems with limited hardware resources
XSystem load increases during virus signatures update or scanning, concern for performance degradation of active applications.
☑
No scanning, whitelist checking takes place when application starts, prevents virus execution with low overheads.
Requirements on user to manage the system
XVirus signatures update and scans must be carried out daily, confirmation takes up operating man-hours.
☑
No operational demands on the user after registering applications in the whitelist.
Blacklist & WhitelistBlacklist & Whitelist