IT vendors have been merging solutions for a number of years, trying to make their products work better together.
The latest is McAfee, which says its upcoming Threat Intelligence Exchange orchestrates local threat data from endpoints and network gateways with global threat intelligence information and enterprise-wide security products into a cohesive integrated security system. In essence its a unified threat defence system, the company says.
By sharing threat information across controls and directing preventative actions in real-time, TIE is able to provide immediate protection against the threats posed by advanced targeted attacks across both network and endpoint controls, the company said in a news release. “What has traditionally taken days, weeks or months now only takes milliseconds.”
TIE is a server-based solution that requires McAfee ePolicy Orchestrator 5.1, Agent 5.0 and VirusScan Enterprise 8.8 with patch 4.
Threat Intelligence Exchange (ITE) identifies malware patterns, immunizes assets against newly-identified malware, and prevents data from leaving the enterprise in real-time, McAfee says.
It uses a capability called SmartListing that allows broad security controls to extract and exchange contextual information from such examples as certificate information, reputation data, file characteristics and application behaviours within the environment.
The analysis allows the organization to accurately and instantly contain or allow any payload across the organization’s security controls, McAfee says.
It also works with McAfee’s Global Threat Intelligence service for a wider analysis.
TIE will be available in the second quarter.