Presentation is loading. Please wait.

Presentation is loading. Please wait.

McAfee Data Protection

Published byDennis Collins Modified over 6 years ago

Similar presentations

Presentation on theme: "McAfee Data Protection"— Presentation transcript:

1 McAfee Data Protection
Total Protection Suite for Data (ToPS Data)

2 McAfee Data Loss Prevention
You need To prevent users from accidentally or maliciously leaking sensitive data Full visibility and control over usage & movement of confidential data To enable your infrastructure and data to protect itself McAfee offers Protection against accidental leakage via everyday user tasks Complete spectrum of actionable responses upon detecting loss of confidential data such as Detailed logging & forensic evidence gathering Real-time prevention & blocking User and administrator notification Quarantine of confidential data Data Loss Prevention Device Control Encrypted USB Endpoint Encryption Printer Monitor Usage Print Screen USB Copy

3 McAfee Data Loss Prevention
By location By content By file-type Classify confidential data Monitor sensitive data transfer Build content-based, reaction rules Prevent confidential data from leaving the enterprise Quarantine confidential data Notify administrator and end users Enforce encryption

4 McAfee Device Control You need McAfee offers
To monitor and allow only authorized devices to connect to endpoint Restriction and blocking capabilities of the use of unauthorized devices such as iPods Enforcement control over what data can be copied onto authorized devices McAfee offers Fine-grained control of data and devices Only allow company-authorized devices Enforce control over what data can be copied to devices Policies per user, group or department, i.e. allow CEO to connect any device while other employees can only connect sub-set of devices Detailed user and device-level logging for auditing and compliance needs Data Loss Prevention Device Control Encrypted USB Endpoint Encryption FireWire

5 McAfee Device Control Serial/Parallel CD/DVD FireWire USB Bluetooth WI/IRDA Other ePO Management Console Policies Device and Data Events Based on McAfee Data Loss Prevention (DLP) technology Complete content-aware, and context-aware device-blocking capability Regulate how users copy data to external devices Increase productivity and the ability to safely use any USB devices as part of daily work activities Ensure control of all external devices

6 McAfee Endpoint Encryption EEPCv.6.X
You need Encryption for laptops, desktops, and mobile devices with the flexibility to choose full-disk or file/folder encryption Confidence in integrity of sensitive data when a device is lost or stolen Safe Harbor protection (i.e. Loss of encrypted data = non-event and does not require public disclosure) McAfee offers Broad support for laptops, desktops, and mobile devices Full audit-trails for compliance & auditing needs Support for multiple strong authentication methods Certifications: FIPS 140-2, Common Criteria Level 4 (highest level for software products), BITS, CSIA, etc. Data Loss Prevention Device Control Encrypted USB Endpoint Encryption

7 McAfee Endpoint Encryption File and Folder Encryption
Full Windows Explorer integration Automatic encryption and decryption with no performance loss, transparent enforcement of information security policies to end-users No end-user managed data security Protect files and folders on desktops, laptops, and servers A minimum of user interaction Effortless strong encryption of sensitive information No security at the end-users’ own discretion Easy sharing of encrypted documents among authorized users 1 Corporate Directory Administrator 2 3 Client Computer Client Computer Client Computer 4 File Server 5 Terminal Server

8 File & Folder Encryption Features
Policy controlled, user transparent encryption of: Local documents and folders File server documents and folders Removable media Encrypted attachments (user initiated) Internal (Recipients with client) External (Recipients without client) True on-the-fly encryption & decryption when accessing and saving protected documents Flexible policy assignments and management Encryption keys and encryption settings managed from McAfee Encryption Manager Amount of end-user options subject to policy control Policies cannot be circumvented by end-users

9 Key Differentiators - Summary
Persistent Encryption Encryption “travels” with the document Central Management No user decisions. Policy enforcement All action on client side No software or payload on file servers Management Centre One powerful admin console for all products Encrypt at all levels Individual files or entire folders, or both Document location and/or type Encryption based on location and/or file type Sharing of encrypted documents Transparent sharing between auth. users Client side activity monitor Allow the user to see how a policy is enforced Automatic pagefile encryption No information leakage in virtual memory One client for multiple purposes One-stop-shopping for file encryption

10 McAfee Endpoint Encryption Mobile Device Encryption
Removable Media External/Removable Media Encryption Ensures that data stored on removable cards can only be accessed from the device from which it came Removable Media Options Allow encrypted media only Allow full access to encrypted media and read-only access to un-encrypted media Block all access to all media Deny access to un-encrypted cards

11 What is McAfee Endpoint Encryption for PC v.6?
Full Disk Encryption (FDE) Software to encrypt every sector of internal hard disks Guarantees data is encrypted while at rest on the disk This assurance is used to claim safe harbor from most data protection regulations .DOC .XLS .APPS 2 3 1 4 Files/APPS Operating System Encryption Driver Hard Disk Lorem ipsum dolor sit amet #$$%%#%%&& Average cost of a lost laptop is $49,246. If you can prove it was encrypted, the cost is reduced by at least $20,000. Average cost of a single lost record is $204. Average total cost of a data breach in 2009 was $6.75 million. Source: 2009 Ponemon Institute “Cost of a Data Breach Report” commissioned by Intel.

12 Proactive Reporting in ePO – The Difference
Prior to ePO, SafeBoot reporting was limited to SafeBoot installed machines – no information about the machines which are NOT secured Reactive Reporting: check protection status of a laptop post theft; if machine not listed in the report it means not secured NEW integrated ePO reporting of Endpoint Encryption reports on the entire ePO managed machine network Proactive Reporting: embedded Endpoint Encryption reporting through ePO presents machines which are not protected with Endpoint Encryption. ePO can then deploy the client to these machines directly.

13 Proactive Reporting in ePO – Discovery
Compliance reporting with other vendors is limited to installed machine or an application running on the machine itself With the proactive ePO reporting approach McAfee can go one step further and find non-secured machines, although no agent is running on the machine Use the built-in “ePO Rogue System detection” option to determine the machines in your organization not running the McAfee Agent (MA)

14 Default Dashboard for Endpoint Encryption for PC
This report shows the encryption technology installed with Endpoint Encryption Installation Status Report Endpoint Encryption Installed: Yes/No?

15 New Endpoint Encryption Architecture in ePO
ePO provides central policies, key management and central user provisioning for Endpoint Encryption products. One Client Manager (MA – McAfee Agent) handling multiple Endpoint Security products. ePO Agent (MA) Framework Host Compliance Anti-Virus Anti-Spyware Desktop FW Host IPS NAC Remediation Host DLP Endpoint Encryption for PC Endpoint Encryption for Files and Folder McAfee ePO v4.5 Secure Communication Channel User and Machine Import Active Directory & LDAP

16 ePO Integration Goals Objective reduce overall operational costs associated with an encryption product and to make an Administrator’s life easier Deployment Reporting Same tasks and policies regardless of operating system or software/hardware encryption technology Improved support for Clustering Scalability Virtualization

17 Endpoint Encryption Policy in Catalog
The new Endpoint Encryption Common Policy has two categories (Product Settings, User Based Policies)

18 Logon Settings per Platform
Endpoint Encryption Logon Section with settings for the PreBoot Logon Windows specific Logon Section

19 Full Disk Encryption Features for PC v.6
Management Features McAfee System audit for proof of encryption Secure key backup Enterprise scalability Role based access control Centrally managed policies Directory and PKI integration Web based console Management dashboards Reports and custom reports Administrator audit Endpoint event audit (failed logon attempts, etc)

20 Full Disk Encryption Features for PC v.6
Agent Features McAfee Transparent to end user Cannot be removed or disabled by end user Encryption keys stored securely Pre-boot authentication Active Directory integration & Single Sign On Fault tolerant, can survive reboots during encryption Multi-factor authentication Windows 7 32bit & 64 bit support v AES 256 bit encryption Secure hibernation Secure client to server communication Agent can sync while off the network End user access can be revoked on the fly by administrator 20

21 Why McAfee? Sustained product leadership #1 choice for enterprises
Over 8,000,000 nodes encrypted worldwide Mature product, original code launched in 1992 Part of comprehensive data protection product suite McAfee Total Protection for Data suite won over Gartner with best-in-class execution, integration and vision as compared to other vendors in the data protection industry.

22 Why McAfee? Phased approach to data protection
Total Protection for Data Suite Function Endpoint Encryption for PC Full Disk Encryption Endpoint Encryption for Files & Folders Encrypt files and removable media Endpoint Encryption for Mobile Encrypt smart phones Device Control Block and manage devices Host Data Loss Prevention Discover and protect data in use Phased approach to data protection Block unauthorized devices Encrypt laptops Monitor and secure all data routes Discover and Classify Data Intelligent Audit and Forensics

23 Users are referenced not created
Users in version 6.0 Users are referenced not created Referenced from Active Directory or LDAP No local users Quicker provisioning times possible Can be used with Auto-Discovery of users functionality ePO support 4.5: Active Directory only 4.5 Patch 2: Will include LDAP support

24 Encryption Settings Encryption Policy to encrypt: - None - All
- Boot Disk only - All except Boot Disk TCG Opal Drive EEPC Software Encryption Policy to define Encryption Provider Priority. If you want to manage various hardware technologies via ePO you can configure and order the preferred provider here.

25 Trusted Computing Group Opal Self Encrypting Drives
McAfee are an active contributor and voting member of the TCG Storage Working Group and provide input to the Opal and Marble specifications EEPC Version 6.x products will support Self-Encrypting Drives that adhere to the Opal (and Marble) specifications from TCG McAfee is currently working in conjunction with various manufacturers on incorporating their Opal Drives into EEPC V6.x

26 Client Supported Platforms and Languages
Management (ePO) Japanese, French, Spanish, Chinese (Traditional and Simplified), Russian, German, Korean. Fully localized and supported Client Same languages and support as Management section Additional client languages fully localized and available by NOT supported at GA date Portuguese, Brazilian Portuguese, Italian, Dutch, Greek, Swedish, Norwegian, Danish, Finnish, Polish, Arabic, Estonian and Thai Supported as of version 6.0.1 32-Bit Only 32 and 64-Bit 32 and 64-Bit 32-Bit Only 32 and 64-Bit

27 McAfee Encrypted USB Deploy easily on an enterprise-wide scale
Easily deploy and track devices through a single console Streamline workflow to save time and money Leverage Active Directory to match users and devices Encrypt data on-the-fly Enable secure data portability McAfee Encrypted USB devices are centrally managed and deployed easily on an enterprise-wide scale. Administrators can easily track devices through one back-end database. This helps to streamline the workflow to save customers time and money. Encrypted USB can leverage Active Directory to match users and devices and will support any organization from 10 to an unlimited number of users. 27

28

Download ppt "McAfee Data Protection"

Similar presentations

Powerful and convenient management for Windows Mobile ® 6.1 devices in an enterprise environment. These features include: Centralized, over-the-air device.

Powerful and convenient management for Windows Mobile ® 6.1 devices in an enterprise environment. These features include: Centralized, over-the-air device.
Ljubomir Ivaniš CPU d.o.o.

Ljubomir Ivaniš CPU d.o.o.
COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.

COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
By HAIDER I MOHSIN Securing Confidential Data with Data Loss Prevention Systems.

By HAIDER I MOHSIN Securing Confidential Data with Data Loss Prevention Systems.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
This presentation will take a look at to prevent your information from being discovered by and investigator.

This presentation will take a look at to prevent your information from being discovered by and investigator.
Managed Infrastructure. 2 ©2015 EarthLink. All rights reserved. IT resources are under pressure… is it time to rethink the IT staffing model? Sources:

Managed Infrastructure. 2 ©2015 EarthLink. All rights reserved. IT resources are under pressure… is it time to rethink the IT staffing model? Sources:
Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.

Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.
Data Encryption Overview South Seas Corporation Jared Owensby.

Data Encryption Overview South Seas Corporation Jared Owensby.
McAfee Data Protection Total Protection Suite for Data (ToPS Data)

McAfee Data Protection Total Protection Suite for Data (ToPS Data)
Maintaining Windows Server 2008 File Services

Maintaining Windows Server 2008 File Services
©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security Current portfolio and looking forward October 2010.

©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security Current portfolio and looking forward October 2010.
Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.

Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.

Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
New Data Regulation Law 201 CMR 17.00. TJX Video.

New Data Regulation Law 201 CMR TJX Video.
IT-Partners Limited © 2011 IT Partners Limited Y OUR IT SOLUTION P ARTNERS Managing Director Confidential Data Loss Prevention Sunny Ho 1.

IT-Partners Limited © 2011 IT Partners Limited Y OUR IT SOLUTION P ARTNERS Managing Director Confidential Data Loss Prevention Sunny Ho 1.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.

Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

Similar presentations

Ads by Google