At Intel Security’s Focus 2016 conference, a small group of Security Innovation Alliance partners (SIA) gathered for an invitation-only session to learn about Intel Security changes - where the big 'McAfee is back' announcement was made.
This was an exciting and welcoming announcement for all to hear, because it allows for a pure-play security focus, as well as McAfee to once again be nimble.
However, the message that resonated with me the most was the overall encouragement for SIA partners to collaborate within the security ecosphere - which is the game changer.
Collaboration between security partners is what sets McAfee apart as they have thrown out the idea of ‘competition,’ and is the first security authority to acknowledge that their solution...is just part of the solution.
In McAfee’s April 3 News Release, this is the corporate doctrine on collaboration:
Collaboration:
McAfee believes in the power of working together—only when people, technology and organizations work together can we become safer. The McAfee Security Innovation Alliance, the industry’s premier technology partnering program, boasts more than 135 partners globally. Over the past year, more than 30 partners have integrated or planned integrations with the McAfee Data Exchange Layer (DXL), the industry-endorsed communication fabric providing real-time interaction between applications.
This is the future of security and Garland Technology is positioned to be the connectivity foundation for all security vendors. The reality for several years has been a multi-vendor ecosystem; it’s just that McAfee said it first. For example, at a recent webinar we hosted with Palo Alto Network’s Fuel User Group, we surveyed the group and asked:
"How many security tools do you currently deploy?"
The answer from the majority of the group was "4 or more." The attendees - all Fuel Group User members, are in the same security stack scenario as everyone else managing the network's edge. We all know that more tools will be added to the stack, while some will need to share data and others will need only a slice.
Into the Sandbox
Managing the Edge is a neccessity in enterprise organizations. It's the network architect's delima on how to have multiple tools share the same data, without adding additional points of failure.
One of our approved joint solutions Chaining the Edge illustrates how to create a unified multi-vendors security layer.
Chaining, or serial deployment, creates a unified visibility layer by connecting all security appliances to each other through Garland Technology’s EdgeLens® - a hybrid bypass TAP and inline security packet broker system.
When the traffic enters the network, the EdgeLens sends data packets through the in-line security appliance chain, while each appliance analyzes the data. After the data is cleared, the EdgeLens copies and stores it for forensics analysis.
This full visibility allows administrators to monitor data packets both before and after they pass through the security stack while maintaining network efficiency. When adding McAfee Network Security Platform to an existing security stack, the EdgeLens plays a leading role by providing complete visibility and real-time monitoring for both in-line and out-of-band tools.
With encouragement of collaboration, we can work with our fellow SIA partners (and non SIA partners) to showcase real world security solutions. For example, in this chaining scenario, McAfee Network Security Platform integrates with Check Point’s next generation threat prevention platform (NGTX and DDoS) to share security intelligence in real-time. Through the EdgeLen’s chaining, the intelligence is then shared with Imperva’s SecuritySphere Web Application Firewall (WAF) to analyze user access to web applications.
Where’s Your Blind Spot?
There is an abundance of functionality crossover between security vendors, but each one has their speciality. By McAfee’s encouragement of creating a unified security platform, that is vendor agnostic, it elevates them to the leadership position they previously had. Time will tell if the message and reality are the same. From our perspective, it’s the bold move the industry needed.
To learn more about creating a unified security layer, watch our 6 minute video overview on chaining multiple, active, in-line security tools.