Cloud Security – Intel/McAfee – Interop 2011
May 11, 2011 - Las Vegas, NV - A joint security offering from Intel and it wholly owned subsidiary McAfee was presented at Interop. In addressing the issue of cloud security, they have taken a two part approach - a security software solution and a hardware appliance device. The issue is how to protect the three types of data streams they are seeing in the cloud - web traffic, authentication traffic, and email. The goal is any device anywhere in a safe and secure use mode.
The current cloud offering has shared Intel and McAfee assets. McAfee is bringing software to cloud security through their global threat intelligent and data loss prevention products which are part of their email and web security offering. Intel is bringing hardware in the form of an identity management and services gateway which supports provisioning and federated signon using 2 factor authentication. These devices incorporate Intel Protection Technology (IPT) which is a device ID system that checks if the communication is coming from a device that can deliver and support authentication.
The Gateway product authenticates credentials and payloads for apps and the app communication channel, but does not interogate the payload itself. The gateway is FIPS 140-2 L3 compliant when configured for two factor authentication, and L2 for single factor methods. In addition to the IPT, the gateway device is TPM compatible.
The solution is deployable as an on-premise, SaaS, or virtual configuration. The base setup and all options are licensed on a subscription basis, so the entire use model is under the OPEX budget. These devices are outbound looking products and part of a unified management system for data transaction processing when combined with a traditional IPS/Firewall for supporting inbound traffic. For the end clients on the outbound side, there is a cleint that loads on that is similar to a vpnsetup.