McAfee System Protection
Protect your network from noncompliant or infected systems
Noncompliant, infected, or misconfigured systems pose security risks and incur costs due to system downtime and restoration. Even one infected host already on the network can cause disruptions to network bandwidth or can infect other compliant systems. Boost NAC with McAfee IntruShield® IPS to protect high-risk areas on the network by identifying, quarantining, and remediating infected devices.
About the Author
Jamey Heary, CCIE No. 7680, is currently a security consulting systems engineer at Cisco Systems, Inc., and works with its largest customers in the Northwest United States. Jamey joined Cisco in 2000. He currently leads its Western Security Asset team and is a field advisor for the U.S. Security Virtual team. Prior to working at Cisco, he worked for the Immigration and Naturalization Service as a network consultant and project leader. Before that he was the lead network and security engineer for a financial firm whose network carries approximately 12 percent of the global equities trading volume worldwide. His areas of expertise include network and host security design and implementation, security regulatory compliance, and routing and switching. His other certifications include CISSP, CCSP, and Microsoft MCSE. He is also a Certified HIPAA Security Professional. He has been working in the IT field for 13 years and in IT security for 9 years. He has a BS from St. Lawrence University.
About the Contributing Authors
Jerry Lin, CCIE No. 6469, is a consulting systems engineer for Cisco and is based in southern California. He specializes in security best practices. Jerry has worked with a variety of Cisco enterprise customers in areas such as software development, local government agencies, K—12 and universities, high tech manufacturing, retail, and health care, as well as managed web-hosting service provider customers. He holds his CCIE in routing and switching as well as in CCDP and CISSP. Jerry has been working in the IT industry for the past 12 years. During the late 1990s, he worked as a technical instructor. Jerry earned both a bachelor’s degree and a master’s degree in mechanical engineering from the University of California, Irvine.
Chad Sullivan, CCIE No. 6493 (Security, Routing and Switching, SNA/IP), CISSP, CHSP, is a senior security engineer and owner of Priveon, Inc., which provides leading security solutions to customers globally. Prior to starting Priveon, Chad worked as a security consulting systems engineer at Cisco. Chad is recognized within the industry as one of the leading implementers of the Cisco Security Agent product and is the author of both Cisco Press books dedicated to the Cisco Security Agent.
Alok Agrawal is the technical marketing manager for the Cisco NAC Appliance (Clean Access) product. He leads the technical marketing team developing technical concepts and solutions and driving future product architecture and features. He works with the Cisco sales and partner community to scale the adoption of the NAC Appliance product line globally. Prior to joining the Cisco Security Technology Group, he worked in the switching team of the Cisco Technical Assistance Center. He has a strong background in routing and switching and host security design and implementation. Alok holds a master’s degree in electrical engineering from the University of Southern California and a bachelor’s degree in electronics engineering from the University of Mumbai.
Mobile Workers and Guest Users May
Breed Security Threats and Pose Risk to Regulatory Compliance Juggling compliance audits with timely remediation of non-compliant, infected, and misconfigured systems can leave you vulnerable. Do you want to deploy a network access control (NAC) solution but feel frustrated with products that are unmanageable, very complex to deploy, and too expensive? Give yourself some breathing room with McAfee® Total Protection for Endpoint—Advanced, which includes McAfee Network Access Control solution. McAfee Network Access Control keeps you updated with new threat information while enforcing compliance, ensuring healthy networks, and addressing concerns about the cost, manageability, and complexity of most other NAC solutions.
NAC Benefits:
1. Minimize risk of outbreaks while allowing for policy flexibility
2. Protect your network from zero-day threats and infected guest devices; monitor the network continuously for threat assessment and attack behavior originating from all types of devices Minimize exposure from noncompliant, infected, or misconfigured systems
3. Allow only authorized devices to have network access: enforce compliance by scanning devices to test their overall security posture as they attempt to log onto a network Reduce downtime and risk
4. Guard against infections and vulnerabilities from mobile devices; identify and quarantine misconfigured systems and company laptops that fall out of compliance; enforce network access decision at the system level; remediate noncompliant devices automatically Make intelligent decisions based on real knowledge
5. Gain visibility of system and network threats with efficient security collaboration; breakthrough McAfee ePolicy Orchestrator® (ePO™) integration provides real-time visibility of actionable system host details, as well as the most relevant host IPS, anti-virus, and spyware events Leverage your existing network infrastructure
6. Deploy to all ePO managed systems in your network infrastructure without hardware replacements; get continuous, broad protection that keeps up with the latest threats with McAfee Total Protection for Enterprise—Advanced with NAC included; manage it all from a single, centralized console.
McAfee Makes NAC Accessible
You are not alone among enterprises that are reluctant to deploy an NAC solution. Prior options are unmanageable, too complex to deploy, and expensive—especially when you include product, deployment, and ongoing maintenance costs. McAfee addresses all of these concerns and more with:
McAfee addresses all of these concerns and more with a global partner ecosystem of distributors, value-added distributors (VADs), value-added resellers (VARs), and systems integrators, all offering product order fulfillment, professional services for deployment, and solution training for NAC administrators.
Yahoo Partners With McAfee To Make Search More Secure
Following Google (NSDQ: GOOG)'s lead, Yahoo (NSDQ: YHOO) is moving to make its search engine safer.
Yahoo and McAfee on Tuesday announced a partnership to integrate McAfee's SiteAdvisor technology with Yahoo Search. SiteAdvisor tracks Web site security issues, identifying sites associated with adware, malware, spyware, phishing, and spam.
More Security Insights White Papers CISSP Exam Tips Security vs. Flexibility: Must IT Management Choose? WebcastsWeb 2.0: Business Opportunity or Security Threat? Managing Risk and Bringing Rigor to Information Security ReportsWeb 2.0 Gets Down To Business Rolling Review: Microsoft NAP The new SearchScan feature in Yahoo Search is a manifestation of the partnership. It provides red warning messages about the risks posed by Web sites that appear in Yahoo Search results lists.
Google began flagging risky search results in February 2007.
"Searching on the Web can present a minefield of spyware, malware, and other malicious sites that can cause serious harm to your PC and cost you valuable time and money," said Vish Makhijani, senior VP and general manager of Yahoo Search, in a blog post. "We are taking steps to make you feel safe when searching the Web -- warning you about dangerous sites before you click on them."
According to Makhijani, "No other search engine today offers you this level of warning before visiting sites. Period."
Citing a March 2008 survey conducted by marketing research services provider Decipher, Yahoo and McAfee claim that 65% of Americans online are more worried about clicking unsecured search listings than the threat of neighborhood crime, getting one's wallet stolen, or e-mail scams. Unfortunately, Decipher hasn't posted this survey online, making it harder to divine why so many people supposedly prefer being pistol-whipped and robbed to a malware infection.
Tim Dowling, VP of McAfee's Web security group, said that SearchScan tests for browser exploits, so it will detect sites where malware is delivered through online ads.
According to a Google security report published in February, 2% of malicious Web sites were delivering malware via advertising. Because ads tend to be placed on popular sites, searchers encounter them more often than their general prevalence suggests. "On average, 12% of the overall search results that returned landing pages were associated with malicious content due to unsafe ads," the report said.
Flagging such sites, however, is not without problems. Web sites penalized by McAfee's scarlet letter may see a drop in visitors despite the possibility that the fault may lie with the security of the site's ad syndication network rather than with the hosting site itself. Still, fear of such stigma may make site owners demand better security at ad networks, which would improve Internet safety for everyone.
It's something of a surprise to find Yahoo striking a deal with McAfee given that McAfee in May 2007 fingered Yahoo as the search engine with the greatest percentage of risky search results (5.4%). But perhaps having partnered with McAfee, Yahoo will fare better in McAfee's forthcoming 2008 State of Search Engine Safety survey.
Asked whether Yahoo's new relationship with McAfee represents a conflict of interest that might affect the search engine's ranking in McAfee's upcoming survey, Dowling replied, "It's hard to say whether there's a real conflict of interest. It's a pretty quantitative study." He added that due to Yahoo's commitment to cleaner search results, "I would expect Yahoo to be the safest search engine, or one of them."
Dowling said McAfee was running a bit behind in compiling the data for its 2008 search safety survey but did provide a preview: Sponsored search results are twice as likely to link to malicious sites as organic search results, he said. "The bad guys try to look good and Internet advertising is a way they can buy their way into a higher search result position," he said.
Dowling also said that search engines collectively serve 8 billion risky sites per month worldwide.
Testimonials 1
I want to start out by saying that this book completely exceeded my expectations for the first NAC Appliance book. I wish this was published 3 years ago. The author clearly articulates the business benefits of NAC, including how NAC provides return on investment (ROI), which gives any reader the know-how to wisely purchase Cisco NAC Appliance. He also shows his technical expertise by diving extremely deep into the inner workings of Cisco NAC Appliance, which gives engineers, consultants, and operations the information they need to successfully deploy or maintain the product.
This book shows great details into the process flows of In-Band & Out-of-Band users, Clean Access Agent (CAA) users and network scanning users. The information on the different deployment options and how to use them in diverse environments is great to start your NAC Design. This book makes the confusing topics seem easy and manageable.
Some of the highlights that caught my eye and I thought everyone would like were:
- Chapter on Host Security Policy - An amazing deal of information on how to design/create a Host Security Policy as it relates to NAC Appliance is invaluable to deployments
- Exploration of High Availability and Load Balancing - Information on how to load balance Clean Access Servers using the CSM, CSS, ACE and PBR cannot be found anywhere else. This includes saving money on Failover Bundles by using N+1 Failover
- Layer 3 OOB Deployment options - Walk through of the benefits of the different methods of deploying L3 OOB, e.g. PBR, ACLS, VPNs, etc.
- Deployment Best Practices - An entire chapter on how to plan, schedule, and keep all parties happy for your NAC Appliance deployment
- Monitoring & Troubleshooting information - detailed list of all logs located on the CAM and CAS, as well as the information on how to troubleshoot and monitor online users
All in all this is a great book and I would recommend it for all people interested in Buying, Deploying, Operating, or Troubleshooting Cisco NAC Appliance. This is definitely a great reference manual to have at your desk!
Testimonials 2
The Cisco Self Securing Network platform is currently structured around several cornerstone technologies of which the Cisco Clean Access technology is a leading component. The Cisco Clean Access technology is one of several industry wide Network Admission Control (NAC) technologies which rely on a combination of client-server components. The Cisco Clean Access suite includes a client component which could be host-installed applet or a browser based applet that can read basic configuration data from a host machine and communicate compliance to enterprise defined rules/policies which are pre-defined on a clean access server appliance and other coorperating systems. The book, Cisco NAC Appliance is a good guide for administrators deploying this complex set of solutions brought from Perfigo Inc. after Perfigo's acquisition by Cisco 2006.
The book's organization and tone is aimed at security architects, security managers and security administrators. While a security architect will better understand the various deployment options and thus the place of the Cisco NAC framework in an enterprise, security managers will get a comprehensive enough view of the Cisco NAC framework to make the judgment call on actual deployment of the infrastructure and of course make decisions on cost/facility and better grapple with the potential cost benefit requests from enterprise's executive and the security administrator will have a quick guide handbook to help wade through the myriads of documentations from Cisco on its evolving SAFE architecture in general and the NAC framework in particular.
The organization of this book is excellent for the intended audience; six parts covering the basics of host security landscape, design of Cisco NAC appliance, developing a host security policy, the Cisco NAC configuration, some deployment best practices, and of course NAC appliance maintenance and troubleshooting. The six parts are laid out in fifteen accessible chapters spanning more than 500 pages with generous amount of configuration examples and screenshots.
With Cisco now having more than 45% market share in the endpoint access control market, books like these can only increase in importance as a guide to organizations grappling with the decision on what and where to deploy these technologies.
And for this volume, the taste of the pudding remains in the eating. So if you don't have a copy yet, go grab one (so long as you are interested in some endpoint security solutions now or at some point in the future). As for rating, I'll give it my best rating so far, four star out of five.
No comments:
Post a Comment