• Home

  • Software

  • McAfee Иммунная система [ATD + TIE]

If you can't read please download the document

McAfee Иммунная система [ATD + TIE]

Embed Size (px)

DESCRIPTION

01.10.14 Описание новых технологий защиты, таких как "песочница" ATD, шина обмена данными TIE. Построение системы защиты которая умеет обучаться. Кроме прочего обзор решений McAfee по + защите конечных точек + шифрованию данных ~ ~ ~ Информация технического характера. Предназначена в первую очередь для сотрудников ИТ/ИБ департаментов.

Citation preview

  • 1. McAfee ConfidentialInternal Use Only McAfee ATD, TIE, EPS . . [email protected] 01-10-14

2. McAfee ConfidentialInternal Use Only . McAfee: Data Protection Email Security Endpoint Security Mobile Security One Time Password Security-as-a-Service Security Management : , , . radetskiy.wordpress.com [email protected] 3. McAfee ConfidentialInternal Use Only 1. + 2. [ATD + TIE] 3. McAfee ( ) 4. (McAfee + BitLocker + FileVault) 5. + MOVE 6. HIPS, AppControl, DevControl, DeepDefender & DeepCommand 7. EMM BYOD 8. 4. McAfee ConfidentialInternal Use Only 1. TIE VSE . . . IPS EG WG , , , 5. McAfee ConfidentialInternal Use Only 1. TIE VSE IPS EG WG TIE McAfee Threat Intelligence Exchange TIE McAfee GTI . : VSE TIE. . . 6. McAfee ConfidentialInternal Use Only 1. TIE McAfee GTI Cloud VSE , VSE : ( ), McAfee GTI . (DAT) , GTI , * . * - / 7. McAfee ConfidentialInternal Use Only 1. TIE McAfee GTI Cloud VSE () TIE McAfee Threat Intelligence Exchange TIE (TIE) , . TIE , McAfee GTI. TIE , . 8. McAfee ConfidentialInternal Use Only 1. ATD McAfee Advanced Threat Defense - - - ( ) - 3 5 , , production - - VSE, EG, WG, IPS PC1 PC2 SRV1 9. McAfee ConfidentialInternal Use Only 2. Black Hat 2014 The State of Incident Response . APT . 10. McAfee ConfidentialInternal Use Only 2. McAfee ESM McAfee VSE Threat Intelligence Module McAfee VSE Threat Intelligence Module McAfee ePO McAfee ATD McAfee Web Gateway McAfee Email Gateway McAfee NGFW McAfee NSP Data Exchange Layer 3rd Party Feeds McAfee TIE Server 11. McAfee ConfidentialInternal Use Only 2. McAfee ESM McAfee VSE Threat Intelligence Module McAfee VSE Threat Intelligence Module McAfee ePO McAfee ATD McAfee Web Gateway McAfee Email Gateway McAfee NGFW McAfee NSP Data Exchange Layer 3rd Party Feeds McAfee TIE Server ATD VSE* * . . 12. McAfee ConfidentialInternal Use Only 2. McAfee ESM McAfee VSE Threat Intelligence Module McAfee VSE Threat Intelligence Module McAfee ePO McAfee ATD McAfee Web Gateway McAfee Email Gateway McAfee NGFW McAfee NSP Data Exchange Layer 3rd Party Feeds McAfee TIE Server NOYES ATD , 13. McAfee ConfidentialInternal Use Only 2. McAfee ESM McAfee VSE Threat Intelligence Module McAfee VSE Threat Intelligence Module McAfee ePO McAfee ATD McAfee Web Gateway McAfee Email Gateway McAfee NGFW McAfee NSP Data Exchange Layer 3rd Party Feeds McAfee TIE Server ATD TIE 14. McAfee ConfidentialInternal Use Only 2. McAfee ESM McAfee VSE Threat Intelligence Module McAfee VSE Threat Intelligence Module McAfee ePO McAfee ATD McAfee Web Gateway McAfee Email Gateway McAfee NGFW McAfee NSP Data Exchange Layer 3rd Party Feeds McAfee TIE Server TIE 15. McAfee ConfidentialInternal Use Only 2. . , 2014 McAfee TIE. 2015 McAfee. TIE . ( ). , . , (, hex-, , / , ..). . 16. McAfee ConfidentialInternal Use Only 3. McAfee McAfee ePO Endpoint McAfee 70 - / . , McAfee ePO. . 17. McAfee ConfidentialInternal Use Only 3. McAfee McAfee ePO McAfee Agent Endpoint (, , ) , , . 18. McAfee ConfidentialInternal Use Only 3. McAfee McAfee ePO McAfee Agent VSE Endpoint , , , , / . 19. McAfee ConfidentialInternal Use Only 3. McAfee McAfee ePO McAfee Agent VSE DLP Encryption HIPS Endpoint LEGO. . . 20. McAfee ConfidentialInternal Use Only 4. McAfee ePO McAfee Drive Encryption + File and Media Windows , : (McAfee Drive Encryption) , (McAfee File and Removable Media protection) 21. McAfee ConfidentialInternal Use Only 4. McAfee ePO Apple FileVault McAfee Drive Encryption + File and Media Mac OS McAfee Management of Native Encryption (MNE), Apple File Vault. 22. McAfee ConfidentialInternal Use Only 4. McAfee ePO MS BitLocker Apple FileVault McAfee Drive Encryption + File and Media McAfee Management of Native Encryption , MS BitLocker 23. McAfee ConfidentialInternal Use Only 4. McAfee ePO MS BitLocker Apple FileVault McAfee Drive Encryption + File and Media McAfee Management of Native Encryption BitLocker Drive Encryption. . 24. McAfee ConfidentialInternal Use Only 4. / , . : , +PIN, +, . . + AD. Windows. // . . . , . USB . Windows. * : 1, 2 Drive Encryption File and Media 25. McAfee ConfidentialInternal Use Only 4. _ McAfee Drive Encryption 7.1.1 HDD AES256-CBC , USB , - Windows ( XP 8.1; 2003 2008 R2) 5 SSO, TPM, Intel AMT (vPro), UEFI, GPT, Secure Boot, Hybrid Boot, Cold boot Intel AES-NI * . .DOC .XLS .APPS 2 3 1 4 Files / App OS Encryption Driver HDD (SSD) Loremipsumdolorsitamet#$$%%#%%&& Loremipsumdolorsitamet#$$%%#%%&& 26. McAfee ConfidentialInternal Use Only 4. _ McAfee File and Removable Media P. / AES256; ; : ; . USB read only DLP Endpoint DevCon/DLP Endpoint 27. McAfee ConfidentialInternal Use Only 4. _ McAfee ePO , . 28. McAfee ConfidentialInternal Use Only 4. _ McAfee ePO 1 2 , . 29. McAfee ConfidentialInternal Use Only 4. _ McAfee ePO 1 2 , . . . 30. McAfee ConfidentialInternal Use Only 4. _ McAfee ePO 1 2 31. McAfee ConfidentialInternal Use Only 5. _ Windows. 2k SP4 2012. .VSE (Win) VSE (Lin) VSE (Mac) VSE for Storage VSE for Android VSE (cmd) MOVE deb rpm , Novell. . MacOS X Server Mac OS 10.7 . . NAS NetApp . . Android 2.1 4.. (). AIX, FreeBSD, HP-UIX, Sun, Linux, Windows. Standalone. Windows . . Hyper-V/VMware/Xen .. 32. McAfee ConfidentialInternal Use Only 5. MOVE _ (Multi-Platform) MOVE Security Appliance OS VSE VSE SVA MOVE MOVE McAfee ePO GTI MOVE AV VSE virtual switch 33. McAfee ConfidentialInternal Use Only 5. MOVE _ McAfee ePO MOVE Security Appliance MOVE MOVE OS VMware vShield Endpoint VMware ESX VMtools VMtools MOVE AV VSE GTI VMware VMCI vMotion 34. McAfee ConfidentialInternal Use Only 5. MOVE _ 3.5 3.5 GTI , (/) VMware VMware Windows 2008 R2 VM Linux OVF 450 1 1 ESX VMware vShield: VMCI vShield , RAM NSX Manager 35. McAfee ConfidentialInternal Use Only 6. McAfee HIPS zero day Windows Filtering Platform Windows 8.1 Server 2012 + . : - - - - VMware - IP GTI - - : - - - 36. McAfee ConfidentialInternal Use Only 6. McAfee Application Control ( , ) , Microsoft Windows NT, 2000 2014 zeroday , standalone , McAfee Application Control , . 37. McAfee ConfidentialInternal Use Only 6. McAfee Device Control / DLP Endpoint 9.3.300.31 . , , r/o USB . . , . Content Security Suite (MWG + MEG + NDLP Prevent + DC = DLP ) Device Control + (Email, Web, Print..). . Discover . . * * ** Windows Mac OS . Device Control DLP Endpoint 38. McAfee ConfidentialInternal Use Only 6. McAfee Device Control / DLP Endpoint 9.3.300.31 / 39. McAfee ConfidentialInternal Use Only 6. McAfee Deep Defender MBR BIOS ePO rootkits McAfee Intel Intel Core i3, i5, i7 Core i5 i7 vPro , . Intel VT. . , .. . 40. McAfee ConfidentialInternal Use Only 6. McAfee Deep Defender Intel vPro Active Management Technology (AMT) Intel vPro Intel AMT ePO; , KVM IP- (IP-KVM) Intel Core i5 vPro Core i7 vPro , . . 41. McAfee ConfidentialInternal Use Only 7. McAfee EMM12 (MDM) BYOD iOS, Android, WinPhone Enterprise Mobility Management (EMM) , (AES 256) Secure Container for Android . VirusScan Mobile for Android , : EMM : McAfee Complete Endpoint Protection Enterprise [CEB] Business [CEE] 42. McAfee ConfidentialInternal Use OnlyOctober 3, 201442 7. McAfee EMM12 43. McAfee ConfidentialInternal Use Only 8. - https://radetskiy.wordpress.com/ McAfee - , http://kc.mcafee.com McAfee - , http://www.mcafee.com/ru/ McAfee - , , - http://bakotech.ua/vendor/mcafee/ 44. McAfee ConfidentialInternal Use Only radetskiy.wordpress.com [email protected] . , . , ( ). , . . 45. McAfee ConfidentialInternal Use Only 46. McAfee ConfidentialInternal Use Only McAfee Email Gateway _ TLS, PGP, S/MIME / - Server to server Web- Email Gateway, Secure Web Mail Pull (link) , Email Gateway Secure Web Mail Push (attachment) 47. McAfee ConfidentialInternal Use Only Endpoint Protection Advanced Suite Complete Endpoint Protection Business (only 1k< users) Complete Endpoint Protection Enterprise Suite VSE for Windows + + + VSE for Linux + + + VSE for command line + + + EPS for Mac + + + HIPS for Windows (Desktop) + + + Site Advisor + + + Device Control + + + Application Control + Deep Defender + + EMM (MDM) + + Encryption disk & files & native + SPAM/AV for Exchange & Lotus + + + EPS 48. McAfee ConfidentialInternal Use Only MOVE AV _ ESX vSphere Platform VM APP OS Kernel BIOS VM APP OS Kernel BIOS OS vShield Endpoint Library MOVE AV SVA vShield Endpoint ESX Module vCenter VMTools Driver vShield Manager EPsec Interface VI Admin Security Admin APPsAPPsAPPs REST EPSec hooks McAfee Components EPSec APIsEPSec Components VMWare interfacesvShield Components New for EPSec 2.0 VMCI REST McAfee ePO AV Scanner DA T Engine Shared Cache GTI File Reputation VMs Clean cache 49. McAfee ConfidentialInternal Use Only MOVE October 3, 201449 Endpoint Endpoint Local Cache Local Cache Scan Server McAfee Agent Global CacheMcAfee AgentMcAfee Agent 50. McAfee ConfidentialInternal Use Only MOVE October 3, 201450 Endpoint Endpoint Local Cache Local Cache Scan Server McAfee Agent Global CacheMcAfee AgentMcAfee Agent MOVE 19870110AE 1D2675DB 51. McAfee ConfidentialInternal Use Only MOVE October 3, 201451 Endpoint Endpoint Local Cache Local Cache Scan Server McAfee Agent Global CacheMcAfee AgentMcAfee Agent , SVA 19870110AE 1D2675DB 19870110AE 1D2675DB 52. McAfee ConfidentialInternal Use Only MOVE October 3, 201452 Endpoint Endpoint Local Cache Local Cache Scan Server McAfee Agent Global CacheMcAfee AgentMcAfee Agent SVA , SVA 19870110AE 1D2675DB 19870110AE 1D2675DB 53. McAfee ConfidentialInternal Use Only MOVE October 3, 201453 Endpoint Endpoint Local Cache Local Cache Scan Server McAfee Agent Global CacheMcAfee AgentMcAfee Agent SVA : + GTI 19870110AE 1D2675DB 19870110AE 1D2675DB 54. McAfee ConfidentialInternal Use Only MOVE October 3, 201454 Endpoint Endpoint Local Cache Local Cache Scan Server McAfee Agent Global CacheMcAfee AgentMcAfee Agent , / / ( ) 55. McAfee ConfidentialInternal Use Only MOVE October 3, 201455 Endpoint Endpoint Local Cache Local Cache Scan Server McAfee Agent Global CacheMcAfee AgentMcAfee Agent , , 19870110AE 1D2675DB 19870110AE 1D2675DB 1987.. . 1987.. . 56. McAfee ConfidentialInternal Use Only MOVE October 3, 201456 Endpoint Endpoint Local Cache Local Cache Scan Server McAfee Agent Global CacheMcAfee AgentMcAfee Agent , . . 1987.. . 1987.. . 19870110AE 1D2675DB 57. McAfee ConfidentialInternal Use Only MOVE October 3, 201457 Endpoint Endpoint Local Cache Local Cache Scan Server McAfee Agent Global CacheMcAfee AgentMcAfee Agent , . . 1987.. . 1987.. . 19870110AE 1D2675DB 19870110AE 1D2675DB 58. McAfee ConfidentialInternal Use Only MOVE October 3, 201458 VMware ESX Hypervisor Endpoint Endpoint SVA McAfee AgentVMware VMtools Local Cache VMware VMtools Global Cache Local Cache (SVA) (ESX). vShield Endpoint MOVE. 59. McAfee ConfidentialInternal Use Only MOVE Scheduler VSE October 3, 201459 vCenter XenManager Hypervisor (vSphere, Xen) Hypervisor Manager MA OS VSE MA OS VSE MA OS VSE McAfee ePO 60. McAfee ConfidentialInternal Use Only _ DLP Endpoint 9.3.300.31 (Outlook + Lotus) + PDF XPS ( + ) + Web (IE + FF) , : TrueCrypt Citrix; 61. McAfee ConfidentialInternal Use Only McAfee Device Control / DLP Endpoint 9.3.300.31 () * (Online/Offline) ** DLP Endpoint : 62. McAfee ConfidentialInternal Use Only McAfee Deep Defender ? I/O Memory Disk Network Display CPU AV HIPS BIOS / APT DeepSAFE , MBR BIOS MBR 63. McAfee ConfidentialInternal Use Only McAfee Deep Defender . IT Help Desk AMT 5.1 220 Hard DriveIntel Core i5 vPro Processor Intel Chipset Intel Network Adapter Set specific wake-up time across Intel AMT systems Business PC 64. McAfee ConfidentialInternal Use Only McAfee Deep Defender , ? . ? IT Help Desk AMT (/) Intel Core i5 vPro Processor Intel Chipset Intel Network Adapter Hard Drive AMT Help Desk 65. McAfee ConfidentialInternal Use Only Secure Container McAfee EMM12 , [AES 256] : Word, Excel, PDF , 66. McAfee ConfidentialInternal Use Only McAfee EMM12 Android, , 67. McAfee ConfidentialInternal Use Only McAfee ESM McAfee VSE Threat Intelligence Module McAfee VSE Threat Intelligence Module McAfee ePO McAfee ATD McAfee Web Gateway McAfee Email Gateway McAfee NGFW McAfee NSP Data Exchange Layer McAfee Global Threat Intelligence 3rd Party Feeds McAfee TIE Server 68. McAfee ConfidentialInternal Use Only McAfee ESM McAfee VSE Threat Intelligence Module McAfee VSE Threat Intelligence Module McAfee ePO McAfee ATD McAfee Web Gateway McAfee Email Gateway McAfee NGFW McAfee NSP Data Exchange Layer NOYES McAfee Global Threat Intelligence 3rd Party Feeds McAfee TIE Server 69. McAfee ConfidentialInternal Use Only McAfee ePO Directory * ePO = McAfee ePolicy Orchestrator


高度な未知のマルウェア解析エンジン McAfee …...高度な未知のマルウェア解析エンジン McAfee Advanced Threat Defense(ATD) システムの課題 ネットワークIPS、メールセキュリ

高度な未知のマルウェア解析エンジン McAfee …...高度な未知のマルウェア解析エンジン McAfee Advanced Threat Defense(ATD) システムの課題 ネットワークIPS、メールセキュリ

Documents
McAfee Application Control

McAfee Application Control

Documents
ASOCIACIÓN PERUANA ATD

ASOCIACIÓN PERUANA ATD

Documents
McAfee Virtual Technician 6.0 - McAfee Consumer Support ...mvt.mcafee.com/mvt/Documents/WalkThruGuide/pt-br/MVTWalkThrough... · 2 Introdução ao McAfee Virtual Technician 9

McAfee Virtual Technician 6.0 - McAfee Consumer Support ...mvt.mcafee.com/mvt/Documents/WalkThruGuide/pt-br/MVTWalkThrough... · 2 Introdução ao McAfee Virtual Technician 9

Documents
Презентация на тему: Иммунитет. Иммунная система

Презентация на тему: Иммунитет. Иммунная система

Documents
OCEANO AZUL-McAfee

OCEANO AZUL-McAfee

Documents
McAfee › wp-content › uploads › 2020 › 04 › 774ee21...2 製品構成 Confidential McAfee Multi Access (MMA) PC 【Windows】 McAfee Internet Security (MIS) 【Mac OS】 McAfee

McAfee › wp-content › uploads › 2020 › 04 › 774ee21...2 製品構成 Confidential McAfee Multi Access (MMA) PC 【Windows】 McAfee Internet Security (MIS) 【Mac OS】 McAfee

Documents
Farmacologia ANTIDEPRESIVOS - ATD

Farmacologia ANTIDEPRESIVOS - ATD

Documents
R. Preston McAfee · R. Preston McAfee

R. Preston McAfee · R. Preston McAfee

Documents
ANEXOS AL INFORME DE MESA PERMANENTE DE ATD A LAS … › documentos › 2016 › atd › anexos-mesa-atd-junio-julio-16.pdfconsulta plural, donde se invitaría a participar a la ATD,

ANEXOS AL INFORME DE MESA PERMANENTE DE ATD A LAS … › documentos › 2016 › atd › anexos-mesa-atd-junio-julio-16.pdfconsulta plural, donde se invitaría a participar a la ATD,

Documents
McAfee Support Webinar

McAfee Support Webinar

Documents
McAfee LiveSafe€¦ · 2821 Mission College Boulevard Santa Clara, CA 95054 888 847 8766 McAfee y el logotipo de McAfee, McAfee LiveSafe, McAfee SiteAdvisor y McAfee SafeKey son

McAfee LiveSafe€¦ · 2821 Mission College Boulevard Santa Clara, CA 95054 888 847 8766 McAfee y el logotipo de McAfee, McAfee LiveSafe, McAfee SiteAdvisor y McAfee SafeKey son

Documents
John McAfee

John McAfee

Documents
Варвара Гарнюк - Как работает иммунная система

Варвара Гарнюк - Как работает иммунная система

Documents
Legislación ATD

Legislación ATD

Education
Εργασία ATD

Εργασία ATD

Documents
© 2008 McAfee, Inc. McAfee Artemis Technology Presentación para clientes

© 2008 McAfee, Inc. McAfee Artemis Technology Presentación para clientes

Documents
McAfee MOVE

McAfee MOVE

Documents
McAfee Labs Threat-Report...McAfee Labs Threat-Report, September 2016 | 2 Über McAfee Labs McAfee Labs ist eine der weltweit führenden Quellen für Bedrohungsforschung sowie -daten

McAfee Labs Threat-Report...McAfee Labs Threat-Report, September 2016 | 2 Über McAfee Labs McAfee Labs ist eine der weltweit führenden Quellen für Bedrohungsforschung sowie -daten

Documents
Иммунитет · 2020. 3. 17. · селезенка и лимфоидная ткань, ассоциированная со слизистыми). •Иммунная система

Иммунитет · 2020. 3. 17. · селезенка и лимфоидная ткань, ассоциированная со слизистыми). •Иммунная система

Documents
2018 ATD Debriefing - eaintra.exc.co.kreaintra.exc.co.kr/data/2018 ATD Debriefing_2.pdf2018 ATD ICE 개요 주요내용 올해로75회를맞는ATD International Conference & Expo는ATD가주최하는연례국

2018 ATD Debriefing - eaintra.exc.co.kreaintra.exc.co.kr/data/2018 ATD Debriefing_2.pdf2018 ATD ICE 개요 주요내용 올해로75회를맞는ATD International Conference & Expo는ATD가주최하는연례국

Documents
ATD Portfolio

ATD Portfolio

Design
McAfee Support Webinars

McAfee Support Webinars

Documents
Иммунная система

Иммунная система

Documents
Лекция 8. 1. Иммунная система и заболевания, связанные с ее расстройствами

Лекция 8. 1. Иммунная система и заболевания, связанные с ее расстройствами

Documents
McAfee DLP

McAfee DLP

Documents
McAfee Database Security

McAfee Database Security

Documents
R. Preston McAfee › PDF › AnimalSpirits.pdf · R. Preston McAfee

R. Preston McAfee › PDF › AnimalSpirits.pdf · R. Preston McAfee

Documents
Платформа McAfee Enterprise Mobility Managementсегодня мобильных устройств McAfee может обеспечить полную безопасность

Платформа McAfee Enterprise Mobility Managementсегодня мобильных устройств McAfee может обеспечить полную безопасность

Documents
McAfee Encryption 2015

McAfee Encryption 2015

Technology