Hybrid environments—whether they are private clouds bridging to public clouds or traditional data centers bridging to public clouds—have become the de facto service architecture for most enterprises. We all want the agility, cost benefits, and competitive advantages associated with the hybrid cloud, but we often hit a wall when it comes to key aspects of security: protection against advanced threats, compliance, and policy enforcement.
In the past, when attempting to secure public cloud instances, you were left with two options: (1) deployment of policies across a whole host of unintegrated tools or (2) “retrofitting” tools that were never designed to work with virtual machines (VMs) running in the cloud and risk poor performance, inadequate coverage, and reduced VM density. And beyond migrating workloads to the cloud, you’re also concerned about coordinating your security so that it’s consistent across your entire infrastructure—whether residing on premises or in the cloud.
With the rollout of several McAfee technologies, these concerns are put to rest— whether you’re engaging in the “lift and shift” process of moving your workloads to the cloud or are already fully cloud-enabled and need extra assurance that your workloads are secure. McAfee is enriching its portfolio of technology built to run in the public cloud by:
- Providing a comprehensive approach to security that encompasses both cloud workloads and on-premises assets
- Supporting leading cloud services environments like Amazon Web Services (AWS) and Microsoft Azure
- Automating cloud security policies by using familiar tools like Chef and Puppet
- Streamlining security management to extend visibility and policy enforcement to virtual machines in the private cloud and public cloud workloads, as well as traditional endpoints and physical servers
McAfee® Cloud Workload Security is a pivotal offering that can help you leverage all the goodness derived from migrating your workloads to the cloud with speed and simplicity. Management is made easy through integration with the McAfee ePolicy Orchestrator (McAfee ePO) console.
McAfee Cloud Workload Security Makes This Happen By:
- Increasing visibility: Continuous workload discovery gives you a centralized perspective of all instances across your AWS, Microsoft Azure, and VMware accounts, while automation templates ensure that your workloads are protected from the start.
- Extending and optimizing core threat defense capabilities to the cloud: These include advanced countermeasures architected to ensure the high performance you have come to expect from the cloud: machine learning, cloud-native network security, advanced analytics, anti-malware, whitelisting, application containment, and file integrity monitoring.
- Simplifying management complexity: As part of our commitment to cloud security, we’ve also expanded our portfolio of technologies built to support public cloud platforms and ensure consistent security across your entire infrastructure—from on premises to the cloud. With a single-pane-of-glass console that consolidates security policy and management across physical endpoints and servers, virtual servers and desktops (VDI), and hybrid and multicloud environments, complexity and cost are dramatically reduced.
These offerings, which include McAfee Web Gateway in Amazon Web Services (AWS) and McAfee Advanced Threat Defense in Microsoft Azure, will help ease and enable your digital transformation, as you increasingly incorporate cloud services into your operation.
McAfee Web Gateway in AWS Now Provides:
- Expanded deployment flexibility by now including AWS as an option. This is in addition to on-premises (virtual or dedicated hardware), hybrid environments, and software-as-a-service (SaaS)
- Protection as a forward proxy, reverse proxy, and as an ICAP server delivered from AWS
- The same granular security policy control in AWS as on premises, allowing for a lower TCO option to manage McAfee Web Gateway deployments anywhere
McAfee Advance Threat Defense in Azure Provides:
- Advanced detection techniques in Azure, including deep learning to pinpoint malicious behavioral patterns and to convict emerging, difficult-to-detect polymorphic threats
- The same benefits as the on-premises solution—from data privacy and version control to compliance and customizability—but with the savings and convenience associated with your Azure service
- Threat-sharing capabilities to enhance and automate investigations, including support for Data Exchange Layer (DXL) and REST application programming interfaces (APIs) to facilitate integrations with other products and widely used threat-sharing standards, such as Structured Threat Information eXpression (STIX)/ Trusted Automated eXchange of Indicator Information (TAXII)