The Schwartz Report

Blog archive

Intel Steps Up Focus on Security

Intel Security last week made the case to partners and customers that it is now ready to be their primary supplier of enterprise security solutions. This culminates a year of a major revamping for the business.

Following last year's renaming of the business from McAfee to Intel Security, though keeping the latter branding on specific products, the company wants to be seen as one of the big boys, challenging the likes of Cisco, IBM, RSA and Symantec. It will do so by securing everything including sensors, mobile devices, PCs and all points in the enterprise datacenter and public cloud, while providing the needed wares to equip a security operations center (SOC).

While Intel Security wants to provide many of those wares, it will partner with others to ensure it is providing all of the protection enterprises need. At its Focus event last week in Las Vegas, executives said they want to help customers reduce the number of security vendors needed to provide the needed defenses while covering an ever-growing threat landscape. Over the past year Intel Security, with annual revenues of $3 billion last year, has reshaped its corporate strategy that focuses on the expanding attack surfaces from the endpoint to the network and cloud control points.

The company has brought in seasoned security veterans starting with Chris Young, senior vice president and general manager of Intel Security Group, who came over from Cisco where he was senior VP of its security business. In his keynote address to partners at Focus last week Young said Intel Security is shifting away from a strategy that relies on acquisitions to internal development and partnerships.

"McAfee traditionally was all about buying," Young said, pointing to a long history of buying companies and trying to make them fit. "Everything we did, we acquired this company, we acquired that company. I think that's something we're going to have to change. We're putting more emphasis on building a lot of our technologies." Young didn't rule out buying companies where it makes sense.

Young presided over the introduction of two key new products that he said will bring home its message that the company is not the McAfee antivirus company of the past. One is the new McAfee EndPoint Security 10.x, an endpoint threat detection and response platform, which Young said is based on significant architectural changes from the initial version released early last year. Besides improved performance, the company claims it offers visibility to advanced threats and offers high speed detection and remediation.

The other new product, McAfee Active Response, provides continuous monitoring while giving administrators views via the McAfee ePolicy Orchestrator (ePO) management console. "We're getting into the game to help our customers be better at hunting and detecting for the undetectable threats with McAfee Active Response," Young said. "We can offer our customers the ability to go out and become really, really compliant by giving them better detection and correction, by automating the process that the smartest security analysts have to follow if they're going to go out and look for the hardest to find threats in their customers' environments. McAfee Active Response is designed to do just that."

Young also talked up support for its Threat Intelligence Exchange (TIE), based on its McAfee Data Exchange Layer (DXL), which the company describes as its "architecture for adaptive security." Intel announced the exchange last year and described DXL as "a real-time, bidirectional communications fabric allowing security components to operate as one immediately sharing relevant data between endpoint, gateway, and other security products enabling security intelligence and adaptive security."

Intel says it enables product integration via an open API that ties to any layer of the exchange without requiring point-to-point integration.

Intel said 16 vendors are now DXL Alliance partners including Windows privilege management provider Avecto, ForeScout Titus and TrapX Security. The company added two more last week, Brocade and Mobile Iron.

Analysts are watching Intel's new security push closely. At a dinner with press and analysts hosted by Intel last week, I sat next to Frank Dickson, research director for information and network security at Frost and Sullivan, who said Intel Security is in a transition phase that kicked off with the hiring of Young.

"We are just starting to see the fruits of the change," Dickson said. "The key is to do more, faster. Active Response is a good first step, but it is only first step. Security professionals are desperate for tools to simplify the administration of security. Intel Security needs to do more. It seems headed down that path. Additional analytics need to be brought to the problem of security; automated analytics that does not involve a human.  I did not hear much at all on automated analytics."

Posted by Jeffrey Schwartz on 11/05/2015 at 12:11 PM


comments powered by Disqus

Subscribe on YouTube