Intel, which last year acquired McAfee for its security expertise, has described work it is doing to provide enterprises with a way to secure data stored in public or hybrid cloud environments.
Jason Waxman, general manager of Intel’s Cloud Infrastructure Group, joined with Greg Brown, vice president of network security at McAfee, to describe the strategy that’s being pursued to let IT managers gain better understanding about the security of their cloud workloads.
McAfee’s ePolicy Orchestrator (ePO) management console, which has long been a workhouse to aggregate multi-vendor security information in addition to McAfee’s own products, is well-positioned to audit cloud environments.
By using McAfee ePO with Intel Trusted Execution Technology (TXT) in TXT-enabled Intel servers, it’s possible to establish a baseline determination of assurance and confidence when undertaking tasks such as transferring workloads from server to server , for instance, using VMware’s VMotion, they said.
“It’s a hardware-based root of trust,” said Waxman, noting the technology allows servers to be defined as “trusted” or “untrusted.” When combined with McAfee’s MOVE AV anti-malware for use in virtualized environments, it’s possible to also learn if the server has any “issues identified.” In addition, the McAfee Cloud Security Platform, which has been available for some time to allow IT departments to apply access and security policies in the cloud, is being developed further to provide integrity assessment, asset control and protection, and broader auditing capabilities, Intel said. Other McAfee security products, such as Identity Manager and Deep Defender, are also seen as contributing to the security assessment and protections under the strategy.
The end goal is to give IT managers a way to perform a wide variety of security checks on both the servers, usually virtualized, and the data they make use of in public cloud and hybrid cloud arrangements.
“We believe we have a pathway to deliver that vision,” said Brown. He noted today the Cloud Security Platform can secure data traffic between the enterprise and the cloud. He said in the future, the goal is to enable perform a wide range of security assessments.
When asked whether the Intel/McAfee strategy for enterprise-to-cloud security will rely on Intel/McAfee products alone, Waxman replied TXT might work with other solutions, but “we’d like to see best practices where people use all of these technologies together.” He said other announcements related to the Intel/McAfee cloud security strategy are soon expected in terms of product support.
