Thursday, February 17, 2011

McAfee-Wind River partnership to foster mobile, embedded system security

AN FRANCISCO – As McAfee Inc.'s acquisition by Intel Corp. nears completion, the enterprise antimalware vendor Tuesday announced a partnership with an Intel subsidiary to foster greater mobile and embedded system security, potentially spreading elements of its security software agents across as many as 50 billion devices during the next decade.

Santa Clara, Calif.-based McAfee announced a strategic agreement with Wind River to develop, market and support security software for non-PC devices, specifically embedded and mobile devices. Wind River, which was purchased by Intel in 2009, specializes in embedded software platforms and operating systems for a variety of devices, including network gateways, set top boxes, satellite systems and NASA's Mars rovers, and more recently mobile devices like the Android smartphone OS.

Wind River President Ken Klein said his organization's operating system currently powers 1 billion devices worldwide. According to McAfee's internal estimates, the number of connected devices will grow to 50 billion by 2020.

Dave DeWalt, McAfee president and CEO, said a growing number of embedded devices are being connected to the Internet. DeWalt said the connectivity being built into products like electronic signage, digital cameras and printers, and even cars and aircraft have led the industry to a precipice, unleashing new demand for embedded security.

"Enterprises need to be thinking beyond the PC. Everything that's connected to the network needs to be managed, secured, and [be compliant], and the partnership today with Wind River gives us an opportunity to put embedded security into embedded devices and harden that environment and protect it for corporations around the world." (See the video below to hear DeWalt discuss examples of how the partnership could improve enterprise security)

The linchpin to McAfee's embedded security strategy will be whitelisting, a technology it added to its portfolio in 2009 with its Solidcore Systems acquisition. DeWalt said whitelisting is a perfect technology for ATMs and many other types of embedded devices that only conduct limited, specific communications and require few updates.

In Wind River's devices, whitelisting will be combined with blacklisting and signature-based technologies like endpoint antimalware as well as reputation-based security, depending on the characteristics of each type of embedded device McAfee secures.

Both Klein and DeWalt admitted that securing embedded devices is a challenge. "Embedded devices are such that things happen quickly," Klein said, adding that with digital cameras, the whole OS must be no larger than 100 KB, and has to boot in 10 milliseconds or less. "Milliseconds matter, power matters, so what we're doing involves some radically different technology. The garden variety security solution will not work."

The first step will involve embedding McAfee's ePolicy Orchestrator agent software into the Wind River Linux OS. That move, DeWalt said, will enable enterprises to manage embedded device security similarly to how customers use McAfee's technology to manage traditional enterprise endpoint security today.

"We'll put the agent inside the Wind River OS, so the first thing we'll get is complete visibility to every device on your network," DeWalt said. "If you're a bank, you want to see what's happening with your ATMs and printers. Where's Wind River? On the ATMs and printers."

That offering is expected to be available during the second quarter, with a phased rollout to other Wind River embedded device platforms later in 2011. Future capabilities that support reporting and compliance will be added as well.

An added benefit of the agreement between the two companies, DeWalt said, is that eventually many embedded devices will be able to contribute to McAfee's Artemis, the vendor's real-time cloud-based antimalware system that today relies on data from its protected PCs to "fingerprint" software and send it to the cloud to determine whether it matches malicious software previously found in the wild.

"So the opportunity with Wind River is to have billions of more devices connecting into the cloud," DeWalt said, "learning from each other and creating a complete protective grid around the world."

No comments:

Post a Comment