Security vendor McAfee (NYSE: MFE) is pitching new tools designed to
secure virtual systems and SAP applications. It also announced technology to
support EMC and SUN storage environments.
The vendor’s VirusScan Enterprise portfolio now includes McAfee VirusScan
Enterprise for Offline Virtual Images, McAfee VirusScan Enterprise for SAP
NetWeaver, and McAfee VirusScan Enterprise for Storage.
The new tools for the SAP and virtual image environments are a
continuation of McAfee’s tool focus on end-to-end security, and reflect why
enterprise security must continuously respond to changes around application
use and new technologies.
Earlier this month the vendor
pushed out a new utility as part of its ePolicy Orchestrator to provide
an audit trail, and a new USB drive designed to prevent data loss.
“Mission critical applications once were run in silo, secured
environments,” Malav Patel, McAfee group product marking manager, end point
security, told InternetNews.com. “But now they’re being expanded
beyond those silos and as a result they can be exposed to outside attack,” he
SAP has typically served as a supply chain application. Now the software
is used by lots of internal organizations, from financial to human resources
departments, which rely on the application to gather and store external
information. One example is a Web-based resume system tied into an HR SAP
system, said Patel.
“Now that application presents a back-door for hackers as those documents
are pulled into the system without any scan or security review,” he said.
“This is about bringing proven security technology to the end point.”
As virtualization technologies take deeper root a similar vulnerability
comes into play.
According to McAfee, research indicates there are as many as five offline
virtual images for every one online image. The files often sit dormant for
long periods within a virtual environment, and are missed when security
updates and patches are applied to the virtualization technologies.
The VirusScan Enterprise for Offline Virtual Images automatically updates
and patches the offline virtual images periodically so they no longer pose a
security risk when they are activated.
“People back up and archive files on these virtual machine but they’re not
getting patches or being scanned as other files are during security
applications are updated and applied,” explained Patel.
Security analyst Peter Christy said many organizations just assume that
all files and applications is assured given security already in place.
“What McAfee has done is realize how applications are being adapted and
the vulnerabilities in new exciting technologies, like virtualization, and
adjusted their tools to secure these areas,” Peter Christy, principal
analyst, Internet Research Group, told InternetNews.com.
“Organizations are gaining such benefits from technologies, like
virtualization, the goal is not to break that by forgetting about security,”
The VirusScan Enterprise for Storage, which initially supported just
NetApp storage devices, can now be used to protect files stored on EMC and
SUN systems, said Patel.