The idea is to meld security and compliance products into one family, through both acquisitions and homegrown technology.
McAfee on Monday unveiled its security risk management strategy and announced an acquisition to round out its compliance portfolio.
The Santa Clara, Calif.-based security vendor plans to offer an integrated solution that addresses both security and compliance issues, said Vimal Solanki, senior director of marketing. "What's challenging about these areas is that they're largely being attacked on an individual basis. There's little automation between the two, and that's becoming an inhibitor," he said.
To that end, McAfee recently has been investing heavily in compliance technologies. It's latest move: the $20 million acquisition of Onigma, an Israel-based data leak prevention vendor.
Onigma's host-based solution uses agent software to prevent confidential data from leaking through the use of copy/paste, screen capture, printed documents and USB drives, Solanki said. Onigma provides better protection than a gateway-based approach because a gateway sees the traffic as it's leaving but can't look within an enterprise or at home users, he noted.
With its acquisitions of Foundstone, Preventsys, Citadel and Onigma, McAfee's compliance portfolio now includes auditing, risk assessment, policy enforcement and data leak prevention technologies, according to Solanki. As part of that strategy, McAfee unveiled version 2.0 of its Policy Enforcer network access control solution.
McAfee also provided a timetable for integrating the technologies it has acquired for its ePolicy Orchestrator (ePO) platform, which manages security policies for more than 40 million end points. McAfee has completed the integration of Preventsys and SiteAdvisor, Foundstone and Citadel will be integrated in the first quarter, and Onigma will be integrated in the second quarter, Solanki said.
"We've been very successful at integrating security elements into our portfolio through ePO, and we want to do the same for compliance," he said. "In addition to having all the pieces, being able to manage it through a single console will speed adoption."
Some organizations may choose to embrace just parts of the strategy, so McAfee will continue to sell individual solutions, Solanki added. McAfee also plans to make its compliance products compatible with third-party solutions.
In addition, McAfee this week is rolling out a program to allow customers with fewer than 100 nodes to renew licenses and support online through the vendor's partner portal, Solanki said. Partners can use the portal to track, view, print and export online renewal orders entered by end-user customers, and McAfee will pay partners a commission for renewals handled online, until 30 days after the expiration date.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.