As competition within the security market intensifies, Intel Security is rallying its partners and competitors around a new, edgier McAfee brand.
In April 2017, Intel will spin off a majority ownership of its Intel Security Group (ISG) business unit to private investment firm TPG, creating an independent company using the group’s historical name, McAfee.
At ISG’s annual Focus security conference earlier this month, ISG announced a large set of new products and partnerships that, like its updated logo, showcased a new, much edgier vendor compared to the old McAfee in its pre‐Intel days.
“The new McAfee is moving more quickly to go to market with a fresh set of solution suites for select areas, such as multifaceted endpoint security,” Technology Business Research principal analyst, Jane Wright, said.
“With these suites, McAfee will maintain its competitive position against key rival Symantec, which is undergoing transformation with its acquisition of Blue Coat Systems and its broad security portfolio.
“Additionally, McAfee will be better‐equipped to compete against other established competitors, such as IBM, Trend Micro, Carbon Black, Sophos and Digital Guardian, and to block inroads by emerging vendors, such as Cylance, Crowdstrike and SentinelOne.”
OpenDXL initiative
During Focus 2016, ISG unveiled plans to open its Data Exchange Layer (DXL) to all vendors and other organisations, whether or not they are members of Intel’s Security Innovation Alliance (SIA).
Designed to enable wider sharing of threat intelligence in the white hat community - vendors and customers that defend assets and privacy against cybercriminals and hackers, or black hats - ISG is essentially creating a concrete means of disrupting the cyber attackers’ advantage.
“The industry has long needed a way to make different technologies work better together, and we paved the way with the most highly adopted technology across major players with the McAfee Data Exchange Layer (DXL),” ISG senior vice president and general manager, Chris Young, said.
Through an open source strategy and the beta release of a new software development kit (SDK) for DXL, white hats will gain the ability to attach to a shared real-time communication fabric and exchange security intelligence as well as orchestrate actions for the shortest possible execution of the threat defence lifecycle.
DXL provides a standardised application framework to integrate technologies from different vendors with each other and with in-house developed applications.
The OpenDXL initiative will expand access and capabilities of the DXL SDK and the management and community infrastructure that will support it, enabling developers within ISVs, enterprises, colleges and even competitors to gain the many real-time integration and operational benefits of the Data Exchange Layer.
“We expect ISG to leverage its venerable brand recognition and vast customer base to motivate other companies to join its intelligence‐sharing community, which will help re‐establish McAfee as one of the most influential leaders in the security vendor ecosystem,” Wright added.
Yet ISG is not the first vendor to attempt to promote intelligence sharing and security application integration based on a common framework.
For example, Cisco has pxGrid, IBM has X‐Force Exchange and Webroot has Shared Services and Outsourcing Network (SSON).
“Although there will certainly be a degree of cross‐pollination, with vendors belonging to multiple sharing and integration communities, no more than two will succeed in attracting the most members and providing the most extensive and useful intelligence,” Wright observed.
“It is simply too complex for vendors to commit the resources to participate and for customers to manage deliverables from so many vendor organised intelligence offerings in addition to the intelligence they already receive from industry‐specific Information Sharing and Analysis Centres and other sources.”
Whether or not McAfee’s DXL becomes one of these community leaders, Wright believes the initiative will add "valuable experience and alliances" as McAfee rejoins the security market as a leading pure play vendor.
Customer demands
In addition, Wright said McAfee’s new approach is well‐timed to align with changing customer sentiments.
“Just a few years ago, many customers’ security installations consisted of hundreds of point products from dozens of vendors,” Wright explained.
“These cumbersome deployments evolved because large, mature vendors such as McAfee, under Intel’s ownership, Symantec and IBM delivered product after product to fill gaps in their security portfolios, while well‐ funded startups released products that did only one thing but did it very well.”
Over the past two years, however, customer sentiment has changed.
Disappointed by the disjointed coverage of so many products and overwhelmed by the numerous management interfaces involved, Wright said customers now seek "more comprehensive suites" of security functions that are integrated across the suite, or at least present the same look and feel to users and a common management plane to IT and security staff.
“Ultimately, customers will satisfy the majority of their security requirements with a handful of vendors, favouring those that offer a single platform with flexibility to attach and scale many highly effective, although not necessarily best‐of‐breed, technologies,” Wright said.
“McAfee is moving in the right direction by focusing all its development and sales resources around four solution sets, which it has named: dynamic endpoint, intelligent security operations, data centre and cloud defence, and pervasive data protection.”
