Security giant McAfee Inc. is retooling its technologies to bake security into Intel Corp.'s silicon, altering its antimalware capabilities to function on millions of embedded devices,
We can bake security directly into the OS, directly with manufacturers.
In an outline of his company's strategy to investors, McAfee president Dave DeWalt said he sees the company building on its E-Policy Orchestrator (ePO) management platform to extend security capabilities and visibility into devices that have a tiny footprint, but could be used by attackers to gain access to company networks. Santa Clara, Calif.-based McAfee recently rolled out McAfee for Wind River to support embedded devices and also plans to launch a series of newly configured technologies that improve the manageability of devices on the network, DeWalt said.
"The idea is to think of Wind River to leverage security from the embedded OS point of view now and we will have a similar model in silicon later," DeWalt said. "The further you move security down the stack, the more visibility of the architecture you get."
Intel acquired McAfee last summer in a $7.7 billion deal that left some security industry analysts wondering how the antivirus vendor could benefit the silicon giant. Since then, the two companies have been touting chip-based security as a way to get security into devices like smartphones, which have much smaller storage, bandwidth and power capabilities. On Tuesday, DeWalt said the company would work closely with Intel's Wind River subsidiary, a firm that makes operating system software for a variety of embedded devices, including printers, ATM machines, network gateways, satellite systems and mobile devices. "We can bake security directly into the OS, directly with manufacturers," DeWalt said, adding that McAfee already supports some point-of-sale systems for retailers, telecom systems, medical devices and ATM machines.
DeWalt hinted that the company would add Intel management capabilities into its ePO to enable businesses to support Intel's vPro technology to manage laptops and other endpoint devices. The support will add device management features, including the ability to remotely wake a device from hibernation, to remotely decrypt or encrypt a device and remotely apply patches.
"There's a management framework that can be built around it to help build protections that can be very powerful," DeWalt said. "Now we can give one pane of glass to view all these devices on the network."
DeWalt said chip-based security will give McAfee the ability to sit inside the OS kernel to detect targeted attacks, including rootkits and other malware that attempt to hide from traditional signature-based technologies. While McAfee can work closely with Intel, the silicon giant's platform will remain open to competitors, including McAfee's archrival Symantec Corp. "There will be a bunch of capabilities that move security lower in the architecture," DeWalt said.
DeWalt said Intel's management features will also be incorporated into McAfee's mobile device management platform. McAfee has made a series of acquisitions to enable encryption and provide remote wipe and location aware features for devices, including the acquisition of the Trust Digital platform for support of Apple iOS, Google Android, Windows Mobile and HP WebOS devices.
Renee James, senior vice president and general manager of the Software and Services Group at Intel, said the company has had a greater than 90% retention rate of talent from the firms it acquires. The strategy is to build upon the advanced toolset for building embedded computing to add management and security capabilities, James said.
"We've spent more than a decade on power efficiency and performance," James said. "Internet connectivity is something we've been after for a long time and the third pillar, which is a core capability across Intel and all of our products, is security and Mcafee will be providing that piece for us."