McAfee, Intel Take Security Closer to SiliconBy Ericka Chickowski | Print
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
Intel is bringing security closer to the silicon with a new technology called McAfee DeepSAFE designed to mitigate risks at the sub-operating system level.
Intel and McAfee took the first big step to rationalize the technology reason for the marriage between the two companies with a product launch at the Intel Developer Forum (IDF) this week that unleashes a hardware-assisted security technology designed to mitigate risks at the sub-operating system level. Called McAfee DeepSAFE, the product was demoed by Intel CEO paul Otellini during his IDF keynote.
"McAfee DeepSAFE uses hardware features already in the Intel processors to provide security beyond the OS. From this unique vantage point, DeepSAFE can apply new techniques to deliver a whole new generation of protection in real time to prevent malicious activity and not just detect infections," says Todd Gebhart, co-president of Mcafee, who claims it to be a groundbreaking innovation for the security industry.
This insertion of technology at a deeper level of systems was one of the main selling points of the $7.68 billion McAfee acquisition by Intel last year. McAfee executives say they're able to deliver real-time CPU event monitoring with minimal performance impact. By placing security below the OS, McAfee says that it will all but eliminate certain techniques like rootkits and other stealthy means of attack dubbed Advanced Persistent Threats (APT) by the security echo chamber. Many APT attack techniques are undetectable to tradtional antivirus security technologies.
Rootkits in particular have long been a thorn in the side of the big security companies. Kernel mode rootkits are currently a favorite means of malware developers to hide malware underneath the OS level of a system. The researchers at McAfee Labs say that they find 1,200 new rootkits per day. McAfee says that DeepSAFE was to reliably detect and stop a previously undocumented Agony rootkit from infecting a system in real time.
"At McAfee our customers and partners trust us to help them stay ahead of the cybercriminals and keep their business protected," says Michael DeCesare, co-president of McAfee. "This technology and our joint collaboration with Intel is the next evolution of security and will enable McAfee to continue to be the trusted security provider to our largest and most complex customers."
McAfee says it will make DeepSAFE available by the end of 2011. It says that the technology lays at the foundation of its initiative with Intel to bring security software closer to the silicon and move beyond the constraints of the OS. It will work in conjunction with McAfee's existing endpoint security suite of products.