McAfee Updates DLP Suite Following Acquisitions

By Steve Wexler  |  Print this article Print

Focusing on integration, ease of use and data analytics, McAfee’s DLP 9 now provides a single pane of glass for administrators and offers simplified deployment that takes days rather than months.

Hot on the heels of RSA’s refresh of its data loss prevention suite (DLP), McAfee is announcing an upgrade to its DLP (version 9) solution.

The update represents the culmination of five years' work, Howard Price, Group Product manager, Data Protection at McAfee, tells Channel Insider. Following a number of DLP acquisitions, including Onigma and Reconnex, McAfee has been focused on leveraging the technologies and simplifying them, he says. With the integration of Onigma and Reconnex, customers now get a single pane of glass to manage DLP, instead of the three or four that were required previously.

"Integration is one of the key foundation stones … (and adding encryption when and where needed) adds a lot of value and relieves pain points," he says. Price says that no other vendor can compete with McAfee’s solution with everything under one roof.

The second major element of the release is ease of use, according to Price. One reason McAfee acquired Reconnex was its ability to be up and running in 10 minutes. "With the competition, it can take anywhere from six to nine months before you see the value," Price says.

The new release from McAfee comes at a time when the DLP category is heating up, according to Gartner analyst Neil MacDonald.

"DLP is hot. It’s one of the top five IT security spending areas I see in 2010," he writes in his blog at the Gartner site.

A complete DLP solution is comprised of multiple components, including protection for DIM (data in motion), DAR (data at rest), and data housed on end points. The market is expected to top $2 billion by 2012 but Gartner says the market is still immature.

McAfee plans to include a common policy across all components, database crawling, easier workflow through the McAfee ePolicy Orchestrator (ePO) platform and improved support for Microsoft Active Directory. Deployment has been made easier, taking days instead of the typical six to nine months.

The third building block in McAfee’s DLP is data analytics, Price says. By capturing all data, users can go back and examine what’s happened, and why. "So when it comes time to build policies, rather than guessing what works, or do trials, you can run analysis against this data… (and) gain the ability to anticipate risks before they hit you. We’re trying to get people and systems smarter."

The difference between new and legacy DLP solutions is night and day, says McAfee. The old "brute-force approach to protecting data [was] like using a sledge hammer to crack a nut and are usually used because of the high cost and complexity with deployment of traditional DLP."  

Price says there are three markets the company’s channel will focus on: McAfee’s installed base, especially those with ePO; the encryption installed base, where DLP can add a lot of value; and net new customers.

One approach that has proven successful is going out and monitoring customers’ operations for a couple of days to determine the need for better protection. "Sometimes the results are quite hair-raising," says Price.

He adds that data protection in general, and DLP specifically, require a lot of services. "You can’t just drop-ship it." There needs to be a lot of analysis and customization, so it is a huge opportunity for value add.

Of further interest to the channel, Price says McAfee is looking at building partner revenues with a lead generation program.