Intel completed its multibillion-dollar acquisition of McAfee almost a year and a half ago, and this week McAfee co-President Mike DeCesare spoke with Network World senior editor Ellen Messmer about what the merger of Intel's chip-making capabilities and McAfee's security expertise is expected to bring down the road.
Network World: What can we expect going forward from the Intel buy of McAfee? What do we get from this that represents the strengths of both combined?
[ Security expert Roger A. Grimes offers a guided tour of the latest threats and explains what you can do to stop them in "Fight Today's Malware," InfoWorld's Shop Talk video. | Keep up with key security issues with InfoWorld's Security Adviser blog and Security Central newsletter. ]
Mike DeCesare: A lot of customers ask me that! Intel's a very technically oriented company -- most of what Intel sells are things Intel built. With McAfee, Intel has been very hands-off, and McAfee is being run very autonomously. But Intel has made a massive infusion of R&D resources, money to bring additional engineers on board. The focus is hardware-assisted security. That's a lot of where we see the market going.
BACKGROUND: Intel, McAfee developing cloud security strategy
NWW: So what does hardware-assisted security mean here?
DeCesare: A lot of the advanced persistent threats [APTs] test the ability to detect them. When you sit above the operating system, the visibility is limited. But in Intel's chip set, you can detect malware and APTs in a different way. The first product we'll be coming out with is rootkit detection, at the end of the calendar year. This will come in multiple phases, leveraging first-generation i3, i5 and i7 chip sets with vPro-enabled. The functionality of those chip sets is out there today. By leveraging McAfee endpoint protection, our endpoint engine can see a level of rootkit you didn't before.
NWW: So is this by itself going to remove it?
DeCesare: It's a higher level of functionality to detect the rootkit, but this [alone] doesn't remove it. You can see a pattern of activity on the Windows machine. APTs by definition are in there for a long time. Rootkits are just one form of how APTs get on the machines. What we have going on with engineering is many other projects. The vPro chip set has functionality built into it we can use, such as "power control" to wake up a sleeping machine, patch it with current security, and put it back to sleep. McAfee Deep Command and Deep Defender are for this.
NWW: So what are Intel/McAfee projects going forward? What are the topics of focus right now?
DeCesare: The "secure browser" is very hot in the market right now -- there's a high desire to fence that browser so if someone breaks into your [Internet Explorer browser], they can't go further. Intel can build things into their chip set to enable that, and part needs to be built.
NWW: Is this like "whitelisting"?
DeCesare: It's not whitelisting. Intel's chip set needs to offer up the concept of a secure browser, the ability to open a browser and make sure it's in a contained environment.