Monthly Archives: November 2016

mcafee-end-of-life-3Who can security partners and end-users turn to once McAfee products are end-of-lifed? We look at some compelling options.

In one of our recent posts, we highlighted some of the likely disruption caused by Intel’s ongoing end-of-life (EOL) programme for many of its McAfee-branded products.

But EOL must not spell end-of-business, and although we certainly haven’t discovered the secret of eternal life, our research found there are more than enough security vendors and solutions “out there” to fill McAfee’s shoes!

Here’s our shortlist.

Goodbye (and hello) Endpoint Encryption

“People are still the biggest security risks”, proclaims this article in CIO.com.

Yet in June 2017, McAfee is EOL-ing its Endpoint Encryption solution - arguably one of the most effective methods of ensuring that endpoints lost by employees, or stolen from them, cannot surrender their valuable data..

(And its migration path seems murky, involving a product name change and an upgrade.)

Enter its Trend Micro namesake, which enables security partners and end-users to remotely encrypt, lock and wipe any endpoint – including desktop, laptop, mobile, and removable media – so that businesses can still enjoy productivity-boosting mobility, without the associated data breach risk.

Trend Micro Endpoint Encryption also features automated methods of deploying and policing encryption and security policies, plus comprehensive audit and compliance records to satisfy the regulators (a big deal in the light of the approaching GDPR law!)

Fighting evil in the email

The demise of McAfee’s Email Gateway is not due to happen until 2021 – but, at the same time, the evolution of email-borne threats is likely to hasten the search for a replacement, rather than give it breathing space.

Indeed, with the Verizon Data Breach Report recently stating that 77% of malware infections are now due to users receiving a malicious email with a web link or attachment, according to this white paper, security partners and end-users alike need to move fast to secure alternatives.

Vendors’ offerings in this area are diverse, but compelling. Malwarebytes, for example, rolls email protection into an overall layered security approach that does not displace or conflict with existing security solutions – a boon for partners (it offers them an easy additional revenue stream) and end-users (it doesn’t disturb their current security arrangements) alike.

Trend Micro, for its part, offers multiple email security solutions for both SMB and Enterprise clients. Hosted Email Security solution has achieved 99% blocking effectiveness in independent tests, and takes the security maintenance headache off customers’ desks, as updates, patches and hot fixes are delivered 24x 7 by Trend’s own teams.

Smart Protection Complete, for its part, protects not only mail servers and gateways but also the cloud-based collaboration applications like Office 365 on which end-user businesses are increasingly reliant.

Finally, another convincing contender is Bitdefender, whose products have been rated the best tested for corporate security and performance by independent test lab AV-TEST. Its email security solutions within the GravityZone product set also boast the top antispam detection rates and can be installed in minutes!

Mobile security: a moving target

Keeping mobile devices  - official or otherwise - secure in populous, often geographically diverse enterprise environments is always a challenge, but when your chosen security solution ups sticks and disappears into the sunset (as McAfee’s Enterprise Mobility Management will do in January 2017) it’s time to seriously start nailing down alternative options.

Again, Trend Micro plays pretty strongly in this space, with a comprehensive mobile security and management offering (within Smart Protection Complete) that combines protection (DLP, VPN, app control, web filtering, gateway anti-virus etc.) with centralised visibility and control.

The latter means that the entire enterprise’s mobility is easily secured and managed from a single “pane of glass”, taking the pressure off partners and end-user security admins at the same time (a feature also be found, in similar form, in Bitdefender’s GravityZone Security for Mobile Devices).

EOL for McAfee? New beginnings for your security.

This is just a snapshot of the many new opportunities that McAfee’s EOL programme unearths for the security partners who resell solutions or deliver them as MSPs, and the end-users whose business integrity depends on them.

It may be EOL for many McAfee solutions, but that’s AOK when you’ve got a plan to move to something better.

(Psssst! Have you got a plan to move to something better?)

End of Road for McAfee Email Security SolutionsAs many McAfee security products slide into end-of-life, we take a look at how it could affect end-users, MSPs and resellers.

Forgive us for being forward, here, but if you didn’t read our last post on the McAfee security products that have entered, or are entering, end-of-life (EOL), you probably need to.

Just to recap, many McAfee EOL products simply don’t have a like-for-like migration path, according to McAfee’s own EOL support pages. In fact, many of them apparently don’t have a migration path at all, and those that do have a distinctly oblique one, involving renamed products and (presumably more expensive) updates.

So if you’re a McAfee end-user, are you worried? If you’re a McAfee MSP or reseller, should you be worried, too?

Worry is never helpful – so here are the plain facts about the McAfee EOL products and how their withdrawal will ultimately affect end-users, MSPs and resellers alike.

Which McAfee products does this EOL problem affect?

Since Intel’s acquisition of McAfee in 2011, there has been a concerted focus on EOL-ing those products that are not core to Intel’s strategy, and so the complete list is a long one.

But three that we think will grab most end-users’ and partners’ attention are:

  • Email Gateway
  • Enterprise Mobility Management
  • Endpoint Encryption

What will this mean for end-users and partners?

Bluntly, whether you’re an end-user or a security partner, EOL means what it says on the tin, or at least in the McAfee end-of-life policy; support for the software product simply stops (“Support contracts cannot extend beyond the end-of-life date”).

Support, of course, includes patches – a critical weapon in the struggle to keep security software updated against new or emerging threats – and so a security product kept in service beyond its EOL date is likely to rapidly become no kind of security product at all.

Map the McAfee products that are going / have gone EOL to the current risk profile of the cyber threat universe and the picture looks even more alarming.

  • McAfee is EOL-ing Email Gateway, yet… malware analysis in this publication shows email-borne malware hit 705 million quarantined messages from just one security vendor in just one month of 2015 alone!
  • McAfee is EOL-ing Enterprise Mobility Management, a solution that enables IT teams and security providers to keep large-scale official and unofficial mobile use in large businesses secure - yet McAfee also admits that the unique mobile malware samples collected in its own laboratories increased 72% from Q3 to Q4 in 2015!
  • McAfee is EOL-ing Endpoint Encryption, yet… the loss or breach of customer data from a mislaid or stolen device that this kind of technology can prevent is about to become a source of huge financial risk to businesses because of the draconian provisions of the forthcoming GDPR legislation!

In short, McAfee are pulling the plug exactly where the bad guys are starting to focus most attention – and that can only end badly for end-users and partners alike.

 But MSPs and resellers can get custom support, right?

Don’t you bet on it. Although custom support, beyond the EOL date, is theoretically available, it’s on McAfee’s say-so – reseller, MSP, end-user or whoever else you are. As they state in their policy, it is “an exception”, not the rule.

Clearly, it also costs. Not only that, it requires an existing current and continuous support contract to be in place, provides only limited content updates, for a limited time period, and with specific terms and conditions.

(Oh, and it never covers hardware of any kind, even if you bought the original solution on a hardware platform).

Does all this infuse the need to migrate to other solutions with a certain sense of urgency?

What happens next?

But knowing you have to migrate is little use if you don’t have any help as to where you might migrate to.

In the last blog in this series, we’ll be exploring some of the other security vendors’ offerings, and discussing whether they’re a good fit for partners and end-users looking to leave McAfee’s EOL products behind.

Keep watching!

McAfee - End of service warning

A raft of McAfee products have gone into end-of-life (EOL) since Intel took over. We look into the issues this is likely to create, now and in the immediate future.

It’s been six years since Intel bought McAfee, during which the company has pursued an aggressive end-of-life (EOL) policy across its product range, unleashing what IT publication CRN called “waves of uncertainty” in its core markets.

A visit to McAfee’s EOL support pages reveals a current drop-down menu listing scores of products that have been put into, or are scheduled to be put into, EOL - meaning no further availability of technical support and essentially, therefore, the impending end of the product’s viability for end-users and partners alike.

And although clear migration paths are available for some of these products, for others they are conspicuous by their absence, or are simply replaced by a (presumably more expensive) “upgrade”.

The outcome is inescapable: multiple security solutions are no longer available from McAfee, and each case of EOL leaves a hole that both end-users and security partners will potentially need to look elsewhere to fill.

McAfee EOL: the critical list

Regrettably, the EOL products that appear to have no clear migration path are also the ones that cover the truly critical threat vectors like networks (Asset Manager), email (Email Gateway), mobile devices (Enterprise Mobility Management), and data protection (Endpoint Encryption).

Unfathomably, even Content Security Suite, which combines many of these defences in one convenient package, is destined for the axe.

Intel spoke of “tough tradeoffs” in making these EOL decisions, but the reality is that they have proven – and will continue to prove - tougher still for customers and partners.

The apparent absence of clarity regarding the migration path from one product to a subsequent version or replacement spells disruption, whichever way you slice it.

Should end-users (and partners) simply trust that Intel will come up with something better? Should they be looking to other vendors? If so, which?

And should they seize the simplicity of “going direct”, where available, or should they source the products through a distributor, where the added link in the supply chain could bring value-adds like services, support, consulting, rewards and benefits, and the like?

Beyond McAfee EOL: what next?

Two points are worth noting here.

Firstly, at least some of McAfee’s products won’t go into EOL for a short while yet - so there is breathing space to find and trial alternatives.

Secondly, the security market is evolving fast. Established players like McAfee are coming under pressure from a swathe of specialist security vendors, including the new “big names” like Trend Micro, as well as agile arrivals like Bitdefender, Malwarebytes and others. Essentially, when McAfee stops delivering, there is no shortage of vendors who could potentially step in.

Watch this space for our next blog, which will explore some of the most compelling post-McAfee options for resellers, MSPs and end-users alike.

virtual-cloud

Bitdefender have announced that its GravityZone solution is now certified by VMWare and has achieved the VMware Ready status.

What this means?

Organisations can now enable agentless scanning on guest virtual machines via NSX introspection, which eliminates the overheads that can be seen when running a separate instance of the agent in each VM.  It also offers increased resilience against APT's which target the security solution.

Enterprise Customers now have access to a new and proactive approach for securing Datacenters and their Network Virtualisation environments.

From Kirsten Edwards, Director, Technology Alliance Partner Program, VMware

“We are pleased that the Bitdefender GravityZone qualifies for the VMware Ready™ logo, signifying to customers that it has met specific VMware interoperability standards and works effectively with VMware cloud infrastructure. This signifies to customers that GravityZone can be deployed in production environments with confidence and can speed time to value within customer environments,”

Harish Agastya, Vice President, Enterprise Solutions, Bitdefender

“Data centers are the heart of the digital economy, and security is paramount for data center operators across the world. The VMware Ready certification marks another step in our commitment to provide security that is easy to deploy and scale, and meets the unique requirements of today’s highly virtualized environments. Our award-winning security solution leverages NSX capabilities in the software-defined data center to provide automated deployment and orchestration of security services,”

About VMware Ready

vmware_readyVMware Ready is a cobranding benefit of the Technology Alliance Partner (TAP) program which makes it easy for customers to identify partner products which have been certified to work within the VMware Cloud infrastructure.  With thousands of members worldwide, TAP includes best of breed technology partners who bring the highest expertise and business solutions for each individual customer.

About Bitdefender GravityZone SVE

Bitdefender GravityZone SVE provide security for virtual machines, virtualised Datacenters and cloud instances, through the GravityZone On Premise console.

  • Best protection for Windows and Linux virtual machines: enabling real time scanning for file systems, processes, memory and registry
  • Best proven performance in datacenters: up to 20% performance improvement compared to traditional security vendors
  • Works on any virtualization platform: VMware, Citrix, Microsoft Hyper-V, KVM, Oracle, and others on demand
  • Agentless security for VMware NSX