sb-au logo
Story image

Cisco & McAfee collaborate on open security platform

20 Oct 2017

A collaboration between Cisco and McAfee will share security incident and contextual information in real time in an effort to detect and stop threats faster, and to reduce the complexity of their customers’ security architectures.

The two companies announced the interoperation of Data Exchange Layer (DXL) and Cisco Platform Exchange Grid (pxGrid) as part of McAfee’s Security Innovation Alliance.

The companies say the collaboration demonstrates the industry’s move towards collaborative, open and integrated security.

“We must empower security teams to stop spending their time on tedious integrations and manual tasks and instead, focus on defending against adversaries,” explains Raja Patel, general manager corporate products at McAfee.

He believes that organisations should use solutions that integrate to maximise value, rather than use solutions that don’t communicate at all.

“Collaboration like we are doing with Cisco, IBM Security and others throughout the security industry is critical to closing information gaps, breaking silos and providing the visibility we need to protect our most important assets from cybercriminals,” he continues.

Last year the OpenDXL initiative was launched. It has shown interest from enterprises that are developing with the technology, with dozens of completed solutions through the software development kit (SDK) hosted on GitHub.

The companies say that DXL and Cisco pxGrid’s open security information grid will share threat event context and enable automation between networks and endpoints.

“We started DXL as part of our Partner Program,” comments McAfee CEO Chris Young.

He says that OpenDXL is part of promoting the open source ecosystem for the security community. In addition to Cisco, partners include Check Point.

The two companies say they now have the industry’s largest open security fabric with more than 100 integrated partners between them.

With the two interoperational fabrics, integration between vendors has become open to not only partners, but also to open source and enterprise applications.

“We have found that many organisations work with upwards of five security vendors, and they struggle to integrate up to 50 security products, resulting in security gaps that leave them vulnerable. Defenders now have access to the industry’s most extensive and diverse set of services between network, endpoint and security operations. This collaboration between Cisco and McAfee creates great value and eases the security effort for customers,” comments Cisco’s senior VP of product management, Security Business Group.

McAfee has also released DXL 4.0 and new open source tools that provide enterprise environments for developers.

Newly released DXL features include:

  • Easy pxGrid Integration: Simple download includes all software required to connect DXL and pxGrid and set automated policies to respond to potential threats.
  • Automated Incident Response: McAfee ePolicy Orchestrator  (McAfee  ePO) automatically reacts to threat events, sending data to DXL to disseminate amongst connected products for action
  • Improved Management: Simplified client provisioning and process updates with new DXL eP extension and client enhancements.

New contributions to the OpenDXL community:

  • Simplified Development and Testing: New interactive development environment and standalone DXL Broker lets users set up a working DXL infrastructure and development environment in five minutes or less.
  • Simplified pxGrid Integration: New OpenDXL pxGrid Python client is optimised to support interactions between OpenDXL services and pxGrid.
Story image
Fast track your digital transformation with dynamic security services from Fortinet
Jon McGettigan, Fortinet A/NZ Regional Director, explains how enterprises can speed up their network service delivery programmes by embracing Fortinet’s dynamic security services.More
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
CrowdStrike acquires Preempt Security for $96m, develops zero trust security offerings
With this acquisition, the company plans to offer customers enhanced Zero Trust security capabilities and strengthen the CrowdStrike Falcon platform with conditional access technology. More
Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More
Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More
Story image
Why it’s essential to re-write IT security for the cloud era
Key components of network security architecture for the cloud era should be built from the ground up, as opposed to being bolted on to legacy solutions built for organisations functioning only on-premises or from only managed devices.More