高度な標的型攻撃：包括的な保護

McAfee Security Connected Platform

...3...3...4...4 Data Exchange Layer...5 McAfee Threat Intelligence Exchange...5...6...6...7 1...8 2 McAfee Advanced Threat Defense...9 3 McAfee Enterprise Security Manager...9... 10 2

Black Hat 2013 2 35 28 回 答 者 21 14 7 0 検 出 SN 比 ( 誤 検 出 の 追 跡 ) 保 護 (リアルタイム または 即 時 のブロック) 即 時 の 対 応 (セキュリティ 侵 害 の 通 知 ) 被 害 の 修 復 (マルウェアの 除 去 ) その 他 1 Black Hat 2013 McAfee Threat Intelligence Exchange McAfee Security Connected Platform 3 McAfee Advanced Threat Defense McAfee Enterprise Security Manager SIEM 3

McAfee Threat Intelligence Exchange McAfee Data Exchange Layer McAfee Security Connected McAfee Threat Intelligence Exchange Data Exchange Layer McAfee Security Connected Platform McAfee Threat Intelligence Exchange Data Exchange Layer 分 析 脅 威 情 報 対 策 セキュリティ 管 理 コンテキスト 化 と 統 合 ハードウェア 強 化 型 セキュリティ 2 McAfee Threat Intelligence Exchange Data Exchange Layer McAfee Security Connected Platform McAfee Threat Intelligence Exchange McAfee Threat Intelligence Exchange 4

Data Exchange Layer Data Exchange Layer Data Exchange Layer 1 1 API / / API Data Exchange Layer Data Exchange Layer NAT TLS Transport Layer Security McAfee Global Threat Intelligence サードパーティの 脅 威 情 報 フィード コアコンポーネント オプションコンポーネント McAfee epolicy Orchestrator (McAfee epo ) McAfee Threat Intelligence Exchange Server McAfee Advanced Threat Defense McAfee Enterprise Security Manager Data Exchange Layer McAfee Threat Intelligence Exchange VirusScan Enterprise Module McAfee Next Generation Firewall McAfee Network Security Platform McAfee Email Gateway McAfee Web Gateway 3 Data Exchange Layer McAfee Threat Intelligence Exchange McAfee Threat Intelligence ExchangeMcAfee Global Threat Intelligence McAfee GTI McAfeeGlobal Threat Intelligence 5

McAfee Threat Intelligence Exchange McAfee Threat Intelligence Exchange IT Threat Intelligence Exchange VirusScan Enterprise Threat Intelligence Exchange McAfee Threat Intelligence Exchange Threat Intelligence Exchange Server McAfee Threat Intelligence Exchange Server McAfee GTI McAfee Threat Intelligence Exchange Server McAfee Threat Intelligence Exchange McAfee Threat Intelligence Exchange Server 1 6

McAfee Threat Intelligence Exchange Server Microsoft Windows Microsoft Windows OS McAfee Threat Intelligence Exchange McAfee Threat Intelligence Exchange McAfee Threat Intelligence Exchange Server McAfee Threat Intelligence Exchange McAfee Threat Intelligence Exchange McAfee GTI McAfee Threat Intelligence Exchange Data Exchange Layer 7

1 VISA 2013 VISA 1 McAfee Threat Intelligence Exchange 3 McAfee Threat Intelligence Exchange Module McAfee Global Threat Intelligence VISA コアコンポーネント McAfee epolicy Orchestrator (McAfee epo ) McAfee Threat Intelligence Exchange Server Data Exchange Layer McAfee Threat Intelligence Exchange VirusScan Enterprise Module 4 McAfee Threat Intelligence Exchange Server McAfee Threat Intelligence Exchange Module McAfee Threat Intelligence Exchange IOC: Indicator-Of-Compromise 8

2 McAfee Advanced Threat Defense McAfee Threat Intelligence Exchange McAfee Advanced Threat Defense McAfee Advanced Threat Defense McAfee Advanced Threat Defense McAfee Threat Intelligence Exchange McAfee Advanced Threat Defense McAfee Advanced Threat Defense Data Exchange Layer McAfee Threat Intelligence Exchange McAfee Advanced Threat Defense McAfee Web Gateway McAfee Email Gateway McAfee Network Security Platform McAfee Threat Intelligence Exchange Security Connected Platform 3 McAfee Enterprise Security Manager McAfee Enterprise Security Manager McAfee Enterprise Security Manager McAfee Threat Intelligence Exchange McAfee Advanced Threat Defense McAfee Threat Intelligence Exchange SIEM McAfee SIEM McAfee Advanced Threat Defense McAfee Threat Intelligence Exchange IOC SIEM McAfee Threat Intelligence Exchange McAfee Advanced Threat Defense SIEM SIEM McAfee Advanced Threat Defense McAfee Change Control / Web McAfee Threat Intelligence Exchange SIEM 9

SIEM McAfee Advanced Threat Defense McAfee Threat Intelligence Exchange 2 IP McAfee Advanced Threat Defense McAfee Advanced Threat Defense SIEM McAfee Advanced ThreatDefense SIEM McAfeeAdvanced Threat Defense IP SIEM McAfee Advanced Threat Defense IOC 3 / Security Connected Platform McAfee Threat Intelligence Exchange Data Exchange Layer McAfee Security Connected Platform McAfee Advanced Threat Defense McAfee Enterprise Security Manager http://www.mcafee.com/japan/products/threat_intelligence_exchange.asp http://www.mcafee.com/japan/enterprise/atd/ http://www.mcafee.com/japan/products/siem/ 1. http://usa.visa.com/download/merchants/alert-prevent-grocer-malware-attacks-04112013.pdf www.mcafee.com/jp 150-0043 1-12-1 20F TEL 03-5428-1100 FAX 03-5428-1480 530-00032-2-2 18F TEL 06-6344-1511 FAX 06-6344-1517 450-0002 4-6-17 13F TEL 052-551-6233 FAX 052-551-6236 810-0801 5-3-8 5F TEL 092-287-9674 Intel Intel Intel Corporation McAfee McAfee McAfee, Inc. 2015 McAfee, Inc. All Rights Reserved. MCAWP-ATA-1504-GRP