IDF 2011: Intel unveils first fruits of McAfee acquisition

The new DeepSAFE security offering is different to the software protection approach, Intel and McAfee claim.

IDF 2011 logo

McAfee has stepped up the fight against cyber criminals by tapping into the power of hardware rather than just focusing on software-based defences.

The security giant, which was acquired by Intel for $7.68 billion in August last year, took the wraps off the technology dubbed DeepSAFE at the Intel Developer Forum in San Francisco.

As the bad guys continue to circumnavigate security software such as firewalls and antivirus protection, those wishing to keep their data safe need to fight back. But using the same weapons of old is no longer viable, or won't be in the long term, according to the two companies.

With the DeepSAFE technology platform, we're actually able to protect our customers and save them time and money.

By opting for a hardware-related approach and utilising features already present in Intel processors, threats residing beneath the operating system can be tackled in real-time before they affect consumer or business machines and cause any damage, according to McAfee. This approach will be particularly useful in combating rootkit attacks, the company claims, adding that it estimates there are currently 1,200 new rootkits detected on daily basis.

What we think...

As a means of securing the software layer from the hardware layer, it's a good approach. Trend Micro has tried doing this before, and various BIOS builders have also built in capabilities to prevent root kits and so on. Indeed, Intel itself has stuff in the trusted computing platform that should do stuff like this.

One of the biggest issues though is if a false positive is flagged - such an approach is almost impossible to override. So a critical piece of software may not be installable.

For Intel, the biggest issue it has to worry about is that whatever it does at the silicon level with McAfee has to be open and something that others can also do otherwise the DoJ will jump down its throat on an anti-compete charge.Clive Longbottom, founder, analyst firm Quocirca

"Many attacks are triggered when we launch a video or an application from one of our favourite sites. Often, users will see a warning that they click on through and ignore it," said Candace Worley, McAfee's senior vice president and general manager of Endpoint Security, as she demoed the technology in action.

While in beta now, the first DeepSAFE products are expected to hit the market this year, most likely initially focused on enterprise protection.

"Let's take a look at a system that's actually running the DeepSAFE technology. Here, running on top of DeepSAFE is beta software for a soon-to-be-announced product from McAfee that will do kernel node rootkit prevention," she added.

"Once again, the user clicks through the warnings and unknowingly installs the Agony rootkit. But, because the DeepSAFE technology and beta software is used, utilising the VT technology from Intel, we actually recognise the rootkit as it attempts to load into memory and we block the attack in real-time."

"With the DeepSAFE technology platform, we're actually able to protect our customers and save them time and money," Worley concluded.

CPU events can be monitored in real-time using the technology, which will also remove the hiding place for some of today's threats, meaning the currently undetectable becomes detectable and resolvable.

"2011 might be the year the industry got serious about security," Paul Otellini, Intel's chief executive, said during his keynote speech at IDF. "Intel has been serious about security for a long time Smartphones and tablets are not immune [from the threats]."

Alex Thurber, McAfee's senior vice president of worldwide channel operations took to Twitter to shout about the good news for its partner ecosystem.

"It is a new world of opportunity for our security partners," he tweeted. Indeed, Intel's Otellini highlighted the openness of the collaboration and the fact the virtualisation tech's APIs would be made available to others.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

Intel no longer considering UK chip plant following Brexit
components

Intel no longer considering UK chip plant following Brexit

7 Oct 2021
Rise to the challenge
Whitepaper

Rise to the challenge

1 Oct 2021
The total economic impact of the Intel vPro® platform
Whitepaper

The total economic impact of the Intel vPro® platform

1 Oct 2021
Google Cloud confirms Intel Ice Lake processor support for N2 VMs
virtual machines

Google Cloud confirms Intel Ice Lake processor support for N2 VMs

30 Sep 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021