I couldn't believe the article Focus 2011: McAfee unveils Deep Defender and Deep Command security platforms by Shaun Nichols posted on http://www.v3.co.uk/v3-uk/news/2118121/focus-2011-mcafee-unveils-deep-defender-deep-command-security-platforms at first.
McAfee is working with Intel to provide security tools to run at the processor level that will detect rootkit infections and attacks that can't be detected by security tools installed on the operating system. McAfee co-president Todd Gebhart was quoted that there are things coming that will get below the operating system.
The rest of the article broke down what each piece will do. Deep Defender looks to be a host intrusion detection system as it will monitor system activity and take security actions based on behavior. Deep Command will allow administrators to remotely access systems even when powered down.
Enderle Group principal analyst Rob Enderle said, "The interesting thing is that it is a primary virtual machine and it points the way to what is going to happen in the future with servers."
What will prove interesting is how they will keep it updated. Will it be through firmware updates? We all know how badly those can go sometimes.I would hope that they would design it so that the primary virtual machine has a backup stored in a protected area so the machine can be recovered if the primary goes bad.
Curious that this speculation had nothing to back it up in the article. What is McAfee seeing that would warrant the development of a processor-based security suite? What kind of security issues that this may present? The saying that the most secure computer is the one that is shut off will no longer be the case.
No comments:
Post a Comment