Intel McAfee Secures Embedded And Mobile Devices

Intel and McAfee combined their patent portfolios to focus on providing security at the hardware level

Intel will use assets acquired from McAfee to build security features right into the chip for embedded devices and to provide cloud security services for mobile devices.

Two weeks after closing the McAfee acquisition, Intel executives explained the rationale behind the $7.7 billion (£4.8 billion) deal in a conference call with Wall Street analysts. Renee James, an Intel senior vice-president and general manager of the Software and Services group, and Dave DeWalt, president of the wholly-owned but independent McAfee subsidiary, discussed how McAfee’s products and systems would protect mobile devices and embedded applications from cyber-attacks.

“Malware is blowing off the charts,” explained DeWalt. “I’ve never seen anything like it. And on top of this, the number of devices is exploding.”

On-chip Security Management

Intel wants to build security management capabilities directly into hardware that would allow mobile and other endpoint devices to communicate in real-time with cloud-based services. The services will provide up-to-date protection for the devices including detecting and blocking malware, authenticating users and verifying IP addresses and Web sites, James said.

Intel could have bought smaller companies to build up its security business and spent less, but realised very quickly the company needed both security software and a complete service platform, James said. McAfee already had a security service cloud that it had been working on for five years in addition to security software, she said. It would have taken Intel far too much time and a lot of money to replicate what McAfee had already done, James said.

McAfee will be extending security capabilities and visibility into small embedded devices that can be used by attackers to gain access into enterprise networks such as laptops, smartphones and tablets, DeWalt said. Intel can develop embedded computers for printers, televisions, and cars, and bake security right into the device, he said. He also noted the security needs of nuclear power plants during the conference call.

McAfee would work closely with the Wind River subsidiary, which makes operating system software for a variety of embedded devices including ATMs and network gateways, according to DeWalt. McAfee is set to roll out McAfee for Wind River at the end of the month.

“We can bake security directly into the OS, directly with manufacturers,” DeWalt said.

The plan is to provide more security-assisting features on Intel’s future chips that help speed up and improve McAfee software performance. Instead of running security as a layer on top of the operating system, Intel wants to push it down below, DeWalt said. The company already has chip-based features, such as VT, which secures and manages virtualised environments, James said.

“The further you move security down the stack, the more visibility of the architecture you get,” DeWalt said.

By expanding McAfee’s ePolicy Orchestrator framework, businesses can remotely manage laptops and other endpoint devices with Intel vPro technology, such as accessing the device, decrypting or encrypting the data, and applying patches, according to DeWalt.

“Now we can give one pane of glass to view all these devices on the network,” said DeWalt

McAfee may have been just an anti-virus software vendor five years ago, but since then has expanded into firewalls, intrusion prevention, servers, storage, and endpoint security for mobile devices, DeWalt said. The mobile security products are either embedded in the device or sold by cellular phone carriers, and provide features such as remote wipe, encryption and location awareness, he said.

Mobile Security Awareness Growing

Even though McAfee has been in the mobile security market for five months, in the fourth quarter of 2010, it added 1.25 million users, DeWalt said. Another 246 enterprises have deployed McAfee software on to mobile devices and internal networks, including the United States government, he said.

With an installed base of over 300 million endpoints, McAfee products can track what is happening in real-time on endpoints by processing messages and sending information back to the company’s back-end security systems for analysis, DeWalt said.

Intel has acquired over 20 software companies over the past three years, retained more than 90 percent of the employees, and gained access to valuable intellectual property, James said. Examples included WindRiver, which gave Intel a broad and deep access to the embedded systems market, and Havok, a gaming company, whose engineers were “instrumental” in designing the feature set for Sandy Bridge chips, according to James.

Intel plans to make more security acquisitions, and future acquisition will be managed by DeWalt, James said.

“People will pay for security,” James said, noting that it’s not a PC/embedded issue. “It’s an enterprise, PC, handset/mobile, embedded across the board,” she said.