McAfeeWorks.com is a McAfee SecurityAlliance Premier Partner

McAfee - Antivirus Software and Intrusion Prevention SolutionsMcAfee Embedded Security

Prevent unauthorized changes to your embedded devices

McAfee Embedded Security

McAfee Embedded Security Overview:

McAfee Embedded Security enables device manufacturers—and the service channel—to build, deploy, and control secure embedded devices. It can enforce channel-friendly software change policies to prevent unauthorized and out-of-policy software changes, reduce in-field breakage, and keep embedded devices compliant. It provides enhanced security, reduces patching cycles, and protects against zero-day attacks.

Description:

Embedded devices and appliances are widely deployed in critical infrastructure. These include point-of-sale terminals, self-checkout devices, kiosks, handheld devices in retail stores, point-of-care medical modalities (X-ray, ultrasound, CT-scan, MRI devices), ATMs, thin clients in enterprises, critical infrastructure for process control systems or SCADA devices, industrial plant controllers, and storage appliances.

For decades, embedded devices consisted of specialized hardware running proprietary software. In recent times, there has been a shift toward standardization catalyzed by standards organizations (such as UPOS in retail). Standardization has enabled devices to become increasingly interconnected and use off-the-shelf software on commoditized hardware running commercial or open operating systems. This has benefited the device manufacturers, the channel, and the end customers, because it allowed each of these groups to focus on their core business. It has enabled flexibility in software selection, faster time to market, and mid-cycle adoption of new technologies.

However, this standardization and flexibility has a downside. Similar to standard PCs, embedded devices are susceptible to security risks, constant patching, and the frequent updates required by “black list” security solutions. They also become vulnerable to unauthorized changes, which can cause in-field breakage. This can lead to non-compliant devices as they are serviced in the field. Often, the device manufacturers and the service channel do not have control over what software is installed, or who installs the software. This increases the total cost of ownership of a device. As a result, it is increasingly hard for manufacturers and the service channel to make the claim that an embedded device will work in the field, as shipped.

McAfee Embedded Security software is the industry’s first and only solution to secure embedded devices and automate the enforcement of software change control policies on them. It reduces total cost of ownership for the embedded device manufacturer and its service channel.

McAfee Embedded Security is deployed by major manufacturers of automated teller machines, point-of-sale terminals, medical devices, thin clients, storage appliances, and other devices. These customers have realized significant and rapid returns on their investment by reduced ongoing in-field support and breakage incidents due to unauthorized changes.

Benefits and Features:

Benefits:

  • Enhance device security
    Protect embedded devices against existing and unknown zero-day threats via malware (such as worms, viruses, Trojans and buffer-overflow threats, etc.). Because many embedded devices such as ATMs and kiosks have a large attack area, they face increased security vulnerabilities. McAfee Embedded Security ensures that the device—when in production and in the field—is secure and cannot be compromised.
  • Reduce cost of ownership
    Deploy and manage embedded devices with the proper control, and lower support costs. Increased support costs typically come from unauthorized change activity during support and maintenance procedures that can lead to in-field breakage, the need to test and validate patches, and onsite personnel needed to support the device. McAfee Embedded Security reduces in-field breakage and support calls, and reduces the number of touch-points. McAfee Embedded Security makes it possible to avoid patching or batch patches, and enables multiple models of controlled software updates.

  • Get out-of-the-box compliance
    Enforce the control requirements of the DSS, FDA and HIPAA, as well as other regulatory mandates. McAfee Embedded Security ensures that the necessary tamper-proof audit logs are present on the device, to prove that regulatory controls are in place.

Features:

  • Device change control
    Gain flexibility throughout a device’s lifecycle. As an example of this, McAfee Embedded Security can ensure that software certified by the device owner can be applied to the device only during manufacturing. Alternatively, it can allow selective channel partners to be able to make updates to the device, and log the updates made for compliance or forensics.
  • Device application control
    Protect against existing and unknown zero-day threats via malware, such as worms, viruses, Trojans and buffer-overflow threats, etc. The application control of McAfee Embedded Security also helps eliminate emergency patching, reduces the number and frequency of patching cycles, and enables more time for testing before patching. It also reduces any security risk on difficult-to-patch devices that are remote and distributed in areas with little or no local support. The application control feature helps reduce the cost of operations by reducing both planned patching and unplanned recovery downtime, thereby increasing device availability. This is an ideal solution for lower-end devices, as it reduces the support costs by reducing the number of touch points.
  • Channel friendly control
    Control what is installed and allowed to run during the multi-vendor lifecycle. McAfee Embedded Security offers flexibility to enforce the device owner’s software change control policy in two distinct workflows. First, as the device flows through its multi-stage manufacturing lifecycle—as multiple channel vendors install their own software and value added services. Second, during in-production operational maintenance and support—as the device owner or the multiple channel vendors issue software updates for their software/hardware.
  • Low impact solution
    Minimize performance impact with McAfee Embedded Security. Unlike most third party software applications for embedded devices, McAfee Embedded Security does not require constant updates and administrator attention. There is little performance impact, and reduced administrator overhead.

Solutions:

Business Challenges in the Embedded Industry

Embedded devices and appliances are widely deployed in critical infrastructure today. These include point of sale terminals, self-checkout devices, kiosks, handheld devices in retail stores, point of care medical modalities (XRay, Ultrasound, CT-Scan, MRI devices in hospitals), ATMs in banks, thin clients in enterprises, critical infrastructure for process control systems or SCADA devices, industrial plant controllers, and storage appliances.

For decades, embedded devices consisted of specialized hardware running proprietary software. In recent times, there has been a shift towards standardization catalyzed by standards organizations, such as UPOS in retail. Standardization has enabled devices to become increasingly interconnected and use off-the-shelf software on commoditized hardware running commercial or open operating systems.

Embedded Systems are Changing
Embedded Systems are Changing

The same standardization and flexibility has a downside. Similar to a standard PC, these embedded devices become susceptible to security risks, constant patching and the frequent updates required by anti-virus solutions. They also become more vulnerable to more unauthorized changes causing in field breakage. This can lead to non-compliant devices as they get serviced in the field. Often, the device manufacturers and the service channel do not have control over what software is installed, by whom, when and what is currently running, as these devices get built and deployed. This increases the total cost of ownership of a device during its lifecycle. As a result it is increasingly hard to make the claim that–an embedded device will continue to work in the field, as shipped.

Enhance Device Control with McAfee
McAfee Embedded Security prevents unauthorized changes. It enables the device manufacturers and the service channel to Build -> Deploy -> Control.

It can enforce channel-friendly software change policies on the deployed embedded devices to prevent unauthorized and out-ofpolicy software changes, reduce in-field breakage and keep the devices compliant. It provides enhanced security, reduces patching cycles and protects against zero day attacks.

It is a low footprint, low overhead software solution that runs transparently on the devices. It can be setup quickly on the device with low initial and ongoing operational overhead. It integrates with the device manufacturer, the service channel’s and the end customer’s manufacturing, provisioning, monitoring, change management and in-field maintenance processes and helps enhance control over the deployed embedded device for whoever services it in the field.

McAfee Embedded Security Circle - Change Control and Application ControlMcAfee Embedded Security

McAfee Embedded Security has two key features.

Change Control
McAfee Embedded Security offers flexibility to enforce the device owner’s software change control policy in two distinct workflows. First, as the device flows through its multi-stage manufacturing lifecycle as multiple channel vendors install their own software and value added services. Second, during in-production operational maintenance and support as the device owner or the multiple channel vendors issue software updates for their software/hardware.

This feature provides flexibility in the operations during a device’s lifecycle. For example: McAfee can enforce that only the software certified by the device owner can be applied to the device during manufacturing and in-production and none other. Alternatively, it can also allow selective channel partners to be able to make updates to the device and log the updates made for compliance or forensics.

In addition, McAfee Embedded Security can be utilized to enforce that the control requirements are met for PCI, FDA, HIPAA, and other regulatory mandates. It ensures that the necessary tamperproof audit logs are present on the device to prove that regulatory controls are in place.

Application Control
McAfee Embedded Security helps provide protection against existing and any unknown zero day polymorphic threats via malware such as worms, viruses, Trojans and buffer-overflow threats, etc thereby ensuring that the device when in production is secure and cannot be compromised. It also helps eliminate emergency patching, reduces number and frequency of patching cycles and enables more time for testing before patching. It also reduces any security risk on difficult to patch devices that are remote and distributed in areas with little or no local support. The Application Control feature helps reduce costs of operations by reducing both planned patching and unplanned recovery downtime, thereby increasing device availability. This turns out to be an ideal solution especially for lower end devices as it reduces the support costs by reducing number of touch points needed.

McAfee Embedded Security provides customers with a comprehensive solution for controlling their IT infrastructure.

Benefits to Device Manufacturers
The table below summarizes the common challenges faced by embedded device manufacturers and the benefits realized by McAfee Embedded Security customers.

Embedded Lifecycle Challenges

Increased security vulnerability due to larger attack surface

Lack of control when and what software gets installed and run during multi-vendor lifecycle.

High support costs

  • Unauthorized changes during support and maintenance procedures lead to in-field breakage
  • Need to test and validate every patch
  • Onsite personnel support such as centralized software distribution model does not suit at all

Non-compliant to FDA, HIPAA, PCI and other regulatory controls due to in-field changes.

High overhead third party software: Third party software have high peak and average performance impact, require constant updates and administrator attention.

McAfee Benefits

Enhanced security against known and zero day attacks.

Channel friendly control: flexibility to enforce manufacturer and service channel software control policies.

Reduced cost of ownership

  • Reduced in-field breakage and support calls, reduced number of touch points
  • Makes it possible to avoid patching or batch patches
  • Enables multiple models of controlled software updates

Out of box compliance via software change control and runtime control.

Low impact solution: Minimal performance impact, no ongoing updates, reduced administrator overhead.

Summary
McAfee Embedded Security software is the industry’s first and only solution to secure embedded devices and automate the enforcement of software change control policies on them. It reduces total cost of ownership for the embedded device manufacturer and its service channel. McAfee Embedded Security is deployed by major manufacturers of automated teller machines, point-of-sale terminals, medical devices, thin clients, storage appliances and other devices. These customers have realized significant and rapid returns on their investment by reduced ongoing in-field support and breakage incidents due to unauthorized changes.

System Requirements:

  • Windows/UNIX/Solaris
  • Single/Multiple Intel Pentium
  • 256 MB RAM
  • 25 MB free disk space
  • Administrator privileges on the system

Platforms Supported

  • Windows XP Professional
  • Windows XP Embedded
  • Windows Embedded for Point of Service (WEPOS)
  • Windows NT4 Server, Workstation
  • Windows 2000 Enterprise, Advanced, Professional, Standard
  • Windows 2003 Enterprise, Advanced, Storage
  • Windows Vista
  • Windows 2008
  • Linux ES 3.0
  • Solaris 8
  • Solaris 9

Documentation:

PDF File
Download the McAfee Embedded Security Solutions Datasheet (PDF).