SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Cisco & McAfee collaborate on open security platform
Fri, 20th Oct 2017
FYI, this story is more than a year old

A collaboration between Cisco and McAfee will share security incident and contextual information in real time in an effort to detect and stop threats faster, and to reduce the complexity of their customers' security architectures.

The two companies announced the interoperation of Data Exchange Layer (DXL) and Cisco Platform Exchange Grid (pxGrid) as part of McAfee's Security Innovation Alliance.

The companies say the collaboration demonstrates the industry's move towards collaborative, open and integrated security.

“We must empower security teams to stop spending their time on tedious integrations and manual tasks and instead, focus on defending against adversaries,” explains Raja Patel, general manager corporate products at McAfee.

He believes that organisations should use solutions that integrate to maximise value, rather than use solutions that don't communicate at all.

“Collaboration like we are doing with Cisco, IBM Security and others throughout the security industry is critical to closing information gaps, breaking silos and providing the visibility we need to protect our most important assets from cybercriminals,” he continues.

Last year the OpenDXL initiative was launched. It has shown interest from enterprises that are developing with the technology, with dozens of completed solutions through the software development kit (SDK) hosted on GitHub.

The companies say that DXL and Cisco pxGrid's open security information grid will share threat event context and enable automation between networks and endpoints.

“We started DXL as part of our Partner Program,” comments McAfee CEO Chris Young.

He says that OpenDXL is part of promoting the open source ecosystem for the security community. In addition to Cisco, partners include Check Point.

The two companies say they now have the industry's largest open security fabric with more than 100 integrated partners between them.

With the two interoperational fabrics, integration between vendors has become open to not only partners, but also to open source and enterprise applications.

“We have found that many organisations work with upwards of five security vendors, and they struggle to integrate up to 50 security products, resulting in security gaps that leave them vulnerable. Defenders now have access to the industry's most extensive and diverse set of services between network, endpoint and security operations. This collaboration between Cisco and McAfee creates great value and eases the security effort for customers,” comments Cisco's senior VP of product management, Security Business Group.

McAfee has also released DXL 4.0 and new open source tools that provide enterprise environments for developers.

Newly released DXL features include:

  • Easy pxGrid Integration: Simple download includes all software required to connect DXL and pxGrid and set automated policies to respond to potential threats.
  • Automated Incident Response: McAfee ePolicy Orchestrator  (McAfee  ePO) automatically reacts to threat events, sending data to DXL to disseminate amongst connected products for action
  • Improved Management: Simplified client provisioning and process updates with new DXL eP extension and client enhancements.

New contributions to the OpenDXL community:

  • Simplified Development and Testing: New interactive development environment and standalone DXL Broker lets users set up a working DXL infrastructure and development environment in five minutes or less.
  • Simplified pxGrid Integration: New OpenDXL pxGrid Python client is optimised to support interactions between OpenDXL services and pxGrid.