Fun Facts: ECS stood up and managed the first security operations center at the White House. Today, ECS manages the world’s largest McAfee installation—employing just about every solution we make—for the U.S. Army.
ECS is more than a McAfee Platinum Partner: they’ve built their entire security solution around McAfee products. The company’s unique offering to Enterprise, military, intelligence and federal civilian combines their award-winning managed services powered by McAfee, and high-level competencies across the Amazon Web Services (AWS) product suite.
ECS has earned service delivery certifications for every McAfee product, participating regularly in betas and trials of new software with active input into the development of new products. Its AWS bona fides are equally ambitious: ECS is an AWS Premier Consulting Partner, an Audited Managed Service Partner, and one of the world’s largest AWS resellers.
For the past 17 years, ECS (formerly InfoReliance) has built a managed-services offering that focuses on delivering custom solutions for clients in regulated industries such as government and defense, but the company also has a large and growing roster of high-profile enterprise and commercial customers. ECS focuses its security solutions around the threat defense lifecycle, applying not only McAfee products but complementary solutions from McAfee Security Innovation Alliance.
“Our choice to provide a single-vendor security platform and deliver McAfee at scale is one of the things that makes us unique,” remarks Andy Woods, Director of Managed Cybersecurity at ECS. “It means our organization can have a depth of expertise that’s frankly unmatched by anyone else in the industry. We also believe it’s the best way to be technology-heavy and people-light, and to automate as much of the cybersecurity lifecycle as we can.”
The McAfee Virtual Network Security Platform (vNSP) and its tight synergy with AWS is a large focus of ECS’s business. Tim Gonda, ECS security engineer and vNSP expert, explains: “We feel it is important to recognize that as part of the AWS shared responsibility model, it is up to us to ensure the security of our virtual networks. We leverage vNSP as a way to augment the security of native AWS capabilities. We are able to establish more flexible controls for protecting our own workloads, as well as providing custom-tailored solutions to our clients.”
In one example of a customer’s virtual private cloud (VPC) deployment, the ECS team launched a vNSP controller into the VPC, and deployed sensors per subnet. The application service also included the lightweight, host-based traffic redirector. “One of the biggest differentiators of vNSP versus other products is that it allows us to monitor internal VPC traffic, as well as traffic leaving the VPC, in an extremely lightweight framework,” Gonda comments. “In this example, we managed the lateral traffic within the VPC, as well as traffic going out to the internet, while providing custom filters and rules looking for specific threats on the wire.”
The application of vNSP with AWS-driven VPCs is just one example of ECS’s fearless innovation in today’s marketplace. Woods notes, “We’re proud of our internally developed intellectual properties, such as our iRamp billing system. We developed one of the very first DXL-enabled technologies within the partner community. We were also early adopters of integrated security through McAfee ePO, born out of a need to support clients in regulated industries.”
Woods concludes, “Our clients are focused on value management of their cybersecurity spend and how we can help them reduce their risk not only today but into the future. We deliver security customized security outcomes for every organization we work with. We’re confident in McAfee’s ability to scale along with core competencies on the endpoint, whether on-premises or in the cloud. The connected infrastructure is a key differentiator for us as we deliver managed services to customers across all verticals. For us, ‘Together is Power’ means being able to solve our clients’ cybersecurity problems in the most powerful manner possible, through a single platform of connected technologies.”
The post McAfee vNSP and AWS Are Winning Combination for Enterprise and Federal Customers appeared first on McAfee Blogs.
We are in the midst of the fourth industrial revolution. Instead of steam machines or textiles, our economy is becoming ever more tied to technology. In order for our digital economy to thrive, we as a collective society need to have trust in our technology. Yet, the technology world has done very little to earn that trust.
During RSA David Duncan, VP, Product Marketing and Mark McGovern, VP, Product Management discussed our state of digital trust and how not improving it will impact the growth of our digital economy. Duncan pointed out that the digital economy is the 5th largest economy in the world. The growth of this economy is essential to our current way of life and a lack of trust caused by a series of preventable breaches and loss of personal data is threatening this growth. It is estimated that the digital economy has lost $3 trillion in growth due to a lack of trust in technology. And when companies don’t earn trust on their own, governments take action. Just look at the slew of new regulations and legislations coming out, especially in Europe. After the Equifax breach, the former CEO was forced to testify in front of Congress, and just recently Mark Zuckerberg was asked to do the same in order to answer questions about breaches in privacy.
As McGovern pointed out during his presentation, the digital economy has us living in a paradox. We want better technology, faster and with more access but we also want to it be more secure. The equation doesn’t add up with the way we think about security. This is why we need a modern approach to things like application security – where security is a function of software quality and is built into the development process. And of course we need to have a modern approach to identity and access management. This means things like single sign-on, advanced authentication, directory services and mobile AppSec. And we need to make use of behavioral analytics so that IAM becomes background and not a nuisance.
We live in a borderless world, our security needs to be borderless too. Otherwise it becomes inconvenient and we cannot build the trust with our customers we so badly need for our economy to continue growing.
During the RSA conference Sam King, general manager of CA Veracode lead an engaging discussion with Art Coviello, former CEO of RSA and Robert Knake, senior fellow for cyber policy at the Council on Foreign Relations and senior research scientist at Northwestern University’s Global Resilience Institute.
While the conversation touched on a variety of topics, the prevailing theme was on the need for a private and public partnership and the how much we can depend on the government for cybersecurity assistance. According to the panelists, the main thing holding the government back from improving overall cybersecurity of our country is a lack of technologist in government. As the questions posed to Mark Zukerberg during his congressional hearing demonstrated, our government officials are not entirely sure how this Internet thing works.
This is exactly why we need a partnership between government and the private sector. Companies know what is needed but do not have the authority or reach to get it done. While government has the authority they require the expertise of the private sector to determine what should be done.
How to respond to state sponsored cyberattacks also came up during the conversation. Should we respond in kind with our own cyberattacks? In our increasingly connected world, what is to say those counter attacks don’t end up impacting our own citizens and critical systems? Questions about the effectiveness of economic sanctions also came up. This seemed to be preferred to the concept of a mutually ensured digital destruction that escalation would create.
During the Q+A with the audience one particularly poignant question arose. After years of deadly shootings we’ve seen a group of individuals come together and protest. Regardless of which side you fall on the gun control debate – you cannot deny that this grassroots effort has been effective at creating change. Private industries are responding to their calls. Do we need a similar grassroots movement to entice the private sector and government to respond to the cyber threats facing our modern world? What will it take to spur citizen activists into action around this issue? It’s a question that keeps going around in my head after leaving this panel.
The panelists left the discussion on a positive note talking about the progress they’ve seen and how protecting our digital society is possible with cooperation from private sectors and government. As this issue becomes more and more relevant, I look forward to seeing how this debate evolves.