… events of all kinds where prospects may be, and even create their own events and freemium consulting packages as lead-generation vehicles.
|Dig Deeper: Watch McAfee VP and chief technology strategist for the Americas Brett Kelsey’s full keynote, “Customers Need a Better Security Architecture, Not Another Product,” live from Channel Partners Evolution. And, McAfee VP of global channel operations Richard Steranka recently explained some of the company’s strategy around enablement.|
And while not all solution providers are willing or able to offer comprehensive managed services, increasingly McAfee is tuning its products to be MSSP-friendly. Partners should remain cognizant of whether their current and future McAfee customer portfolios may lend themselves toward managed services.
McAfee prioritizes best-of-breed integration: McAfee partners are likely already familiar with Data Exchange Layer, the Security Product Integration Framework closely tied to the vendor’s ePO and Threat Intelligence Exchange (TIE) products. DXL, and its more recent iteration as OpenDXL, enable relatively simple and fast integration of McAfee and dozens of best-of-breed, third-party security products so that they can work as a single, interconnected security product architecture.
Arguably the most significant announcement at this year’s Mpower event was a first-of-its-kind integration between McAfee OpenDXL and Cisco Systems’ pxGrid SPIF . The integration enables Cisco’s ISE network-access control product to discover endpoints unknown to ePO and share status information, enabling ePO to potentially apply policy or mitigate the risk posed by a rogue or out-of-compliance device. In turn, ISE can receive endpoint status data from ePO and use it to govern the level of network-access endpoints received, potentially quarantining devices if necessary.
These seemingly trivial integrations are greatly desired by customers. Not only can overstretched security pros realize greater efficacy by enabling their network and endpoint security solutions to work together, they also lay the groundwork for an advanced incident-response capability through orchestrated and automated incident response and threat investigation. Enabling policy-based mitigation actions across Cisco-managed networks and McAfee-managed endpoints is a win as well.
Even though SPIFs (in this case, security product integration frameworks, not sales incentives) make security product integration easier than ever, McAfee’s long-term commitment to OpenDXL represents a huge opportunity for its partners. Customers new to OpenDXL will need consulting and support with initial deployment and configuration, deciding which products to integrate, developing workflow processes based on those integrations, and in some cases developing code to support custom integrations. As more third-party vendor integrations become available, partners will increasingly serve as advisers to consult on which products work well together and how to deliver the best possible efficacy from an integrated, best-of-breed security product ecosystem.
The high degree of change at McAfee in the past two years has no doubt caused trepidation among partners, and it won’t be a surprise if that brisk pace continues or accelerates as McAfee gets its footing as an independent company. But solution providers that understand how McAfee’s changes support its broader strategy – and are willing to adapt along with the vendor – will be poised to benefit from a fruitful long-term relationship.
Eric Parizo is senior analyst, enterprise security, with GlobalData. Eric brings over 15 years of experience to his role and is responsible for tracking and analyzing the evolving technological and competitive developments in the threat management segments of the information security market.