McAfee Embedded ControlSecure embedded systems from malware and attacks by hackers and cybercriminals
McAfee Embedded Control Overview:
McAfee Embedded Control maintains the integrity of your system by only allowing authorized code to run and only authorized changes to be made. It automatically creates a dynamic whitelist of the "authorized code" on the embedded system. Once the whitelist is created and enabled, the system is locked down to the known good baseline, no program or code outside the authorized set can run, and no unauthorized changes can be made. McAfee Integrity Control—which combines McAfee Embedded Control and the McAfee ePolicy Orchestrator (McAfee ePO™) console—provides integrated audit and compliance reports to help you satisfy multiple compliance regulations.
McAfee Embedded Control blocks unauthorized applications and change on fixed-function, point-of-service infrastructures, including retail devices, medical devices, industrial control systems, office equipment, gaming devices, automotive, and various military and aerospace devices. Embedded Control provides a simple, lightweight software technology to make your devices resilient to malware infections and attacks.
Viable security for fixed-function and legacy systems — Embedded Control uniquely extends a layer of device security with a fixed CPU or memory, including point-of-sale (POS) terminals, ATMs, and medical imaging systems that perform critical functions and often store sensitive data. A low-overhead footprint does not impact system performance, and it is equally effective in standalone mode, without network access. Dynamically manage whitelists, making it easy to support multiple configurations for different business needs.
An efficient, transparent solution — Embedded Control runs transparently on fixed-function embedded systems, enables the entire point-of-service infrastructure to be monitored without impact, and can be set up quickly. This flexible, affordable, and embedded system security solution dynamically manages whitelists and supports multiple configurations for different business needs and devices.
Comprehensive change policy enforcement and compliance management — Get continuous change detection capabilities, while proactively preventing unauthorized, out-of-policy change attempts. Embedded Control links protection directly to policy and verifies changes against the source, time window, or approved change ticket. Changes outside of policy are blocked, greatly reducing change-related outages and compliance violations. Embedded Control provides categorical management, enabling IT to fulfill and validate compliance requirements efficiently and cost effectively. This supports many compliance standards, including PCI and SOX, as well as healthcare and energy industry requirements.
Complete protection from unwanted applications — Embedded Control extends coverage to Java, ActiveX controls, scripts, batch files, and specialty code for greater control over application components.
Features and Benefits:
Get zero-day protection
Implement embedded system security with solutions that prevent zero-day attacks, as hackers and cyberthieves create and release more unique and virulent malware than ever before. McAfee Embedded Control’s whitelisting is a wholly new approach to solve security threats on embedded devices.
Prevent unauthorized software changes on production devices
Stop unapproved changes to all types of embedded devices and equipment that can lead to costly system shutdowns, exposure to data loss, unanticipated loss of device control, and various regulatory fines and penalties. Embedded Control can help prevent these problems with application whitelisting and change control.
Mitigate support and field maintenance costs related to security problems
Prevent unauthorized changes to devices that cost device manufacturers time and resources while they resolve system errors and malfunctions. Whitelisting and change control solutions from McAfee ensure these expensive, unauthorized changes never occur in the first place.
Reduce frequent, costly OS patching
Lock down the runtime environment and help prevent costly OS patching cycles with application whitelisting. New security vulnerabilities are discovered and published to the Internet every day, making it difficult for manufacturers and their customers to ensure devices are safe and secure from the most recent exploits.
Meet PCI compliance requirements
Maintain PCI compliance through whitelisting and change control, as retail sales devices used to process customer transactions often require strict adherence to a series of PCI requirements.
Leverage resource intensive, multiple security solutions for security and compliance
Use a whitelisting approach to dramatically decrease complex security systems and achieve increased protection against malicious zero-day attacks. Changing the approach to security yields substantial cost reduction while improving a company’s security posture.
Avoid system unavailability due to unauthorized changes
Design pre-emptive protection into manufacturers’ devices upfront to yield significant benefits for both the device manufacturer and the customer. When expensive manufacturing, medical, and financial systems go down due to unauthorized system changes, companies can experience significant financial loss and customer dissatisfaction.
These are minimum system requirements only. Actual requirements will vary depending on the nature of your environment.
- Windows 7 (32/64-bit)
- Windows 7 Embedded (32/64-bit)
- Windows Vista
- Windows XPE
- Windows XP (32/64-bit)
- Windows 2008
- Windows 2008 R2
- Windows 2003
- Windows 2003 R2
- Windows 2000
- Windows NT
- WEPOS, POS rReady 2009
- WES 2009
- RHEL 4/5/6 (32/64-bit)
- CentOS 4/5 (32/64-bit)
- SuSE 10/11 (32/64-bit)
- Open SuSE 10/11 (32-bit)
- Solaris 9/10 (SPARC)
- Solaris 10 (32/64-bit)
- WindRiver Linux 4.3
- Single/Multiple Intel Pentium
- 512 MB RAM
- 20 MB free disk space
- Administrator privileges on the system
Download the McAfee Embedded Control Datasheet (PDF).
- Pricing and product availability subject to change without notice.