Can OpenDXL Contain the Spread of Today’s Security Threats in the Enterprise?

by | Jun 13, 2017

A new security fabric from McAfee might be able to provide the line of defence that CIOs and CISOs need to contain the spread of ransomware and malware

Enterprises face at least a billion threats from malware, ransomware, hackers and even insiders, on a daily basis. Traditional approaches to security are no longer effective in today’s context; the entry points to a corporate network have increased manifold, due to numerous consumer devices (end-points). To counter all these threats, enterprises deploy multiple security solutions. But the weakness is in containing the threat and communicating it to all users, systems and security solutions in the enterprise network. One security solution may detect a threat, but is it communicating that down the value chain? A new fabric from McAfee, introduced last year, might be just the thing that can do this. It is an open platform.

Anand Ramamoorthy, Managing Director, South Asia, McAfee

Anand Ramamoorthy, Managing Director, South Asia, McAfee

Anand Ramamoorthy, Managing Director, South Asia, McAfee says CIOs are buying a lot of security widgets and tools.

“A large enterprise may have as many as 10 security vendors. Some have over 15 and the average is 5 – 6. They are dealing with a battle between a widget and a platform story,” said Ramamoorthy.

The effectiveness of all these security tools and widgets can increase if only they could communicate with each other. Last year, McAfee introduced a fabric called McAfee DXL (Data Exchange Layer), a platform that connects different security vendors. Initially, it was a closed loop, Intel proprietary platform, but it was later opened up to other security vendors.

“We are providing customers a fabric where they can attach different technology vendors and still have a good way of exchanging threat. If your end-point is getting attacked, I want everyone in your security value chain to know about it. This is the only way you can have the fastest response once you are attacked,” said Ramamoorthy.

DXL is a communication fabric that provides a secure, real-time way to unite data and actions across multiple applications from different vendors, as well as to internally developed applications. Through this platform, enterprises gain instant communication and collaboration, connecting security solutions into an effective team. Partners gain real-time access to new data and lightweight, instant interactions with other apps to enrich security operations.

What McAfee is really providing through DXL is an early warning system, to contain the spread of a threat. This sounds like a big challenge. What’s in it for security vendors (like CheckPoint and Forceoint) to open up APIs and come on to McAfee’s platform?

To encourage security vendors, McAfee set up an SIA (System Integrator Alliance) or an ecosystem of over 300 partners. It’s OpenDXL initiative allows security vendors and developers to quickly integrate data and actions for real-time security operations. OpenDXL becomes more effective as more players come onto the platform.

“Our punchline is ‘Together is Powered’ – because we can’t solve it on our own. We are trying to make it easier for a CIO or CISO to track, at a dashboard level, what is happening in his value chain. The question is not ‘Will I be hacked?’ but ‘When?’ —  you will be attacked! DXL is our calling card to how we define security in the enterprise,“ added Ramamoorthy

He is optimistic that many large Indian enterprises will soon come on to this platform. However, he refrained from giving any names of  those who already on the platform, though McAfee is in talks with many companies.

Experts warn that recent attacks such as WannaCry, which hold enterprises to ransom, are going to get more frequent. Attacks like these are a daily occurrence and not widely reported. So a fabric or platform like DXL can help contain the spread of the attack, and also warn everyone. It therefore makes sense for security vendors to come on board, as it strengthens the defence.

The question is, will DXL become as universal as say, USB, which is also an Intel technology?

Intel continues to hold a 49 percent stake in McAfee, though the security firm now runs as autonomous company. The rest of the stake (51 percent) is owned by TPG Capital and Thoma Bravo.

Share This Article!

Brian Pereira
Brian Pereira
Brian Pereira is an Indian journalist and editor based in Mumbai. He founded Digital Creed in 2015. A technology buff, former computer instructor, and software developer, Brian has 29 years of journalism experience (since 1994). Brian is the former Editor of CHIP India, InformationWeek India and CISO Mag. He has served India's leading newspaper groups: The Times of India and The Indian Express. Presently, he serves the Information Security Media Group, as Sr. Director, Editorial. You'll find his most current work on CIO Inc. During his career he wrote (and continues to write) 5000+ technology articles. He conducted more than 450 industry interviews. Brian writes on aviation, drones, cybersecurity, tech startups, cloud, data center, AI/ML/Gen AI, IoT, Blockchain etc. He achieved certifications from the EC-Council (Certified Secure Computer User) and from IBM (Basics of Cloud Computing). Apart from those, he has successfully completed many courses on Content Marketing and Business Writing. He recently achieved a Certificate in Cybersecurity (CC) from the international certification body ISC2. Follow Brian on Twitter (@creed_digital) and LinkedIn. Email Brian at: [email protected]
Recommended Posts
The First 90 Days Are Crucial for the CISO and CIO

This book arms you with insights into crafting a robust 90-day plan, and you’ll be well-equipped to catapult into CIO or CISO roles successfully. Beyond technical proficiency, the book instills survival skills, ensuring longevity and helping you prevent burnout in these pivotal positions.

Similar Articles

Return to Business as Unusual
Return to Business as Unusual

Remote working is no longer a benefit, luxury or convenience. It’s also more than a current make-do for organizations looking to conduct business as usual.