The Web    Google
McAfee Taps Grid Power, Web Services To Boost Security

McAfee Taps Grid Power, Web Services To Boost Security
April 16, 2002 is the latest company to integrate Grid computing with Web services, combining Grid power with a Web services framework in its next-generation Web Security Services.

McAfee said Grid Security Services, previously code-named Project M2, "represents a revolutionary new concept that brings together the massively distributed computing capabilities of Internet-based Grid technologies with XML-based Web security services to provide powerful real-time security to millions of users and businesses on the Internet."

McAfee will implement a security Grid with millions of sensors all over the Internet, continuously preventing, analyzing and reporting security threats to a central hub through a Web services framework. The hub, in turn, will process this data and provide real-time alerts and immunization to the rest of the systems on the Grid.

Protection Against Viruses, Hackers

Security data from the Grid will be available to anyone who installs the SecurityCenter. The SecurityCenter is an integral component and the first phase of the Grid Security Services initiative, McAfee said, offering a single interface to access applications and acting as a central dashboard for users to view their security status.

It will allow for always-on security and a secure transfer of select, limited information between and each double opted-in user, providing a real-time indicator of security threats, virus outbreaks and vulnerabilities based on information gathered and shared across the network.

As more and more users download the initially free SecurityCenter and become part of the Grid, the services will continue to improve, providing immediate notification of and protection against viruses, hacker attacks, and privacy invasions as threats arise, McAfee said.

"The massively distributed architecture of the Internet, interconnected through open standards, provides a platform to utilize the power of Grid-based computing towards solving a very real problem - the problem of constantly securing the global Internet in real time as threats arise," CEO Srivats Sampath said in a statement.

McAfee outlined the key components of Grid Security Services as follows:

Grid Nucleus: The Grid nucleus is composed of a series of secure origin servers that act as an up-to-date repository of information gained by tracking the status of the entire Grid. When an event is registered anywhere on the Grid, the information is shared through this repository so that nodes on the Grid may be made aware of threats as soon as they occur. security services are tied into these servers, allowing for the immediate updating and up-to-the-minute protection against the latest threats as they arise.

Sensors and Protectors: Grid protectors are Web services that provide key security, such as anti-virus, personal firewall, intrusion detection and tracing, spam filtering and identity protection. These services, residing on every end-node or system on the Grid, interoperate with the rest of the components using an XML-based schema. Grid sensors are extensions to Grid protectors and provide the mechanisms to trap and report security issues. These bi-directional sensors provide real-time data on threats to the Grid hub and receive notifications, alerts, immunization and updates from the hub. Grid sensors also provide geographic coordinates to help identify the location and origin of threats. Grid Security Services will soon have access to over one million Grid sensors from around the Internet, via the SecurityCenter.

Exchange Language: The exchange language is the XML-based schema through which the nodes on the Grid communicate with the Grid nucleus. plans to enhance this in the future to include additional layers of security on top of SOAP and HTTP that will enable each node on the Grid to communicate directly and securely with one another.

Grid Network: The Grid network is the network of individual nodes that only after expressed permission by the user interact with the Grid nucleus and in the future with one another.

Grid Alerts: Grid alerts notify end-users on the Grid about breaking security problems inside and outside the Grid. Alerts are configurable and can be made to use other proprietary services such as Microsoft .NET Alerts. These alerts are already a component of the SecurityCenter.

Grid Immunization and Updates: Grid immunization and updates are XML-based updates containing critical immunization and update data within's managed services. In the case of a new virus, this would contain a list of signatures of the virus and its variants. In the case of a firewall or anti-spam, this would contain a list of recently discovered banned IP addresses or spam addresses. This allows the Grid Security Services to learn about security threats on different parts of the Grid and rapidly disseminate the appropriate protection to the rest of the Grid.

McAfee said its Grid Security Services is "based on the premise that members of a large Internet-connected community or Grid can act as security sensors and advance warning systems for the entire community and the Internet at large." The first phase of the Grid Security Services initiative, the SecurityCenter, is available for download at no cost to consumers at

  • 4/6: Mydoom-AJ Worm Uses Email
  • Critical Flaws Spoil Opera Tune
  • House Passes Federal Anti-Spam Bill
  • AOL Offers Top 10 Spam List to Aid in Battle
  • Network-1 Offers Centralized Policy Control For Distributed Firewalls
  • Wi-Fi Security Review: AirMagnet
  • This Python Really Eats Bugs
  • The Backup Conundrum: More Data in Less Time, Part 2
  • 802.11 Has DoS Vulnerability
  • 1/27: Worm_Bropia-D Drops Other Malware
  • Senate Panel Approves Anti-Spyware Bill
  • Cheap Security Camera