Better Malware Protection, Help for Endpoints in McAfee Web Gateway Release

By on

Every few months, our development team releases a new version of Web Gateway software with multiple improvements they’ve been working towards in their agile development process. This time around, Web Gateway continues to evolve in the critical area of malware protection, expands its capabilities to share threat information, and more. For those less familiar, McAfee Web Gateway and its SaaS counterpart are a critical protection measure in the pursuit of conquering the threat defense lifecycle, stopping a remarkable quantity of both known and zero-day, never-before-seen malware in-line with traffic flow before these threats have a chance to hit an endpoint. Let’s take a look more specifically at what we’ve added:

  • New Gateway Anti-Malware Engine (GAM) v2015. The GAM engine is our powerhouse of real-time zero-day malware protection, and is a constantly evolving technology that allows us to keep up with contemporary exploits and threat behavior. This release, we updated Windows executable emulation with support for advanced instruction sets used in malware obfuscation and evasion techniques, added support for behavioral scanning of 64-bit executable files, overhauled how we scan both Java bytecode and Flash ActionScript, and introduced a new patent-pending content analysis technology to improve classification of JavaScript. All this goes above and beyond AV to stop malware we don’t have a signature for from hitting your endpoints.
  • Publishing Malware Reputations to Threat Intelligence Exchange (TIE). As I just touched on, the GAM engine in Web Gateway has a remarkable ability to detect malicious behavior in never-before-seen files and convict them as new malware. This type of fresh threat intelligence is quite useful, but only if it can be shared! We’ve been sharing our zero-day convictions with the Global Threat Intelligence cloud for years. Now, with TIE, we have the ability to share these zero-day malware reputations in real time with endpoints and other sensors connected to the TIE ecosystem. This means right when Web Gateway finds zero-day malware, endpoints protected by McAfee know about it too. That results in shortened time to protection, and with the fast-paced nature of polymorphic malware (think Mystique from X-Men, same on the inside, different on the outside), means even less endpoints getting hit with new malware thanks to Web Gateway.

Remember, all Web Gateway releases are replicated in our SaaS platform as well. It’s built on the same technology so you can share one policy for both. If you’re using SaaS, remember you have a live-updated status portal here at trust.mcafee.com to view current status, maintenance periods, and more.

Attending RSA 2016 in San Francisco? Visit the McAfee booth (N3705) station titled “The Resilient Digital Enterprise” to learn more about McAfee Web Gateway and additional McAfee technologies connected through the Threat Intelligence Exchange. 

Leave a Comment

Similar articles

October is finally among us, and things are spookier than usual. One ghost causing some hocus pocus across the World Wide Web is Ghostcat-3PC, a browser-hijacking malware that has launched at least 18 different malvertising campaigns in the last three months. According to SC Magazine, Ghostcat’s goal is to hijack users’ mobile browsing sessions and ...
Read Blog
Fears and phobias. We all have them. But what are your biggest ones? I absolutely detest snakes but spiders don’t worry me at all. Well, new research by McAfee shows that cybercriminals and the fear of being hacked are now the 5th greatest fear among Aussies. With news of data breaches and hacking crusades filling ...
Read Blog