“Maintaining currency is one of our new driving forces,” says Dwayne Cyr, senior cyber security manager at Textron, a $13.4 billion aerospace, defense, and advanced technologies conglomerate that employs over 35,000 people worldwide.
Textron is working diligently to stay ahead of cyber threats as well as provide a more leading-edge experience for its end users. For instance, with software releases occurring more frequently than in the past, the company has created a mechanism to simplify testing so that it can incorporate new releases more quickly.
The motivation to stay up to date with the latest improvements in technology, along with a desire for better scanning performance, led Textron to migrate as soon as it could to the new, more collaborative, more intelligent McAfee endpoint protection framework, McAfee Endpoint Security (ENS). “McAfee ENS has been heavily marketed as being a lot faster,” notes Cyr. “Our testing and some of our engineering communities definitely validated that.”
Textron first deployed McAfee ENS version 10.1, including migrating some Host Intrusion Prevention (HIPS) rules to the new ENS firewall. According to Cyr, the company is gearing up to deploy 10.2 across the extended enterprise in the near future.
Cyr describes his team’s experience with ENS thus far as “resoundingly positive.” He recalls only one issue after the migration to ENS—one of Textron’s applications looks an awful lot like a threat—but it was resolved quickly.
“The thing we’ve been really successful at is combing back our exclusions,” claims Cyr. “[With] the old anti-virus product you would have to exclude an entire directory [from virus scans]. [McAfee Endpoint Security] doesn’t have the same performance issues so you don’t need to exclude as much.”
Less exclusions means more complete coverage, which translates to a stronger security posture. Not having to manually set exclusions for scans also reduces the time that engineers on Cyr’s team have to spend tweaking endpoint protection.
Cyr’s advice for others migrating to McAfee ENS: “Take a good hard look at the way you deploy [McAfee VirusScan Enterprise] because there are a lot of behaviors that you’ve learned that no longer apply to [ENS].”
Besides endpoint protection, Textron relies on McAfee for on-premises and cloud-based web protection, via McAfee Web Gateway appliances and McAfee Web Gateway Cloud Service respectively. Since McAfee ENS and McAfee Web Gateway are able to communicate using the McAfee Data Exchange Layer (DXL) fabric, Textron has the capability to add other DXL-connected solutions as well as McAfee Threat Intelligence Exchange, which shares local and global threat information in near real time. Cyr views adding DXL and Threat Intelligence Exchange as very attractive because “by the time a file [that enters through the Internet] gets to the endpoint, we’ll have scanned it and remediated it.”