1) Next-generation endpoint security solutions from Intel and McAfee use hardware-assisted security beyond the operating system to detect and remove advanced, hidden threats like rootkits in real time. 2) McAfee Deep Defender utilizes Intel Core vPro processors and DeepSAFE technology to provide kernel-level monitoring and block stealthy attacks that evade traditional OS-based security. 3) McAfee ePO Deep Command enhances security management by leveraging Intel Core vPro capabilities to remotely control powered-off endpoints, perform remediation, and easily manage mobile PCs.

1. Preventing Stealthy Threats with
Next-Generation Endpoint Security
Intel and McAfee

2. Pervasive Stealth Techniques
Threats at work below the operating system
2

3. Unfair Advantage: Rootkits
1,200 Detected Daily; 110,000 per Quarter*
Designed to evade traditional OS-based security
Software to provide privileged access while hiding
Designed to avoid detection (“slow and low”)
Used in advanced persistent threats (APTs) to steal data
Kernel-mode rootkits are most difficult to detect
3 *Source: McAfee Labs (Q1 2012).

4. Greater Opportunities for Attack
 Larger “attack surface”
of devices, data,
applications, systems
 Interconnected, global
networks for
large-scale attacks
 Increased risks from IT
consumerization (bring
your own device, mobile)
and computing trends
(virtualization, cloud)
4

5. Malware Life Cycle
Primary contact sources:
 E-mail
 Social media
 Physical connection
 Malicious web sites
 Thumb drives
5

6. Potential Damage to Endpoints
 Take over and set up a botnet that is controlled by a hijacker
to send spam, launch distributed denial-of-service attacks,
steal data, or rent to other cybercriminals
 Propagate threats to spread infection to multiple endpoints
 Tamper with files, browser settings, or database information
 Install adware, scareware, or ransomware that attempts
to force users to purchase a remedy
 Steal and sell passwords, user names, employee data,
or confidential company/customer information
6

7. Prevent Stealthy Threats:
Next-Generation Security from Intel and McAfee
Stopping these stealthy threats from entering your systems
is the most effective solution
The industry’s first proactive security approach
Combines world-class processor technology with leading
security software for an integrated security solution
Designed to help stay ahead of crimeware innovation,
from PCs and mobile devices to industrial controls and
other intelligent clients
7

8. McAfee* Deep Defender*
Hardware-Assisted Security
Prevent Threats in Real Time
McAfee* Deep Defender* hardware-assisted security based
on Intel® Core™ vPro™ processors stops advanced stealth
attacks in real time with McAfee
DeepSAFE* technology.
Unlike traditional security solutions, Deep Defender operates
beyond the operating system to provide real-time kernel
monitoring to reveal and remove advanced, hidden attacks.
8

9. McAfee DeepSAFE* Technology:
Beyond the Operating System
Technology by McAfee and Intel
Industry’s first hardware-
assisted security platform
New vantage point on security
Technology foundation for
future products
9

10. A Closer Look at the Cridex Worm
Hardware-Assisted Security Blocks the Cridex Worm
in Real Time
A two-step threat:
1 Bot Trojan opens the back door on a compromised PC,
and then installs the Necurs rootkit to prevent
traditional security tools from reading its binaries
2 Takes control of the victim’s computer and allows it to
collect data and make fraudulent transactions by
manipulating legitimate bank web pages
10

11. McAfee ePO* Deep Command*
Security Management
Enhance Endpoint Security
McAfee* ePolicy Orchestrator* (McAfee ePO*) Deep
Command* security management leverages the capabilities
in the Intel® Core™ vPro™ processor to reduce security
operations costs while enhancing your security posture.
 Control powered-off endpoints for security updates
 Perform remote remediation of security issues
 Easily manage mobile PCs
11

12. Proactive Security
Technology by McAfee and Intel
Security management at the hardware level*
Stay ahead of security policies
Reduce operations costs and improve help-desk efficiencies
*No computer system can provide absolute security under all conditions. Built-in security features available on
12 select Intel® Core™ processors may require additional software, hardware, services, and/or an Internet
connection. Results may vary depending upon configuration. Consult your PC manufacturer for more details.

13. Intel® Core™ vPro™ Capabilities*
*Intel vPro technology is sophisticated and requires setup and activation. Availability of features and results
13 will depend upon the setup and configuration of your hardware, software, and IT environment. To learn
more, visit intel.com/technology/vpro.

14.  Read the planning guide,
Preventing Stealthy Threats with
Next-Generation Endpoint Security
 Find out more about Intel and
McAfee security solutions designed
to block attacks beyond the
operating system

15. Legal Disclaimers
The information in this document is provided only for educational purposes and for the convenience of McAfee and Intel customers. The information contained
herein is subject to change without notice, and is provided “AS IS” without guarantee or warranty as to the accuracy or applicability of the information to any
specific situation or circumstance.
Intel® vPro™ technology is sophisticated and requires setup and configuration. Availability of features and results will depend upon the setup and configuration
of your hardware, software, and IT environment. To learn more about the breadth of security features, visit intel.com/technology/vpro.
No computer system can provide absolute security under all conditions. Built-in security features available on select Intel® Core™ processors may require
additional software, hardware, services, and/or an Internet connection. Results may vary depending upon configuration. Consult your PC manufacturer for
more details.
Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as
SYSmark* and MobileMark*, are measured using specific computer systems, components, software, operations, and functions. Any change to any of those
factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated
purchases, including the performance of that product when combined with other products.
This presentation is for informational purposes only. THIS DOCUMENT IS PROVIDED “AS IS” WITH NO WARRANTIES WHATSOEVER, INCLUDING ANY
WARRANTY OF MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR ANY PARTICULAR PURPOSE, OR ANY WARRANTY OTHERWISE ARISING OUT OF ANY
PROPOSAL, SPECIFICATION, OR SAMPLE. Intel disclaims all liability, including liability for infringement of any property rights, relating to use of this
information. No license, express or implied, by estoppel or otherwise, to any intellectual property rights is granted herein.
Copyright © 2012 Intel Corporation. All rights reserved. Intel, the Intel logo, Intel Core, Intel Inside, Intel Sponsors of Tomorrow., the Intel Sponsors of
Tomorrow. logo, and Intel vPro are trademarks of Intel Corporation in the U.S. and/or other countries.
McAfee, the McAfee logo, McAfee DeepSAFE, McAfee ePO, Deep Command, Deep Defender, and ePolicy Orchestrator are trademarks or registered trademarks of
McAfee, Inc., in the United States and other countries.
*Other names and brands may be claimed as the property of others.
15