Cloud Workload Protection Integration
McAfee Cloud Workload Protection (CWP) works with MVISION Cloud and MVISION ePO to provide endpoint security to protect against threats like malware, ransomware, and targeted attacks for Amazon Web Services and Microsoft Azure. For details, see About Cloud Workload Protection.
New MVISION Cloud Login
To provide a more consistent experience for McAfee customers across products, MVISION Cloud will now use McAfee's service to authenticate logins. This means the login URL for MVISION Cloud will change from https://www.myshn.net/ to McAfee's https://auth.ui.mcafee.com/. Your credentials remain the same. Migrating tenants from the existing authentication to McAfee's Identity and Access Management (IAM) service is being done in a phased manner. For details, see About MVISION Cloud Login Migration.
New MVISION Cloud Charts
Charts have been updated throughout MVISION Cloud to better envision your data. Changes include:
MVISION Cloud for Unified Cloud Edge
Unified Cloud Edge 1.0 is the first release of McAfee® Web Gateway Cloud Service (McAfee® WGCS) on McAfee® MVISION Cloud, combining McAfee® CASB and McAfee® Web Protection functionality on one management platform. As the cloud component of Web Protection, McAfee WGCS scans and filters web traffic between your users and the cloud, blocks traffic that is not allowed by the policy you configure, and protects users working inside or outside your network.
McAfee WGCS on MVISION Cloud has the same functionality as it has on the McAfee® ePolicy Orchestrator® Cloud (McAfee® ePOTM Cloud) management platform. Functions include URL filtering based on risk levels determined by McAfee® Global Threat IntelligenceTM (McAfee GTI) and behavioral analysis and threat detection provided by the Gateway Anti-Malware engine. As before, there is no required hardware or software to install.
All McAfee WGCS configuration is done in MVISION Cloud, providing an enhanced policy management interface with more fine-grained control through the rule sets, lists, and settings that you configure.
The first release of McAfee WGCS on MVISION Cloud does not support policy migration for existing customers who use McAfee WGCS alone or use McAfee WGCS with McAfee® Web Gateway in a hybrid deployment.
MVISION Cloud for Microsoft Teams
MVISION Cloud for Microsoft Teams allows Security Operations Center (SOC) Admins to monitor user activity in Teams, enforce DLP policies to make sure that sensitive data violating regulatory and internal compliance policies are not posted in the form of messages or files, and review threats detected by the MVISION Cloud User and Entity Behavior Analytics (UEBA) and machine learning algorithms. For details, see MVISION Cloud for Microsoft Teams.
The IaaS Dashboard provides a summary of the IaaS data you care about at a glance using cards, which are based on Saved Views. The IaaS Dashboard supports the IaaS services you have configured, including Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). This replaces the AWS Dashboard. For details, see About the Iaas Dashboard.
Docker Runtime for ECS and EKS
The Docker runtime scan is added for ECS and EKS, and new permissions must be added to both ECS and EKS configurations. Also, to enable the Docker runtime in ECS and EKS, install the AWS Systems Manager (SSM) agent in the EC2 instance (host) of a particular ECS or EKS cluster. For details, see Configure MVISION Container Security.
Google Kubernetes Engine (GKE) for Container Security
Container Vulnerability Scan
Similar to the On-Demand Scans, Container Vulnerability Scan is another feature under the IaaS that lets you scan images in the CSP registries. It scans all the specified images against a known list of vulnerabilities and creates an incident for each image against which the vulnerabilities are found. For configuration instructions, see Container Vulnerability Scan.
NRT Configuration Audit Manual Setup
The Near Real-Time (NRT) configuration audit for AWS is an automated process where you must provide the required permissions to the MVISION Cloud to configure an automated NRT setup. But now, you don't have to provide permissions to MVISION Cloud, you can use manual configuration. For details, see NRT Configuration Audit Manual Setup.
Auto-Remediation of Google Cloud Platform (GCP)
Auto-remediation is a triggered response to a policy violation. It is an automated approach to security, applying the appropriate response to a vulnerability in your GCP deployment. For details, see Auto-Remediation of Google Cloud Platform (GCP).
NRT DLP and Malware Scan for AWS S3
MVISION Cloud provides Near Real-Time (NRT) DLP and Malware scan for AWS S3 buckets. This feature significantly reduces time to find new DLP and Malware violations in S3 buckets by detecting any activities happening in S3 buckets and evaluating DLP and Malware policies. For details, see Near Real Time DLP and Malware for AWS S3.
CVE ID Details Displayed in the Cloud Registry Service Details
In the Cloud Registry Service Details page, the Service Risk Management attribute Published CVE Vulnerability now displays the CVE ID if the value is Yes. For details, see Service Risk Management.
Shift Left Inline - Support for Bitbucket Pipelines and AWS CI/CD services
We are providing steps on how to integrate MVISION Cloud Shift-left inline APIs with Atlassian's Bitbucket Pipelines and AWS CI/CD services (CodeCommit and CodeBuild). For details, see Shift Left Inline Support for Bitbucket Pipelines and AWS.
McAfee MVISION now supports ServiceNow Orlando Q1 2020
MVISION Cloud now supports ServiceNow Orlando Q1 2020. To view the list of all supported versions, see Supported Versions of Structured Apps.