Overview

Floodgate™ ePO Agent enables embedded devices to integrate with the McAfee ePO and SIEM management systems allowing them to operate as trusted, managed network elements. The embedded OSes used in IoT and embedded devices don’t support the McAfee agent. The Floodgate Agent is a portable, lightweight alternative enabling integration of embedded device with the McAfee enterprise security management systems. 

The Floodgate ePO agent is designed specifically to run on RTOS-based devices. Floodgate ePO agent supports policy management, event reporting and situational awareness. By adding these capabilities, Operational Technology (OT) devices now operate as standard, managed IT assets. 

ePO Dashboard

Features

  • McAfee ePolicy Orchestrator 4.6, 5.1 support.
  • ePO Policy management plugin.
  • ePO dashboard.
  • ePO event queries.
  • Situational awareness.
  • Command audit log support.
  • Event forwarding to the McAfee ESM Security Information and Event Management System.
  • Floodgate VM proxy architecture  enables a lightweight, portable agent that can be integrated directly into the embedded device.
  • Support for any RTOS including VxWorks, Nucleus, INTEGRITY, RTXC, µC/OS-III and embedded Linux.

Managing OT endpoints with ePO

Operations Technology (OT) endpoints have traditionally been managed using vendor specific management interfaces.  Floodgate ePO Agent brings these devices into the ePO enterprise management process.  Security policies are managed through the ePO and security events and command audit logs are reported back to the ePO.  These are critical capabilities for regulatory compliance and maintaining an audit trail. This blend of IT and OT security management strengthens the security posture of the enterprise.

Floodgate VM architecture

The Floodgate Agent is a portable lightweight agent integrated into the embedded endpoint. This agent can be integrated with any embedded OS. The McAfee Agent and Floodgate Proxy software run on the Floodgate VM and handle all ePO specific communication requirements. 

Floodgate Proxy Architecture

 

About McAfee ePolicy Orchestrator  Software

McAfee ePO software is the industry-leading security and compliance management platform. With its single agent and single-console architecture, ePO software provides intelligent protection that is automated and actionable, enabling organizations to reduce costs and improve threat protection and compliance.

NERC-CIP Compliance

The NERC-CIP Standards place security mandates on endpoint devices.  NERC-CIP 007 specifically requires protection for Cyber Assets within the security perimeter.  To ensure compliance, endpoint devices must implement intrusion detection and prevention, command audit logging, incident alerts, authentication alerts, firmware anti-tamper support and data protection. The Floodgate ePO agent ensures these functions integrate seamlessly with the enterprise asset management system.