KASPERSKY ENDPOINT SECURITY FOR BUSINESS 1
WHAT WE SEE TODAY 325,000 New Endpoint Threats per day Targeted attacks and malware campaigns Threat reports Continued Exploitation of Vulnerabilities in 3rd party software Cyber Incidents Investigatio n Exponential growth of mobile malware Increased Threats to Mac machines 2
WHAT IS NEEDED TO SECURE YOUR BUSINESS? A comprehensive security platform that leverages all three Multi-layered protection against know, unknown and advanced threats Security Intelligence Innovative Technology 3
MULTI-LAYERED PROTECTION The best security foundation possible Kaspersky Lab s industry-leading protection against known, unknown and advanced threats KNOWN Powerful multi-layered protection from all forms of cyber-threat HIPS and Personal Firewall UNKNOWN System watcher Automatic Exploit Prevention Cloud-based protection ADVANCED Heuristic scanning Signature-based protection 4
Known Threats HIPS & Firewall (network traffic) URL Filtering (web traffic) Anti-Spam (email traffic) Anti-Phishing (email traffic) Blacklisting Unknown Threats Heuristics Whitelisting App Control Advanced Threats BSS AEP Systems Watcher KASPERSKY LAB MULTI-LAYERED SECURITY Kaspersky Security Network 70% 29% 1% 6
POWERED BY GLOBAL INTELLIGENCE NETWORK KASPERSKY SECURITY NETWORK Global cloud network - threat related information from 60 million+ users KASPERSKY SECURITYNETWORK Global security intelligence Continuously feeds new data to protection components KASPERSKY GLOBAL USERS 56
MOST TESTED. MOST AWARDED. KASPERSKY LAB PROTECTION.* 100% 80% 60% Score of TOP 3 places In 2015 Kaspersky Lab products participated in 94 independent tests and reviews. Our products were awarded 60 firsts and achieved 77 top-three finishes. Avira ESET Bitdefender Kaspersky Lab 1st places 60 Participation in 94 tests/reviews TOP 3 = 82% 40% Sophos Symantec Quick Heal Avast BullGuard 20% AVG Trend Micro Panda Security G DATA F-Secure Intel Security (McAfee) Microsoft N of independent tests/reviews 0% 20 40 60 80 100 * Notes: According to summary results of independent tests in 2015 for corporate, consumer and mobile products. Summary includes independent tests conducted by : AV-Comparatives, AV- Test, Dennis Technology Labs, MRG Effitas, NSS Labs, PC Security Labs, VirusBulletin. Tests performed in these programs assess all protection technologies against known, unknown and advanced threats. The size of the bubble reflects the number of 1st places achieved. 8
Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS
IN DETAIL TOTAL Collaboration Mail Internet Gateway ADVANCED Vulnerability Assessment & Patch Management Inventories & License Control Software Distribution OS deployment SIEM integration Data Encryption SELECT Mobile Security Mobile Device Management File Server Security Mobile Application Management Kaspersky Security Center Application Control Device Control Web Control CORE Anti-Malware + Firewall Cloud-enabled via the Kaspersky Security Network (KSN) Endpoint Management Infrastructure 10
KASPERSKY ENDPOINT SECURITY FOR BUSINESS Endpoint security technologies built into this single platform include: All managed through a single management console: Kaspersky Security Center SYSTEMS MANAGEMENT Vulnerability detection & patch management plus extended client management capabilities Including SIEM support ANTI-MALWARE protection against known, unknown and advanced threats DATA ENCRYPTION fully integrated data protection Including 2-stage authentification KASPERSKY SECURITY CENTER Including RBAC ENDPOINT CONTROL TOOLS application, device And web controls Including Default Deny test environment 11 MOBILE SECURITY smartphone and tablet security and management Including self-service portal and web console
KASPERSKY SECURITY CENTER ENTERPRISE MODE Optional Role-Based Access Control (RBAC) for larger IT Departments with distributed management responsibilities Kaspersky Security Centre Kaspersky Endpoint Security for Business. All tiers Single IT Administrator Kaspersky Endpoint Security for Business. Advanced tier Kaspersky Endpoint Security for Business. Advanced Business tier Data Protection Management Patch Management Mobile Endpoint Management Workstation Security and Control 12
KASPERSKY ENDPOINT SECURITY FOR BUSINESS - SELECT Also includes: Application, Web and Device controls Kaspersky security for mobile
ENDPOINT CONTROL DEVICE CONTROL WEB CONTROL APPLICATION CONTROL WITH DYNAMIC WHITELISTING 14
KASPERSKY SECURITY FOR MOBILE Proactive security, management and control for mobile endpoints Mobile Security Multilayered anti-malware Web Protection Rooting/Jailbreak detection Mobile Device Management Exchange ActiveSync ios MDM Samsung KNOX Mobile Application Management App Wrapping App Control Selective Wipe Anti-Theft Lock/Wipe Locate/Alarm/ Mugshot SIM Watch Self-Service Portal BYOD enablement Certificate delivery Anti-Theft Centralized Management All major mobile platforms Other IT security areas Web Console 15
Self-Service Portal A FULLY INTEGRATED MOBILITY SOLUTION Security for Mobile, Desktop and Virtual Endpoints are managed together through a single console 16
KASPERSKY ENDPOINT SECURITY FOR BUSINESS - ADVANCED Also includes: Data encryption Kaspersky systems management
DATA ENCRYPTION Simple Administration Complex Capabilities POWERFUL DATA ENCRYPTION File/folder (FLE) Full disk (FDE) RICH UNPARALLELED INTEGRATION WITH CONTROL TOOLS Application controls Device controls OPTIMIZED FOR MINIMAL END-USER IMPACT Transparent/single sign-on Minimized footprint FLEXIBLE AUTHENTICATION Pre-boot authentication Non-qwerty keyboards 2-factor authentication via tokens or smart cards STREAMLINED ADMINISTRATION Easy password recovery Remote management 18
KASPERSKY SYSTEMS MANAGEMENT Enhance security and manage complexity VULNERABILITY ASSESSMENT AND PATCH MANAGEMENT Vulnerability detection & prioritization Distribution of patches & updates Patch delivery status reports INVENTORIES LICENSE & Hardware CONTROL & software inventories License management & compliance Guest device policies SOFTWARE DISTRIBUTION Multicast technology supported Policies for automatic distribution Optional after-hours deployment OPERATING SYSTEMS DEPLOYMENT Easy image creation & deployment Wake-on-LAN support Post-installation editing support SIEM INTEGRATION HP ArcSight & IBM QRadar Enterprise-level reporting Improved IT security CENTRALIZED MANAGEMENT Remote troubleshooting Role-Based Access Control Control of all IT security areas across the corporate network 19
ENDPOINT SOFTWARE LIFECYCLE MANAGEMENT GOLDEN IMAGES REPORTING INVENTORIES PATCH/UPDATE INSTALLATION OS DEPLOYMENT PATCH/UPDATE DISTRIBUTION APPLICATION VULNERABILITY DETECTION 20 VULNERABILITY PRIORITIZATION
KASPERSKY TOTAL SECURITY FOR BUSINESS Also includes: Security for mail servers Security for web gateways Security for collaboration servers
KASPERSKY TOTAL SECURITY FOR BUSINESS Comprehensive infrastructure protection beyond the endpoint Security for Mail Server Kaspersky Security for Linux Mail Server Kaspersky Security for Microsoft Exchange Servers Kaspersky Anti-Virus for Lotus Notes/Domino Security for Internet Gateway Kaspersky Anti-Virus for Proxy Server Kaspersky Anti-Virus for Microsoft ISA Server and Forefront TMG Security for Collaboration Kaspersky Security for Microsoft SharePoint Server 22
KASPERSKY ENDPOINT SECURITY FOR BUSINESS Progressive, feature-rich tiers ANTI-MALWARE APP, DEVICE, WEB CONTROL MOBILE SECURITY DATA ENCRYPTION SYSTEMS MANAGEMENT MAIL, WEB AND COLLABORATION Kaspersky Endpoint Security For Business. TOTAL Kaspersky Endpoint Security For Business. ADVANCED Kaspersky Endpoint Security For Business. SELECT Kaspersky Endpoint Security For Business. CORE 23
TARGETED SOLUTIONS File Servers Systems Management Mobile Mail Servers Virtualization Collaboration Storage Internet Gateways KASPERSKY Security FOR VIRTUALIZATION 24
SECURITY IN VIRTUAL ENVIRONMENTS: TRUE OR FALSE?? FALSE VIRTUAL ENVIRONMENTS ARE MORE SECURE THAN PHYSICAL ENVIRONMENTS A MALWARE ATTACK DOESN T DISTINGUISH BETWEEN PHYSICAL AND VIRTUAL PC S.? FALSE CYBERCRIMINALS DON T SPECIFICALLY TARGET VIRTUAL MACHINES MORCUT (AKA CRISIS), THE FIRST TROJAN SPECIFICALLY TARGETING AND MOUNTING ITSELF TO VIRTUAL MACHINES,WAS IDENTIFIED IN 2012 25? FALSE MALWARE CAN T SURVIVE THE DECOMMISSIONING OF NON-PERSISTENT VIRTUAL MACHINES RESIDENT MALWARE CAN. SOME MALWARE (KIDO, CONFICKER) CAN JUMP FROM VM TO VM, AND FROM HOST TO HOST.
VIRTUAL SECURITY UNDERSTANDING THE OPTIONS NO SECURITY NOT AN OPTION! TRADITIONAL (Agent-Based) GREAT PROTECTION /INEFFICIENT IMPLEMENTATION AGENTLESS EASY TO DEPLOY/MANAG E FOR VMWARE LIGHT AGENT FEATURE-RICH SECURITY 26
TRADITIONAL, AGENT-BASED SECURITY A full version of security software is loaded on each virtual machine Inefficient Resource Use: Redundant full agents Redundant Signature Databases Results in: Excessive resource consumption Update storms Instant-on gaps Lower VM densities Denotes an instance of security software 27
28 AGENTLESS SECURITY One Security Virtual Appliance per host performs malware scanning Efficient: Installed and operational in under an hour No re-boot or maintenance mode required Eliminates: Excessive resource consumption Update and scan storms Instant-on gaps Results in: Higher VM Densities
29 LIGHT AGENT SECURITY A Security Virtual Appliance plus a lightweight security agent on each VM Includes advanced security features: Vulnerability monitoring Application control Web control Device control Advanced heuristics Protection for IM, mail and web traffic Eliminates: Excessive resource consumption Update and scan storms Instant-on gaps
Ransomwares
31
32 VIRUS WORM TROJAN
33 TROJAN
Misleading Applications Rogue/Fake Antivirus Locker Ransomware Crypto Ransomware 2008-2014 2010-2014 2013-34
Crypto-Ransomware (Targets) OS Disk Local Disk(s) Connected Device(s) (USB) (e.g. Backup Disk) Mapped Network Drive(s) (e.g. NAS / File Servers) Other Accessible Folders / Shared Local Network (e.g. NAS / File Servers) Dropbox OneDrive 35