Symantec Advanced Threat Protection: Endpoint

Similar documents
Prevent and Detect Malware with Symantec Advanced Threat Protection: Network

Securing Office 365 with Symantec

Symantec Network Access Control Starter Edition

Symantec Network Access Control Starter Edition

CloudSOC and Security.cloud for Microsoft Office 365

Symantec Network Access Control Starter Edition

Data Sheet: Endpoint Security Symantec Network Access Control Starter Edition Simplified endpoint enforcement

Symantec Endpoint Protection

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

Advanced Threat Defense Certification Testing Report. Symantec Corporation Symantec Advanced Threat Protection

Symantec Security Monitoring Services

The Symantec Approach to Defeating Advanced Threats

Symantec VIP Quick Start Guide. Enabling Help Desk. Version 1.0. Author Travis Harmon Symantec. All rights reserved.

Symantec Endpoint Protection 14

Symantec Protection Suite Add-On for Hosted Security

Symantec NetBackup 7 for VMware

Endpoint Security for the Enterprise. Multilayered Defense for the Cloud Generation FAMILY BROCHURE

IT Analytics 7.1 for Altiris IT Management Suite from Symantec

Symantec Secure One Services Program Brief

Symantec Security.cloud

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

IBM Internet Security Systems Proventia Management SiteProtector

Security Analytics Appliances

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Asset Discovery with Symantec Control Compliance Suite WHITE PAPER

Symantec Endpoint Protection

RSA NetWitness Suite Respond in Minutes, Not Months

Building Resilience in a Digital Enterprise

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Symantec Client Security. Integrated protection for network and remote clients.

Administration of Symantec Cyber Security Services (July 2015) Sample Exam

McAfee Advanced Threat Defense

Managed Endpoint Defense

Three Steps to Protect Your Virtual Systems

Symantec Backup Exec 2012

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

Plug-in for VMware vcenter

Evaluation Program for Symantec Mail Security Appliances

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Power of the Threat Detection Trinity

Symantec Ransomware Protection

Securing Your Enterprise in the Cloud. IT executives must be ready to move to the cloud safely

QUICK START: SYMANTEC ENDPOINT PROTECTION FOR AMAZON EC2

Best Practices in Securing a Multicloud World

QUICK START: VERITAS STORAGE FOUNDATION BASIC FOR AMAZON EC2

Symantec Protection Center Getting Started Guide. Version 2.0

SymantecTM Desktop and Laptop Option. Symantec DLO s Storage in Cloud (Amazon Web Services)

SentinelOne Technical Brief

Symantec VIP Quick Start Guide. Helping your users. Version 1.0. Author Maren Peasley Symantec. All rights reserved.

with Advanced Protection

Managed Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts

SYMANTEC DATA CENTER SECURITY

Easy Setup Guide. Cisco FindIT Network Probe. You can easily set up your FindIT Network Probe in this step-by-step guide.

Symantec NetBackup 5200

Seqrite Endpoint Security

NetBackup for vcloud Director

Security by Default: Enabling Transformation Through Cyber Resilience

THE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Traditional Security Solutions Have Reached Their Limit

How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis

Data Sheet: Archiving Altiris Server Management Suite 7.0 Essential server management: Discover, provision, manage, and monitor

WHITE PAPER: BEST PRACTICES. Sizing and Scalability Recommendations for Symantec Endpoint Protection. Symantec Enterprise Security Solutions Group

SIEMLESS THREAT DETECTION FOR AWS

Are we breached? Deloitte's Cyber Threat Hunting

McAfee Network Security Platform 9.1

Endpoint Security and Virtualization. Darren Niller Product Management Director May 2012

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

Feature Focus: Context Analysis Engine. Powering CylanceOPTICS Dynamic Threat Detection and Automated Response

Cisco Identity Services Engine

Infoblox as Part of the Ecosystem

Eliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat

Cisco Stealthwatch Endpoint License

Veritas Cluster Server from Symantec

Symantec Network Security 7100 Series

The business case for end-toend data protection

Automated Threat Management - in Real Time. Vectra Networks

Technical Field Enablement. Symantec Messaging Gateway 10.0 HIGH AVAILABILITY WHITEPAPER. George Maculley. Date published: 5 May 2013

McAfee Network Security Platform

McAfee Network Security Platform 9.1

WHITEPAPER HEALTHCARE S KEY TO DEFEATING CYBERATTACKS

Symantec System Recovery 2013 Management Solution FAQ

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Cisco Network Admission Control (NAC) Solution

Building an Effective Threat Intelligence Capability. Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO

At a Glance: Symantec Security.cloud vs Microsoft O365 E3

Imperva CounterBreach

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Infrastructure Blind Spots Continue to Fuel Personal Data Breaches. Sanjay Raja Lumeta Corporation Lumeta Corporation

Comprehensive Database Security

SymantecTM Desktop and Laptop Option. Symantec DLO s Storage in Cloud (Amazon Web Services)

SIEM Solutions from McAfee

Network Security Platform 8.1

McAfee Network Security Platform 9.2

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

Data Protection for Cisco HyperFlex with Veeam Availability Suite. Solution Overview Cisco Public

Network Security Platform 8.1

McAfee Network Security Platform 8.1

Empower stakeholders with single-pane visibility and insights Enrich firewall security data

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

Transcription:

Symantec Advanced Threat Protection: Endpoint Data Sheet: Advanced Threat Protection The Problem Virtually all of today's advanced persistent threats leverage endpoint systems in order to infiltrate their target organizations, whether by exploiting vulnerabilities, through social engineering, via phishing websites, or some combination of all of these. And once inside the victim's infrastructure, targeted attacks use endpoint systems to traverse the network, steal credentials, and connect with command-and-control servers, all with the goal of compromising the organizations' most critical systems and data. This problem is only growing. In 2014, five out of every six large companies (2,500+ employees) were victims of targeted attacks, and 60% of all targeted attacks were launched against small-and-medium-sized organizations. Today's methods of 1 security are clearly not keeping up, putting organizations of all sizes and in all geographies at risk. The Solution is a new solution to uncover, prioritize, and remediate advanced attacks across all of your endpoints, leveraging existing investments in Symantec Endpoint Protection. With one click of a button, you can search for, discover, and remediate any attack artifacts across all of your endpoint systems. And, if you have Symantec Advanced Threat Protection: Network or Symantec Email Security.cloud, Symantec s Synapse correlation technology will automatically aggregate events across all Symantec-protected control points to prioritize the most critical threats in your organization. Uncover and Prioritize Advanced Attacks Symantec Advanced Threat Protection: Endpoint combines global telemetry from one of the world s largest cyber threat intelligence networks with local customer context across endpoints to uncover attacks that would otherwise evade detection. A security analyst can see all of the endpoint attack components in one place how a threat entered the organization, a list of machines that have the threat, what new files the threat created, what files it downloaded, etc. Analysts can also hunt for any Indicators-of-Compromise by searching every endpoint in the organization. For example, a security analyst can ask the product, Show me every machine that has the file BAD.EXE, or Show me every machine that has registry key X, setting Y, and has connected to website Z.com. And because Symantec Advanced Threat Protection: Endpoint leverages installations of Symantec Endpoint Protection, this can all be accomplished without installing any new endpoint agents. 1. Symantec Internet Security Threat Report, Volume 20, April, 2015 1

Next, Symantec Advanced Threat Protection: Endpoint prioritizes what matters most, allowing security analysts to zero in on just those specific endpoint events of importance. Symantec Cynic Cloud-based Sandboxing and Payload Detonation Service Symantec Advanced Protection: Endpoint customers can submit any suspicious file to Symantec Cynic, an entirely new cloudbased sandboxing and payload detonation service built from the ground up to discover and prioritize today's most complex targeted attacks. Cynic leverages advanced machine learning-based analysis combined with Symantec's global intelligence to detect even the most stealthy and persistent threats. Cynic also provides the customer with the details of a file's capabilities and all of its execution actions, so that all relevant attack components can be quickly remediated. Today, 28 percent of advanced attacks are "virtual machine-aware," 2 that is, they don't reveal their suspicious behaviors when run in typical sandboxing systems. To combat this, Cynic also executes suspicious files on physical hardware to uncover those attacks that would evade detection by traditional sandboxing technologies. Symantec Synapse Correlation Symantec Advanced Protection: Endpoint is part of the full Symantec Advanced Threat Protection offering, which also includes modules for network and email control points. Symantec s new Synapse correlation technology aggregates suspicious activity across all installed control points to quickly identify and prioritize those systems that remain compromised and require immediate remediation. Remediate Fast Once any attack component has been identified as malicious, Advanced Threat Protection: Endpoint remediates fast with a single click of a button, customers can quickly remove and block further execution of any attack components across all endpoints. The product also provides unique visualization of related Indicators-of-Compromise of an attack, including a complete graphical view of how all Indicators-of-Compromise are connected to each other. An analyst can see all files used in a particular attack, all IP addresses where the file was downloaded from, all installed registry keys, etc. The analyst can then remediate any of these attack components as desired across all endpoints, with the click of a button. Leverage Existing Symantec Investments Symantec Advanced Threat Protection: Endpoint leverages and enhances your existing Symantec Endpoint Protection investments and does not require the deployment of any new endpoint agents. In under an hour, customers can deploy a new installation of Symantec Advanced Threat Protection: Endpoint and discover attacks. The product will also export rich intelligence into third-party Security Incident and Event Management Systems (SIEMs), sending data such as computer A downloaded file B.EXE from website C.com, rather than just traditional security data such as virus BAD.EXE detected. In addition, Symantec Advanced Threat Protection: Endpoint can be monitored by Symantec Managed Security Services. A Consolidated View of Attacks Across Endpoints, Networks, and Email Advanced Threat Protection: Endpoint is part of Symantec Advanced Threat Protection, a unified solution to help customers uncover, prioritize, and quickly remediate today s most complex attacks. It combines intelligence from endpoints, networks, and email, as well as Symantec s massive global sensor network, to find threats that evade individual point products, all from a single console. And with one click of a button, Symantec Advanced Threat Protection will search for, discover, and remediate attack components across your organization. All with no new endpoint agents. 2. Symantec Internet Security Threat Report, Volume 20, April, 2015 2

Key Features and Benefits Combines global telemetry from one of the world s largest cyber intelligence networks, with local customer context, to uncover attacks that would otherwise evade detection With one click of a button, search for, discover, and remediate any artifacts across all endpoints in your organization. Leverages existing Symantec Endpoint Protection installations, requires no new endpoint agents Integrates with Symantec Advanced Threat Protection: Network, Symantec Email Security.cloud, and Symantec Advanced Threat Protection: Email, for complete cross-control point visibility and remediation of advanced attacks. Optimize Security,, Minimize Risk,, Maximize Return with Symantec Services Access Symantec s most experienced security experts who can provide Advanced Threat Protection training, proactive planning and risk management as well as deployment, configuration and assessment solutions for your enterprise. To learn more, visit our Services Page at: http://go.symantec.com/services 3

System Requirements Browser Clients for the UI Microsoft Internet Explorer 11 or later Mozilla Firefox 26 or later Google Chrome 32 or later Virtual Appliance Deployment VMware ESXi 5.5, 6.0 Intel virtualization technology enabled Virtual Machine (VM) Requirements Four CPUs (physical or logical) At least 32 GB memory At least 500 GB disk space VMFS-5 datastore; or VMFS-3 with a minimum 2 MB block size Physical Appliance Deployment Appliance Model 8840 Appliance Model 8880 Form Factor 1U Rack Mount 2U Rack Mount CPU Single, Intel Xeon Six-core 2 x 12 core Intel Xeon Memory 32 GB 96 GB Hard Drive 1 x 1TB drive RAID 5 4 x 300GB Power Supply Non-redundant PSU 2 x 750W Redundant power supply Network Interface Cards Four Gigabit Ethernet ports: 1 WAN / LAN pair 1 Management port 1 Monitor port Four 10Gigabit Ethernet ports Two 1Gigabit Ethernet ports 2 WAN / LAN pairs (10Gigabit) 1 Management port (1Gigabit) 1 Monitor port (1Gigabit) 4

More Information Visit our website http://www.symantec.com/advanced-threat-protection To speak with a Product Specialist in the U.S. Call toll-free 1 (800) 745 6054 To speak with a Product Specialist outside the U.S. For specific country offices and contact numbers, please visit our website. About Symantec Symantec Corporation (NASDAQ: SYMC) is the global leader in cybersecurity. Operating one of the world s largest cyber intelligence networks, we see more threats, and protect more customers from the next generation of attacks. We help companies, governments and individuals secure their most important data wherever it lives. To learn more go to www.symantec.com or connect with Symantec at: go.symantec.com/socialmedia. Symantec World Headquarters 350 Ellis St. Mountain View, CA 94043 USA +1 (650) 527 8000 1 (800) 721 3934 www.symantec.com Copyright 2015 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 21356813-3 12/15 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback