Teleworking and Security: IT All Begins with Endpoints. Jim Jessup Solutions Manager, Information Risk Management June 19, 2007

Similar documents
Introducing Next Generation Symantec AntiVirus: Symantec Endpoint Protection. Bernard Laroche Endpoint security Product marketing

Comprehensive Endpoint Security. Chris Quinn Systems Engineer March 24, 2009

Agenda. Today s IT Challenges. Symantec s Collaborative Architecture. Symantec TM Endpoint Management Suite. Connecting Symantec Technologies Today

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

Symantec Network Access Control Starter Edition

Symantec Network Access Control Starter Edition

A Secure Foundation for Your Business. Lauren Duda - Product Marketing Manager March 13th, 2007

Symantec Network Access Control Starter Edition

Data Sheet: Endpoint Security Symantec Network Access Control Starter Edition Simplified endpoint enforcement

Symantec Endpoint Protection

Symantec Endpoint Protection 11.0

Symantec Endpoint Protection

Novell ZENworks Network Access Control

Internet Security Threat Report Volume XIII. Patrick Martin Senior Product Manager Symantec Security Response October, 2008

Symantec Endpoint Protection 14

CA Host-Based Intrusion Prevention System r8

Symantec Client Security. Integrated protection for network and remote clients.

Securing Today s Mobile Workforce

SYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet

Cisco Self Defending Network

Cisco Network Admission Control (NAC) Solution

Symantec Multi-tier Protection

Securing the Empowered Branch with Cisco Network Admission Control. September 2007

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Understanding Network Access Control: What it means for your enterprise

White Paper February McAfee Policy Enforcer. Securing your endpoints for network access with McAfee Policy Enforcer.

Changing face of endpoint security

3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017

Symantec Multi-tier Protection

Reviewer s guide. PureMessage for Windows/Exchange Product tour

GEARS + CounterACT. Advanced Compliance Enforcement for Healthcare. December 16, Presented by:

SYMANTEC DATA CENTER SECURITY

Putting Trust Into The Network Securing Your Network Through Trusted Access Control

Security Assessment Checklist

Symantec Small Business Solutions

Symantec Enterprise Solution Product Guide

McAfee Embedded Control

Symantec Protection Suite Add-On for Hosted Security

Klaudia Bakšová System Engineer Cisco Systems. Cisco Clean Access

SR B25 Symantec.cloud Security Solutions: Expert Insights into , Web, Endpoint and IM Security Best Practices

Securing Your Environment with Dell Client Manager and Symantec Endpoint Protection

SSL VPNs or IPsec VPNs The Challenges of Remote Access. February 2 nd, 2007 Chris Witeck- Director of Product Marketing

Key Features. DATA SHEET

Cybercrime e minacce informatiche: trend emergenti e soluzioni innovative u

Quick Heal AntiVirus Pro Advanced. Protects your computer from viruses, malware, and Internet threats.

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

FIREWALL BEST PRACTICES TO BLOCK

Symantec Endpoint Protection and Management Seminar May 13, 2008

ForeScout CounterACT. Automated Security Control Platform. Network Access Control Mobile Security Endpoint Compliance Threat Prevention

NetDefend Firewall UTM Services

Data Retrieval Firm Boosts Productivity while Protecting Customer Data

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Networks with Cisco NAC Appliance primarily benefit from:

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

CYBER SECURITY. formerly Wick Hill DOCUMENT* PRESENTED BY I nuvias.com/cybersecurity I

WatchGuard Total Security Complete network protection in a single, easy-to-deploy solution.

EM L01 Introduction to Mobile

Building Resilience in a Digital Enterprise

Digital Wind Cyber Security from GE Renewable Energy

: Administration of Symantec Endpoint Protection 14 Exam

McAfee Public Cloud Server Security Suite

Cisco NAC Network Module for Integrated Services Routers

How We Delivered Compliance to a London-based Law Firm. A Network Security Project Case Study.

Securing Your Business Against the Diversifying Targeted Attacks Leonard Sim

Hazardous Endpoints Protecting Your Network From Its Own Devices

for businesses with more than 25 seats

Seqrite Antivirus for Server

Trend Micro Deep Security

Symantec Endpoint Protection 12

Prevx 3.0 v Product Overview - Core Functionality. April, includes overviews of. MyPrevx, Prevx 3.0 Enterprise,

AT&T Endpoint Security

Threat Control and Containment in Intelligent Networks. Philippe Roggeband - Product Manager, Security, Emerging Markets

CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments

Seqrite Endpoint Security

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

A Unified Threat Defense: The Need for Security Convergence

KASPERSKY ENDPOINT SECURITY FOR BUSINESS

Endpoint Protection. ESET Endpoint Antivirus with award winning ESET NOD32 technology delivers superior detection power for your business.

McAfee Embedded Control for Retail

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Quick Heal AntiVirus Pro. Tough on malware, light on your PC.

INSIDE. Integrated Security: Creating the Secure Enterprise. Symantec Enterprise Security

Ryan KS office thesee

for businesses with more than 25 seats

IBM BigFix Compliance

THE SONICWALL CLEAN VPN APPROACH FOR THE MOBILE WORKFORCE

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

CloudSOC and Security.cloud for Microsoft Office 365

Quick Heal AntiVirus for Server. Optimized Antivirus Scanning. Low on Resources. Strong on Technology.

Defense in Depth Security in the Enterprise

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Prevent and Detect Malware with Symantec Advanced Threat Protection: Network

WHITE PAPER: BEST PRACTICES. Sizing and Scalability Recommendations for Symantec Endpoint Protection. Symantec Enterprise Security Solutions Group

Mobile Security Overview Rob Greer, VP Endpoint Management and Mobility Product Management Dave Cole, Sr. Director Consumer Mobile Product Management

BUFFERZONE Advanced Endpoint Security

Symantec Endpoint Protection Integration Component User's Guide. Version 7.0

CIH

IBM Europe, Middle East, and Africa Services Announcement ZS , dated October 6, 2009

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

ForeScout CounterACT Pervasive Network Security Platform Network Access Control Mobile Security Endpoint Compliance Threat Management

Transcription:

Teleworking and Security: IT All Begins with Endpoints Jim Jessup Solutions Manager, Information Risk Management June 19, 2007

Agenda 1 Today s Landscape 2 Trends at the Endpoint 3 Endpoint Security 4 Network Access Control 5 A Complete Enterprise Security Solution Copyright Symantec Corporation 2007 2

Today s landscape New technologies are changing the way we communicate Government agencies see the need to share information across their extended enterprises Agencies are moving towards a mobile workforce: Teleworking, COOP, Remote Access: Traditional perimeter defenses are not enough. New technologies are also introducing new security risks No longer focused on just the device it s about the information and interactions Phishing, ID theft, malicious users and non-compliance are all risks Must keep the threats out, and ensure the information stays inside Internal Threats Such As Data Theft and Data Leakage New Policies and Regulations (FIPS, FISMA, HIPAA etc) change the way we think about security Security Policy and Reporting mandated Adequate Controls Or Evidence Collection Standard Desktop Configuration Required Copyright Symantec Corporation 2007 3

Network Is Continually Exposed Internet Kiosks & Shared Computers Guests WANs & Extranets Consultants Employees Working at Home Wireless Networks Web Applications SSL VPN IPsec VPN Copyright Symantec Corporation 2007 Because of worms and other threats, you can no longer leave your networks open to unscreened devices and users. Protect Your Network with a NAC Process, Gartner ID# G00124992

Symantec Global Intelligence Network 4 Symantec SOCs + 74 Symantec Monitored Countries 40,000+ Registered Sensors + in 180+ Countries + 8 Symantec Security Response Centers 200,000 120 Millions Hundreds malware Systems of security threat of submissions MSS Worldwide reports alerts customers per per 30% month month of World s email Traffic + >6,200 Managed Security Devices + + Advanced Honeypot Network Tokyo, Japan Calgary, Canada San Francisco, CA Redwood City, CA Santa Monica, CA Dublin, Ireland Twyford, England Munich, Germany Taipei, Taiwan Alexandria, VA Pune, India Sydney, Australia Copyright Symantec Corporation 2007 5

It Begins At The Endpoint Compromised and non-compliant endpoints endanger the network and your data Every user accesses the network and the Internet from an endpoint But not all endpoints are protected and compliant For employees, the endpoint may be Company-issued laptop that hasn t had a patch or AV update in two weeks Personal computer desktop or laptop Kiosk computer in an airport, hotel, or office center For guests, the endpoint could be anything, with no ability to know its security health Endpoints are at risk even when not connected to the corporate network How do I ensure that all the nodes on my network are protected and compliant? Copyright Symantec Corporation 2007

Problems at the Endpoint Endpoint management costs are increasing Cost of downtime impacts both productivity and revenue, productivity hit largest in enterprise Costs to acquire, manage and administer point products are increasing, as well as the demand on system resources Complexity is increasing as well Complexity and man power to manage disparate endpoint protection technologies are inefficient and time consuming Growing number of known and unknown threats Number of Zero Day threats Source: Infonetics Research - The Cost of Network Security Attacks: North America 2007 Stealth-based and silent attacks are increasing, so there is a need for antivirus to do much more Copyright Symantec Corporation 2007 7

Causes of Sensitive Data Loss The leading causes of sensitive data loss are: User error Violations of policy Internet threats, attacks and hacks ITPolicyCompliance.com, Taking Action to Protect Sensitive Data, Feb. 2007 Copyright Symantec Corporation 2007 8

Protection From External Malicious Threats Protection Starts At The Endpoint Broad Range Of Client Devices : Laptop, Desktop, Cell Phone Broad Range Of Threats : Virus, Worms, Spyware Crimeware Crimeware Spyware Worm Virus Windows Smartphone Symbian Device Laptop PC Desktop PC Copyright Symantec Corporation 2007 9

Is Endpoint Protection Enough Protection? What Are The Most Common Sources Of Automated Internet Worm Attacks? Employee Laptop 43% Internet Through Firewall 39% Non-Employee Laptop 34% VPN Home System 27% Don t Know 8% Other 8% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50% Source: Enterprise Strategy Group, January 2005 ESG Research Report, Network Security And Intrusion Prevention Copyright Symantec Corporation 2007 10

The Need for Complete Endpoint Security: Endpoint Protection + Endpoint Compliance Protection Viruses Worms ID Theft 1010101 1010101 1010101 Unknown Attacks Compliance Endpoint Security Policy Antivirus On Antivirus Signature Updated Personal Firewall On Service Pack Updated Patch Updated Status Copyright Symantec Corporation 2007 11

Symantec Endpoint Compliance Process Step 1 Endpoint Attaches to Network Configuration Is Determined Step 4 Monitor Endpoint to Ensure Ongoing Compliance IT Policy Step 2 Compliance of Configuration Against Policy Is Checked Step 3 Take Action Based on Outcome of Policy Check Patch Quarantine Virtual Desktop Copyright Symantec Corporation 2007 12

Symantec Network Access Control Ensures endpoints are protected and compliant prior to accessing network resources Choose quarantine, remediation or federated access Enforce policy before access is granted Execute updates, programs, services, etc Limit connection to VLAN, etc Broadest enforcement options of any vendor Remote connectivity (IPSec, SSL VPN) LAN-based, DHCP, Appliance Standards-based, CNAC, MSNAP Copyright Symantec Corporation 2007 13

Symantec On-Demand Protection Layered security technology solution for unmanaged endpoints Thin Client/Server Applications Traditional Client/Server Applications Web-based Applications File Share Ideal for use with: Outlook Web Access (OWA) Web-enabled applications Most complete On-Demand security solution Virtual Desktop Malicious Code Prevention Cache Cleaner Mini personal firewall Host Integrity Adaptive Policies Public Kiosk Traveling Executives Partner Extranet Copyright Symantec Corporation 2007 14

Network Access Control + On-Demand Protection Complete security compliance regardless of network access method Managed Devices: laptops, mobile phones Unmanaged Devices: Guest, contractor, partners, kiosks OWA Kiosk Partner Temp Windows Smartphone Symbian Device Laptop PC Desktop PC Copyright Symantec Corporation 2007 15

Today s Endpoint Problems Addressed by Too Many Technologies Endpoint Exposures Zero-hour attacks, Malware, Trojans, application injection Always on, always up-todate Applications Protection Technology Host integrity & remediation Anti crimeware Slurping, IP theft, malware I/O Devices Device controls Buffer Overflow, process injection, key logging Malware, Rootkits, day-zero vulnerabilities Worms, exploits & attacks Viruses, Trojans, malware & spyware Memory/ Processes Operating System Network Connection Data & File System Buffer overflow & exploit protection O/S Protection Network IPS Client Firewall Antivirus Antispyware Copyright Symantec Corporation 2007 16

even from Symantec Endpoint Exposures Always on, always up-todate Protection Technology Host integrity & remediation Symantec Solution Symantec Network Access Control Zero-hour attacks, Malware, Trojans, application injection Applications Anti crimeware Symantec Confidence Online Slurping, IP theft, malware I/O Devices Device controls Buffer Overflow, process injection, key logging Malware, Rootkits, day-zero vulnerabilities Memory/ Processes Operating System Buffer overflow & exploit protection O/S Protection Symantec Sygate Enterprise Protection Worms, exploits & attacks Network Connection Network IPS Client Firewall Viruses, Trojans, malware & spyware Data & File System Antivirus Antispyware Symantec AntiVirus Copyright Symantec Corporation 2007 17

Ingredients for Endpoint Protection AntiVirus Worlds leading AV solution Most (30) consecutive VB100 Awards Virus Bulletin Feb 2007 Antivirus Copyright Symantec Corporation 2007 18

Ingredients for Endpoint Protection Antispyware Best rootkit detection and removal Raw Disk Scan (VxMS) = superior rootkit protection Antispyware Antivirus Source: Thompson Cyber Security Labs, August 2006 Copyright Symantec Corporation 2007 19

Ingredients for Endpoint Protection Firewall Industry leading endpoint firewall technology Gartner MQ Leader 4 consecutive years Rules based FW can dynamically adjust port settings to block threats from spreading Firewall Antispyware Antivirus Copyright Symantec Corporation 2007 20

Ingredients for Endpoint Protection Intrusion Prevention Intrusion Prevention Combines NIPS (network) and HIPS (host) Generic Exploit Blocking (GEB) one signature to proactively protect against all variants Granular application access control Proactive Threat Scans (SONAR) - Very low (0.002%) false positive rate Firewall No False Alarm 16M Installations Antispyware Antivirus Only 20 False Positives for every 1 Million PC s False Alarms Copyright Symantec Corporation 2007 21

Ingredients for Endpoint Protection Device Control Device Control Intrusion Prevention Prevents data leakage Restrict Access to devices (USB keys, Backup drives) W32.SillyFDC (May 2007) W32.SillyFDC targets removable memory sticks spreads by copying itself onto removable drives such as USB memory sticks Firewall automatically runs when the device is next connected to a computer Antispyware Antivirus Copyright Symantec Corporation 2007 22

Ingredients for Endpoint Compliance Network Access Control Device Control Network Access Control Network access control ready Agent is included, no extra agent deployment Simply license SNAC Server Intrusion Prevention Firewall Antispyware Antivirus Copyright Symantec Corporation 2007 23

Unmatched Protection Symantec Endpoint Protection Secure Simple Seamless Unmatched combination of technologies Much more than antivirus Backed by the industry standard Symantec Global Intelligence Network Single agent Single console Single license Single support program Fits into your network Easily configurable, use only what you need Combines essential Protection and compliance functions Copyright Symantec Corporation 2007 24

For More Information www.symantec.com/endpointsecurity Copyright Symantec Corporation 2007 25

Thank You! www.symantec.com Jim Jessup James_Jessup@Symantec.com Copyright 2007 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Copyright Symantec Corporation 2007 26

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback