INSIDE. Integrated Security: Creating the Secure Enterprise. Symantec Enterprise Security

Similar documents
Symantec Client Security. Integrated protection for network and remote clients.

INSIDE. Symantec AntiVirus for Microsoft Internet Security and Acceleration (ISA) Server. Enhanced virus protection for Web and SMTP traffic

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Choosing the Right Security Assessment

An ICS Whitepaper Choosing the Right Security Assessment

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Data Sheet: Endpoint Security Symantec Network Access Control Starter Edition Simplified endpoint enforcement

Symantec Business Continuity Solutions for Operational Risk Management

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

SYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet

Cisco ASA 5500 Series IPS Edition for the Enterprise

Symantec Network Access Control Starter Edition

Choosing the Right Solution for Strategic Deployment of Encryption

Symantec Network Access Control Starter Edition

Symantec Security Monitoring Services

The Honest Advantage

Symantec Network Access Control Starter Edition

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Securing Today s Mobile Workforce

align security instill confidence

CA Security Management

INSIDE. Overview of Intelligent Message Filter Integration. Symantec Enterprise Security

Symantec Data Center Transformation

Disaster Recovery Is A Business Strategy

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

Security in India: Enabling a New Connected Era

Achieving End-to-End Security in the Internet of Things (IoT)

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Symantec Network Security 7100 Series

Exam : Title : ASAM Advanced Security for Account Managers Exam. Version : Demo

Best Practices in Securing a Multicloud World

Symantec Small Business Solutions

2015 VORMETRIC INSIDER THREAT REPORT

Management of IT Infrastructure Security by Establishing Separate Functional Area with Spiral Security Model

Using Threat Analytics to Protect Privileged Access and Prevent Breaches

Cyber Risks in the Boardroom Conference

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

THE IMPLICATIONS OF PERFORMANCE, SECURITY, AND RESOURCE CONSTRAINTS IN DIGITAL TRANSFORMATION

Build Your Zero Trust Security Strategy With Microsegmentation

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Continuous protection to reduce risk and maintain production availability

Office 365 Buyers Guide: Best Practices for Securing Office 365

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Symantec Enterprise Support Services Manage IT Risk. Maximize IT Performance.

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Teradata and Protegrity High-Value Protection for High-Value Data

FOR FINANCIAL SERVICES ORGANIZATIONS

ABB Process Automation, September 2014

Management Information Systems (MMBA 6110-SP) Research Paper: Internet Security. Michael S. Pallos April 3, 2002

Combating Cyber Risk in the Supply Chain

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

McAfee Public Cloud Server Security Suite

Challenges and. Opportunities. MSPs are Facing in Security

Trusted Computing Group

Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank

Deployment of security devices can result in significant financial savings from reduction or redirection of IT staff resources needed to deploy,

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

THE CYBER SECURITY PLAYBOOKECTOR SHOULD KNOW BEFPRE, DURING & AFTER WHAT EVERY DIRECTOR SHOULD KNOW BEFORE, DURING AND AFTER AN ATTACK

IBM Cloud Internet Services: Optimizing security to protect your web applications

SteelGate Overview. Manage perimeter security and network traffic to ensure operational efficiency, and optimal Quality of Service (QoS)

Addressing the elephant in the operating room: a look at medical device security programs

Symantec Data Center Migration Service

Governance Ideas Exchange

Management Information Systems. B15. Managing Information Resources and IT Security

HP Fortify Software Security Center

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

Cyber Threat Landscape April 2013

Symantec Endpoint Protection

Cisco Self Defending Network

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

Comprehensive Database Security

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

The threat landscape is constantly

THE ACCENTURE CYBER DEFENSE SOLUTION

TRUE SECURITY-AS-A-SERVICE

HP Security Solutions for business PCs. Comprehensive protection measures so you can work smarter and with greater confidence.

THE STATE OF MEDIA SECURITY HOW MEDIA COMPANIES ARE SECURING THEIR ONLINE PROPERTIES

Securing Information Systems

DDoS MITIGATION BEST PRACTICES

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS

Automated, Real-Time Risk Analysis & Remediation

Securing the Empowered Branch with Cisco Network Admission Control. September 2007

The McGill University Health Centre (MUHC)

Securing Your Microsoft Azure Virtual Networks

HEALTH CARE AND CYBER SECURITY:

The Top 6 WAF Essentials to Achieve Application Security Efficacy

Safeguarding company from cyber-crimes and other technology scams ASSOCHAM

Cisco Adaptive Wireless Intrusion Prevention System: Protecting Information in Motion

The State of Cybersecurity and Digital Trust 2016

NETWORK THREATS DEMAN

Cyber Espionage A proactive approach to cyber security

10 ways to securely optimize your network. Integrate WAN acceleration with next-gen firewalls to enhance performance, security and control

PORTFOLIO OVERVIEW. Security. A Comprehensive Set of Security Services for Today s Complex Cyber Security Needs. Portfolio Overview.

Paper. Delivering Strong Security in a Hyperconverged Data Center Environment

The case for cloud-based data backup

Securing Devices in the Internet of Things

Securing the Virtualized Environment: Meeting a New Class of Challenges with Check Point Security Gateway Virtual Edition

SECURING DEVICES IN THE INTERNET OF THINGS

Transcription:

Symantec Enterprise Security WHITE PAPER Integrated Security: Creating the Secure Enterprise INSIDE Evolving IT and business environments The impact of network attacks on business The logical solution

Contents Executive summary........................................................3 Evolving IT and business environments........................................ 4 Types of network attacks....................................................4 The impact of network attacks on business..................................... 5 Current security solutions...................................................6 The logical solution: integrated security....................................... 6 Benefits of integrated security............................................... 7 Operational efficiency of security functions............................... 7 Minimized impact of attacks on business................................. 7 Features of integrated security............................................... 7 The future of integrated security............................................. 7 References.............................................................. 8

Executive summary As organizations become more dependent on their networks for business transactions, external data sharing, and simple day-to-day communications, the need increases for these networks to be more accessible and operational. But as accessibility to the network becomes easier, so does gaining access to the critical data they are storing. The challenge is to ensure that the right people gain access and the wrong people do not, making the role of information security even more critical to enabling today s businesses. Yet, current security solutions are typically comprised of multiple point products, resulting in a lack of interoperability, manageability, and a higher cost of ownership. The concept of integrated security is emerging as an effective approach to address the new challenges facing e-businesses. This method combines multiple security technologies with policy compliance, customer management, service and support, and advanced research for complete protection. By adopting a comprehensive strategy that holistically addresses security at each tier of the network (i.e., client, server, and gateway), organizations are able to reduce costs, improve manageability, enhance performance, tighten security, and reduce risk of exposure. An integrated security approach offers the most effective security posture at the optimal cost-benefit ratio, compared to multiple point product security implementations. This paper provides an overview of the key drivers behind this shift toward integrated security, including the growing sophistication of network attacks; summarizes the business impact of attacks on networks that are not employing integrated security; and describes the key elements and benefits of an integrated security solution.

Evolving IT and business environments The ability to have open communications and collaborations among company stakeholders, including customers, employees, suppliers, partners, contractors, and telecommuters is required in an enterprise network environment. The gateway, server, and client layers of the network are interconnected to meet the needs of the hyper-connected firm. This means that business-critical information resides at multiple levels in the internal network, each of which requires its own protection. While IT personnel have traditionally focused on centralized security at the data-center level, they now have to address the ever-expanding definition of the network reach and corresponding security requirements. At the same time, threats to the network have become increasingly sophisticated. Advanced attacks employ multiple methods to propagate, as well as discover and exploit, network vulnerabilities. Although information security is not a core competency of most organizations, it is clearly a requirement for transacting online business. Security thus becomes a key business enabler, not simply an IT option. For this reason, information security is receiving a growing amount of scrutiny from higher-level executives, such as CIOs, who are interested in how security will assist the enterprise in achieving business goals, not necessarily how the technology works. From a security standpoint, executive goals include the following: Implementing solutions that ensure openly robust, yet secure network infrastructures to protect information assets and to ensure business continuity Keeping pace with the changing requirements of e-business (e.g., high network availability, data integrity, and privacy) and the corresponding security threats Meeting logging, reporting, auditing, and compliance requirements Facing these challenges with limited resources at lower cost Selecting solutions that maximize employee productivity, including that of the IT department (e.g., ease of security solution administration and management) Types of network attacks Many types of network attacks exist, each with its own varying degree of impact. Common types of threats include: MALICIOUS CODE ATTACKS These types of attacks, capable of damaging or compromising the security of individual computers as well as entire networks, are usually viruses, worms, and Trojan horses that hide within files or programming code only to self-replicate, self-propagate, or be spread by unknowing computer users DENIAL-OF-SERVICE (DOS) ATTACKS Capable of disabling a single computer or entire networks, DoS attacks are explicit hacker attempts with the sole intention of keeping legitimate users of a network from using that service and/or to disrupt normal business operations. Examples include attempts to flood a network, thereby blocking legitimate network traffic, and attempts to disrupt connections between two machines, thus preventing access to a service. 4

UNAUTHORIZED ACCESS: INTERNAL AND EXTERNAL HACKING A hacker is someone who is able to gain access and control over computers, information, and technology without proper authority. By exploiting security vulnerabilities in an organization s network, a hacker can gain access to important network or data resources for purposes of removal, duplication, or even destruction of proprietary assets. Whether the culprit is a disgruntled employee, contractor, or anonymous outsider, the invasion can lead to company downtime, cleanup costs, and/or the often unrecoverable cost of stolen proprietary data. BLENDED THREATS These threats combine the characteristics of viruses, worms, Trojan horses, and/or malicious code with server and Internet vulnerabilities to initiate, transmit, and spread an attack. By utilizing multiple methods of attack and self-propagation, blended threats can spread rapidly and cause widespread damage. Blended threats, such as Nimda and CodeRed, are designed to exploit the vulnerabilities of security technologies working independently from one another. The impact of network attacks on business Network attacks range from easy-to-quantify consequences such as interrupted business operations, to losses that are difficult to calculate (e.g. damaged brand equity). Other consequences of network attacks may include: INTERRUPTION OF BUSINESS OPERATIONS Downtime due to an attack results in lost productivity and revenues, and the costs associated with restoring a hacked network can increase the overall financial impact of an attack. Once attacked, an organization typically deploys a cleanup team to enable customers, employees, and partners to resume business as soon as possible. Not only is business brought to a halt until a fix is implemented, but the cleanup team is pulled away from its daily duties, compounding productivity loss. LEGAL LIABILITY AND POTENTIAL LITIGATION Organizations that have been hacked may find themselves in court as a defendant or key witness. Companies required to comply with privacy and security regulations, such as health care organizations and financial institutions, may need to demonstrate their due diligence in minimizing their exposure to network attacks. This process is a drain on both employee productivity and company cash flow. REDUCED ABILITY TO COMPETE Information is often considered a company s most valuable asset (70% or more of a company s value resides in its intellectual property assets) 1, the loss or theft of that data can pose serious consequences, even rendering the company s market position untenable. According to the 2002 CSI/FBI Computer Crime and Security Survey, the most serious financial losses due to security breaches included theft of proprietary information (26 respondents reported losses over $170,000,000) 2. DAMAGE TO BRAND EQUITY Damage to a company s brand may assume various forms, each of them capable of degrading a company s position in the marketplace. For example, companies who have had customer data (such as credit card information) stolen and publicly displayed on other web sites have a hard time restoring customer confidence in their brand. 1 Trends in Proprietary Information Loss survey report, American Society for Industrial Security and PricewaterhouseCoopers, 1999. 2 Richard Power, Computer Security Institute, Computer Security Issues and Trends, 2002 CSI/FBI Computer Crime and Security Survey. 5

Current security solutions Current security solutions typically consist of multiple point products. These are products that must be purchased, installed, deployed, managed, and updated separately. With this approach, IT managers need to address problems related to the lack of interoperability between each of the products. Protection is usually not comprehensive because cross-vendor interoperability issues often allow threats to slip through the cracks, compromising security. What s more, when an outbreak occurs, the fixes that each vendor provides must be tested and verified across the various technologies. This can slow response to attacks, potentially increasing the costs that are incurred. Independent point products can also degrade network performance; since the products were not designed to work together, they present more of a performance hit. More generally, multiple point products that are not integrated cannot be effectively managed, which helps raise IT administration and support costs. The implications of current security solutions include inefficiencies, disappointing results (e.g., lower than anticipated risk mitigation and loss of customer and market trust), and a higher cost of ownership. In addition to providing inadequate protection against blended threats, current products require labor intensive implementation and configuration. These products are part of an enterprise security posture that may be difficult to understand and which provide little insight into security planning and performance. The logical solution: integrated security Integrated security provides a comprehensive, holistic security system that addresses the challenges and opportunities of today s networked enterprises. This security method combines multiple security technologies with policy compliance, management, customer service and support, and advanced research, for complete protection. It uses the principles of defense in depth and employs complementary security functions at multiple levels within the IT infrastructure. By combining multiple security functions, integrated security can more efficiently protect against a variety of threats at each tier to minimize the effects of network attacks. Key security technologies that can be integrated include: FIREWALLS Control all network traffic by screening the information entering and leaving a network (or portion of a network) to help ensure that no unauthorized access to computers and/or the network occurs INTRUSION DETECTION Detects unauthorized access and provides alerts and reports that can be analyzed for patterns and planning CONTENT FILTERING Identifies and eliminates unwanted traffic VIRTUAL PRIVATE NETWORKS (VPN) Secure connections beyond the perimeter, enabling organizations to safely communicate with other networks across the Internet VULNERABILITY MANAGEMENT Enables assessments of a network s security position by uncovering security gaps and suggesting improvements VIRUS PROTECTION Protects against viruses, worms, and Trojan horses Individually, these security technologies can be cumbersome to install and generally are difficult and expensive to manage and update. When integrated into a single solution, however, they offer more comprehensive protection while reducing complexity and cost. 3 From Trojan Horses to Worms: Understanding Various Malicious Threats, Symantec feature article, June 13, 2000. 6

In most enterprises, a variety of individual security products from different vendors have probably been implemented as network security has evolved. Enterprises are thus likely to gradually migrate to an integrated security solution, to ensure the interoperability and integration of competing security products at each network tier. Such a phased approach will initially involve the integration of a subset of security functions. Benefits of integrated security OPERATIONAL EFFICIENCY OF SECURITY FUNCTIONS Integrated security reduces the need to purchase, install, update, and manage multiple security products from multiple vendors or address interoperability issues between various vendors products at each network tier. Such a solution enables reallocation of IT personnel to other strategic projects while maximizing the productivity of the often overburdened IT department, improving security manageability overall. MINIMIZED IMPACT OF ATTACKS ON BUSINESS Since an integrated security solution can be implemented at all network tiers, it offers greater protection of proprietary assets. Integrated security allows for uninterrupted business operations, promotes employee productivity, maximizes revenues, and minimizes the possibility of litigation. Features of integrated security Due to the rapid evolution of threats, security is a constant moving target. As a result, security is only as effective as the most recent update of virus and other software. By applying a uniform approach to systems and devices that contain business-critical and sensitive information assets, organizations can ensure the integrated updating of virus pattern files, intrusion detection signatures, firewall configurations, and the other critical aspects of a security system. Technology alone does not address security issues. An integrated security solution works best when built upon strong policies and procedures and supplemented by appropriate personnel and physical security measures. Solid security policy and standards define what needs to be protected, who is granted access, and the reason access is required. High-level support in the organization for the security policy, as well as employee awareness, helps ensure successful policy adoption. An integrated security strategy improves the overall security posture of the network in a way not possible via implementation of individual products from many different of vendors. Whether security is handled in-house or outsourced, ensuring that all of these features are in place is vital to maintaining a secure critical infrastructure. The future of integrated security Organizations can now benefit from integrated security in a variety of ways, including improved efficiency of security functions, minimized business impact of attacks, and an improved overall security posture. In fact, companies that adopt an integrated security strategy today will be in the best position to take advantage of the next stage of integrated security, whereby all network tiers will be integrated and centrally managed. Through this enterprise-wide integration of security, administrator resources will be optimized, as installation, reporting, and updates will be possible from a single console. This management capability will further improve protection, while reducing the administrative, support, and ownership costs typically associated with enterprise security. 7

References 1. From Trojan horses to worms: understanding various malicious threats, Symantec feature article, June 13, 2000. 2. Trends in proprietary information loss, American Society for Industrial Security and PricewaterhouseCoopers, http://www.asisonline.org/spi.pdf, 1999. 3. Richard Power, Computer Security Institute, Computer Security Issues and Trends, 2002 CSI/FBI Computer Crime and Security Survey, http://www.gocsi.com/forms/fbi/pdf.html. SYMANTEC, THE WORLD LEADER IN INTERNET SECURITY TECHNOLOGY, PROVIDES A BROAD RANGE OF CONTENT AND NETWORK SECURITY SOLUTIONS TO INDIVIDUALS AND ENTERPRISES. THE COMPANY IS A LEADING PROVIDER OF VIRUS PROTECTION, FIREWALL AND VIRTUAL PRIVATE NETWORK, VULNERABILITY MANAGEMENT, INTRUSION DETECTION, INTERNET CONTENT AND EMAIL FILTERING, REMOTE MANAGEMENT TECHNOLOGIES, AND SECURITY SERVICES TO ENTERPRISES AROUND THE WORLD. SYMANTEC S NORTON BRAND OF CONSUMER SECURITY PRODUCTS LEADS THE MARKET IN WORLDWIDE RETAIL SALES AND INDUSTRY AWARDS. HEADQUARTERED IN CUPERTINO, CALIF., SYMANTEC HAS WORLDWIDE OPERATIONS IN 38 COUNTRIES. FOR MORE INFORMATION, PLEASE VISIT HTTP://ENTERPRISESECURITY.SYMANTEC.COM WORLD HEADQUARTERS Symantec and the Symantec logo are U.S. registered trademarks of Symantec Corporation. Other brands and products are trademarks of their respective holder/s. Copyright 2002 Symantec Corporation. All rights reserved. Printed in the U.S.A. 07/02 All product information is subject to change. 10024874 20330 Stevens Creek Blvd. Cupertino, CA 95014 USA 408.517.8000 800.721.3934 www.symantec.com For Product Information In the U.S., call toll-free 800-745-6054. Symantec has worldwide operations in 38 countries. For specific country offices and contact numbers please visit our Web site.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback