11.0. Symantec Endpoint Protection 11.0 Reviewer s Guide
|
|
- Elizabeth Sutton
- 8 years ago
- Views:
Transcription
1 TECHNOLOGY BRIEF: ENDPOINT Symantec PROTECTION endpoint protection Symantec Endpoint Protection 11.0 Reviewer s Guide
2 Technology Brief: Symantec Endpoint Protection Symantec Endpoint Protection 11.0 Reviewer s Guide Contents Introduction Testing key features Software setup Endpoint Manager features Client Manager features Monitoring and logging Conclusion
3 Introduction This document will introduce you to some of the more important endpoint protection features of Symantec Endpoint Protection Symantec Endpoint Protection better protects against a variety of new threats, going beyond traditional antivirus and antispyware prevention to stop rootkits, bots, zero-day attacks, and blended network-based intrusions. Today, many security-minded companies struggle to protect endpoints from the latest threats using a series of different, single-purpose products. Symantec Endpoint Protection makes it possible for organizations of all sizes to get the most comprehensive set of protection technologies by integrating them in a single client, all managed by a single management console. Most of the integrated protection technologies are turnkey and require no set-up or configuration. Additional advanced settings are also provided for those who want to further lock down systems, reducing vulnerable areas. While not covered in this guide, Symantec Network Access Control 11.0 is also integrated into the Symantec Endpoint Protection 11.0 client. This integration makes it easy to add NAC capability later (through an additional license purchase), without an additional client deployment. This document supplements several others that are part of the Symantec Endpoint Protection product line, including: Administration Guide for Symantec Endpoint Protection and Symantec Network Access Control User s Guide Installation Guide Testing key features Before you test, here are some items to consider and to compare to competing products: How many clients (or agents) are required to provide equal endpoint protection coverage (AV, AS, FW, IPS, Device Control, NAC)? How extensive and granular are the advanced control features for firewall, application control, and device control? Can the product take a snapshot of the system to automatically determine authorized applications and processes and block others? How extensive are the IPS technologies (network layer, host layer, behavior-based, etc)? How easily can the product adapt to different network locations as a PC moves around? How easy is the product to manage and change protective policies, deploy clients, and manage logs? How easy is the product to install and deploy across the enterprise? Does the management console provide dashboard view of top-line health for all key endpoint protection technologies? How much of a memory footprint is consumed by the client? 2
4 Symantec has included many different protection technologies in the product, and here are some examples shown in the table below: Symantec Endpoint Protection Key Technologies Protection Technology Host IPS Host IPS Data Loss Prevention Feature Name TruScan Proactive Threat Scan technology Application Control Device Control Description Detects zero-day threats and threats not seen before. Behavior-based detection with uniquely low false positive rate. Technology is from the acquisition of Whole Security and does not require signatures. Protects from zero-day attacks. System Lockdown is an easy way to set-up Application Control. Whitelisting allows only approved applications to be run. Reduces ability for unknown applications and malware to run. Technology is from the acquisition of Sygate. Helps prevent unauthorized data transfer and data theft from USB drives etc. Controls which devices are allowed to connect. Technology is from the acquisition of Sygate. Network IPS Generic Exploit Blocking Protects from exploit attacks on application, operating system and browser software vulnerabilities. Generic vulnerability based signatures detect all variants of exploits providing protection before the exploit is on the system. GEB is one of three IPS technologies, and is extremely easy to set-up and use. Rules-based Firewall Firewall Protects from zero-day attacks and the spread of worms and Trojans. Technology is from the acquisition of Sygate. AV/AS Antivirus and Antispyware Leading detection of toughest polymorphic threats and rootkit attacks. VxMS rootkit technology is from the acquisition of Veritas. Software setup First, setup your test network of at least one server and one client PC as follows: Server Requirements Windows Server 2003, SP 1 (or) Windows Server 2000, SP 4 Client Requirements Windows XP (or) Windows Vista Either needs IIS pre-installed Note that you need to have IIS running before the install: by default Windows Server doesn t install IIS and Symantec Endpoint Protection uses IIS for its management and reporting functions. If you want to do remote administration of the Symantec Endpoint Protection Manager, you ll need to install JRE 1.5 on the remote machine as well as connect it via Internet Explorer (v6 or later) at port 9090 (unless you have set up another port). 3
5 There are two different ways that Symantec Endpoint Protection can be deployed: either as a managed or unmanaged client. The unmanaged client does not require any server software and can be installed as a standalone software package directly from the installation CD. The managed client requires an executable package to be created by the server and then deployed accordingly. To install the managed client, first install the Symantec Endpoint Protection Manager, and then bring up its console and login with your chosen administrator name and password. There are three different authentications for the Manager: admin login to the console, database login, and shared secret for client/server manager. You can choose the same word for all three if you wish, this allows for some additional flexibility if you have more than a single administrator. Now go to Admin/Install packages/export an install package and choose a shared directory on your server where you will save the package. (Or you can have Active Directory s Group Policy Object push out the package as an alternative.) Pick defaults and all components for now, and choose the Global group and Computer mode for the export. This will create an install package that you can distribute to your clients on your test network. You should see something similar to this screen: 4
6 Symantec Endpoint Protection Manager has four organizing principles for its operation. Each client is a member of a group, and each group can have one or more network location, such as home, office LAN, or VPN. Groups can be divided into different administrative realms, called domains, to segregate departmental security admins. Finally, each client is subject to a series of protection policies that are applied for its particular group and location. Now go to your Windows clients and run the executable file that you just created from the server s shared directory. Once this is done, check under Clients tab to see if these clients show up on your screen, which will indicate that your server manages them. We next compare what information is available on the clients. Bring up the Symantec Endpoint Protection client, go to the Change settings tab and you ll see something similar to the screen below: 5
7 Notice that the Network Threat Protection button isn t active, indicating a managed client. These policy settings have to be configured from the manager and pushed onto the client. Note: Please run LiveUpdate on the client to receive the latest signatures before you begin your testing. Endpoint Manager features Let s demonstrate some of the more advanced features of the product. We will show you screenshots from both the manager and client sides so you can see what is going on. 1. Go to Policies/New AV policy/proactive Threat Scan. Here you can change how the client responds to new threats that aren t part of the antivirus and antispyware signature databases. TruScan Proactive Threat Scan is a unique form of HIPS technology that protects against unseen (zero-day) malware, ones for which no-signature exists. It s unique because it detects malicious code written by hackers, and not simply alerting of bad behaviors. While this is much more difficult to do, it is correspondingly more valuable. This is because many obviously bad behaviors are also performed by valid applications, which is why typical behavior based technology is too noisy and unusable for broad deployments. TruScan Proactive Threat Scan provides a higher quality of detection (ratio of true to false alerts)about the nature of the process running on the system. Our consumer install base of 30M+ users measures only 40 false alarms for every one million users. How it works: TruScan Proactive Threat Scan measures bad behaviors plus many other characteristics to detect malicious processes. It looks beyond individual actions to target malicious processes. Examples of characteristics that are flagged include i) remote compromise via back door or bot, ii) data or identity theft, iii) asphyxiation through mass replication, iv) downloaders, etc. 6
8 If you have a keylogging program to test (such as one that is available from winsoul.com), you can download it to the client. You can also change the behavior on this screen from the defaults if you want more than just logging of the event when it is installed: You can also change the Scan Frequency tab at the top of the screen to specify how often TruScan Proactive Threat Scan should run on the clients. 7
9 Note that the defaults chosen will be picked up on the client side, so go to Change Settings/Proactive Threat Protection/Configure Settings on the client and you ll see the screen below that has the same layout and controls as the manager side: 8
10 2. Next we examine the various personal firewall settings. Symantec Endpoint Protection includes a number of innovative features, including smart traffic rules, which avoid having to set up special firewall rules to handle common network configuration settings such as DHCP and DNS requests across the firewall. Also included are automatic settings that can be found under the Traffic and Stealth Settings tab to enable reverse DNS lookups and stealth-mode Web browsing, as shown in the screen below: Also note that the rule set can be configured to adjust to the particular network, which is important for mobile users that move on and off VPNs, for example. 3. Next, we introduce the concept of client-side network intrusion prevention. Symantec has built this into its Symantec Endpoint Protection client so that malware including worms, bots, spyware, and other threats are stopped on the network before they hit your system. One generic vulnerability signature (Generic Exploit Blocking or GEB), can stop hundreds or thousands of threats and each of their variants. This proactively protects the underlying vulnerabilities in your Applications, Browser, and Operating System on your systems. A recent example of this is below: Malware W32.Randex.GRS. The worm spreads through network shares and by exploiting the following vulnerabilities: Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability (BID 8205) Microsoft Windows LSASS Buffer Overrun Vulnerability (BID 10108) Microsoft Windows Server Service Remote Buffer Overflow Vulnerability (BID 19409) Microsoft Windows Plug and Play Buffer Overflow Vulnerability (BID 14513) 9
11 Go to Policies/Intrusion Prevention/Edit the policy/settings and you can see the various components of what makes up this policy such as port scanners and denial of service attacks. You can also allow specific hosts or block specific IP addresses. To see a list of all the attacks that are covered in this module, go to the Exceptions page and click on Add and you can alter your policy for these specific items. 10
12 To effectively test and validate your protection from the Client Intrusion prevention setup the following test and environment. 1) Select a vulnerability that you would like to focus on exploiting such as MS RPC DCOM, or LSASS vulnerability. (Sources: Bugtraq database 2) Set up a target machine with the appropriate OS and Service Pack For effective testing, the target system should be vulnerable to the specified Application, Browser, or Operating System vulnerability. 3) Set up an attacking machine with an OS of your choice. 4) Use an attack tool to send the attack a. Metasploit b. Core Impact c. Immunity CANVAS 5) Look for artifacts of a successful attack, service crashes, new user added, and new listening port. 6) Symantec Endpoint Protection with Intrusion Prevention will actively detect and block attacks before reaching the system. Best Practices Testing must be performed with real-world exploits, malware, bots, worms, or websites with malware hosted against vulnerable machines. The client firewall should be disabled to allow the attack to go through. In the Intrusion Prevention Policy, disable the Automatically block an attacker s IP address. Configure target system with normal user settings (File Sharing turned on) and applications such as Acrobat, QuickTime, and Yahoo IM with the specific versions that you want to test with. Test example using Metasploit Remotely exploiting a vulnerability with no client interaction Steps: 1) After installing and loading Metasploit on an attacking system, select Exploit from the menu (top-left corner). On the search page, enter RPC DCOM. 2) Choose Microsoft RPC DCOM Interface Overflow from the list. 11
13 3) Select the Operating System of the target or select auto. 4) Choose an option for the attack. For this example, we will exploit the vulnerability and get a shell back. 5) On the configuration screen, enter the IP address of the target system. 6) Click on Launch Exploit. 7) If you were successful with your exploit, you will have shell access to the system. You can type dir to get a directory list. 8) Repeat the same test with Symantec Endpoint Protection. Notice that Intrusion Prevention blocked the attack and it was not compromised. 4. Next, let s talk about Application blocking. This feature can be used to allow only particular applications to run on a machine, and reduce the exposure and risk to unknown programs that could be unintentionally installed on the machine. This is called System Lockdown. First, go to the command prompt on the client computer and run the following command: C:\Program Files\Symantec\Symantec Endpoint Protection\checksum test.txt C:\ Then copy this text file to a shared drive on the server. The fingerprint file collects the signatures of all the current applications installed on that particular client so that a user of that machine is protected from anything new such as Trojans or other exploits that try to install themselves on the machine. On the Manager s console, go to Policies/Policy Components/File Fingerprint and run the Add a new fingerprint wizard, importing the text file you just created. Then enable System Lockdown under the Clients/Policies page. You should see something similar to the screenshot below: 12
14 Test this policy by trying to run some new software (or to uninstall something) on the client, it should be blocked. 5. Device control policies. In addition to application and system lockdown features, there are also policies that can prohibit users from downloading files to removable devices, or from getting infected from USB key drives or CDs. We ll show you how to do this, and also how you setup a new protection policy. Let s say you want to block access to the CD or DVD drive of your clients to prevent them from loading software or playing music or videos on their PCs. On the management console, go to Policies/Application and Device Control/Add a new app or device control/ Device Control and click on the Add button below the blocked devices. Highlight the CD/DVD entry and include in the blocked list. Click on the button to notify users at the bottom of the screen and type a simple message. Now confirm your choices with OK and you will be prompted to apply this policy to a group. Use the Global group and confirm this and then this policy will be updated. If you made a mistake, you can either edit this policy or withdraw the policy back on the Policies screen. Once this policy is applied to the group, your client s PC should show a message that you specified, and the CD drive will no longer show up when you browse My Computer on Windows Explorer. If you go into the Symantec Endpoint Protection client, View Logs/Client Management/Security Logs, you can see a status message similar to the one shown below: 13
15 6. Location-specific policies. Symantec Endpoint Protection has the ability to automatically switch policies based on the network location of the clients, so a more stringent security policy could be applied to a home network, or when someone uses a VPN to connect back to the office. You can set certain conditions such as IP address or a directory server that is checked to determine the appropriate location. Go to Clients/Policies tab/add Location and then follow the steps of the location wizard. You will be able to specify how to detect the new location based on the factors shown in the screen below: Once the conditions are met, you can set specific policies for the various protection features. Here you can see how we have setup a location called home network that checks for a Juniper SSL VPN: 14
16 Client Manager features 1. Managed client data can be found by going to Clients, then clicking on a particular client and Edit Properties. Here you ll see a screen that shows you OS, processor and other hardware details, including whether or not a trusted computing module is found on the PC. 2. Integration with Active Directory. Symantec Endpoint Protection Manager can synchronize its users and resources with an Active Directory server, and automatically keep synchronized on a set schedule (set for every 24 hours by default). The synchronization extends to the organizational unit structure as well as for individual users. Enterprises that are using LDAP servers can import this information into Symantec Endpoint Protection Manager. 3. Let s adjust the resource consumption. For the base state (no scans running) you can measure and compare the memory usage of Symantec Endpoint Protection 11.0 to previous releases of Symantec AntiVirus. Bring up the Windows Task Manager on the client PC and click on processes and add up the processes that the Symantec software is using: ccapp.exe, rtvscan.exe, SescLU.exe, ccsvcjst.exe, and smc.exe. Now keep the Task Manager up and start an active scan on the client and see how these figures change. You can also do some tuning here by going to Scan for Threats/Create New Scan/Full Scan/Next/Advanced/Tuning and set options and view the processes during the scan. This is where you can adjust the amount of resources that Symantec Endpoint Protection client uses relative to other applications. 15
17 Monitoring and logging The Symantec Endpoint Protection Manager console has several pages that summarize real-time threat data, produce reports, and log various events. While there are more details of these functions in the Administrator s Guide, we ll touch on a few highlights. First, the home page of the management software shows summary statistics, an overall status indicator, summaries of the past 24 hours of detection events, and whether any clients have turned off critical components of the Symantec Endpoint Protection software or require restarts. There are also numerous reports that can be produced on a scheduled or ad hoc basis as well. Finally, there are many different logs that are created and are available from the server console, and are also accessible from individual clients. Conclusion Symantec Endpoint Protection 11.0 combines Symantec AntiVirus with new advanced threat prevention technologies to protect against a variety of new threats, going beyond traditional antivirus and antispyware prevention to stop rootkits, bots, zero-day attacks, blended network-based intrusions, and data loss. In conducting your review of Symantec Endpoint Protection we trust you have seen the value that we are delivering by integrating essential endpoint security technologies into a single client, managed by a single console delivering what customers need for endpoint protection. 16
18 About Symantec Symantec is the global leader in information security providing a broad range of software, appliances and services designed to help individuals, small and mid-sized businesses, and large enterprises secure and manage their IT infrastructure. Symantec s Norton brand of products is the worldwide leader in consumer security and problem-solving solutions. Headquartered in Cupertino, California, Symantec has operations in 35 countries. More information is available at Symantec has worldwide operations in 35 countries. For specific country offices and contact numbers please visit our Web site. For product information in the U.S., call toll-free Symantec Corporation World Headquarters Stevens Creek Boulevard Cupertino, CA USA Copyright 2007 Symantec Corporation. All rights reserved. Symantec and the Symantec logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Microsoft, Microsoft Windows, Windows XP, Windows Vista, Windows Server 2003 and Windows Server 2000 are registered trademarks of Microsoft Corporation in the United States and other countries. Other names may be trademarks of their respective owners. 10/
Symantec Endpoint Protection Getting Started Guide
Symantec Endpoint Protection Getting Started Guide 12167130 Symantec Endpoint Protection Getting Started Guide The software described in this book is furnished under a license agreement and may be used
More informationGetting Started with Symantec Endpoint Protection
Getting Started with Symantec Endpoint Protection 20983668 Getting Started with Symantec Endpoint Protection The software described in this book is furnished under a license agreement and may be used only
More informationData Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec
The next generation of antivirus technology from Symantec Overview Advanced threat protection combines Symantec AntiVirus with advanced threat prevention to deliver an unmatched defense against malware
More informationSymantec Endpoint Protection (SEP) 11.0 Configuring the SEP Client for Self-Protection
SYMANTEC TECHNOLOGY NETWORK: SECURITY Symantec Endpoint Protection (SEP) 11.0 Configuring the SEP Client for Self-Protection Purpose of this Whitepaper:... 3 Overview... 4 The SEP Client Interface... 5
More informationData Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec
The next generation of antivirus technology from Symantec Overview Advanced threat protection combines Symantec AntiVirus with advanced threat prevention to deliver an unmatched defense against malware
More informationTotal Defense Endpoint Premium r12
DATA SHEET Total Defense Endpoint Premium r12 Overview: Total Defense Endpoint Premium Edition r12 offers comprehensive protection for networks, endpoints and groupware systems from intrusions, malicious
More informationNorton Personal Firewall for Macintosh
Norton Personal Firewall for Macintosh Evaluation Guide Firewall Protection for Client Computers Corporate firewalls, while providing an excellent level of security, are not always enough protection for
More informationSymantec Endpoint Protection
The next generation of antivirus technology from Overview Advanced threat protection combines AntiVirus with advanced threat prevention to deliver an unmatched defense against malware for laptops, desktops,
More informationClient Guide for Symantec Endpoint Protection and Symantec Network Access Control
Client Guide for Symantec Endpoint Protection and Symantec Network Access Control Client Guide for Symantec Endpoint Protection and Symantec Network Access Control The software described in this book is
More informationSymantec Endpoint Protection Getting Started Guide
Symantec Endpoint Protection Getting Started Guide 13740352 Symantec Endpoint Protection Getting Started Guide The software described in this book is furnished under a license agreement and may be used
More informationComodo Endpoint Security Manager SME Software Version 2.1
Comodo Endpoint Security Manager SME Software Version 2.1 Quick Start Guide Guide Version 2.1.111114 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Endpoint Security Manager - SME Quick
More informationEndpoint Security More secure. Less complex. Less costs... More control.
Endpoint Security More secure. Less complex. Less costs... More control. Symantec Endpoint Security Today s complex threat landscape constantly shifts and changes to accomplish its ultimate goal to reap
More informationNet Protector Admin Console
Net Protector Admin Console USER MANUAL www.indiaantivirus.com -1. Introduction Admin Console is a Centralized Anti-Virus Control and Management. It helps the administrators of small and large office networks
More informationCOORDINATED THREAT CONTROL
APPLICATION NOTE COORDINATED THREAT CONTROL Interoperability of Juniper Networks IDP Series Intrusion Detection and Prevention Appliances and SA Series SSL VPN Appliances Copyright 2010, Juniper Networks,
More informationData Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments
Trusted protection for endpoints and messaging environments Overview Symantec Protection Suite Enterprise Edition creates a protected endpoint and messaging environment that is secure against today s complex
More informationPearl Echo Installation Checklist
Pearl Echo Installation Checklist Use this checklist to enter critical installation and setup information that will be required to install Pearl Echo in your network. For detailed deployment instructions
More informationGetting Started. Symantec Client Security. About Symantec Client Security. How to get started
Getting Started Symantec Client Security About Security Security provides scalable, cross-platform firewall, intrusion prevention, and antivirus protection for workstations and antivirus protection for
More informationSYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION
SYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION Frequently Asked Questions WHAT IS SYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION 1? Symantec Endpoint Protection Small Business Edition is built
More informationSymantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it
Complete and high performance protection where you need it Overview delivers high-performance protection against physical and virtual server downtime with policy based prevention, using multiple protection
More informationRedefining Endpoint Security: Symantec Endpoint Protection Russ Jensen
Redefining Endpoint Security: Symantec Endpoint Protection Russ Jensen Sr. Presales Engineer, CISSP, MCSE Key Ingredients for Endpoint Protection Antivirus World s leading AV solution Most (44) consecutive
More informationClient Guide for Symantec Endpoint Protection and Symantec Network Access Control
Client Guide for Symantec Endpoint Protection and Symantec Network Access Control Client Guide for Symantec Endpoint Protection and Symantec Network Access Control The software described in this book is
More informationHoneyBOT User Guide A Windows based honeypot solution
HoneyBOT User Guide A Windows based honeypot solution Visit our website at http://www.atomicsoftwaresolutions.com/ Table of Contents What is a Honeypot?...2 How HoneyBOT Works...2 Secure the HoneyBOT Computer...3
More informationBest Practices for Running Symantec Endpoint Protection 12.1 on the Microsoft Azure Platform
TECHNICAL BRIEF: BEST PRACTICES GUIDE FOR RUNNING SEP ON.... AZURE.................................... Best Practices for Running Symantec Endpoint Protection 12.1 on the Microsoft Azure Platform Who should
More informationSymantec Endpoint Protection Small Business Edition 12.1.2 Getting Started Guide
Symantec Endpoint Protection Small Business Edition 12.1.2 Getting Started Guide Symantec Endpoint Protection Small Business Edition Getting Started Guide The software described in this book is furnished
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationSymantec Endpoint Protection 12.1.6
Data Sheet: Endpoint Security Overview Last year, we saw 317 million new malware variants, while targeted attacks and zero-day threats were at an all-time high 1. The threat environment is evolving quickly
More informationAVeS Cloud Security powered by SYMANTEC TM
Protecting your business from online threats should be simple, yet powerful and effective. A solution that secures your laptops, desktops, and servers without slowing down your systems and distracting
More informationTechnical Note. CounterACT: Powerful, Automated Network Protection Inside and Out
CounterACT: Powerful, Contents Introduction...3 Automated Threat Protection against Conficker... 3 How the Conficker Worm Works.... 3 How to Use CounterACT to Protect vs. the Conficker Worm...4 1. Use
More informationSymantec Endpoint Protection
The next generation of antivirus technology from Symantec Overview Advanced threat protection combines Symantec AntiVirus with advanced threat prevention to deliver an unmatched defense against malware
More informationSymantec Endpoint Protection Getting Started Guide
Symantec Endpoint Protection Getting Started Guide Symantec Endpoint Protection Getting Started Guide The software described in this book is furnished under a license agreement and may be used only in
More informationEndpoint Protection Small Business Edition 2013?
Symantec Endpoint Protection Small Business Edition 2013 Customer FAQ FAQ: Endpoint Security What is Symantec Endpoint Protection Small Business Edition 2013? is a new solution that offers simple, fast,
More informationHow To Protect Your Computer From A Malicious Virus
Trusted protection from malware and email-borne threats for multiplatform environments Overview safeguards enterprise assets and lowers risk by providing unmatched protection against threats for laptops,
More informationWhat Do You Mean My Cloud Data Isn t Secure?
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
More informationTrend Micro OfficeScan 11.0. Best Practice Guide for Malware
Trend Micro OfficeScan 11.0 Best Practice Guide for Malware Information in this document is subject to change without notice. The names of companies, products, people, characters, and/or data mentioned
More informationSymantec Protection Suite Small Business Edition A simple, effective and affordable solution designed for small businesses
A simple, effective and affordable solution designed for small businesses Overview Symantec Protection Suite Small Business Edition is a simple, affordable, security and backup solution. It is designed
More informationHow not to lose your computer or your research. M.R. Muralidharan SERC IISc
How not to lose your computer or your research M.R. Muralidharan SERC IISc The Battle has changed 08 Threat Landscape Shift 2004 Landscape Virus Threats are noisy & visible to everyone Threats are indiscriminate,
More informationSymantec Protection Suite Small Business Edition
Easy-to-use, all-in-one suite designed for small businesses Overview Suite Small Business Edition is an easyto-use, all-in-one suite that secures your critical business assets and information against today
More informationCyber Security: Software Security and Hard Drive Encryption
Links in this document have been set for a desktop computer with the resolution set to 1920 x 1080 pixels. Cyber Security: Software Security and Hard Drive Encryption 301-1497, Rev A September 2012 Copyright
More informationUser Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream
User Manual Onsight Management Suite Version 5.1 Another Innovation by Librestream Doc #: 400075-06 May 2012 Information in this document is subject to change without notice. Reproduction in any manner
More informationSophos Enterprise Console Help. Product version: 5.1 Document date: June 2012
Sophos Enterprise Console Help Product version: 5.1 Document date: June 2012 Contents 1 About Enterprise Console...3 2 Guide to the Enterprise Console interface...4 3 Getting started with Sophos Enterprise
More informationGetting started. Symantec AntiVirus Corporate Edition. About Symantec AntiVirus. How to get started
Getting started Corporate Edition Copyright 2005 Corporation. All rights reserved. Printed in the U.S.A. 03/05 PN: 10362873 and the logo are U.S. registered trademarks of Corporation. is a trademark of
More informationNetWrix USB Blocker. Version 3.6 Administrator Guide
NetWrix USB Blocker Version 3.6 Administrator Guide Table of Contents 1. Introduction...3 1.1. What is NetWrix USB Blocker?...3 1.2. Product Architecture...3 2. Licensing...4 3. Operation Guide...5 3.1.
More informationSymantec Endpoint Protection Small Business Edition 12.1.2 Installation and Administration Guide
Symantec Endpoint Protection Small Business Edition 12.1.2 Installation and Administration Guide Symantec Endpoint Protection Small Business Edition Installation and Administration Guide The software described
More informationFortKnox Personal Firewall
FortKnox Personal Firewall User Manual Document version 1.4 EN ( 15. 9. 2009 ) Copyright (c) 2007-2009 NETGATE Technologies s.r.o. All rights reserved. This product uses compression library zlib Copyright
More informationInstallation Guide for Symantec Endpoint Protection and Symantec Network Access Control
Installation Guide for Symantec Endpoint Protection and Symantec Network Access Control Installation Guide for Symantec Endpoint Protection and Symantec Network Access Control The software described in
More informationIS L06 Protect Servers and Defend Against APTs with Symantec Critical System Protection
IS L06 Protect Servers and Defend Against APTs with Symantec Critical System Protection Description Lab flow At the end of this lab, you should be able to Discover how to harness the power and capabilities
More informationBrazosport College VPN Connection Installation and Setup Instructions. Draft 2 March 24, 2005
Brazosport College VPN Connection Installation and Setup Instructions Draft 2 March 24, 2005 Introduction This is an initial draft of these instructions. These instructions have been tested by the IT department
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationSymantec Endpoint Protection 12.1.5 Datasheet
Symantec Endpoint Protection 12.1.5 Datasheet Data Sheet: Endpoint Security Overview Malware has evolved from large-scale massive attacks to include Targeted Attacks and Advanced Persistent Threats that
More informationSymantec Endpoint Protection A unified, proactive approach to endpoint security
WHITE PAPER: ENDPOINT SECURITY Symantec Endpoint Protection A unified, proactive approach to endpoint security White Paper: Endpoint Security Symantec Endpoint Protection A unified, proactive approach
More informationSymantec AntiVirus Enterprise Edition
Symantec AntiVirus Enterprise Edition Comprehensive threat protection for every network tier, including client-based spyware prot e c t i o n, in a single product suite Overview Symantec AntiVirus Enterprise
More informationINSIDE. Malicious Threats of Peer-to-Peer Networking
Symantec Security Response WHITE PAPER Malicious Threats of Peer-to-Peer Networking by Eric Chien, Symantec Security Response INSIDE Background Protocols New Vector of Delivery Malicious Uses of Peer-to-Peer
More informationCritical Security Controls
Critical Security Controls Session 2: The Critical Controls v1.0 Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter The Critical Security Controls The Critical Security
More informationGet Started Guide - PC Tools Internet Security
Get Started Guide - PC Tools Internet Security Table of Contents PC Tools Internet Security... 1 Getting Started with PC Tools Internet Security... 1 Installing... 1 Getting Started... 2 iii PC Tools
More informationData Sheet: Endpoint Security Symantec Network Access Control Comprehensive Endpoint Enforcement
Comprehensive Endpoint Enforcement Overview is a complete, end-to-end network access control solution that enables organizations to efficiently and securely control access to corporate networks through
More informationSymantec Endpoint Protection Analyzer Report
Symantec Endpoint Protection Analyzer Report For Symantec Customer Table of Contents Statement of Confidentiality... 3 1. Introduction... 4 2. Environmental Analysis Overview... 5 2.1 Findings Overview...
More informationTechnical Product Overview. Employing cloud-based technologies to address security risks to endpoint systems
Symantec Endpoint Protection.cloud Employing cloud-based technologies to address security risks to endpoint systems White Paper: Endpoint Protection.cloud - Symantec Endpoint Protection.cloud Contents
More informationG/On. Basic Best Practice Reference Guide Version 6. For Public Use. Make Connectivity Easy
For Public Use G/On Basic Best Practice Reference Guide Version 6 Make Connectivity Easy 2006 Giritech A/S. 1 G/On Basic Best Practices Reference Guide v.6 Table of Contents Scope...3 G/On Server Platform
More informationSecret Server Qualys Integration Guide
Secret Server Qualys Integration Guide Table of Contents Secret Server and Qualys Cloud Platform... 2 Authenticated vs. Unauthenticated Scanning... 2 What are the Advantages?... 2 Integrating Secret Server
More informationSophos for Microsoft SharePoint startup guide
Sophos for Microsoft SharePoint startup guide Product version: 2.0 Document date: March 2011 Contents 1 About this guide...3 2 About Sophos for Microsoft SharePoint...3 3 System requirements...3 4 Planning
More informationSymantec Endpoint Protection 12.1.4
Data Sheet: Endpoint Security Overview provides unrivaled security across physical and virtual platforms and support for the latest operating systems-mac OS X 10.9 and Windows 8.1. Powered by Symantec
More informationESET Endpoint Security 6 ESET Endpoint Antivirus 6 for Windows
ESET Endpoint Security 6 ESET Endpoint Antivirus 6 for Windows Products Details ESET Endpoint Security 6 protects company devices against most current threats. It proactively looks for suspicious activity
More informationWildFire Reporting. WildFire Administrator s Guide 55. Copyright 2007-2015 Palo Alto Networks
WildFire Reporting When malware is discovered on your network, it is important to take quick action to prevent spread of the malware to other systems. To ensure immediate alerts to malware discovered on
More informationGetting started. Symantec AntiVirus Corporate Edition. About Symantec AntiVirus. How to get started
Getting started Symantec AntiVirus Corporate Edition Copyright 2004 Symantec Corporation. All rights reserved. Printed in the U.S.A. 03/04 10223881 Symantec and the Symantec logo are U.S. registered trademarks
More informationDeploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite
WHITE PAPER Mobile Device Security in the Enterprise Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite Copyright 2010, Juniper Networks, Inc. Table of Contents
More informationProven LANDesk Solutions
LANDesk Solutions Descriptions Proven LANDesk Solutions IT departments face pressure to reduce costs, reduce risk, and increase productivity in the midst of growing IT complexity. More than 4,300 organizations
More informationGetting started. Symantec AntiVirus Business Pack. About Symantec AntiVirus. Where to find information
Getting started Symantec AntiVirus Business Pack Copyright 2004 Symantec Corporation. All rights reserved. Printed in the U.S.A. 03/04 Symantec and the Symantec logo are U.S. registered trademarks of Symantec
More informationHome Use Installation Guide For Symantec Endpoint Protection (SEP) 11 For Mac
Home Use Installation Guide For Symantec Endpoint Protection (SEP) 11 For Mac May 2010 Table of Content 1 INTRODUCTION... 2 2 AntiVirus Software Home Use License Policy... 2 2.1 Authorized Users:...2 2.2
More informationInstallation Guide for Symantec Endpoint Protection and Symantec Network Access Control
Installation Guide for Symantec Endpoint Protection and Symantec Network Access Control Installation Guide for Symantec Endpoint Protection and Symantec Network Access Control The software described in
More informationF-Secure Client Security. Administrator's Guide
F-Secure Client Security Administrator's Guide F-Secure Client Security TOC 3 Contents Chapter 1: Introduction...9 System requirements...10 Policy Manager Server...10 Policy Manager Console...10 Main
More informationStep-by-Step Guide to Setup Instant Messaging (IM) Workspace Datasheet
Step-by-Step Guide to Setup Instant Messaging (IM) Workspace Datasheet CONTENTS Installation System requirements SQL Server setup Setting up user accounts Authentication mode Account options Import from
More informationSymantec AntiVirus Corporate Edition Patch Update
Symantec AntiVirus Corporate Edition Patch Update Symantec AntiVirus Corporate Edition Update Documentation version 10.0.1.1007 Copyright 2005 Symantec Corporation. All rights reserved. Symantec, the Symantec
More informationESET CYBER SECURITY PRO for Mac Quick Start Guide. Click here to download the most recent version of this document
ESET CYBER SECURITY PRO for Mac Quick Start Guide Click here to download the most recent version of this document ESET Cyber Security Pro provides state-of-the-art protection for your computer against
More informationBest Practices for DanPac Express Cyber Security
March 2015 - Page 1 Best Practices for This whitepaper describes best practices that will help you maintain a cyber-secure DanPac Express system. www.daniel.com March 2015 - Page 2 Table of Content 1 Introduction
More informationHow To Install Safari Antivirus On A Dv8000 Dv Recorder On A Pc Or Macbook Or Ipad (For A Pc) On A Microsoft Dv8 (For Macbook) On An Ipad Or Ipa (
Using Symantec AntiVirus Corporate Edition Version 9.0 Software On a DX8000 DVR DX8000 Digital Video Recorder C1613M-A (12/04) Contents Using Symantec AntiVirus Corporate Edition 9.0 Software.....................................................................5
More informationGetting started. Symantec AntiVirus Corporate Edition 8.1 for Workstations and Network Servers
Getting started Symantec AntiVirus Corporate Edition 8.1 for Workstations and Network Servers Copyright 2003 Symantec Corporation. All rights reserved. Printed in the U.S.A. 03/03 Symantec and the Symantec
More informationDriveLock Quick Start Guide
Be secure in less than 4 hours CenterTools Software GmbH 2012 Copyright Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise
More informationGetting Started Guide for Symantec On-Demand Protection for Outlook Web Access 3.0
Getting Started Guide for Symantec On-Demand Protection for Outlook Web Access 3.0 PN: 12199694 Getting Started Guide for Symantec On-Demand Protection for Outlook Web Access 3.0 The software described
More informationBest Practice Configurations for OfficeScan (OSCE) 10.6
Best Practice Configurations for OfficeScan (OSCE) 10.6 Applying Latest Patch(es) for OSCE 10.6 To find out the latest patches for OfficeScan, click here. Enable Smart Clients 1. Ensure that Officescan
More informationIntegrated Protection for Systems. João Batista Joao_batista@mcafee.com Territory Manager
Integrated Protection for Systems João Batista Joao_batista@mcafee.com Territory Manager 2 McAfee Overview Proven Expertise And what it means to you Proof of Expertise Impact of Expertise 1 17 100 300
More informationBest Practices & Deployment SurfControl Mobile Filter v 5.0.2.60
Best Practices & Deployment SurfControl Mobile Filter v 5.0.2.60 rev2.1, January 2006 Pre-Installation Guide Notice 2006 SurfControl. All rights reserved. SurfControl, SurfControl E-mail Filter, SurfControl
More informationKaseya Server Instal ation User Guide June 6, 2008
Kaseya Server Installation User Guide June 6, 2008 About Kaseya Kaseya is a global provider of IT automation software for IT Solution Providers and Public and Private Sector IT organizations. Kaseya's
More informationSymantec Endpoint Protection Small Business Edition Implementation Guide
Symantec Endpoint Protection Small Business Edition Implementation Guide Symantec Endpoint Protection Small Business Edition Implementation Guide The software described in this book is furnished under
More informationSymantec Endpoint Protection 12.1.2
Data Sheet: Endpoint Security Overview offers comprehensive defense against complex attacks for both physical and virtual environments. It integrates ten essential security technologies in a single, high
More informationIntroduction to Computer Security Table of Contents
Introduction to Computer Security Table of Contents Introduction... 2 1 - Viruses... 3 Virus Scanners... 3 2 - Spyware... 7 Spyware Scanners... 8 3 - Firewalls... 10 Windows Firewall... 10 4 - References...
More informationMcAfee Internet Security Suite Quick-Start Guide
Enjoy a Worry Free Online Experience McAfee Internet Security Suite protects your PC, identity and online experience. It also includes PC and network tools, plus McAfee SiteAdvisor for safe surfing. Internet
More informationSharp Remote Device Manager (SRDM) Server Software Setup Guide
Sharp Remote Device Manager (SRDM) Server Software Setup Guide This Guide explains how to install the software which is required in order to use Sharp Remote Device Manager (SRDM). SRDM is a web-based
More informationMalwarebytes Endpoint Security Quick Start Guide Version 1.6 10 September 2015
Malwarebytes Endpoint Security Quick Start Guide Version 1.6 10 September 2015 Notices Malwarebytes products and related documentation are provided under a license agreement containing restrictions on
More informationSymantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations
Symantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations Technical Product Management Team Endpoint Security Copyright 2007 All Rights Reserved Revision 6 Introduction This
More informationSymantec Integrated Enforcer for Microsoft DHCP Servers Getting Started Guide
Symantec Integrated Enforcer for Microsoft DHCP Servers Getting Started Guide Legal Notice Copyright 2006 Symantec Corporation. All rights reserved. Federal acquisitions: Commercial Software - Government
More informationNetWrix USB Blocker Version 3.6 Quick Start Guide
NetWrix USB Blocker Version 3.6 Quick Start Guide Table of Contents 1. Introduction...3 1.1. What is NetWrix USB Blocker?...3 1.2. Product Architecture...3 2. Licensing...4 3. Getting Started...5 3.1.
More informationAVG 8.5 Anti-Virus Network Edition
AVG 8.5 Anti-Virus Network Edition User Manual Document revision 85.2 (23. 4. 2009) Copyright AVG Technologies CZ, s.r.o. All rights reserved. All other trademarks are the property of their respective
More informationSymantec Database Security and Audit 3100 Series Appliance. Getting Started Guide
Symantec Database Security and Audit 3100 Series Appliance Getting Started Guide Symantec Database Security and Audit 3100 Series Getting Started Guide The software described in this book is furnished
More informationProtecting the Infrastructure: Symantec Web Gateway
Protecting the Infrastructure: Symantec Web Gateway 1 Why Symantec for Web Security? Flexibility and Choice Best in class hosted service, appliance, and virtual appliance (upcoming) deployment options
More informationEnd to End Security do Endpoint ao Datacenter
do Endpoint ao Datacenter Piero DePaoli & Leandro Vicente Security Product Marketing & Systems Engineering 1 Agenda 1 Today s Threat Landscape 2 From Endpoint: Symantec Endpoint Protection 3 To Datacenter:
More informationSymantec LiveUpdate Administrator. Getting Started Guide
Symantec LiveUpdate Administrator Getting Started Guide Symantec LiveUpdate Administrator Getting Started Guide The software described in this book is furnished under a license agreement and may be used
More informationAdministrator's Guide
Administrator's Guide Copyright SecureAnywhere Mobile Protection Administrator's Guide November, 2012 2012 Webroot Software, Inc. All rights reserved. Webroot is a registered trademark and SecureAnywhere
More informationSophos Endpoint Security and Control standalone startup guide
Sophos Endpoint Security and Control standalone startup guide Sophos Endpoint Security and Control version 9 Sophos Anti-Virus for Mac OS X, version 7 Document date: October 2009 Contents 1 Before you
More informationHost-based Intrusion Prevention System (HIPS)
Host-based Intrusion Prevention System (HIPS) White Paper Document Version ( esnhips 14.0.0.1) Creation Date: 6 th Feb, 2013 Host-based Intrusion Prevention System (HIPS) Few years back, it was relatively
More information