Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT
|
|
- Piers Price
- 8 years ago
- Views:
Transcription
1 Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT TESTED PRODUCTS: AVG Internet Security Network Edition v8.0 Kaspersky Total Space Security v6.0 McAfee Total Protection for Endpoint Sophos Endpoint Security and Control v8.0 Symantec Endpoint Protection MR2 Trend Micro Officescan 8.0 SP1 R3 DECEMBER 20, 2008
2 Published by NSS Labs NSS Labs CONTACT: 5115 Avenida Encinas Suite H Carlsbad, CA Tel: info@nsslabs.com Internet: All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the authors. Please note that access to or use of this Report is conditioned on the following: 1. The information in this Report is subject to change by NSS Labs without notice. 2. The information in this Report is believed by NSS Labs to be accurate and reliable, but is not guaranteed. All use of and reliance on this Report are at your sole risk. NSS Labs is not liable or responsible for any damages, losses or expenses arising from any error or omission in this Report. 3. NO WARRANTIES, EXPRESS OR IMPLIED ARE GIVEN BY THE NSS LABS. ALL IMPLIED WARRANTIES, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE DISCLAIMED AND EXCLUDED BY NSS LABS. IN NO EVENT SHALL NSS LABS BE LIABLE FOR ANY CONSEQUENTIAL, INCIDENTAL OR INDIRECT DAMAGES, OR FOR ANY LOSS OF PROFIT, REVENUE, DATA, COMPUTER PROGRAMS, OR OTHER ASSETS, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. 4. This Report does not constitute an endorsement, recommendation or guarantee of any of the products (hardware or software) tested or the hardware and software used in testing the products. The testing does not guarantee that there are no errors or defects in the products, or that the products will meet your expectations, requirements, needs or specifications, or that they will operate without interruption. 5. This Report does not imply any endorsement, sponsorship, affiliation or verification by or with any companies mentioned in this report. For PCI-related reports, this does not constitute an endorsement by the PCI Security Standards Council. 6. All trademarks, service marks, and trade names used in this Report are the trademarks, service marks, and trade names of their respective owners, and no endorsement of, sponsorship of, affiliation with, or involvement in, any of the testing, this Report or NSS Labs is implied, nor should it be inferred NSS Labs, Inc.
3 CONTENTS 1 Introduction Affected systems Microsoft Response Test Relevance Results Security Effectiveness Memory Utilization Post-Exploit Partial Exploit Code NSS Labs Recommendations The Products Under Test Products tested Settings Used Endpoint Protection Test Environment Client Host Description Network Description NSS Labs, Inc.
4 1 INTRODUCTION On December 10, 2008 Microsoft published Microsoft Security Advisory (961051), detailing a vulnerability in Internet Explorer that could allow arbitrary Remote Code Execution. This vulnerability in IE5, IE6, IE7 and IE8 Beta allows an attacker to take complete control of an affected system. Active exploits have been seen in the wild. There are two known variants: an Active X variant, and a Javascript variant. Users with vulnerable versions of Internet Explorer are at high risk of being exploited if they visit a website hosting the exploit code. Sources indicated over 10,000 web sites are hosting these exploits, and potentially even more variants of malware. Based on the potential impact as well as concerns from a number of enterprises, NSS Labs conducted a series of tests of popular endpoint protection products to evaluate their ability to protect clients from exploits targeting the IE vulnerability. 1.1 AFFECTED SYSTEMS Windows Internet Explorer 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server Microsoft Internet Explorer 5.01 Service Pack 4, Microsoft Internet Explorer 6 Service Pack 1, Microsoft Internet Explorer 6, and Windows Internet Explorer 8 Beta 2 on all supported versions of Microsoft Windows are potentially vulnerable MICROSOFT RESPONSE Microsoft has reacted extremely quickly and by providing a patch within 7 days of the vulnerability being disclosed. At the time of testing, Dec 18, 2008, Microsoft had just released a patch. For those unable to update immediately, Microsoft offers some mitigating steps at: TEST RELEVANCE Internet Explorer is the most popular web browser on the planet, owning the lion s share of the market. This increases the importance of this vulnerability and the potential reach of exploits. Most Enterprises have change control procedures governing patching of systems. As a result, the adoption rate of this patch will likely occur over an extended period of time. Therefore, Endpoint Protection products will be relied upon heavily during the period of exposure to this vulnerability NSS Labs, Inc. p. 1
5 2 RESULTS During the week of December 15, NSS Labs performed a focused test of popular Endpoint Protection products to evaluate the protection offered against this exploit. This section provides a quick overview of the test results collected during live testing conducted through Thursday, December 18 th SECURITY EFFECTIVENESS All of the products tested were classified as Enterprise class Endpoint Protection by the vendor, meaning they had both Client Host Intrusion Prevention (HIPS) and anti-malware components. In addition, they also all included a reputation-based component meaning they block and warn users about malicious web-sites in order to prevent them from downloading malware. Each vendors system works differently, but they generally rely on collective intelligence and back-end analysis of specific URLs and files to supplement the local signatures and heuristics. This was first and foremost a test of intrusion prevention, and not anti-malware, capabilities. Our goal was to clearly identify the protective layers within the products to combat the exploits against IE. In this scenario there are two distinct attacks against the IE vulnerability. Exploits could deliver any number of different malicious payloads to be executed. Preventing either the URL from being accessed or the exploit from executing would be the ideal solution. To do this properly, an in-line intrusion prevention system must be able to prevent the requested web page from reaching the web browser before it can be analyzed and declared safe. For a more complete discussion of exploits and drive-by downloads, refer to the article on NSS Labs website: Test AVG Kaspersky McAfee Sophos Symantec Trend 1. Block URL Access Blocked & Warned Warned but did not block properly 2. Block Exploit Blocked Exploit Blocked but called it malware (mislabel) 3. Malware Detection N/A N/A Quarantined Malware Quarantined the first but Unable to Quarantine the second NSS Labs, Inc. p. 2
6 Our investigation showed that most products are looking for so-called Drive-by downloads and focusing on detecting the malware downloaded in step 3, thereby missing the opportunity to prevent the initial exploit from occurring. Preventing the exploit would eliminate the necessity to research and detect multiple variants of malware. Kaspersky Antivirus (part of Total Space Security) was the only product we tested, which effectively blocked the exploit using its reputation-based system, The product apparently has a blocking function that delays display of a website until after the URL has been verified. Total Space Security was also the only product to block the javascript exploit and classify it correctly. Sophos Endpoint Security and Control correctly identified the website as malicious, however it did not prevent the javascript exploit from running. This was a puzzle until we realized that their Reputation-based product is not does not block access to the URL while it is looking up the reputation. Thus, Sophos reputation solution is akin to Intrusion Detection, and not Intrusion Prevention. The approach is not effective where the browser itself is being exploited since the Reputation system is in a race with the web browser, and the browser is nearly always going to win. Both Symantec and Trend were able to identify the malware that was included in the payload of the exploit, but failed to prevent the exploit itself from running. Symantec was able to accurately identify and quarantine the malware. Trend was able to accurately identify the malware, but unable to quarantine one of the two pieces of malware inserted into our test system by the exploit. 2.2 MEMORY UTILIZATION POST-EXPLOIT Average normal memory utilization of Internet Explorer ranges between 21 and 40MB depending on a range of factors (e.g. operating system, plugins and number of open windows). Successfully exploited browsers consume more than 230MB, as shown in the example here. Note, that different systems and endpoint protection products react differently to the exploit. In some cases the browser closed or crashed, while in others it continued to operate NSS Labs, Inc. p. 3
7 2.3 PARTIAL EXPLOIT CODE In this case, an attack against the data binding engine which delivered a keylogger. 3 NSS LABS RECOMMENDATIONS Due to the lack of protection provided by Endpoint Protection products, NSS recommends that all companies patch immediately. Also, a Network IPS product with current signatures for the vulnerability will provide an additional layer of protection. Most companies have already scheduled maintenance for updates and patches over the next week due to the upcoming holidays and end of year cycles. Even those companies that have not had time to run the patch through a full testing regime, should consider patching due to the severity of the vulnerability. It is NSS Labs opinion that the risk of being exploited outweighs the risk of patching without full testing. NSS Labs plans to test network IPS products as well as retest endpoint products for IE exploit protection in the near future. For further information please check our website ( or contact us to schedule a briefing at NSS Labs, Inc. p. 4
8 4 THE PRODUCTS UNDER TEST The Endpoint Protection products were downloaded from the vendors sites. All products were updated immediately prior to testing in order to provide the latest protection. 4.1 PRODUCTS TESTED Product & Version Engine & Signatures AVG Internet Security Network Edition v8.0 v Virus DB: /1855 Kaspersky Total Space Security v6.0 12/18/ :21:56am McAfee Total Protection for Endpoint Host Intrusion Prevention 7.0 HIPS: 2373 VirusScan Enterprise 8.5i Scan Engine Ver SiteAdvisor Enterprise 1.5 DAT: BOAP DAT: 354 Sophos Endpoint Security and Control v8.0 Anti-virus 7.6 SAV v Client Firewall v1.53 Threat Detection data: 4.37E Symantec Endpoint Protection MR2 AVAS: Dec 17, 2008 r50 Proactive: Dec 17, 2008 r19 Network: Dec 12, 2008 r1 Trend Micro Officescan 8.0 SP1 R3 VSE: VP: SETTINGS USED Where possible, we tested with the most aggressive settings. While vendors may have advanced in-the-cloud technologies, they are often deployed in their home-user products before rolling them into corporate offerings. Also, some (like Trend) offer a separate application as an add-on. Note: This testing represents a point in time, and it is quite feasible (and desirable) for vendors to add protection depending on their implementations - some quicker than others NSS Labs, Inc. p. 5
9 5 ENDPOINT PROTECTION TEST ENVIRONMENT ABOUT THIS TEST The NSS Labs test reports are designed to address the challenges faced by IT professionals in selecting security products. This NSS Labs report provides readers with empirically validated evidence about a product s features and capabilities. NSS Labs tests host anti-malware and endpoint protection products against a comprehensive methodology including: Security Effectiveness (Anti-malware and Intrusion Prevention) Management and Usability Performance The scope of this test was limited to on-access protection of the browser application while surfing to live sites on the internet which had been infected. Client machines accessed live exploits hosted on malicious web sites on the internet and were tested simultaneously. Availability of the malicious sites was validated before, during and after the test to ensure validity of the sample set. 5.1 CLIENT HOST DESCRIPTION The Systems Under Test were installed on the following Operating System and service pack. Windows XP, SP3 Internet Explorer 7 (without the Security Update released by Microsoft on 12/17) HARDWARE: DELL SC440 Two 3.0 GHz processors 2 GB RAM NSS Labs, Inc. p. 6
10 5.2 NETWORK DESCRIPTION The endpoint protection product was tested in a live environment, connected directly to the internet. The host system has one network interface card (NIC) and is connected to the network via a 1Ge switch port. The NSS Labs test network is a multi-gigabit infrastructure based around Cisco Catalyst 6500-series switches (with both fiber and copper Gigabit interfaces) NSS Labs, Inc. p. 7
Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities?
ANALYST BRIEF Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities? Author Randy Abrams Tested Products Avast Internet Security 7 AVG Internet Security 2012 Avira Internet Security
More informationENTERPRISE EPP COMPARATIVE REPORT
ENTERPRISE EPP COMPARATIVE REPORT Security Stack: Socially Engineered Malware Authors Bhaarath Venkateswaran, Randy Abrams, Thomas Skybakmoen Tested Products Bitdefender Endpoint Security v5.3.15.539 ESET
More informationENTERPRISE EPP COMPARATIVE ANALYSIS
ENTERPRISE EPP COMPARATIVE ANALYSIS Socially Engineered Malware Randy Abrams, Jayendra Pathak, Ahmed Garhy Tested Products Fortinet Fortigate 100D Management station Forticlient- 5.0.7.333 McAfee VirusScan
More informationCORPORATE AV / EPP COMPARATIVE ANALYSIS
CORPORATE AV / EPP COMPARATIVE ANALYSIS Exploit Evasion Defenses 2013 Randy Abrams, Dipti Ghimire, Joshua Smith Tested Vendors AVG, ESET, F- Secure, Kaspersky, McAfee, Microsoft, Norman, Panda, Sophos,
More informationSSL Performance Problems
ANALYST BRIEF SSL Performance Problems SIGNIFICANT SSL PERFORMANCE LOSS LEAVES MUCH ROOM FOR IMPROVEMENT Author John W. Pirc Overview In early 2013, NSS Labs released the results of its Next Generation
More informationInternet Advertising: Is Your Browser Putting You at Risk?
ANALYST BRIEF Is Your Browser Putting You at Risk? PART 2: CLICK FRAUD Authors Francisco Artes, Stefan Frei, Ken Baylor, Jayendra Pathak, Bob Walder Overview The US online advertising market in 2011 was
More informationBreach Found. Did It Hurt?
ANALYST BRIEF Breach Found. Did It Hurt? INCIDENT RESPONSE PART 2: A PROCESS FOR ASSESSING LOSS Authors Christopher Morales, Jason Pappalexis Overview Malware infections impact every organization. Many
More informationEvolutions in Browser Security
ANALYST BRIEF Evolutions in Browser Security TRENDS IN BROWSER SECURITY PERFORMANCE Author Randy Abrams Overview This analyst brief aggregates results from NSS Labs tests conducted between 2009 and 2013
More informationDATA CENTER IPS COMPARATIVE ANALYSIS
DATA CENTER IPS COMPARATIVE ANALYSIS Security 2014 Thomas Skybakmoen, Jason Pappalexis Tested Products Fortinet FortiGate 5140B, Juniper SRX 5800, McAfee NS- 9300, Sourcefire 8290-2 Data Center Overview
More informationWEB BROWSER SECURITY SOCIALLY-ENGINEERED MALWARE PROTECTION COMPARATIVE TEST RESULTS
WEB BROWSER SECURITY SOCIALLY-ENGINEERED MALWARE PROTECTION COMPARATIVE TEST RESULTS Apple Safari 5 Google Chrome 6 Windows Internet Explorer 8 Windows Internet Explorer 9 Mozilla Firefox 3.6 Opera 10
More informationEnterprise Anti-Virus Protection
Enterprise Anti-Virus APRIL - JUNE 2013 Dennis Technology Labs www.dennistechnologylabs.com This report aims to compare the effectiveness of anti-malware products provided by well-known security companies.
More informationEnterprise Anti-Virus Protection
Enterprise Anti-Virus JULY - SEPTEMBER 2012 Dennis Technology Labs www.dennistechnologylabs.com This report aims to compare the effectiveness of anti-malware products provided by well-known security companies.
More informationSecurity Industry Market Share Analysis
Security Industry Market Share Analysis December Introduction The Research OPSWAT releases quarterly market share reports for several sectors of the security industry. This report includes both worldwide
More informationEnterprise Anti-Virus Protection
Enterprise Anti-Virus Protection JAN - MAR 2015 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware products
More informationDATA CENTER IPS COMPARATIVE ANALYSIS
DATA CENTER IPS COMPARATIVE ANALYSIS Total Cost of Ownership () 2014 Thomas Skybakmoen, Jason Pappalexis Tested s Fortinet FortiGate 5140B, Juniper SRX 5800, McAfee NS- 9300, Sourcefire 8290-2 Overview
More informationCONSUMER ANTI-MALWARE PRODUCTS
CONSUMER ANTI-MALWARE PRODUCTS GROUP TEST REPORT AVG Internet Security 9 ESET Smart Security 4 F-Secure Internet Security 2010 Kaspersky Internet Security 2011 McAfee Internet Security Microsoft Security
More informationSimphony v2 Antivirus Recommendations
DECLARATIONS WARRANTIES Although the best efforts are made to ensure that the information in this document is complete and correct, MICROS Systems, Inc. makes no warranty of any kind with regard to this
More informationTrend Micro Endpoint Comparative Report Performed by AV Test.org
Trend Micro Endpoint Comparative Report Performed by AV Test.org Results from December 2009 Executive Summary In December of 2009, AV Test.org performed endpoint security benchmark testing on five market
More informationEnterprise Anti-Virus Protection
Enterprise Anti-Virus JULY - SEPTEMBER 2013 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware products
More informationAvaya Modular Messaging 5.x
Avaya Modular Messaging 5.x Security Updates, Operating System Service Packs, Virus Protection, Avaya Modular Messaging Service Packs, and Third Party Software for Modular Messaging 5.x Issue 1.1 February
More informationSecurity Industry Market Share Analysis
Security Industry Market Share Analysis September 2011 Introduction The Research OPSWAT releases quarterly market share reports for several sectors of the security industry. This quarter s report includes
More informationEnterprise Anti-Virus Protection
Enterprise Anti-Virus Protection APRIL - JUNE 2014 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware
More informationNEXT GENERATION FIREWALL COMPARATIVE ANALYSIS
NEXT GENERATION FIREWALL COMPARATIVE ANALYSIS Security Value Map (SVM) Author Thomas Skybakmoen Tested Products Barracuda F800b Check Point 13500 Cisco ASA 5525-X Cisco ASA 5585-X SSP60 Cisco FirePOWER
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationTypes of cyber-attacks. And how to prevent them
Types of cyber-attacks And how to prevent them Introduction Today s cybercriminals employ several complex techniques to avoid detection as they sneak quietly into corporate networks to steal intellectual
More informationSymantec AntiVirus Corporate Edition Patch Update
Symantec AntiVirus Corporate Edition Patch Update Symantec AntiVirus Corporate Edition Update Documentation version 10.0.1.1007 Copyright 2005 Symantec Corporation. All rights reserved. Symantec, the Symantec
More informationWindows Updates vs. Web Threats
Windows Updates vs. Web Threats HOW WELL DO WINDOWS UPDATES PROTECT AGAINST MALWARE? Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This test explores how much
More informationMicrosoft Software Update Services and Managed Symantec Anti-virus. Michael Satut TSS/Crown IT Support m-satut@northwestern.edu
Microsoft Software Update Services and Managed Symantec Anti-virus Michael Satut TSS/Crown IT Support m-satut@northwestern.edu Introduction The recent increase in virus and worm activity has created the
More informationAn Old Dog Had Better Learn Some New Tricks
ANALYST BRIEF An Old Dog Had Better Learn Some New Tricks PART 2: ANTIVIRUS EVOLUTION AND TECHNOLOGY ADOPTION Author Randy Abrams Overview Endpoint protection (EPP) products are ineffective against many
More informationSymantec Endpoint Protection Integration Component 7.5 Release Notes
Symantec Endpoint Protection Integration Component 7.5 Release Notes Symantec Endpoint Protection Integration Component 7.5 Release Notes Legal Notice Copyright 2013 Symantec Corporation. All rights reserved.
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationSymantec Event Collector 4.3 for Microsoft Windows Quick Reference
Symantec Event Collector 4.3 for Microsoft Windows Quick Reference Symantec Event Collector for Microsoft Windows Quick Reference The software described in this book is furnished under a license agreement
More informationDATA CENTER IPS COMPARATIVE ANALYSIS
DATA CENTER IPS COMPARATIVE ANALYSIS Security Value Map (SVM) 2014 Thomas Skybakmoen, Jason Pappalexis Tested Products Fortinet FortiGate 5140B, Juniper SRX 5800, McAfee NS- 9300, Sourcefire 8290-2 Overview
More informationAchieve Deeper Network Security
Achieve Deeper Network Security Dell Next-Generation Firewalls Abstract Next-generation firewalls (NGFWs) have taken the world by storm, revolutionizing network security as we once knew it. Yet in order
More informationGetting Started with Symantec Endpoint Protection
Getting Started with Symantec Endpoint Protection 20983668 Getting Started with Symantec Endpoint Protection The software described in this book is furnished under a license agreement and may be used only
More informationTrend Micro OfficeScan 11.0. Best Practice Guide for Malware
Trend Micro OfficeScan 11.0 Best Practice Guide for Malware Information in this document is subject to change without notice. The names of companies, products, people, characters, and/or data mentioned
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationReal World and Vulnerability Protection, Performance and Remediation Report
Real World and Vulnerability Protection, Performance and Remediation Report A test commissioned by Symantec Corporation and performed by AV-Test GmbH Date of the report: September 17 th, 2014, last update:
More informationSymantec Integrated Enforcer for Microsoft DHCP Servers Getting Started Guide
Symantec Integrated Enforcer for Microsoft DHCP Servers Getting Started Guide Legal Notice Copyright 2006 Symantec Corporation. All rights reserved. Federal acquisitions: Commercial Software - Government
More informationTracking Anti-Malware Protection 2015
Tracking Anti-Malware Protection 2015 A TIME-TO-PROTECT ANTI-MALWARE COMPARISON TEST Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to measure
More informationBest Practices in Deploying Anti-Malware for Best Performance
The Essentials Series: Increasing Performance in Enterprise Anti-Malware Software Best Practices in Deploying Anti-Malware for Best Performance sponsored by by Eric Schmidt Be st Practices in Deploying
More informationDetermining Your Computer Resources
Determining Your Computer Resources There are a number of computer components that must meet certain requirements in order for your computer to perform effectively. This document explains how to check
More informationSmall Business Anti-Virus Protection
Small Business Anti-Virus Protection APRIL - JUNE 2013 Dennis Technology Labs www.dennistechnologylabs.com This report aims to compare the effectiveness of anti-malware products provided by well-known
More information2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles
FIREWALL COMPARATIVE ANALYSIS Performance 2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles Tested Products Barracuda F800, Check Point 12600, Cyberoam CR2500iNG, Dell SonicWALL NSA 4500,
More informationGetting Started Guide for Symantec On-Demand Protection for Outlook Web Access 3.0
Getting Started Guide for Symantec On-Demand Protection for Outlook Web Access 3.0 PN: 12199694 Getting Started Guide for Symantec On-Demand Protection for Outlook Web Access 3.0 The software described
More informationTrend Micro OfficeScan 10.5 Release
Trend Micro OfficeScan 10.5 Release A Broadband-Testing Report Update First published June 2010 (V1.1) Published by Broadband-Testing A division of Connexio-Informatica 2007, Andorra Tel : +376 633010
More informationWEB APPLICATION FIREWALL COMPARATIVE ANALYSIS
WEB APPLICATION FIREWALL COMPARATIVE ANALYSIS Security Value Map (SVM) Author Thomas Skybakmoen Tested Products Barracuda Networks Web Application Firewall 960 Citrix NetScaler AppFirewall MPX 11520 Fortinet
More informationBest Practices for Running Symantec Endpoint Protection 12.1 on Point-of- Sale Devices
TECHNICAL BRIEF: BEST PRACTICES GUIDE FOR PROTECTING RETAIL....... POS.... SYSTEMS............................. Best Practices for Running Symantec Endpoint Protection 12.1 on Point-of- Sale Devices Who
More informationHome Anti-Virus Protection
Home Anti-Virus Protection JANUARY - MARCH 2013 Dennis Technology Labs www.dennistechnologylabs.com This report aims to compare the effectiveness of anti-malware products provided by well-known security
More informationStreamlining Web and Email Security
How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Streamlining Web and Email Security sponsored by Introduction to Realtime Publishers by Don Jones, Series Editor
More informationSymantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations
Symantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations Technical Product Management Team Endpoint Security Copyright 2007 All Rights Reserved Revision 6 Introduction This
More informationCisco Unified Workforce Optimization
Cisco Unified Workforce Optimization Desktop Requirements Guide Version 10.5 First Published: June 18, 2014 Last Updated: March 6, 2015 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS
More informationTechnology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection
Technology Blueprint Secure Your Virtual Desktop Infrastructure Optimize your virtual desktop infrastructure for performance and protection LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL
More informationSymantec Event Collector for Kiwi Syslog Daemon version 3.7 Quick Reference
Symantec Event Collector for Kiwi Syslog Daemon version 3.7 Quick Reference Symantec Event Collector for Kiwi Syslog Daemon Quick Reference The software described in this book is furnished under a license
More informationSmall Business Anti-Virus Protection
Small Business Anti-Virus Protection JULY - SEPTEMBER 2012 Dennis Technology Labs www.dennistechnologylabs.com This report aims to compare the effectiveness of anti-malware products provided by well-known
More informationAchieve Deeper Network Security and Application Control
Achieve Deeper Network Security and Application Control Dell Next-Generation Firewalls Abstract Next-generation firewalls (NGFWs) have emerged to revolutionize network security as we once knew it. Yet
More informationProactive Rootkit Protection Comparison Test
Proactive Rootkit Protection Comparison Test A test commissioned by McAfee and performed by AV-TEST GmbH Date of the report: February 2 th, 213 Executive Summary In January 213, AV-TEST performed a comparative
More informationSmall Business Anti-Virus Protection
Small Business Anti-Virus Protection OCT - DEC 2014 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware
More informationIBM Endpoint Manager for Core Protection
IBM Endpoint Manager for Core Protection Device control and endpoint protection designed to guard against malware and loss of sensitive data Highlights Delivers real-time endpoint protection against viruses,
More informationVeritas Cluster Server Getting Started Guide
Veritas Cluster Server Getting Started Guide Windows Server 2003, Windows Server 2008 5.1 Service Pack 2 21101490 Veritas Cluster Server Getting Started Guide The software described in this book is furnished
More informationCORPORATE AV / EPP COMPARATIVE ANALYSIS
CORPORATE AV / EPP COMPARATIVE ANALYSIS Exploit Protection 2013 Randy Abrams, Dipti Ghimire, Joshua Smith Tested Vendors AVG, ESET, F- Secure, Kaspersky, McAfee, Microsoft, Norman, Panda, Sophos, Symantec,
More informationKaspersky Security. for Virtualization 1.1 and Trend Micro Deep. Security 8.0 virtual environment detection rate and performance testing by AV-Test
Kaspersky Security for Virtualization 1.1 and Deep Security 8.0 virtual environment detection rate and performance testing by AV-Test Kaspersky Security for Virtualization, Kaspersky Lab s corporate security
More informationSmall Business Anti-Virus Protection
Small Business Anti-Virus Protection JANUARY - MARCH 2014 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware
More informationCisco WebEx Meetings Server System Requirements
First Published: October 21, 2012 Last Modified: October 21, 2012 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 8 526-00 800 553-NETS
More informationSymantec Endpoint Protection Analyzer Report
Symantec Endpoint Protection Analyzer Report For Symantec Customer Table of Contents Statement of Confidentiality... 3 1. Introduction... 4 2. Environmental Analysis Overview... 5 2.1 Findings Overview...
More informationMcAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software
McAfee Global Threat Intelligence File Reputation Service Best Practices Guide for McAfee VirusScan Enterprise Software Table of Contents McAfee Global Threat Intelligence File Reputation Service McAfee
More informationCore Protection Module 1.6 for Mac powered by. User s Guide
Core Protection Module 1.6 for Mac July, 2010 Copyright All rights reserved. Copyright 1998-2010 Trend Micro Incorporated. BigFix, Fixlet, Relevance Engine, Powered by BigFix and related BigFix logos are
More informationHome Anti-Virus Protection
Home Anti-Virus Protection APRIL - JUNE 2013 Dennis Technology Labs www.dennistechnologylabs.com This report aims to compare the effectiveness of anti-malware products provided by well-known security companies.
More informationSmall Business Anti-Virus Protection
Small Business Anti-Virus Protection JULY - SEPTEMBER 2013 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware
More informationBest Practice Configurations for OfficeScan (OSCE) 10.6
Best Practice Configurations for OfficeScan (OSCE) 10.6 Applying Latest Patch(es) for OSCE 10.6 To find out the latest patches for OfficeScan, click here. Enable Smart Clients 1. Ensure that Officescan
More informationTEST METHODOLOGY. Endpoint Protection Evasion and Exploit. v4.0
TEST METHODOLOGY Endpoint Protection Evasion and Exploit v4.0 Table of Contents 1 Introduction... 3 1.1 Inclusion Criteria... 3 2 Product Guidance... 5 2.1 Recommended... 5 2.2 Neutral... 5 2.3 Caution...
More informationCourse: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems
Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding
More information2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles
FIREWALL COMPARATIVE ANALYSIS Total Cost of Ownership (TCO) 2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles Tested s Barracuda F800, Check Point 12600, Cyberoam CR2500iNG, Dell SonicWALL
More informationSmall Business Anti-Virus Protection
Small Business Anti-Virus Protection JULY - SEPT 2015 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware
More informationClient Manager for Endpoint Protection (CMEP)
Client Manager for Endpoint Protection (CMEP) Release Notes Version 1.0 January, 2010 All rights reserved. BigFix, Fixlet, Relevance Engine, Powered by BigFix and related BigFix logos are trademarks of
More informationHow McAfee Endpoint Security Intelligently Collaborates to Protect and Perform
How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform McAfee Endpoint Security 10 provides customers with an intelligent, collaborative framework, enabling endpoint defenses to
More informationSymantec Event Collector for Cisco NetFlow version 3.7 Quick Reference
Symantec Event Collector for Cisco NetFlow version 3.7 Quick Reference Symantec Event Collector for Cisco NetFlow Quick Reference The software described in this book is furnished under a license agreement
More informationEndpoint Business Products Testing Report. Performed by AV-Test GmbH
Business Products Testing Report Performed by AV-Test GmbH January 2011 1 Business Products Testing Report - Performed by AV-Test GmbH Executive Summary Overview During November 2010, AV-Test performed
More informationMRG Effitas Real World Enterprise Security Exploit Prevention March 2015. Real World Enterprise Security Exploit Prevention Test.
Real World Enterprise Security Exploit Prevention Test March 2015 1 1 Executive summary...3 2 Certifications...6 3 Test methodology...7 3.1 Source of exploits...9 3.2 False positive test... 10 3.3 0-day
More informationMRG Effitas Real World Enterprise Security Exploit Prevention March 2015. Real World Enterprise Security Exploit Prevention Test.
Real World Enterprise Security Exploit Prevention Test March 2015 1 1 Executive summary... 3 2 Certifications... 6 3 Test methodology... 7 3.1 Source of exploits... 9 3.2 False positive test... 10 3.3
More informationBest Practices for Running Symantec Endpoint Protection 12.1 on the Microsoft Azure Platform
TECHNICAL BRIEF: BEST PRACTICES GUIDE FOR RUNNING SEP ON.... AZURE.................................... Best Practices for Running Symantec Endpoint Protection 12.1 on the Microsoft Azure Platform Who should
More informationSymantec Protection for SharePoint Servers 6.0.4. Getting Started Guide
Symantec Protection for SharePoint Servers 6.0.4 Getting Started Guide Symantec Protection for SharePoint Servers Getting Started Guide The software described in this book is furnished under a license
More informationSymantec Backup Exec System Recovery Exchange Retrieve Option User's Guide
Symantec Backup Exec System Recovery Exchange Retrieve Option User's Guide Symantec Backup Exec System Recovery Exchange Retrieve Option User's Guide The software described in this book is furnished under
More informationSymantec Endpoint Protection Small Business Edition 12.1.2 Getting Started Guide
Symantec Endpoint Protection Small Business Edition 12.1.2 Getting Started Guide Symantec Endpoint Protection Small Business Edition Getting Started Guide The software described in this book is furnished
More informationTotal Defense Endpoint Premium r12
DATA SHEET Total Defense Endpoint Premium r12 Overview: Total Defense Endpoint Premium Edition r12 offers comprehensive protection for networks, endpoints and groupware systems from intrusions, malicious
More informationDesktop Release Notes. Desktop Release Notes 5.2.1
Desktop Release Notes Desktop Release Notes 5.2.1 COPYRIGHT Copyright 2011 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval
More informationHow To Sell Security Products To A Network Security Company
Market Segment Definitions Author Joshua Mittler Overview In addition to product testing, NSS Labs quantitatively evaluates market size for each of the product categories tested. NSS provides metrics that
More informationSecuring the endpoint and your data
#SymVisionEmea #SymVisionEmea Securing the endpoint and your data Piero DePaoli Sr. Director, Product Marketing Marcus Brownell Sr. Regional Product Manager Securing the Endpoint and Your Data 2 Safe harbor
More informationHost OS Compatibility Guide
Host OS Compatibility Guide Last Updated: December 16, 2014 For more information go to vmware.com. Host Operating System Compatibility Microsoft Windows 7 Supported s Windows 7 vsphere Client (Windows)4.1
More information1. Server 2008 - Microsoft FEP 2010 - Instalation
1. Server 2008 - Microsoft FEP 2010 - Instalation 1 2. Windows XP x86 (32bit) - Microsoft FEP 2010 Instalation 2 3 2.1. 4 System Requirements Microsoft Forefront Endpoint Protection 2010 1 System Requirements
More informationEmail AntiVirus. Administrator Guide
Email AntiVirus Administrator Guide Email AntiVirus Administrator Guide Documentation version: 1.0 Legal Notice Legal Notice Copyright 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec
More informationSystem Requirements and Platform Support Guide
Foglight 5.6.7 System Requirements and Platform Support Guide 2013 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in
More informationInstallation Guide for Symantec Endpoint Protection and Symantec Network Access Control
Installation Guide for Symantec Endpoint Protection and Symantec Network Access Control Installation Guide for Symantec Endpoint Protection and Symantec Network Access Control The software described in
More informationBROWSER SECURITY COMPARATIVE ANALYSIS
BROWSER SECURITY COMPARATIVE ANALYSIS Privacy Settings 2013 Randy Abrams, Jayendra Pathak Tested Vendors Apple, Google, Microsoft, Mozilla Overview Privacy is an issue on the front lines of the browser
More informationEndpoint Security Solutions Comparative Analysis Report
Endpoint Security Solutions Comparative Analysis Report (Physical Environment) Vendors Tested Trend Micro McAfee Symantec Sophos Microsoft To: Trend Micro Indusface Contact Kandarp Shah Vice President
More informationNessus and Antivirus. January 31, 2014 (Revision 4)
Nessus and Antivirus January 31, 2014 (Revision 4) Table of Contents Introduction... 3 Standards and Conventions... 3 Overview... 3 A Note on SCAP Audits... 4 Microsoft Windows Defender... 4 Kaspersky
More informationSecuring Endpoints without a Security Expert
How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Securing Endpoints without a Security Expert sponsored by Introduction to Realtime Publishers by Don Jones, Series
More informationSymantec Endpoint Protection 12.1.4
Data Sheet: Endpoint Security Overview provides unrivaled security across physical and virtual platforms and support for the latest operating systems-mac OS X 10.9 and Windows 8.1. Powered by Symantec
More informationINSIDE. Management Process. Symantec Corporation TM. Best Practices Roles & Responsibilities. Vulnerabilities versus Exposures.
Symantec Corporation TM Symantec Product Vulnerability Management Process Best Practices Roles & Responsibilities INSIDE Vulnerabilities versus Exposures Roles Contact and Process Information Threat Evaluation
More informationAbout Recovery Manager for Active
Dell Recovery Manager for Active Directory 8.6.1 May 30, 2014 These release notes provide information about the Dell Recovery Manager for Active Directory release. About Resolved issues Known issues System
More information