An Introduction to Commulynx
Commulynx Key Team Members Commulynx has 17 people in our team, however the key people are as follows: Stephen Knights the founder and Managing Director with over 20 years experience working in IT Trevor Ings 16 years experience in IT, a technology specialist and leader in the business Broderick Smith 10 years experience managing his own IT Services Business and joins Commulynx through the Prodigi Merger. Gilbert Joseph -18 years of experience in IT from the SMB through to Enterprise, Education, Government & Telco. Primarily focused on Connectivity Routing, Switching, Security, Wireless & Load Balancing Commulynx - Websense Authorised Training Centre for APAC
Commulynx Key Team Members Commulynx has 17 people in our team, however the key people are as follows: Craig Marney 16 years experience and highly regarded as an industry leader, Luke Scerri 17 years experience and is the most highly regarded technical specialist in Data Security Enterprise solutions. Scott Agius 14 Years IT Technical Sales Experience with a strong Private Education and State Government focus Josephine Yeo Enterprise Sales Commulynx - Websense Authorised Training Centre for APAC
Growth Path 2008 Acquisition of Red Zed Technologies 2011 Commulynx awarded the exclusive Authorized Websense Training Partner for Australia and New Zealand 2012 Commulynx awarded the exclusive Websense Certified TRITON Integrator for Australia and New Zealand 2012 Acquisition/Merger with Prodigi Solutions 2013 Commulynx announced as a certified managed service provider under Sophos s new MSP security program Commulynx - Websense Authorised Training Centre for APAC
Company Facts Commulynx founded in 2006 Awarded CRN Fast 50 5 years in a row Companies in Australia) Government Approved Supplier High certifications with leading vendors (1 of only 4 IT
Driving Simplicity Across Your Security Portfolio Breakfast Event August 21 st 2014 presented by Commulynx & Sophos
Sophos Mobile Control The Security an Organization Needs with the Flexibility Users Deserve
Mobile devices are increasingly powerful Music player Personal email Calendar Company email Internet Text messages Chat Photos File store Banking
But can put data at risk 59% 51% 76% Say employees circumvent or disengage security features such as password and key lock Have experienced data loss in the last 12 months due to insecure mobile devices Believe mobile devices put their organization at risk but many do not have the controls (39%) or enforceable policies (45%) to reduce this risk Source: Ponemon Institute, Global Study on Mobility Risks, February 2012
The Impact of Mobility on the IT Services Desk Most Common Solutions 81% of organizations report that mobility has increased help desk workload Train service desk with scripts for most common Qs Provide self help documents on company portal 55% 52% 73% of organizations have not added staff Mobility accounts for about 10% of help desk calls Implement MDM Tool Trained level 2 on common mobile issues Implement peer to peer exchange for user self help 11% 32% 47% Source: Gartner (July 2013) N=392 Source: Gartner, 2013 N=392
Mobile management approaches
The Players
Is Security a Niche requirement? How many pieces of Android Malware have SophosLabs discovered?
The Security players in the MDM space
What are the main threats? 1. Myriad of devices and platforms 2. Data theft and loss 3. Malicious apps 4. Mobile patching 5. Jailbreaking (ios) and rooting (Android)
Access all areas Acceptable Use Agreement 1. Defines what users can and cannot do with their device 2. Stipulates what security controls have to be in place 3. Warns of a potential remote lock or even a remote wipe if policies are violated
What admins need to do Allow controlled corporate access Deal with lost or stolen devices Manage apps and app data Make life easier for IT
Allow controlled corporate access Access only given to managed devices which are complaint with security policies SMC uses a secure proxy to Exchange ActiveSync Set up policies to block access for devices which put data at risk Mobile Document Management and Encryption 1 Only give access to corporate resources and data if the device being used is properly secured and visible in your console
Deal with lost or stolen devices Force passcode or password for any managed device Remote lock and/or wipe Removes all mail and calendar items downloaded from Exchange (ios only) If a mobile goes missing, or even if the SIM card is changed you can be sure any company data is safe 1
Manage apps and app data Blacklist apps to stop installation Push managed apps to users which can be deleted with all data from SMC (ios only) Set policies, deploy and remove apps Manage Sophos Mobile Security - Enterprise from the SMC console (optional addon) If you want to make sure people are using anti-virus for Android then there is the option to integrate Mobile Security into SMC 2
Make life easier for IT Users can register, lock and wipe devices from a Self-Service Portal Management client and policy deployment is over the air Admins can set the functionality of the Self-Service Portal to suit their needs Full control of the device inventory with graphical reporting If people want to use their own phone for work just point them to the portal and they can register it themselves 2
2
Sophos Mobile Products Sophos Mobile Control - Mobile Device Management Sophos Mobile Security Anti-virus for Android devices Sophos Mobile Encryption Reader for ios and Android Stay compliant Improve usability Protect data and devices 2
EMM features Mobile Deployment Options EMM Features SMC On-prem Advanced SMC SaaS Advanced SMC On-prem Standard SMC SaaS Standard Cloud Mobile Mobile Device Management Mobile Application Management Mobile E-Mail Management Mobile Content Management Mobile Security & Compliance Note: Mobile Content Management for ios only; Cloud Mobile for ios only, admin enrollment only Note: Anti-malware & Web Filtering for Androids included in Advanced only; standard still includes basic security & compliance functionality
SMC 4.0 The better together release AV + Web Protection (labs integration) UTM SGN
Sophos UTM - BYOD (Bring Your Own Device): Connect Personal Devices to Company Network Mobile Control SMC and UTM combine to grant connectivity Secure Wi-Fi Secure VPN WiFi and/or VPN depending on device condition
Information Security - the basic rule Can any environment be 100% secure?
Information Security - the basic rule Technically, yes, but it would cost too much and hinder productivity. So let s be controversial and say, no.. It is not possible to 100% secure anything. * * Dr Craig Wright, Flinders University.
Information Security - the basic rule So what influences the decision on What to protect How to protect it How much should be spent on protecting it?
Information Security - the basic rule I could put you all to sleep by going through risk assessment calculation where we talk about.. Asset values Annualised loss expectancy Annualised rate of incident occurrence And come up with a dollar value or how much should be spent
Information Security - the basic rule Or we could just say Spend as much as we need to No More No Less
IT security sprawl Intrusion Prevention SSL VPN Gateway Router Firewall Spam filter Endpoint Protection Gateway Antivirus WAN link balancer Web filter Load balancer
Complexity Complexity is the greatest enemy of security In a recent survey of IT administrators, 86% said they d felt maintaining multiple security vendors products with different consoles, policies and support lines was costing too much time and money. Source: Sophos customer Loyalty Survey 2013
Sophos UTM The Complete Security Box Network Firewall Wireless Protection Network Protection Email Protection Web Server Protection Endpoint Protection Web Protection
Sophos UTM
UTM vs. Next Gen Firewall.. What is the difference? Is there a difference?
UTM vs. Next Gen Firewall.. The traditional firewall vendors were not well suited for UTM when it came on the market CheckPoint and Junipers UTM appliances were clumsy and underpowered. They were losing ground to more innovative products like Sophos. They did not have the intellectual property to compete across the spectrum of capabilities. They lacked good antivirus, antispam, or URL filtering engines. As such, rather than compete, they simply redefined themselves. The first step was to marginalize UTM to the small business market - Andrew Plato, President of Anitian Enterprise Security
Complete Security Can Be Made Simple Security everywhere Wherever the user is, whatever device they use, they re always protected Deployed How You Want Hardware, software, or virtual appliance, in the Amazon cloud or as a managed service Made Simple Easy setup, management and maintenance. Flexible to upgrade and expand protection.
SG 2xx/3xx/4xx Model Specifications All models are based on newest Intel Haswell architecture Model* Platform CPU, Cores (Threads) RAM Disks Max Ports Other SG 210 Sharkbay 2(2) Cores Celeron 2.7 GHz 8 250 GB HDD 14 (6 + 1 module*) SG 230 Sharkbay 2(2) Cores Pentium 3.2 GHz 8 120 GB SSD 14 (6 + 1 module*) SG 310 Sharkbay 2(4) Cores i3 3.5 GHz 12 180 GB SSD 18 (8 + 2SFP + 1 module*) SG 330 Sharkbay 4(4) Cores i5 2.9 GHz 12 180 GB SSD 18 (8 + 2SFP + 1 module*) SG 430 Denlow 4(4) Cores Xeon E3 3.6 GHz 16 240 GB SSD 24 (3 modules) SG 450 Denlow 4(8) Cores Xeon E3 3.9 GHz 16 2*240 GB SSD (RAID-1) 24 (3 modules) Optional redundant power supply *Modules: 8 GE copper 8 GE SFP 2 10GE SFP+
SG Series Performance Our fastest appliances ever!
Unified Security for Windows, Mac and Mobile Devices HQ office worker Updates, upgrades and reporting Sophos Cloud Remote office worker Home worker Roaming worker Admin (Anywhere)
Wait, you guys have a cloud too? Functionality
Wait, you guys have a cloud too? Functionality -AV/HIPS -Tamper Protection -Device Control -Web Control - ios MDM functionality
Sophos Cloud Capabilities Usability. Simplicity. Protection What s New Cloud-based management console Anti-malware with Live Protection HIPS Web Security Device Control User-based management and policy Multi-Platform (Protect Windows, Mac and Mobile) Web Control (Web Content Filtering) AD sync easy deployment and on-going management
A better way to manage security and no one else has this. Integrated Alerts for Mobile, Endpoint, and Web All User devices visible with one click to manage Clear list of policies applied to user
Traditional Endpoint and Next Gen Endpoint Traditional On premise administration Primarily Windows focused Anti-virus plus basic policies THREAT PROTECITON SECURITY POLICY Inadequately protects against: Advanced threats/ APTs Mobile / personal devices Data and devices everywhere Next Generation Endpoint User-based security policies protecting users on all their devices Context-aware security - network level threat protection integrated with endpoint agents Corporate data encrypted intransit and across all devices Advanced threat protection agents working together as a system Simple, user-based cloud management, with proactive remediation
What We Believe: Security must be comprehensive The capabilities required to fully satisfy customer need Security can be made simple Platform, deployment, licensing, user experience Security is more effective as a system New possibilities through technology cooperation
Threat landscape then and now! Modern malware is all about stealth Advanced persistent threats (APTs) precisely target individuals, businesses, governments and their data. Malware Evolves in 2013 Botnets Grow in Size and Stealth
Anatomy of a Hacked Mobile Device
Security Headlines
How do you mitigate these risks? Sophisticated cyber attacks are becoming more prevalent. 68% of IT managers don t know what an APT is. Are you one of them? Only 25% of companies know that they weren t victim to cyber attacks in the past 12 months. SophosLabs: Staying Ahead of Today s Most Sophisticated Attacks
Leverage & Strategic Alignment Evaluation of the Sophos products Implemented SW UTM within our Production environment Endpoint Deployment SMC (on premise) to a number of mobile devices Committed resources to certification paths o Sales Consultants o UTM Engineers o UTM Architect o MSP (Managed Service Provider) Partner o SMC Engineer o SMC Architect Gold Partner/Support
Sophos MSP Offering Moving from CAPEX to OPEX model Competitive monthly premium includes; o Hardware o Relevant Subscription for your environment o Configuration of Hardware o Commulynx Service Desk 1st & 2nd Level Assistance o Sophos Technical 3rd Level Assistance o UTM Hardware Maintenance o UTM Patch Management o UTM signature updates (if applicable) o Monthly Executive Report allows you to go back to your business!!
5 Security Excuses 1. No-one's interested in little old me 2. My printer won't work with the latest updates 3. I've got a Mac 4. Security slows your computer to a crawl 5. I only browse to safe sites The bottom line Just make sure, when you take on added risk by skipping security steps, that you find some other way to mitigate that risk.
Thank you. For further information on this presentation, please contact a member of the Commulynx Sales Team Broderick Smith - Parnter & Client Relationship Executive Josephine Yeo Enterprise Sales Manager Scott Agius Education & GovernmentSales Manager Ph: 1300 00 5969 www.commulynx.com