SR B10: Improving Antispam Effectiveness and Protecting Against Threats with Submissions 2.0

Similar documents
On and off premises technologies Which is best for you?

Your is outsourced to the Cloud and Mobile, Are You protecting it with Encryption? Wolf Schreiner

Improving Business Outcomes: Plug in to Security As A Service Adrian Covich

Symantec Messaging Gateway 10.5

Product Roadmap Symantec Endpoint Protection Suzanne Konvicka & Paul Murgatroyd

Symantec Messaging Gateway 10.6

UP L13: Leveraging the full protection of SEP 12.1.x

Better Together: Microsoft Office 365 & Symantec Office 365

Integrating MSS, SEP and NGFW to catch targeted APTs

Solution Brief: Enterprise Security

Security.cloud Configuring DLP on to your flow and applying security to your hosted deployment

Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data

What s New with Enterprise Vault 11? Symantec Enterprise Vault 11 - What's New?

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

Securing the endpoint and your data

You ll learn about our roadmap across the Symantec and gateway security offerings.

Comprehensive protection. Streamlined administration console

INFORMATION PROTECTED

Secure Your Mobile Workplace

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

Mod 08: Exchange Online FOPE

IronPort Plug-in for Outlook VERSION 1.8 ADMINISTRATOR GUIDE

Unified Security, ATP and more

Cisco Security Intelligence Operations

Protecting the Infrastructure: Symantec Web Gateway

Symantec Protection Suite Add-On for Hosted and Web Security

Exchange Online Protection In-Depth

Copyright 2011 Sophos Ltd. Copyright strictly reserved. These materials are not to be reproduced, either in whole or in part, without permissions.

#ITtrends #ITTRENDS SYMANTEC VISION

Symantec Protection Suite Small Business Edition A simple, effective and affordable solution designed for small businesses

Symantec Enterprise Vault for Microsoft Exchange

Symantec Security.cloud - Skeptic Whitepaper

ISB13 Web security deployment options - which is really best for you? Duncan Mills, Piero DePaoli, Stuart Jones

Symantec Messaging Gateway powered by Brightmail

Find the needle in the security haystack

Introducing IBM s Advanced Threat Protection Platform

SR B17. The Threat Landscape Continues to Change: How are You Keeping Pace? Dean Turner

Symantec Enterprise Vault for Microsoft Exchange Server

SM B13: Symantec Data Insight Ketan Shah, Principal Product Manager John Dodds, Director Technical Product Manager

Veritas Enterprise Vault for Microsoft Exchange Server

Symantec Brightmail Gateway Real-time protection backed by the largest investment in security infrastructure

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

/Endpoint Security and More Rondi Jamison

Symantec Enterprise Vault for Microsoft Exchange

Data Sheet: Archiving Symantec Enterprise Vault Store, Manage, and Discover Critical Business Information

Symantec Messaging Gateway for Service Providers Implementation Guide

How To Create An Insight Analysis For Cyber Security

Cisco RSA Announcement Update

Websense Security Transition Guide

Comprehensive Anti-Spam Service

Webroot Security Intelligence. The World s Most Powerful Real-Time Network Security Services

Deciphering and Mitigating Blackhole Spam from -borne Threats

AntiSpam. Administrator Guide and Spam Manager Deployment Guide

聚 碩 科 技 主 題 : 如 何 幫 企 業 行 動 商 務 建 立 安 全 機 制 職 稱 : 技 術 顧 問

Data Sheet: Archiving Symantec Enterprise Vault for Microsoft Exchange Store, Manage, and Discover Critical Business Information

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION

FortiMail Filtering Course 221-v2.0. Course Overview. Course Objectives

TECHNOLOGY BRIEF: ENTERPRISE SOLUTIONS. Symantec Premium AntiSpam Evaluation Guide

Why Content Filters Can t Eradicate spam

Intelligent Information Management: Archive & ediscovery

Correlation and Phishing

Data Sheet: Messaging Security Symantec Brightmail Gateway Award-winning messaging security for inbound protection and outbound control

Symantec Intelligence Report: February 2013

Quick Reference. Administrator Guide

Tivoli Automation for Proactive Integrated Service Management

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

Symantec Protection Suite Small Business Edition

IBM Security Network Protection

Enterprise Vault.cloud. Microsoft Exchange Managed Folder Archiving Guide

Symantec Cyber Security Services: DeepSight Intelligence

How Shared Security Intelligence Can Better Stop Targeted Attacks

Cyber intelligence in an online world

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

Services Deployment. Administrator Guide

White Paper. Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation

Symantec Endpoint Protection

Pipeliner CRM Phaenomena Guide Add-In for MS Outlook Pipelinersales Inc.

V1.4. Spambrella Continuity SaaS. August 2

Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide

End-to-End Application Security from the Cloud

End to End Security do Endpoint ao Datacenter

White paper December Addressing single sign-on inside, outside, and between organizations

Countering Insider Threats Jeremy Ho

Public, Private, Hybrid:

Walter Bogorad, Lead Architect Aman Manik, Principal Product Manager. Secure File Sharing Using Norton Zone powered by Symantec

eprism Security Appliance 6.0 Intercept Anti-Spam Quick Start Guide

Protect Your Enterprise With the Leader in Secure Boundary Services

Customer Case Study Patch, Monitor, and Manage Servers

Symantec Enterprise Security: Strategy and Roadmap Galin Grozev

SonicWALL Anti-Spam Desktop User Guide

DashBoard Beta Web Server

Technology Blueprint. Protect Your . Get strong security despite increasing volumes, threats, and green requirements

McAfee Web Reporter Turning volumes of data into actionable intelligence

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Symantec Protection Suite Small Business Edition

FireEye Threat Prevention Cloud Evaluation

Datacenter Management Optimization with Microsoft System Center

Installation and configuration guide

Transcription:

SR B10: Improving Antispam Effectiveness and Protecting Against Threats with Submissions 2.0 Angelos Kottas, Sr. Manager, Product Management Amanda Grady, Sr. Product Manager SR B10: Submissions 2.0 1

Agenda 1 How Symantec Back-end Systems Work Today 2 Key Challenges 3 Introducing the Symantec Email Submission Client 4 Introducing Submissions 2.0 5 Q & A SR B10: Submissions 2.0 SYMANTEC VISION 2012 2

How Symantec Back-end Systems Work Today SR B10: Submissions 2.0 3

Symantec Back-end Systems: Email Security Global Intelligence Network Skeptic Link Following Heuristics Threat Intelligence Human Machine Content + IP Rules Messages Probes Submissions Statistics Rules Firing 4 Messages Blocked SR B10: Submissions 2.0 SYMANTEC VISION 2012

Reconnaissance Global Intelligence Network World leading sensor breadth and depth Global footprint across consumer, enterprise, and service provider Newly emerging intelligence feeds Phishing Norton Good Reputation Messaging Intelligence within the GIN: Industry leading patented Probe Network Submissions Symantec.cloud feeds of emerging threats via Skeptic SR B10: Submissions 2.0 SYMANTEC VISION 2012 5

Analysis Human Analysts Globally distributed Email Security Group (ESG) Coverage for 11 languages Human analysis of new attacks and synthesis of predictive filters Human remediation of false positives Tight coupling between analyst systems and automation teams Machine Automation Statistical Analysis Analysis Platform Vector Processing Engine Technology based Analyzers URL Analyzers IP Analyzers Scenario based Analyzers Hit and Run Analyzer Phishing Analyzer Symantec.Cloud analysis Heuristics Link Following SR B10: Submissions 2.0 SYMANTEC VISION 2012 6

Feedback Optimization Synchronization process through the conduit enables visibility into in-field firing rates Poorly performing rules are culled based on stats feedback Customer probe participation and URI Probes increase visibility into attack vectors specific to our customer base Remediation False Positives are processed by ESG Analysts False Negatives are analyzed and promoted to global ruleset SR B10: Submissions 2.0 SYMANTEC VISION 2012 7

Key Challenges SR B10: Submissions 2.0 8

Key Challenges Today Submissions are difficult: Preserving headers Remembering non-intuitive submission addresses Manual and error-prone Taking action is error probe: End users may submit legitimate email, or bulk/marketing mail that is considered unwanted by some customers but legitimate by other customers. Aggressive automation runs the risk of false positives Feedback is limited Global pool of millions of submissions, undifferentiated by customer Lack of concrete actions driven by a specific submission Need to integrate between on-prem gateway and cloud-based repository and reporting SR B10: Submissions 2.0 SYMANTEC VISION 2012 9

Introducing the Symantec Email Submission Client MAKING IT SIMPLE TO SUBMIT SR B10: Submissions 2.0 10

Antispam Effectiveness 101 Symantec Probe Network Global Intelligence Network Manual Submissions More Submitters More Samples Greater Accuracy Faster Submissions Quicker Rule Creation More spam blocked SR B10: Submissions 2.0 SYMANTEC VISION 2012 11

Symantec Email Submission Client (SESC) An application to allow Symantec customers to streamline the submission of spam/unwanted mail samples to Symantec using Microsoft Exchange. Simply dragging a message to the Missed Spam folder activates submission. No agent or application to be deployed to the end user desktop. Support for all rich Exchange clients (OWA, Blackberry, ios, IMAP, etc) SR B10: Submissions 2.0 SYMANTEC VISION 2012 12

Keeping it simple.. SESC is free to all Mail Security for Microsoft Exchange and Messaging Gateway customers. Available Today! Standalone Windows 2008 x64 application, supports MS Exchange 2007 & 2010. Tight integration with AD to enable controlled deployment. No end-user agent to manage or support. No training/learning curve for End Users. Ability to moderate user submissions before they are sent to Symantec. SR B10: Submissions 2.0 SYMANTEC VISION 2012 13

Submission Modes Explained Direct Submission Mode Moderated Submission Mode Customised Submission Mode Enabled end users can submit directly to Symantec. Submissions from end users are directed to a moderator. Moderator(s) decide if message should be submitted to Symantec. A combination of both direct and moderated modes. Some users can submit directly, some users are moderated. SR B10: Submissions 2.0 SYMANTEC VISION 2012 14

Submission Mode Example Warehouse Staff Moderated Executives All Moderated CTO - Direct Messaging Admin Moderators & Direct SR B10: Submissions 2.0 SYMANTEC VISION 2012 15

Automated Probe Network Participation Automated Probe Network participation Part of Symantec Messaging Gateway Streamlines participation of all enterprises in patented Probe Network Improves antispam effectiveness Globally Tailored to customer traffic SR B10: Submissions 2.0 SYMANTEC VISION 2012 16 16

Introducing Submissions 2.0 SR B10: Submissions 2.0 17

Disclaimer: This information is about pre-release software. Any unreleased update to the product or other planned modification is subject to ongoing evaluation by Symantec and therefore subject to change. This information is provided without warranty of any kind, express or implied. Customers who purchase Symantec products should make their purchase decision based upon features that are currently available. SR B10: Submissions 2.0 SYMANTEC VISION 2012 18

Next-Generation Email Protection Filtering Technology Context Global (Across all customers) Local (Tailored to an individual customer) IP Reputation (Who sent the email) Global reputation: Symantec Bad Sender List Third Party Bad Sender Lists Local reputation: Connection Classification Content (What does the email say) Global Spam Rules Customer-Specific Rules SR B10: Submissions 2.0 SYMANTEC VISION 2012 19

Submissions 2.0 Vision Three core concepts: Streamline and drive customer submissions of missed spam or false positives to Symantec Integrate submissions into custom rules to improve local effectiveness without impacting global accuracy Provide end-to-end visibility into submissions and their impact Customer A Submissions Customer-specific Rules Global Rules Customer B Customer-specific Rules Submissions SR B10: Submissions 2.0 SYMANTEC VISION 2012 20

Submissions 2.0 Vision Streamlined submissions Deliver an API to enable verified HTTPS submissions to Symantec Develop tools to streamline submission on the most popular messaging platforms (starting with Symantec Email Submission Client) Simplify and better document existing RFC-compliant submissions over email RFC-Compliant Email Submissions e.g. MS Exchange API-based HTTPS Submissions (SESC) SR B10: Submissions 2.0 SYMANTEC VISION 2012 21

Submissions 2.0 Vision Improved effectiveness Define custom filters based on submissions Deliver as a distinct disposition from global spam rules, and allow groupbased application of customer-specific spam disposition Automate creation and removal of custom rules based on false negative / false positive submissions Customize submitter roles and submission thresholds Cust. A Key Global Rules Cust. B Customer-Specific Rules Cust. C SR B10: Submissions 2.0 SYMANTEC VISION 2012 22

Submissions 2.0 Vision Improved visibility into submissions - enhanced reports for viewing submission activity Valid/invalid submissions Actions taken based on submissions Top submitters Impact of customer-specific filters (messages caught, etc.) Detailed reporting for individual submission status SMG Reporting Dashboard XML Feed SR B10: Submissions 2.0 SYMANTEC VISION 2012 23

Submission Details Report SR B10: Submissions 2.0 SYMANTEC VISION 2012 24

BLOC Aztec Mail User Mobile Mail User SR B10: Submissions 2.0 SYMANTEC VISION 2012 25

Coming in Symantec Messaging Gateway 10.0 Public Beta commenced on May 7 th, 2012 Sign up for the Beta at the following link: https://symbeta.symantec.com/callout/?callid=2814abc85bc04b879be3 34FAD97955B3 Or to keep it simple: http://tinyurl.com/smg10beta Release planned for second half of 2012 SR B10: Submissions 2.0 SYMANTEC VISION 2012 26

Thank you! Angelos Kottas: angelos_kottas@symantec.com Amanda Grady: amanda_grady@symantec.com Copyright 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. SR B10: Submissions 2.0 27

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information