Symantec Endpoint Protection (SEP) Technical Consultancy Services



Similar documents
Symantec Endpoint Protection Analyzer Report

SYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION

Symantec Endpoint Protection Enterprise Edition Best Practices Guidelines. Regional Product Management Team Endpoint Security

Endpoint Protection Small Business Edition 2013?

Ovation Security Center Data Sheet

Symantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations

Microsoft Windows Intune: Cloud-based solution

AVeS Cloud Security powered by SYMANTEC TM

Proven LANDesk Solutions

Patch Management SoftwareTechnical Specs

Symantec Endpoint Protection Datasheet

Sophos Enterprise Console policy setup guide. Product version: 5.2

Data Sheet: Archiving Altiris Client Management Suite 7.0 from Symantec Deploy, manage, secure, and troubleshoot

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Symantec AntiVirus Installation Guide

Endpoint protection for physical and virtual desktops

Support & Field Services

Ovation Security Center Data Sheet

Industrial Security for Process Automation

WHITE PAPER: BEST PRACTICES. Sizing and Scalability Recommendations for Symantec Endpoint Protection. Symantec Enterprise Security Solutions Group

Symantec Endpoint Protection

End-user Security Analytics Strengthens Protection with ArcSight

Data Sheet: Endpoint Security Symantec Network Access Control Comprehensive Endpoint Enforcement

An Oracle Technical White Paper May How to Configure Kaspersky Anti-Virus Software for the Oracle ZFS Storage Appliance

Kaspersky Endpoint Security 10 for Windows. Deployment guide

Endpoint Security Management

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

NAC at the endpoint: control your network through device compliance

Best Practices for Outdoor Wireless Security

Data Sheet: Endpoint Management Altiris Client Management Suite 7.0 Deploy, manage, secure, and troubleshoot

Best Practices for Running Symantec Endpoint Protection 12.1 on the Microsoft Azure Platform

SIMATIC. Process Control System PCS 7 Configuration Symantec Endpoint Protection (V12.1) Preface 1. Virus scanner administration 2.

Driving Company Security is Challenging. Centralized Management Makes it Simple.

Top five strategies for combating modern threats Is anti-virus dead?

IT INFRASTRUCTURE MANAGEMENT SERVICE ADDING POWER TO YOUR NETWORKS

Secure Your Mobile Workplace

Managed Service Plans

STPIC/Admin/002/ / Date: Sub: Quotation for purchase/renewal of Anti Virus Software Reg.

TELSTRA CLOUD SERVICES CLOUD INFRASTRUCTURE PRICING GUIDE AUSTRALIA

QUICK START GUIDE FOR CORE AND SELECT SECURITY CENTER 10 ENDPOINT SECURITY 10

On and off premises technologies Which is best for you?

IT Onsite Service Contract Proposal. For. <<Customer>> Ltd

Information Technology Solutions

PC Proactive Solutions Technical View

Modular Network Security. Tyler Carter, McAfee Network Security

How to Configure Symantec Protection Engine for Network Attached Storage for the Oracle ZFS Storage Appliance

Endpoint protection for physical and virtual desktops

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Confidence in a Connected World. MEEC Symantec Product Availability. John Lally MD Education Account Executive John_Lally@symantec.

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

STANDARD ON CONTROLS AGAINST MALICIOUS CODE

Basic Computer Security Part 2

Viewfinity Privilege Management Integration with Microsoft System Center Configuration Manager. By Dwain Kinghorn

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

Kaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management.

Malware and Other Malicious Threats

Did you know your security solution can help with PCI compliance too?

Symantec Endpoint Protection and Symantec Network Access Control Client Guide

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

Technical Product Overview. Employing cloud-based technologies to address security risks to endpoint systems

Maintaining, Updating, and Protecting Windows 7

Sagari Ltd. Service Catalogue and Service Level Agreement For Outsource IT Services

Introduction. PCI DSS Overview

Is Your Network a Sitting Duck? 3 Secrets to Securing Your Information Systems. Presenter: Matt Harkrider. Founder, Alert Logic

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

BitDefender Client Security Workstation Security and Management

Reducing the cost and complexity of endpoint management

Data Management Policies. Sage ERP Online

Next Gen Firewall and UTM Buyers Guide

Symantec Endpoint Protection

System Security Policy Management: Advanced Audit Tasks

Q A F 0 3. ger A n A m client dell dell client manager 3.0 FAQ

Symantec Endpoint Protection

HoneyBOT User Guide A Windows based honeypot solution

Healthcare IT Compliance Service. Services > Overview MaaS360 Healthcare IT Compliance Service

The self-defending network a resilient network. By Steen Pedersen Ementor, Denmark

White Paper. What the ideal cloud-based web security service should provide. the tools and services to look for

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

Redefining Endpoint Security: Symantec Endpoint Protection Russ Jensen

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

Symantec Endpoint Protection Small Business Edition Installation and Administration Guide

INFORMATION PROTECTED

PREMIER SUPPORT STANDARD SERVICES BRONZE SILVER GOLD

Symantec Endpoint Protection and Symantec Network Access Control Client Guide

SECURITY PATCH MANAGEMENT INSTALLATION POLICY AND PROCEDURES

Symantec Endpoint Protection Small Business Edition Implementation Guide

F-Secure Client Security. Administrator's Guide

EMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security

Cisco Security Optimization Service

Deep Security Vulnerability Protection Summary

Remote Services. Managing Open Systems with Remote Services

Transcription:

Symantec Endpoint Protection (SEP) Technical Consultancy Services Computer Security Technology Ltd (CSTL) provides advanced consultancy and on-site technical services for the installation, deployment and configuration of SEP, we offer eight principle services; Strategy & Architecture Workshop, Quick-Start, SAV-SEP Migration, SEP12x Upgrade, Health-Check, Competitive de-installation, Full deployment and Advanced Feature Set (AFS) activation. A detailed description and scope of works (SOW) is available for each of these services, a summary of each service can found below. 1. Strategy & Architecture Workshop: Involves a consultant spending up to a day onsite to establish a client s end point security requirements concerning preventive measures, related working practices, policies, procedures and evaluation risk, typically encompassing: Suitability of current countermeasures. Suggestions regarding good practices for endpoint precautions. Viruses, Trojans, ActiveX, Java, Worms, Spyware and malware. Preventative and corrective measures (policy, procedures & staff awareness) ISO27001/BS7799 Standards regarding Anti Virus Controls. Reducing endpoint management & improving security. Review of Clients infrastructure. Locktons Insurance Plc (International Insurance brokers) LIGS found themselves with an urgent need to move away from their current AV product. CSTL were selected to install, deploy and configure the SEP suite across their diverse and complex LAN and Wan structure. As Nick Tam (Network Consultant) explained In the UK alone, we have offices on the South coast, the Midlands and in the city of London with just about every operating system and configuration you could imagine. We needed a product that offered maximum protection for users with flexible installation and management options. CSTL assisted us to identify an AV strategy and then went about installing and deploying the product for us all conducted in a professional and swift manner. The SEP solution has given me centralized control and complete protection against viruses all of which has proved to us we made the right choice". The resulting document includes: Malware strategy for your network, Scan & Update policy, and a detailed explanation of the advanced SEP options & how they may improve your IT security posture 1 of 9

2. QUICK- START: 2 days on site to discuss the deployment and installation options for SEP. Customers use this service as they plan to complete the full roll out themselves but wish to quickly get to grips with the issues involved. The service uses an experienced and trained Symantec engineer on site, walking staff through the set- up process and providing recommendations about the best way to deploy, install and configure SEP. Issues that are typically raised at the quick-start are: Installation of SEP Manager and where applicable 2 representative GUP (Group update provider) and the NMD (non managed detectors) limited to s ingle subnet. Explaining and walkthrough overview of SEP distribution & rollout methods. Creating SEP Server scan & exclusion policy. Creating SEP Desktop & Server scan & exclusion policy. Walkthrough of Virus quarantine, risk reduction & SARC (Symantec Antivirus Research Centre) submission. Review of methods to remove existing AV Product. Desktop Deployment to representative sample up-to 5 desktops. Configuring up-to 3 standard reports and 3 alert types The service objective for this service is to setup the core management systems for SEP, which has a basic scanning and updating policy, thereby allowing the Customer to complete the endpoint installation themselves. 3. SAV-SEP Migration This service is designed for Customer using the SAV 9x or 10x versions or SEP 11x who need to upgrade to the latest SEP 12x. Typically user of SAV 9x/10x will be using the Symantec System Centre (SSC) for administration and control of the endpoints. This is replaced by the SEP Manager (SEPM) and the migration requires a parallel usage of both during the transition phase, for SEP 11x users they could embrace the new features for virtualized environments, typical service includes: Review of existing scan settings, exclusions and update policies within SSC. Suggested improvements of settings and policies along with explanation of enhancements including use of GUP s (Group update providers) and NMD s (non-managed detectors) Installation of SEPM and the creation of settings, policies and SEP groups. Review and suggestions for high availability, backup and maintenance tasks. Page 2 of 9 Version V9- Jan 2013

Test migration of SAV 9x/10x to SEP to test candidates. Upon customer acceptance, deployment to representative production clients. Full deployment of SEP to production clients. Configuration of GUPS and NMD s Report & Alert configuration. Decommissioning SSC. Documented As built handover guide with setting & policies. Does not extend to the configuration of the AFS (Advanced Feature Set) of SEP. Symantec Protection Centre (SPC): web reporting console New feature adoption and optimization for virtualized environments 4. SEP 12x Upgrade Version 12x provides many more functions and benefits over version 11x, such as: Improved Interface design Improved Support for 64bit systems Supporting and Securing virtualised environments both desktop & server Insight Reputation Scanning Improves Security and Speed o Insight Speeds scans by omitting executables with a Symantectrusted reputation from scans o Shared Insight Cache Speeds scans by allowing managed clients to share scan results, so any file that has been scanned with the current defs can be skipped by others o Download Insight Protects Portal Applications (browsers, ftp clients, etc) from downloading executables that are unproven or have a bad rep Real time behavioural analysis Smarter Upgrading and Updating options CSTL can provide two types of services for version 12 upgrades, as listed on the next page: Page 3 of 9 Version V9- Jan 2013

i. SEP 12 Upgrade Quick-Start: 2 days. This is suitable for Customers who wish to move to the latest version but don t necessarily want all the new functions enabled and they want to learn from our expertise in order to complete the majority of the upgrade themselves. CST engineers will review the customer s current SEP 11x installation, upgrade a single management server (SEPM), fully upgrade 5 networked representative clients ensuring knowledge transfer is provided to the Customers staff during the process and finally completing a technical handover document. The Quick-Start will not include the enabling of the new features, and is aimed at ensuring that the essential SEP components are upgraded to version 12x, whilst enabling the Customer to continue the client upgrade under their own resources. ii. SEP 12 bespoke Upgrade: Subject to agreed scope of works (SOW) This service suits Customers that either wish to take advantage of the new functionality and require policy and setup guidance, or Customers that require a full end to end upgrade project as they lack the resource or expertise themselves. CST engineers will create a customised SOW(Scope of Works) that details the requirements, a high level project plan and service deliverable s to meet the individual customers requirements, it may take the form of a full out tasked project with CST undertaking all tasks, or a hybrid option with strategic and key tasks undertaken by CST staff, and the Customer completing tertiary deployment actions themselves Technical Considerations Win2k is no longer supported. Min. spec. is winxpsp2 In multi-sepm replicating environment, all must be upgraded. Upgraded SEPM can continue to manage older client versions Page 4 of 9 Version V9- Jan 2013

5. Health Check A site visit to review the usage and status of SEP to ensure optimum performance and provide suggestions for improvement. The scope of the service includes a review of the following: SEP Manager (SEPM). o Version, installation review, sub component validation o Group structure o Update frequency & policy o Group policies for scanning (on access & on demand) & exclusions including reference to best practices and vendor recommendations. o Detection & Quarantine actions. GUPs (group update providers) effectiveness review/enhancement NMD s (non managed detectors) effectiveness review/enhancement, undertake network scan to identify endpoints at risk (non managed Anti Virus) Representative SEP client for a Workstation and a Server o Exclusions o User setting access o Location awareness settings Explanation & Introduction of AFS (advanced feature set), does not include activation. Review of virus incident reports to pin point virus attack trends and protection failures. Creation of best practice alerts: Outbreak and Update failure. Symantec Protection Centre (SPC): web reporting console Malicious Activity Assessment (MAA): the analysis of gateway traffic to identify control communication of Spyware, Botnet and Trojan infected hosts. Page 5 of 9 Version V9- Jan 2013

6. Competitive Deinstallation Sometimes the largest challenge of migrating to SEP is to first remove the existing antivirus agent. It may be that that current AV agent does not support a central deinstallation, or the removal would leave software remnants that may affect performance. CSTL can help the Customer with a rapid and controlled migration to SEP, using either the Competitive deinstallation scripts within SEP for small-to-medium deployments, or using Symantec Altiris solution for larger more complex environments. CSTL have developed a hardware style appliance to loan Customers; termed SUPA (Symantec Uninstaller Product Appliance). The SUPA has the Altiris solution installed along with the pre-requisite database and all necessary components to scan a network, identify the competitive agent, de-install and deploy SEP, before handing-off the ongoing management and control to the SEPM, key SUPA features include: Controlled and managed deinstallation of competitive antivirus software. No extra license or software cost for the Customer. Reduced complexity and increased visibility. Typically used as a pre-requisite phase, to SEP deployment. Allows granular and staged approach to deployment Remote diagnostics and management Management Style status reporting: Success, Exception & Re-tries. Express Newspapers & Channel 5 News. "We used CSTL for assist with the installation and setup of SEP, including the use of their SUPA product (Symantec Uninstaller Product Appliance), this allowed for a clean and rapid removal of the existing AV client solution. CST services enabled us to move very quickly to the latest version of SEP, which allowed us to realise the investment we made in the shortest amount of time. Dr Ben Dyer Joint IT Head. Page 6 of 9 Version V9- Jan 2013

7. Full Deployment: CSTL undertakes the full installation and configuration for SEP across all the client s systems. This option completely removes the need for client personnel. We recommend that key staff are present to ensure product awareness and education. The full deployment normally incorporates the Quick-Start (as above) along with the following: Agree project scope, objectives and deliverable s Uninstall/install to servers Install SEP manager (SEPM); group creation, update configuration, scan policies, and package creation. Install & configure quarantine server if required GUP (Group Update Providers) and NMD s (Non Managed Detectors) installation Existing Desktop anti-virus product un-installation Deploying SEP to desktops & servers Testing: server, workstation, updating and alerting configurations Where application activation of Advanced feature set (AFS) Documented As built handover guide with setting & policy s. Reporting walk through Best practice Alert creation: outbreak, update failure Subsequent revisit to perform SEP health-check Kuwait Investment office - London "CSTL have helped us with our Symantec security installation and setup services for over 8 years; allowing us to get on with our core IT objectives, whilst they take care of the SEP upgrades, policy tweaking and optimisation. Additionally CSTL played an instrumental role in the design and installation of our Symantec NAC solution to both to our production and DR sites. Peter Groves - IT security manager (Investment fund managers) Page 7 of 9 Version V9- Jan 2013

8. Advanced Feature Set (AFS): Within SEP there are advanced features that exceed traditional components for an anti virus solution, these advanced features provide extra levels of protection and are described briefly below: A. SEP ATTACHED MEDIA: - Control and manage USB device, read/write, permitted device type, file types and transfer direction. B. ENABLING LOCATION AWARENESS: - Applying different policies based on location e.g.; relaxed when in the office and more thorough when using public wifi for example. C. APPLICATION CONTROL: - Preventing unauthorized executables from launching to maintain standard desktop images, prevent intrusion & reduce risk. D. DESKTOP FIREWALL: - Ensure desktops PC/laptops are secure where they don t benefit from the protection of the LAN firewall. E. LOCAL NAC: - Prevent an unsafe SEP Host from connecting to the corporate LAN. F. FULL NAC: - Prevent any unsafe host from connecting to the corporate LAN. G. INTEGRATION: - Incorporating SEP with SEE (Symantec Endpoint Encryption) and Symantec Altiris Client management suite (patching, imaging, inventory, deployment). Each of the AFS s is a separate services engagement, please request our Scope of Works (SOW) for more detail. Page 8 of 9 Version V9- Jan 2013

What make our services exceptional? Professionalism: All our consultants are punctual, commensurably dressed, knowledgeable and polite. They will ensure the most effective use of time to deliver maximum value and will try to comply with Customers expectations and requests. Quality Assurance: Each engagement will have a documented Scope of works (SOW) setting out exact requirements and will include process controls such as:, stage reviews, checklists, method statements and post work surveys to measure and maintain standard. Competence: The engineers are technical trained and experienced to ensure a depth of knowledge. Endorsed by Symantec and having ongoing development to maintain solution comprehension. Service value +: As well as providing the service, CST engineers will where ever possible look to educate the Customer on the technology, and provide as much knowledge transfer as possible to empower the customers technical staff. Service Pledge: 100% refund, if you are not satisfied with our service, as we are that confident our service will match your expectations. If you require more information such as estimated costs, time scales, reference material, or availability then please call the London office on 0207 621 9740, our staff will be pleased to assist. Page 9 of 9 Version V9- Jan 2013

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information