ENDPOINT PROTECTION Understanding the Challenges and Evaluating a Solution



Similar documents
Introduction (Contd )

Understanding the Total Cost of Ownership for Endpoint Security Solutions. A TCO White Paper

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

CA Host-Based Intrusion Prevention System r8.1

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

McAfee Total Protection Reduce the Complexity of Managing Security

Preparing Your Infrastructure for Enterprise Social Software: Strategies for Success

BENEFITS OF SERVERLESS COMPUTING

WEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World

Top five strategies for combating modern threats Is anti-virus dead?

DEVELOPING COMMUNICATION AND COLLABORATION IN BANKING AND FINANCIAL SERVICES FOR INCREASED BUSINESS VALUE

Symantec Endpoint Protection

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

Symantec Protection Suite Small Business Edition A simple, effective and affordable solution designed for small businesses

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

An Overview and Competitive Analysis of the One-Time Password (OTP) Market

Microsoft Forefront Endpoint Protection 2010 Evaluation Guide

WHITE PAPER. Understanding How File Size Affects Malware Detection

McAfee Server Security

Symantec Endpoint Protection

Spyware: Securing gateway and endpoint against data theft

INTRODUCING isheriff CLOUD SECURITY

End-user Security Analytics Strengthens Protection with ArcSight

Cyber Security Solutions for Small Businesses Comparison Report: A Sampling of Cyber Security Solutions Designed for the Small Business Community

Building a Web Security Ecosystem to Combat Emerging Internet Threats

Building a Business Case:

Integrated Protection for Systems. João Batista Territory Manager

White. Paper. Rethinking Endpoint Security. February 2015

isheriff CLOUD SECURITY

Symantec Endpoint Protection

overview Enterprise Security Solutions

INSERT COMPANY LOGO HERE

Cyber Security Solutions:

IBM Endpoint Manager for Core Protection

Technical Product Overview. Employing cloud-based technologies to address security risks to endpoint systems

How To Test For Security Protection

NAC at the endpoint: control your network through device compliance

Features Business Perspective.

Modular Network Security. Tyler Carter, McAfee Network Security

overview Enterprise Security Solutions

Total Protection for Compliance: Unified IT Policy Auditing

Advantages of Managed Security Services

McAfee Network Security Platform

PROACTIVE PROTECTION MADE EASY

Endpoint Security 2.0: The Emerging Role of Application Whitelisting Solutions. Todd Schell

Convergence of Desktop Security and Management: System Center 2012 Endpoint Protection and System Center 2012 Configuration Manager

McAfee Endpoint Protection for SMB. You grow your business. We keep it secure.

The ROI of Automated Agentless Endpoint Management

ENABLING FAST RESPONSES THREAT MONITORING

Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT

Symantec Endpoint Protection A unified, proactive approach to endpoint security

Top Four Considerations for Securing Microsoft SharePoint

End to End Security do Endpoint ao Datacenter

STPIC/Admin/002/ / Date: Sub: Quotation for purchase/renewal of Anti Virus Software Reg.

The Challenge of a Comprehensive Network Protection. Introduction

Network Security and the Small Business

Endpoint Security Solutions (Physical & VDI Environment) Comparative Testing Analysis

Symantec Protection Suite Add-On for Hosted and Web Security

Premise vs. Hosted Contact Center: Total Cost of Ownership Analysis

Countermeasures against Bots

Avoiding the Top 5 Vulnerability Management Mistakes

Video-enabled unified communications

Fighting Advanced Threats

Leveraging Specialized Hardware and Expertise in a Mid-Market Cloud

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

Symantec Endpoint Protection

McAfee Tackles the Complexities of Endpoint Security

Endpoint protection for physical and virtual desktops

Reducing the cost and complexity of endpoint management

Managing Security Risks in Modern IT Networks

Symantec Endpoint Protection

AVeS Cloud Security powered by SYMANTEC TM

Virtualization Essentials

Netsweeper Whitepaper

Automated Protection on UCS with Trend Micro Deep Security

Symantec Advanced Threat Protection: Network

Trend Micro Endpoint Comparative Report Performed by AV Test.org

Transcription:

ENDPOINT PROTECTION Understanding the Challenges and Evaluating a Solution A Paper Sponsored by Microsoft Author: Martha Vazquez, Network Security Analyst

TABLE OF CONTENTS TABLE OF CONTENTS Introduction 3 The Challenging Security Landscape 3 A Look at the Evolution and History of Endpoint Security 6 Current Business Security Challenges 7 Administration Challenges 7 Implementation Challenges 8 Effectiveness 8 Operational Complexities 8 Total Cost of Ownership (TCO) 9 The Viewpoint 9 About Microsoft Forefront Client Security 10 Unified Protection 10 Simplified Management 11 Reporting and Visibility 12 Overall Performance and Effectiveness 12 Reduced Total Cost of Ownership (TCO) 15 Conclusion 15 2

INTRODUCTION As security threats continue to increase and become more sophisticated, IT administrators are faced with the challenge of protecting all endpoints on the network while keeping dayto-day business processes running effectively in an organization. The implementation of security technologies to fight current threats is important, but the management of these technologies must also be easy and straightforward. IT administrators must alleviate the volume of threats in the enterprise caused by remote workers, partners, and external and internal employees. One of the most significant challenges for IT administrators is the constant flux of the security environment, which can be exacerbated by a lack of administrative resources to effectively manage security technologies. Installing a security solution can be especially difficult if productivity is affected as a result of a slow implementation process. A simplified and integrated solution can help IT administrators minimize the burden that most organizations face when implementing a security technology. Some of the business challenges faced today as a result of the evolving security landscape include problems with implementation, administration, effectiveness, and operational complexities. Microsoft Forefront Client Security (FCS) can help alleviate these challenges because of its unified protection, simplified administration, and comprehensive reporting capabilities. Microsoft Forefront Client Security proves to help reduce Total Cost of Ownership (TCO) through enhancement of performance measures. In addition, independent reviews from AV-Test.org and West Coast Labs, as well as a survey from Value Prism Consulting, prove that when using FCS, IT administrators are able to concentrate on business objectives while security challenges are reduced. THE CHALLENGING SECURITY LANDSCAPE The security landscape has changed dramatically in the past five years. In the past, hackers developed attacks for fun and recognition, but the paradigm has shifted away from pranks and now embraces hacking for profit. Hackers are increasingly involved in international organized crime and as a result, attacks have become more focused on obtaining specific types of data. Thus, threats are more advanced, application-oriented, and frequent. An example of the security threat landscape can be seen in the December 2007 Security Intelligence Report from Microsoft. The research offers an in-depth perspective on unwanted malicious and vulnerability software trends including the following statistics: The second half of 2007 showed a 15% decline in new vulnerability disclosures, but high severity vulnerabilities continue to increase. Malicious software has become a tool used by skilled criminals to target millions of computer users worldwide. 3

Once largely an e-mail-based phenomenon, the number of phishing attempts on social network sites is increasing. 129.5 million pieces of potentially unwanted software were detected between July 1 and December 31, 2007, resulting in 71.7 million removals. These figures represent increases of 66.7% in total detections and 55.4% in removals over the first half of 2007. Adware remained the most prevalent category of potentially unwanted software in the second half of 2007, increasing by more than 66%, from 20.6 million detections to 34.3 million detections. Although the number of reported vulnerabilities decreased in 2007, Internet threats from adware and phishing attempts continue to rise. Prevalent applications such as operating systems and mainstream software were targeted less, and the focus has shifted to customized, in-house applications or web applications. This has attracted the attention of hackers mainly due to the shift in focus in traditional network security. Phishing and adware attacks continue to remain a popular route to attack individuals, and the use of social network websites is an increasing threat to organizations. High severity vulnerabilities continue to increase and account for approximately 67% of all reported vulnerabilities. Chart 1.1 shows the number of vulnerabilities reported from the World Vulnerability Research Market study reported by quarter for the period 2004-2007. Chart 1.1: Number of Vulnerabilities Reported (Global) 200 180 Number of Vulnerabilities 160 140 120 100 80 60 40 20 0 4-2007 3-2007 2-2007 1-2007 4-2006 3-2006 2-2006 1-2006 4-2005 3-2005 2-2005 1-2005 4-2004 3-2004 2-2004 1-2004 Years by Quarter Note: All figures are rounded; the base year is 2007. Source: 4

Chart 1.2 shows the world vulnerability research market by severity in 2006 and 2007. Chart 1.2: Global Vulnerabilities Reported for 2006 and 2007 by Severity Number of Reported Vulnerabilities 400 350 300 250 200 150 100 50 0 High Medium Low Type of Severity 2006 2007 Note: All figures are rounded; the base years are 2006 and 2007. Source: As the security landscape continues to evolve, it presents difficult challenges for IT administrators who are charged with protecting client data from numerous advanced threats. While doing this, they are challenged by the changing workforce that requires access to information from multiple endpoints. As a result, IT administrators must work in a proactive rather than reactive mode. This can be particularly difficult since organizations are increasingly in a position where employees utilize technologies that the organization is not ready to support. At the same time, IT administrators have to be able to allow access to corporate information and manage all the endpoints effectively. To protect critical information from attacks, organizations have rushed to implement several infrastructure silos such as anti-malware, anti-spyware, firewalls, and network access control (NAC). The implementation and management of these siloed solutions has significantly increased operational complexity for IT administrators. Another challenge that IT administrators continually face is the increased need for compliance within regulatory environments. As attacks become more sophisticated, organizations are forced to find new ways to protect consumer and financial information. To achieve that goal, it becomes necessary to secure all endpoints from data corruption or from data loss, while also managing the systems on a daily basis in a manner that provides wide visibility into the managed systems. 5

A LOOK AT THE EVOLUTION AND HISTORY OF ENDPOINT SECURITY The endpoint security market has evolved as a result of new threats, but it has also resulted in confusion for IT administrators. In the 1990 s, anti-virus software emerged in response to malware and evolved to include endpoint security. The first virus appeared in the 1980 s followed by worms, macro viruses, and spyware. Polymorphic viruses soon appeared and anti-virus vendors had to address threats at the application layer versus the operating system. Behavior techniques were addressed over signature-based applications. In 2005 botnets arose on a rapid global scale and provided the tools that propelled a dramatic increase in cyber crime. As complex threats and attacks continued to rise; the endpoint security market emerged to combat the newer and more sophisticated threats. With the increasing complexity of threats, systems can be infected by a variety of malware, namely: Bots through spyware and adware, bots install malware on a computer and use it as their zombie to send spam or attack other computer systems. Phishing through adware or spyware, people are directed to malicious sites that look legitimate, such as a small bank or social networking site. Criminals have been found to target smaller, less-popular sites with data-theft (phishing) scams. However, large companies are becoming tougher and riskier to target as they are responding quickly to phishing attempts by providing increased security. Drive-by Download sites hosting exploits can install adware, spyware, bots, or other malware without the knowledge of the computer user. Drive-by downloads can happen simply by visiting the wrong website, viewing an e-mail message, or by clicking on a deceptive popup window. Spam spam can be used to seed malware or spyware directly as an attachment, or point the user to a site hosting an exploit to do the same. Today s most common malware attacks include: phishing, botnets, instant messaging, online gaming, windows vulnerabilities, and adware. Security vendors have implemented various technologies to protect against malware, but have also increased the level of confusion among IT administrators needing to manage the endpoint security network. Thus, a more holistic approach to endpoint security is needed that will continue to protect and manage an organization s network, while simplifying the management of the solution. Chart 1.3 shows the various technologies included in endpoint security. 6

Chart 1.3: Various Technologies Included in Endpoint Security Antivirus Data Leakage Prevention (DLP) Antispyware Application and Device Control Host Intrusion Prevention System (IPS) AntiSpam Endpoint Security Firewall Anti Phishing Network Access Control (NAC) Back Up Storage Source: IT administrators continue to be frustrated by the wide variety of threats that they must be prepared for and as they try to implement multiple technologies to protect endpoints on the network this proposes several strategic business challenges. CURRENT BUSINESS SECURITY CHALLENGES Administration Challenges The demands for IT administration to protect all endpoints on the network while maintaining usefulness of the endpoints as flexible business tools can be challenging. One has to wonder how this can be done as IT administrators face numerous challenges on a daily basis due to drastic increases in the administration workload over the past 15 years. IT objectives have also changed from the time when a basic security perimeter could protect an organization from most threats. Today, a basic security perimeter is merely the starting point for the IT administrator who not only deals with concentric circles of security, but also with regulatory compliance, as well as complex and hidden internal and external threats. As technology development continues to advance at a rapid pace, the recommended list of technologies to deploy for endpoint security is growing and keeping up with the changes is a daunting task. Implementing a variety of technologies for each endpoint can be timeconsuming and the availability of IT personnel to perform the implementation is frequently a concern. A solution that requires fewer time-consuming tasks and provides better 7

manageability of the various endpoint security technologies could help organizations better utilize limited numbers of IT personnel, while also increasing endpoint security. Implementation Challenges Many organizations struggle to implement adequate security measures and the challenge becomes even greater at large organizations with tens of thousands of users. While organizations understand the importance of implementing endpoint security technologies, they continue to be challenged by the negative impact on productivity, IT complexity, and operational costs associated with the need to implement security solutions from multiple vendors at different times. The implementation of client security solutions can cause fragmentation of security technology as a result of too many point products, poor interoperability, and lack of integration, which makes it difficult to respond to threats accordingly. Since many security solutions have their own management infrastructure, related management costs can be ongoing. Implementation of the various silos should be easily achieved without forgoing security. For these reasons, a holistic, multilayered defense and in-depth security approach will help reduce risk and better manage a network infrastructure. Effectiveness An effective security solution must address the evolving security landscape that consists of blended threats and zero-day threats. As threats continue to evolve, the ideal endpoint security solution for an organization needs to be one that does not slow performance and can deal effectively with certain types of malware. When malware is found, a user with an ineffective solution will suffer disruption in work, thus inhibiting productivity. An ineffective endpoint security solution can cause IT administration frustrations if it uses high system resources usage and slow boot times. With an effective solution, a user should not suffer from increased system lag when performing day-to-day operations on their office machine. Moreover, administrators can focus on critical business objectives, productivity enhancement, and reducing operational costs. Operational Complexities Anti-virus, anti-spyware, NAC, and other security solutions help protect an organization from threats, but managing multiple solutions for all endpoints that connect to the network remains a difficult task. Implementing several management consoles, each of which are responsible for running different policies and reports, can be overly complex and difficult to manage effectively. Ideally, the administrative control used by IT departments should reduce complexity and costs related to deploying multiple security solutions. 8

Total Cost of Ownership (TCO) The effects of using an inefficient solution can, over time, significantly increase overhead costs in the IT department and negatively impact employee productivity across the organization. Common organizational problems include: Reduced employee productivity as a result of slow application performance and downtime, Increased administrative overhead costs as a result of managing multiple endpoints, consoles, and reports, Increased risk of losing business-critical information, and Increased cost of infrastructure investments. Organizations can be negatively impacted by one or all of these problems if an adequate security endpoint solution fails to address all of the issues listed above. THE FROST & SULLIVAN VIEWPOINT believes there are a few guidelines that should be followed in order to help address endpoint security challenges in the enterprise. To begin with, an IT department needs to determine if the solution can provide the level of performance required to ensure that business applications run smoothly. If the product does not match specific business needs, it is not worth purchasing. The next important step is to determine if the endpoint solution can be easily managed and integrated with existing infrastructure software. Finally, the solution should provide IT administrators with insight into a system by permitting detailed reports on specific clients in order to focus on what is important. As increasing importance is placed on performance, speed, and accuracy of endpoint security, finding and implementing a solution that addresses these factors can be critically important. Some solutions can reduce system performance as a result of high CPU usage. During peak working hours, it is important that system resources are minimally impacted. System lags can also be detrimental when performing day-to-day operations; when malware is found, the user should experience minimal disruption to his or her work. Accuracy rates are increasingly important as they effectively detect viruses, which will enable faster response times. As threats continue to grow in size, a solution that consistently achieves accurate catch rates can easily reduce false positives and therefore enhance the effectiveness of a system. Security management and reporting continues to be a challenging drain on IT administrator time, organizational costs, and employee productivity. Real-time reporting allows immediate identification of current threats that require prompt attention. A solution that addresses these challenges can alleviate the complexities involved in deploying and managing various silos into the infrastructure. believes that Microsoft Forefront Client Security fits the needs of organizations seeking a simplified solution that addresses a variety of endpoint security problems faced by administrators. Microsoft Forefront Client Security 9

offers an integrated, comprehensive, and simplified solution that can be easily integrated into existing infrastructure software and widens an administrator s visibility and control of the network. It requires less memory and uses fewer resources, while simultaneously improving protection against advanced threats. Through the use of Forefront Client Security, administrators are able to eliminate administrative overhead through a single, easy-to-use management console. ABOUT MICROSOFT FOREFRONT CLIENT SECURITY Microsoft Forefront Client Security improves endpoint security and enhances productivity while minimizing operational costs. The solution includes unified protection from viruses and spyware for the client and server operating system. It also simplifies administration through a central management console, includes visibility and control of security reports, and also protects worker productivity across an enterprise. Unified Protection Forefront Client Security offers unified malware protection for business desktops, laptops, and server operating systems by providing an integrated anti-virus and anti-spyware engine to scan endpoints in real time. Advanced protection is accomplished through a variety of technologies including static analysis and emulation, heuristics, tunneling signatures, advanced system cleaning, and event flood protection. According to independent research conducted by AV-Test.org, Forefront Client Security is greatly effective against malware and its detection rates are extremely competitive. AV-Test.org found that Microsoft had a detection rate of 96.1% in November 2007 and in March 2008, the detection rate increased to 97.9%. Chart 1.4 details the malware detection rates of various vendors according to AVTest.org in November 2007. Chart 1.4: Analysis of the Effectiveness of Malware Detection Rates of Various Vendors, November 2007 Source: AV-Test.org 10

Chart 1.5 details the malware detection rates of various vendors according to AV-Test.org in March 2008. Chart 1.5: Analysis of the Effectiveness Malware Detection Rates of Various Vendors, March 2008 Source: AV-Test.org The detection rates clearly show that Forefront Client Security is very competitive in its ability to effectively detect malware. Simplified Management Forefront Client Security offers simplified management that allows enterprise-wide policy deployment through a single management console. The ability to offer a solution that easily integrates into other Forefront security solutions enhances administrators control. One policy is used to manage client protection agent settings such as scan schedules, signature update frequency, security state assessment settings, and alert levels. Forefront Client Security can also configure alerts, specifying the type of alert, level control type, and volume. Alerts alone will notify administrators of high-priority incidents including malware detection, a failure to remove malware, a malware outbreak, and if malware protection has been disabled. Through this simplified management, organizations can use fewer personnel resources to manage security issues and help desk calls. When organizations need to implement over 10,000 multiple client security users in the enterprise, implementing the Forefront Client Security Enterprise Manager eases the administration load. Through Enterprise Manager, IT administrators can centrally manage multiple client security deployments easily in the enterprise environment. Enterprise Manager consists of several main features including: Aggregation of reporting and alerting information from multiple client security deployments. Aggregated information is viewable in a single console and reports are generated from the aggregated information. 11

A single location for management of client security policies. A single location for initiation of enterprise-wide, anti-malware scanning. Reporting and Visibility The management console provides one dashboard visibility into threats and vulnerabilities across the organization. Insightful, prioritized reports can be produced that provide administrators better control over malware threats. The dashboard provides a snapshot of the current malware security status using real-time data and current malware trends. Reports also allow administrators to drill down to critical information and gather additional details such as which machine on the network has a malware problem. Through security state assessment, scanning alerts provide detailed reports that will summarize which PCs have not had the latest security patches and/or have not connected to the network recently. This assessment reporting can answer questions related to compliance, vulnerability trends, and risk. Overall Performance and Effectiveness Unlike other endpoint security solutions, Microsoft Forefront Client Security offers a solution that provides adequate performance measures. According to a study by West Coast Labs, a series of performance benchmarking tests and metric-based process evaluations found that Microsoft Forefront Client Security had the best performance on average. The products tested included: Microsoft Forefront Client Security Trend Micro OfficeScan Client/Server edition Symantec Endpoint Protection McAfee VirusScan Enterprise The objective of the test was to determine performance measures of Microsoft Forefront against market leaders such as Symantec and McAfee. Testing was performed from a network of Microsoft Windows Vista Business Ultimate clients and a Windows 2003 server. According to West Cost Labs, the Microsoft Forefront Client Security installation routine was both rapid and informative, providing a reasonable degree of customization. The results show that scanning times were faster than the average value for other vendor solutions being tested. There was a lack of impact on client system resources, which enabled increased efficiency in productivity. In addition, when malware was found, much of the reporting was processed on the server(s). The immediate benefit of this feature, and not found in the other solutions tested, was that the user experiences minimal work disruption. Charts 1.6 and 1.7 show the rankings based on the average results for the four endpoint security solutions test, with the best performing product shown first. 12

Chart 1.6 provides a performance comparison study by West Coast Labs of servers and clients of Microsoft Forefront Client Security against current competitive products. Chart 1.6: Microsoft Forefront Client Security vs. Legacy Competitive Products Product Name/ Capability Memory Footprint 1 Microsoft Forefront Client Security McAfee Active VirusScan with epo Symantec Corporate AntiVirus 10.2 TrendMicro OfficeScan Client/Server 7.3 Server 56.5 Mbs 42.2 Mbs 58.6 Mbs 52.3 Mbs Client 57.9 Mbs 40.5 Mbs 66.3 Mbs 20.2 Mbs Avg Usage, CPU & Memory 2 % Server Avg 2.0% 20.4% 30.5% 0.4% % Client Avg 11.1% 3.2% 29.4% 10.1% Boot time 4.5% Avg increase 45% avg increase 62% avg increase 3.2% avg increase increase 3 Scanning time (quick, full) Network 1 (Avg) 13.6 34.6 min 44.8 152.7 min 29.9-156.8 min 5.7 12.5 min Network 2 (Avg) 5.3 18.3 min 25.3 44.0 min 12.0 92.8 min 4.0 8.2 min AV-Test.org (March 2008) 4 % malware detected in 1+ M sample size 97.8% 95.6% 95.7% 98.7% Source: AV-Test.org, West Coast Labs 1 Blank scan, new network 2 Blank scan, network 2 3 Post-installation 4 Test of consumer anti-virus products using a malware sample covering approximately the last three years. 13

Chart 1.7 shows a performance comparison conducted by West Coast labs of infected and uninfected clients of Microsoft Forefront Client Security against latest competitive products. Chart 1.7: Microsoft Forefront Client Security vs. Latest Competitive Products Product Name/ Capability Microsoft Forefront Client Security McAfee VirusScan Enterprise Symantec EndPoint Security Trend Micro OfficeScan Client/Server edition Memory Footprint 5 Client uninfected 522 Mbs 492 Mbs 536 Mbs 521 Mbs Client- infected 495 Mbs 538 Mbs 593 Mbs 590 Mbs Avg Usage and CPU Memory 6 %Client uninfected 79.9% 82.96% 82.37% 67.37% %Client- infected 81.6% 77.73% 88.56% 81.2% Scanning time (quick, full) Uninfected client 81.82 min 152.51min 147.69min 19.02 min Infected client 95.33 min 267.97min 167.09min 46.04 min Application Startup time Starting Word 2.233 sec 3.4 sec 2.425 sec 2.025 sec With No AV 1.725 Starting IE 2.6 sec 3.75 sec 3.6 sec 2.3 sec With no AV- 2.275 AV-Test.org (March 2008) 7 % malware detected in 1+ M sample size 97.8 % 95.6% 95.7% 98.7% Source: AV-Test.org, West Coast Labs Key findings from the study show that on average, Microsoft Forefront Client Security benefits include: Less system resource usage on clients Faster boot time for clients Faster quick scans Faster full scans Less CPU and memory usage on clients uninfected and infected Microsoft Forefront Client Security clearly shows that the solution will address strategic business objectives by enhancing productivity and simplifying administrative burdens. 5, 6, 7 Ibid page 12 14

Reduced Total Cost of Ownership (TCO) The overall effectiveness and performance measure of Microsoft Forefront Client Security enables the solution to affect significant total cost of ownership (TCO) reductions. According to a current TCO study performed by Value Prism Consulting on Forefront Client Security customers, noticeable savings and cost reductions were seen. Value Prism Consulting surveyed eight customers that switched to Forefront Client Security and measured TCO changes. According to the participants in the survey, many of these savings were a direct result of Microsoft Forefront Client Security unified protection, simplified administration, and enhanced visibility and control. Chart 1.8 shows the TCO highlights found from eight organizations that switched to Forefront Client Security. Chart 1.8: TCO Highlights TCO Highlights 85% average reduction in security issues 75% average security issue response time reduction $24.00 average annual TCO savings per desktop Overall, user downtime significantly reduced Source: Value Prism Consulting CONCLUSION As the endpoint security market continues to evolve, organizations will continue to face many strategic business challenges and IT administrators will need to implement layers of defenses that protect corporate data. An endpoint security solution that eases this complexity will enable administrators to focus on the core business objectives of the organization rather than spend increasing amounts of time and resources managing a complex matrix of siloed endpoint solutions. A solution that offers features such as simplified management, easy integration, enhanced performance, as well as visibility and control, will ensure that businesses continue to operate effectively. Microsoft Forefront Client Security addresses many of the business challenges related to implementation, administration, effectiveness, operation complexities, and TCO. With Forefront Client Security, the ability to offer unified protection with simplified management through enhanced reporting and visibility proves to be an effective enterprise endpoint protection solution. 15

Silicon Valley 2400 Geng Road, Suite 201 Palo Alto, CA 94303 Tel 650.475.4500 Fax 650.475.1570 San Antonio 7550 West Interstate 10, Suite 400, San Antonio, Texas 78229-5616 Tel 210.348.1000 Fax 210.348.1003 CONTACT US London 4, Grosvenor Gardens, London SWIW ODH,UK Tel 44(0)20 7730 3438 Fax 44(0)20 7730 3343 Palo Alto New York 877.GoFrost myfrost@frost.com http://www.frost.com San Antonio Toronto Buenos Aires São Paulo London Oxford Frankfurt Paris Israel Beijing Chennai Kuala Lumpur Mumbai Shanghai Singapore Sydney ABOUT FROST & SULLIVAN Based in Palo Alto, California, is a global leader in strategic growth consulting. This white paper is part of s ongoing strategic research into the Information Technology industries. regularly publishes strategic analyses of the major markets for products that encompass storage, management, and security of data. Frost & Sullivan also provides custom growth consulting to a variety of national and international companies. The information presented in this publication is based on research and interviews conducted solely by and therefore is subject to fluctuation. takes no responsibility for any incorrect information supplied to us by manufacturers or end users. This publication may not be downloaded, displayed, printed, or reproduced other than for noncommercial individual reference or private use within your organization, and thereafter it may not be recopied, reproduced or otherwise redistributed. All copyright and other proprietary notices must be retained. No license to publish, communicate, modify, commercialize or alter this document is granted. For reproduction or use of this publication beyond this limited license, permission must be sought from the publisher. For information regarding permission, write: 2400 Geng Rd., Suite 201 Palo Alto, CA 94303-3331, USA Tokyo

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information