Endpoint Security Project: Vendor Recommendation Report



Similar documents
Nessus Agents. October 2015

Endpoint Buyers Guide

Proven LANDesk Solutions

Host-based Intrusion Prevention System (HIPS)

Introduction. PCI DSS Overview

Endpoint protection for physical and virtual desktops

Symantec Endpoint Protection Analyzer Report

Symantec Endpoint Security Management Solutions Presentation and Demo for:

New possibilities in latest OfficeScan and OfficeScan plug-in architecture

Nessus and Antivirus. January 31, 2014 (Revision 4)

Sophos Endpoint Security and Control standalone startup guide

IBM Endpoint Manager for Core Protection

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

Secure Your Mobile Workplace

Patch Management SoftwareTechnical Specs

Symantec Endpoint Protection

McAfee Endpoint Protection Products

Information Technology Solutions

Anti-Virus/Malware Policy

Endpoint protection for physical and virtual desktops

Getting Started. Symantec Client Security. About Symantec Client Security. How to get started

Securing the endpoint and your data

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

Check Point Positions

Sophos Anti-Virus for NetApp Storage Systems startup guide

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

Sophos Anti-Virus for NetApp Storage Systems startup guide. Runs on Windows 2000 and later

Use Host Information in Policy Enforcement

The User is Evolving. July 12, 2011

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Sophos Enterprise Console policy setup guide. Product version: 5.2

Best Practice Configurations for OfficeScan (OSCE) 10.6

Seven for 7: Best practices for implementing Windows 7

Best Practices for Deploying Behavior Monitoring and Device Control

Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT

Symantec Endpoint Protection Integration Component 7.5 Release Notes

Patch and Vulnerability Management Program

Redefining Endpoint Security: Symantec Endpoint Protection Russ Jensen

Endpoint Security Solutions (Physical & VDI Environment) Comparative Testing Analysis

Sophos Anti-Virus for Mac OS X network startup guide

Trend Micro OfficeScan Best Practice Guide for Malware

INFORMATION PROTECTED

Small and Midsize Business Protection Guide

AVeS Cloud Security powered by SYMANTEC TM

Symantec Protection Suite Small Business Edition A simple, effective and affordable solution designed for small businesses

Confidence in a Connected World. MEEC Symantec Product Availability. John Lally MD Education Account Executive John_Lally@symantec.

Symantec Endpoint Protection Small Business Edition Installation and Administration Guide

Kaspersky Security Center 10 Getting Started

Deep Security Vulnerability Protection Summary

Comparing Antivirus Business Solutions. A small business running 25 work stations and 2 servers require an antivirus solution that

Symantec Endpoint Protection Small Business Edition Implementation Guide

KASPERSKY LAB. Kaspersky Administration Kit version 6.0. Administrator s manual

Kaspersky Endpoint Security 8 for Windows and Kaspersky Security Center

Kaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management.

Created By: 2009 Windows Server Security Best Practices Committee. Revised By: 2014 Windows Server Security Best Practices Committee

Assuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices

Client Guide for Symantec Endpoint Protection and Symantec Network Access Control

Sophos for Microsoft SharePoint startup guide

MIT s Information Security Program for Protecting Personal Information Requiring Notification. (Revision date: 2/26/10)

Industrial Security for Process Automation

Security Industry Market Share Analysis

Netzwerkvirtualisierung? Aber mit Sicherheit!

BitDefender Client Security Workstation Security and Management

Enterprise Anti-Virus Protection

Driving Company Security is Challenging. Centralized Management Makes it Simple.

Best Practices for Running Symantec Endpoint Protection 12.1 on the Microsoft Azure Platform

Vulnerability Audit: Why a Vulnerability Scan Isn t Enough. White Paper

IBM Tivoli Endpoint Manager for Security and Compliance

Critical Security Controls

Staying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro

Symantec Endpoint Protection

Chapter 9 Firewalls and Intrusion Prevention Systems

Sophos Anti-Virus for Mac OS X network startup guide. For networked Macs running Mac OS X

Ovation Security Center Data Sheet

Chapter 4 Application, Data and Host Security

Getting started. Symantec AntiVirus Corporate Edition 8.1 for Workstations and Network Servers

Sophos Anti-Virus standalone startup guide. For Windows and Mac OS X

Symantec Endpoint Protection

Feature List for Kaspersky Security for Mobile

IBM Tivoli Endpoint Manager for Security and Compliance

System Management. What are my options for deploying System Management on remote computers?

Kaspersky Endpoint Security 10 for Windows. Deployment guide

Malware and Other Malicious Threats

Security Industry Market Share Analysis

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

Unprecedented Malware Growth


Kaspersky Security for Business

Transcription:

Endpoint Security Project: Vendor Recommendation Report Introduction The Endpoint Security Evaluation Project was charged with reviewing the desktop anti-virus and other security available for Windows and MacOS desktop devices. UW has had a long and positive relationship with Symantec. The current license with Symantec expires in August 2009. As the new product from Symantec is a replacement of the existing licensed offering, an assessment of competing products was appropriate. Summary of Project Recommendations: 1) Project Team recommends the RFP Proposal from Softchoice for licensing of the Symantec Endpoint Security Product 2) The Endpoint Security Project Team will continue working on Item 7 of the Project Work Plan, making adjustments to the membership of the Team as required for deployment across campus. Project Review and Process Objectives The project team was charged to investigate the capabilities of endpoint security solutions and develop a set of requirements that will lead to the selection of a preferred solution. Work Plan 1. Assess our current end point security solution - how it is being used across campus, its strengths and limitations. 2. Investigate the capabilities of the market leaders in endpoint security with particular focus on antivirus, anti-spyware protection. 3. Identify capabilities that are critical to the environment at UW (e.g., management, deployment, reporting) 4. Develop a set of requirements for end point security solutions. 5. Solicit possible competitive solutions, possibly through an rfp. 6. Evaluate possible solutions and select a preferred vendor. 7. Develop deployment plans with selected vendor. Scope 1. The main focus of the project was on anti-virus, anti-spam solutions for the primary supported platforms (Windows XP/Vista, Mac OS). 2. Consideration was also given to solution suites that might provide protection to email, file services (netapps) and Web servers as long as this did not risk the primary objectives of the project.

Evaluation Process Current Environment Assessment: https://strobe.uwaterloo.ca/~twiki/bin/view/istcss/currentsavenvironment In general there was satisfaction with the current desktop decurity implementation. There were a number of issues identified as areas that could be improved: Among the Current Challenges: QC on virus definitions slipping over the past year (false positives) tracking users impossible (Computer name and IP address combination used as key to identify unique clients results in many duplicate entries) no expiry on definition updates client software upgrade/patch not automatic - no notification or auto-update function Non-Windows clients are not supported through parent servers. Review of Market Leaders The Project Team reviewed current information on Endpoint products currently available. There are a large number of articles and reviews available, and strong competition in the Security Industry. The number of products and companies made the review process complex, while the similarity of the functionality the many products made comparisons meaningful. In general the following tools are provided by most vendors: Software Management/Helpdesk Remote Control Patch Management (OS) Asset Management (Inventory) HIDS/HIPS Firewall VPN Anti-Virus Anti-Malware Anti-Spam Application Execution Control Browser Security Plug-ins Encryption (Disk/eMail) 802.1x Supplicants NAC Agents DLP Single Sign-On Forensic Agents Device Control (USB, CD, etc ) The Market Leaders as identified by online reviews and computing Magazines include Symantec, Trend Micro, Sophos, Kaspersky, MacAfee, and a number of other familiar names. The review appended below provides as example of the type of information found.

Capabilities and Requirements After the review of the market leaders and other available Security technologies the following Capabilities and requirements list was created for the RFP process: ENTERPRISE MANAGEMENT REQUIRED DESIRED OPTIONAL NOTE: Solution must also allow for self-managed workstations, with user control of settings. Central Management Console Customizable Reports Real-time Alerts Administrators Notified of problems Client default settings Pre-set settings for client software Ability to configure the Client Remote Client Software Management Software via Central Management Console on Managed Workstations. Support for AD Security Groups Feature Integration Client Installation Upgrade Path Policy Management FEATURES REQUIRED DESIRED OPTIONAL Anti-virus Anti-malware Personal Firewall HIPS (Host-based Intrusion Proection) White Listing/Application Execution Control USB Control Vulnerability Scanner Stand-alone clients Anti-Virus Details DESIRED FEATURES Single Point Management for all features in performing/configuring Enterprise EndPoint Security Manged Distribution of endpoint Client Software. Availability of MSI for easy packaging Easy upgrade of endpoint client software. Define and Distribute Secuirty Policies for managed workstations. Ability to detect "new" threats based on system behaviour - not just pattarn matching. Lock down systems so that only allowed applications and acceptable services are running. Installation and configuration on workstations that are not centrally managed. Detection Type Pattern Matching Heuristic Analysis Scanning Type Continuous On-demand Scheduled Ondemand Hourly Daily Signature Updates Scan Location Memory Registry All Drives Removable Media Anti-Malware Details DESIRED FEATURES Type Detected All types Scanning Type Continuous On-demand Scheduled Signature Updates Hourly Daily On-

demand Scan Location Memory Registry All Drives Removable Media Licensing Details Groups Corporate License for UW and affiliated sites. Including all UW Employees (Faculty, and staff, for full-time and part-time) for office and home machine. And other UW affiliated individuals with on-going access to computing infrastructure at UW (including Research Assistants, Post-Doctoral Fellowships, etc.) ~7500 Students All current Undergraduate students. All current Graduate students. All UW student computing labs. ~25000 http://uwaterloo.ca/aboutuw/ Management/Enterprise Servers Allow for multiple instances of mangement servers for distributed management. Includes Upgrades during duration of agreement.

RFP and Selection Criteria The Project Team issued an RFP and 10 responses where received. As part of the RFP a weighting for the decisions process was provided (as well as the Requirements list noted above) Each RFP was evaluated and scored using the following breakdown 40% Technical Requirements (using factors from above) 40% Licensing Costs 20% Reputation and Other factors The initial review of the RFP submissions led to the selection of a short-list of vendors. The short-listed vendors were asked to provide presentations to the Endpoint Project Team. As well each vendor provided access to demo versions of the proposed solutions. The short listed Endpoint products were Trend Micro, Sophos, and Symantec. Testing and Review of Short Listed Products: (See Appendix B for scoring summary) Each product was installed in a test environment and the Project Team looked at the Management Console for ease of use, functionality, deployment tools, delegation of authority, granularity of roles and security. The Client software packages were also reviewed for impacts on workstations and granularity of controls and restrictions on changing settings for the client packages. In addition to our own testing of the consoles and clients, we searched for and reviewed the available third-party performance data for these products (e.g. magazine reviews, security reports, product comparisons, current customers). In general the third-party information matched our own testing and experience with these products. After reviewing the Technical Requirements (40%) of the products, the scoring used showed the three short-listed products to be very similar in design, functionality, and capabilities. In the Technical Requirements section there was very little to set the products apart. Each had different strengths and weaknesses, yet none was vastly superior (or weaker) in any given area. In the Reputation and Other Factors (20%) ranking again all three products were very close together. This left the category of Licensing Costs as the deciding factor, and here there was a large difference in the licensing costs and the complexity of the licensing models. The RFP proposal provided by Softchoice for Symantec was significantly less than any of the other proposals, Recommended Vendor: Based on the scoring of all the criteria the Endpoint Project Team recommends that the proposal from Softchoice for the licensing of the Symantec Endpoint as the UW Endpoint Security solution of choice. The Project Team will now move into the Deployment phase of the Project.

Appendix A Endpoint Project Team Members: (Initial Project Members) Paul Snyder Reg Quinton Bill Futher Martin Timmerman Brian Cameron Tim Farrell Trevor Bain Stephen Markan Sandra Laughlin (Members added as the Project progressed) Jason Testart Carl Nagel Hon Tam Lowell Williamson Robert Hicks Initial Endpoint Deployment Team Members (Item 7 of Project) Martin Timmerman (Project Sponsor) Robert Hicks (Project Sponsor) Stephen Markan (CS) Tim Farrell (CSS) Jason Testart (Security) Carl Nagel (Library) Hon Tam (NEXUS) Lowell Williamson (NEXUS) Resource People Brian Cameron Trevor Bain Sandra Laughlin

Appendix B Endpoint Security Criteria Ranking Sophos Symantec Trend Micro REQUIREMENTS (40%) 2.26 2.31 2.29 FEE STRUCTURE (40%) 2.00 3.00 1.33 REPUTATION/REFERENCES (20%) 1.67 2.00 2.00 WEIGHTED TOTAL 2.04 2.52 1.85 Rank each category out of 3 (3 is better). Scores are cumulative averages from multiple rankings.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information