Sygate Secure Enterprise and Alcatel



Similar documents
Building A Secure Microsoft Exchange Continuity Appliance

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

The self-defending network a resilient network. By Steen Pedersen Ementor, Denmark

Microsoft Windows Server System White Paper

Tech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks

Driving Company Security is Challenging. Centralized Management Makes it Simple.

Ovation Security Center Data Sheet

Data Sheet: Endpoint Security Symantec Network Access Control Comprehensive Endpoint Enforcement

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

Ovation Security Center Data Sheet

Avoiding the Top 5 Vulnerability Management Mistakes

IBM Tivoli Endpoint Manager for Security and Compliance

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.

Whitepaper. Securing Visitor Access through Network Access Control Technology

SANS Top 20 Critical Controls for Effective Cyber Defense

Policy Management: The Avenda Approach To An Essential Network Service

IBM Endpoint Manager for Core Protection

How To Buy Nitro Security

Network Access Control in Virtual Environments. Technical Note

Managed Antivirus Quick Start Guide

Managed Security Services for Data

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

CA Host-Based Intrusion Prevention System r8.1

What Do You Mean My Cloud Data Isn t Secure?

Alcatel-Lucent Services

Network Access Control ProCurve and Microsoft NAP Integration

White Paper. BD Assurity Linc Software Security. Overview

The Hillstone and Trend Micro Joint Solution

ARCHITECT S GUIDE: Comply to Connect Using TNC Technology

Zone Labs Integrity Smarter Enterprise Security

Executive Summary Program Highlights for FY2009/2010 Mission Statement Authority State Law: University Policy:

Symantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations

Cisco Advanced Services for Network Security

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

Chapter 9 Firewalls and Intrusion Prevention Systems

Security Controls for the Autodesk 360 Managed Services

McAfee Total Protection Reduce the Complexity of Managing Security

Windows Least Privilege Management and Beyond

Goals. Understanding security testing

Getting Started with Symantec Endpoint Protection

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

Payment Card Industry Data Security Standard

CTS2134 Introduction to Networking. Module Network Security

IBM Tivoli Endpoint Manager for Security and Compliance

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

CA Anti-Virus r8.1. Benefits. Overview. CA Advantage

Frank Andrus WHITEPAPER. CTO, Bradford Networks. Evolve your network strategy to meet new threats and achieve expanded business imperatives

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

Getting Started. Symantec Client Security. About Symantec Client Security. How to get started

Firewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA

Microsoft Technologies

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

Simplify Your Windows Server Migration

WHITEPAPER. Addressing Them with Secure Network Access Control. Executive Summary... An Evolving Network Environment... 2

Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop

Network Virtualization Network Admission Control Deployment Guide

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

Achieving PCI Compliance Using F5 Products

Comodo Endpoint Security Manager SME Software Version 2.1

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

IBM QRadar Security Intelligence April 2013

PCI Requirements Coverage Summary Table

Network Security Administrator

End-user Security Analytics Strengthens Protection with ArcSight

PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

IBM Tivoli Endpoint Manager for Lifecycle Management

Log Management for the University of California: Issues and Recommendations

Proven LANDesk Solutions

10 Things Every Web Application Firewall Should Provide Share this ebook

ForeScout CounterACT. Continuous Monitoring and Mitigation

Achieving PCI-Compliance through Cyberoam

INSIDE. Securing Network-Attached Storage Protecting NAS from viruses, intrusions, and blended threats

Securing Virtual Applications and Servers

THE TOP 4 CONTROLS.

Using Automated, Detailed Configuration and Change Reporting to Achieve and Maintain PCI Compliance Part 4

Network and Host-based Vulnerability Assessment

Industrial Security for Process Automation

DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch

1. Installation Overview

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

Endpoint Security Management

Introduction to Endpoint Security

Inspection of Encrypted HTTPS Traffic

Frank Andrus WHITEPAPER. CTO, Bradford Networks. Evolve your network security strategy to meet new threats and simplify IT security operations

IT Security and OT Security. Understanding the Challenges

All Information is derived from Mandiant consulting in a non-classified environment.

BlackRidge Technology Transport Access Control: Overview

Transcription:

Sygate Secure Enterprise and Alcatel Sygate Secure Enterprise eliminates the damage or loss of information, cost of recovery, and regulatory violation due to rogue corporate computers, applications, and behavior. Unlike any other solution, Sygate Secure Enterprise ensures that only compliant, protected devices connect to the corporate network. Alcatel s embedded security features within the LAN switch allows it to interact with external security measures such as those provided by Sygate. By making security a part of the network infrastructure, Alcatel provides a unified security front at every switched port that is capable of immediately detecting and neutralizing network attacks without sacrificing manageability, mobility, availability, or performance. THE PROBLEM Today s enterprise networks have evolved into open environments in which virtually every computer (endpoint) connected to the corporate network is exposed to the outside world through the Internet. In this new environment, perimeter-based security models are no longer effective. Many enterprises have taken a more layered approach to securing open networks by implementing security products, such as anti-virus software, host firewalls, host IDS, and patch management systems on endpoints (laptops, desktops and servers). No matter how much information security budgets are increased to include these new tools, or how hard or fast today s information protection processes are cranked, hackers and thieves continue to disrupt our networks, steal valuable information, and expose us to regulatory violation. One reason for their continued success is that there hasn t been a solution capable of enforcing continuous policy compliance. In a recent survey by the Computer Security Institute, 90 percent of respondents used antivirus software, but 85 percent had been damaged by a virus. In the same survey, 89 percent had installed computer firewalls and 60 percent had intrusion detection systems, yet 90 percent reported security breaches had taken place and 40 percent had their systems penetrated from outside their network. President s Critical Infrastructure Protection Board

Prudential Financial is using Sygate Secure Enterprise to create, automate, and enforce corporate security policies. With Sygate, all Prudential Financial s remote workers are guaranteed to be in a trusted state before gaining network access. Tech Decisions for Insurance April 2003 THE ALCATEL AND SYGATE SOLUTION Alcatel along with Sygate have changed the game. For the first time, commercial and government enterprises get strategic advantage over hackers with the industry s first enterprise security solution that ensures company owned and third party owned devices are not compromised and are continuously compliant with security policies, thoroughly protecting confidential data. Alcatel pioneered and offers virtual local area network (VLAN) capabilities in all of its switch products. VLANs give users the ability to log onto the network and be dynamically placed into an authorized VLAN based on their credentials; effectively controlling who accesses the network and the resources they have access to. Sygate Secure Enterprise delivers continuous compliance resulting in dramatically improved protection of corporate-owned devices such as laptops, desktops, servers, or embedded devices. Sygate s customers have achieved far better results than others because they are pursuing a different strategy. Using Sygate Secure Enterprise, customers are putting in place a system that eliminates the fundamental exposures of open networks: Rogue users Compromised systems and applications Unsafe or incorrect user behavior Sygate Secure Enterprise (SSE) eliminates the damage and loss of information, as well as the costs of recovery and regulatory violations due to rogue corporate computers, applications, and behavior. Unlike any other solution, SSE ensures that only compliant, protected devices connect to the corporate network. The SSE solution combines a sophisticated security agent that runs on each end-point with one or more policy management and enforcement servers distributed across the enterprise that work together with existing security and infrastructure investments such as Alcatel s 802.1x port based network access control feature and dynamic VLAN capabilities to detect, enforce, remediate, and protect non-compliant devices. > 2 ALCATEL

Sygate Secure Enterprise Sygate Applications Remediation ons w/ Sygate Integrity Agent ENTERPRISE NETWORK Alcatel Workgroup Switch Data Center Email Server End Stations Sygate Secure Enterprise BENEFITS Minimizes network downtime and business disruption Protects infrastructure from rogue users, compromised devices, and applications Strategic platform that addresses today s urgent needs and tomorrow s evolving needs Continuous compliance provides a framework for addressing current and future security requirements Reduces security costs Automates compliance checking, enforcement, and remediation Automation reduces help desk costs and protects user productivity Leverages existing infrastructure by interoperating with other vendors product Ensures regulatory compliance Protects customer, patient, and employee privacy Achieves continuous compliance, thus assuring the integrity of internal controls and good governance HOW DOES SYGATE SECURE ENTERPRISE WORK? Sygate Secure Enterprise combines a sophisticated security agent that runs on each client with one or more policy management servers distributed across the enterprise, and enforcement on servers inside the network and on endpoints. ALCATEL 3 >

Sygate Security Agents Sygate Security Agents protect all network-enabled endpoints (laptops, desktops, and servers) in an enterprise through an application-centric firewall and intrusion prevention engine. The Sygate Security Agent automatically adapts its security policies based on the vulnerabilities and threats of each end-point s network environment. Using Endpoint Enforcement, Sygate Security Agent automatically checks compliance at a configurable interval and quarantines non-compliant endpoints to a remediation area. Endpoint Enforcement ensures compliance for all endpoints whether they are local, remote, or not currently connected to the corporate network. Sygate Management Server Sygate Management Server learns the current state of the network and reports on the security posture of the enterprise network. It also creates security policies that link users, connectivity technology, applications, and network communication to best practices. Sygate policies are managed and inherited through group structures of users, workstations, and servers that can be imported and synchronized with NT Domain, Active Directory, and/or LDAP. Sygate Management Servers can be centralized or distributed in a global enterprise to provide scalability, fault tolerance, load balancing, and policy replication. Alcatel CrystalSec Alcatel secures the actual network infrastructure through a layered defense called CrystalSec. CrystalSec is built on layers of security deployed throughout the network from the user level to the core infrastructure. This layered network security approach allows organizations to create multiple levels of defense around key assets. Alcatel s VLAN capabilities allow users access to the network based on their credentials. If there is an issue, the user is placed into a quarantine VLAN. There, the user is updated with the required anti-virus signature files, operating system patches, and whatever else it takes to bring the user s device into a trusted state. Once updated and authenticated, the user is placed into the authorized VLAN. > 4 ALCATEL

Sygate Secure Enterprise Sygate Universal Enforcement Sygate Universal Enforcement ensures that all endpoints are compliant with the security policy before permitting network access. Policy compliance is enforced regarding patch levels, operating system configurations, correct versions of and up-to-date signature files for applications such as antivirus software, personal firewall, and intrusion prevention. Devices that fail to meet enterprise security policy can be flagged for network administrators, blocked from network access, or only granted access to remediation resources for automated remediation. Sygate Enforcers are placed at network entry points, such as on the internal LAN using 802.1xEAP authentication, or on the endpoints themselves, via Endpoint Enforcement. Sygate Enforcers communicate with Sygate Management Servers to obtain security policies and agent authentication information. They ensure the integrity of the agent and its adherence to corporate security policies. THE SYGATE / ALCATEL ADVANTAGE Best product Award-winning product (Information Security Magazine, Gartner Group and Network Computing Magazine) Strategic platform - automatically achieves continuous compliance Power and flexibility of the Agent delivers best security and protects user productivity Best economics Automates compliance checking, enforcement, and remediation Reduces help desk costs and protects user productivity by automating remediation Leverages your existing infrastructure by interoperating with other vendors products Best enterprise customer experience and success Largest policy enforced networks using VLANs Designed with some of the largest enterprises to meet their own needs Most mature product - resulting from being the first mover in this market ALCATEL 5 >

FEATURES Adaptive Protection Sygate Secure Enterprise dynamically adapts security policies based on the user, the hostility of the network environment, and the access method. Policies can be triggered based on DNS IP, WINS IP, and DHCP server. In addition, administrators can give users limited, contextbased control over security policy while retaining a baseline of enterprise security policy control. Sygate Security Agents can also detect the presence of a Trusted Computing Group (TCG) security chip and adapt their policies accordingly. Application-centric Firewall Sygate Security Agent incorporates an application-centric firewall that stealth hosts systems, provides stateful firewalling, applies rule-based security policy, and controls application usage. Intrusion Prevention Engine Sygate Security Agent s intrusion prevention engine applies patterns of known attacks to all incoming and outgoing traffic as a second layer of defense. Sygate s unique applicationbased approach to intrusion prevention uses application layer information and deep packet inspection to more effectively identify and block known and unknown attacks. Host Integrity Checking Sygate Security Agent can check the security status of the endpoint, including: the status of executables (anti-virus, host firewall, host IPS, sandbox), files (anti-virus signatures, host firewall policies, host IDS signatures, MD5 checksum, file version), registry values, versions, patches, and operating system configurations. Universal Enforcement (including 802.1x support) Universal Enforcement ensures that all endpoints are 100% compliant with security policies before permitting network access. Enforcement can be accomplished through Endpoint Enforcement, and LAN Enforcer (full 802.1x support) interconnected by an Alcatel based LAN switching infrastructure. Policy compliance is enforced regarding patch levels, operating system configurations, and application configurations (ensuring that software such as antivirus, personal firewall, and intrusion prevention is running the correct versions and has up-todate signature files). Devices that fail to meet enterprise security policy can be monitored, blocked, or sent for automated remediation. > 6 ALCATEL

Sygate Secure Enterprise Automated Remediation Sygate Secure Enterprise automatically repairs the security integrity of authorized endpoints that are denied access due to non-compliance with security policies. Sygate Security Agent automatically initiates a remediation action such as downloading and installing a software patch or update, executing command-line instructions, turning applications or OS features on or off thereby returning the endpoint to policy compliance without user or help desk intervention. Enterprise Policy Management Sygate Secure Enterprise enables enterprises to create policies about applications, data, and configurations that must be in place for secure communication. Based on a fault-tolerant, multi-server architecture with outstanding performance and unlimited scalability, Sygate Secure Enterprise provides a reliable foundation for creating and managing policy across global enterprise networks. Highly Scalable Architecture Sygate Secure Enterprise is designed for deployment in large and distributed enterprise networks. Sygate s multi-server architecture provides outstanding performance and unlimited scalability, faulttolerance, performance optimization, and policy uniformity across global enterprise networks. SYSTEM REQUIREMENTS Supported Platforms Sygate Management Server Operating Systems Windows Server 2003 Windows 2000 Server Solaris 9 Web Servers Internet Information Systems Sun Java System Web Server 6.1 Database Microsoft SQL 2000 Oracle 9i Sygate Security Agent Operating Systems Windows 95 Windows 98 SE Windows Millennium Edition (ME) Windows NT 4.0 Workstation or Server Windows 2000 Professional or Server Windows XP Home Edition or Professional Windows Server 2003 Windows XP Embedded Sygate Enforcer Operating Systems Windows Server 2003 Windows 2000 Server Redhat Linux 7.3 ALCATEL 7 >

Alcatel 26801 West Agoura Road Calabasas, CA 91301 USA Contact Center (800) 995-2612 US/Canada (818) 880-3500 Outside US www.alcatel.com/enterprise Product specifications contained in this document are subject to change without notice. Contact your local Alcatel representative for the most current information. Copyright 2005 Alcatel Internetworking, Inc. All rights reserved. This document may not be reproduced in whole or in part without the expressed written permission of Alcatel Internetworking, Inc. Alcatel and the Alcatel logo are registered trademarks of Alcatel. All other trademarks are the property of their respective owners. P/N 031538-00. 01/05

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information