End to End Security do Endpoint ao Datacenter

Similar documents
Securing the endpoint and your data

Symantec Endpoint Protection

Symantec Endpoint Protection

Symantec Endpoint Protection

Securing OS Legacy Systems Alexander Rau

Symantec Endpoint Protection Datasheet

Confidence in a Connected World. MEEC Symantec Product Availability. John Lally MD Education Account Executive John_Lally@symantec.

#ITtrends #ITTRENDS SYMANTEC VISION

Secure Your Mobile Workplace

Product Roadmap Symantec Endpoint Protection Suzanne Konvicka & Paul Murgatroyd

1518 Best Practices in Virtualization & Cloud Security with Symantec

How To Protect Your Virtual Infrastructure From Attack From A Cyber Threat

Symantec Endpoint Protection 12.1 Symantec Protection Center 2.0

Symantec Endpoint Security Management Solutions Presentation and Demo for:

ISB13 Web security deployment options - which is really best for you? Duncan Mills, Piero DePaoli, Stuart Jones

Best Practices for Running Symantec Endpoint Protection 12.1 on the Microsoft Azure Platform

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Unified Security, ATP and more

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Automated Protection on UCS with Trend Micro Deep Security

VMware Integrated Partner Solutions for Networking and Security

Backup for branch offices and compartment backups. Måns Höiom & Rikard Lindkvist

Best Practices in Virtualization & Cloud Security with Symantec DCS

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

Integrating MSS, SEP and NGFW to catch targeted APTs

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

Symantec Endpoint Protection Analyzer Report

Cisco Advanced Malware Protection for Endpoints

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

REVOLUTIONIZING ADVANCED THREAT PROTECTION

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

AVeS Cloud Security powered by SYMANTEC TM

McAfee Server Security

Symantec Enterprise Security: Strategy and Roadmap Galin Grozev

Technical Product Overview. Employing cloud-based technologies to address security risks to endpoint systems

Protecting the Irreplacable. November 2013 Athens Ian Whiteside, F-Secure

5 Steps to Advanced Threat Protection

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

SYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION

Endpoint Protection Small Business Edition 2013?

Insight. Security Response. Deployment Best Practices

Symantec Brightmail Gateway Real-time protection backed by the largest investment in security infrastructure

UP L13: Leveraging the full protection of SEP 12.1.x

Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data

HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments

The Symantec Approach to Defeating Advanced Threats

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud

IBM Endpoint Manager for Core Protection

Trend Micro Sicherheit in den Tiefen des Hypervisors. Richard Javet und Gabriel Kälin Trend Micro (Schweiz)

SYMANTEC DATA CENTER SECURITY: SERVER ADVANCED 6.5

Under the Hood of the IBM Threat Protection System

Meeting the Challenges of Virtualization Security

Protecting the un-protectable Addressing Virtualisation Security Challenges

You ll learn about our roadmap across the Symantec and gateway security offerings.

SYMANTEC DATA CENTER SECURITY: MONITORING EDITION 6.5

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform

Netzwerkvirtualisierung? Aber mit Sicherheit!

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

Redefining Endpoint Security: Symantec Endpoint Protection Russ Jensen

Cisco Advanced Malware Protection for Endpoints

Mitigating Information Security Risks of Virtualization Technologies

Staying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro

Comprehensive security platform for physical, virtual, and cloud servers

The Hillstone and Trend Micro Joint Solution

VDI Security for Better Protection and Performance

Cisco Cloud Web Security Key Functionality [NOTE: Place caption above figure.]

On and off premises technologies Which is best for you?

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

Cisco Advanced Malware Protection

Symantec Endpoint Protection Small Business Edition Implementation Guide

Critical Security Controls

Virtualization Journey Stages

Endpoint protection for physical and virtual desktops

Check Point: Sandblast Zero-Day protection

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

Symantec Endpoint Protection

INFORMATION PROTECTED

24/7 Visibility into Advanced Malware on Networks and Endpoints

Backup and Recovery in the Virtual Age. Scott Baker and Bahar Shah

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Symantec Endpoint Protection Small Business Edition Installation and Administration Guide

/Endpoint Security and More Rondi Jamison

Altiris IT Management Suite 7.1 from Symantec

Endpoint Security: Moving Beyond AV

Transcription:

do Endpoint ao Datacenter Piero DePaoli & Leandro Vicente Security Product Marketing & Systems Engineering 1

Agenda 1 Today s Threat Landscape 2 From Endpoint: Symantec Endpoint Protection 3 To Datacenter: Critical System Protection 4 Summary 2

Threat Landscape 3

Four Key Trends Malware Attacks Rising Targeted Attacks Expand Mobile Threats Expose All Data Breaches Rising 4

Malware Attacks Continue to Grow Rapidly 5

The Big Numbers for 2011 5.5B Attacks blocked by Symantec +81% 403M Unique Variants of Malware +41% 4,597 Web Attacks per Day +36% 4,989 New Vulnerabilities -20% 8 Zero-Day Vulnerabilities -43% 315 New Mobile Vulnerabilities +93% 75% Spam rate -34% 6

Malware Authors Have Switched Tactics From: A mass distribution one worm hits millions of PCs Storm made its way onto millions of machines across the globe To: 75% of malware infect less than 50 machines A micro distribution model Hacked web site builds a trojan for each visitor Signature-based file scanning becomes less and less effective 7

Targeted Attacks Have Expanded 8

Advanced Targeted Threats Your Assumptions are Wrong 9

Assumption #1 Only large corporations, governments and defense industries are being targeted for attack. 10

Organizations of All Sizes at Risk of Targeted Attacks 13,428 13,518 1501-2500 1001-1500 501-1000 250-500 <250 18% 2,500+ 11

Targeted Attacks by Sector Government & Public Sector Manufacturing Finance IT Services Chemical & Pharmaceutical Transport & Utilities Non-Profit Marketing & Media Education Retail 12

Targeted Attacks by Sector Government & Public Sector Manufacturing Finance IT Services Chemical & Pharmaceutical Transport & Utilities Non-Profit Marketing & Media Education Retail 13

Assumption #2 Only CEOs and Senior Managers are targeted. 14

Targeted Attacks by at Job Function C-Level Senior R&D Sales Media Shared Mailbox PA Recruitment 15

Targeted Attacks by at Job Function C-Level Senior R&D Sales Media Shared Mailbox PA Recruitment 16

Number of Data Breaches Continues to Rise 17

Data Breaches Hactivism helped drive this dramatic increase over 2010 18

Mobile Threats Expose Organizations and Consumers 19

Mobile Threats This represents families of mobile malware There are 3,000-4,000 variants in the wild today and growing 20

do Endpoint Symantec Endpoint Protection 21

Symantec Endpoint Protection 12 Unrivaled Security Blazing Performance Built for Virtual Environments Powered by Insight Real Time Behavior Monitoring with SONAR Up to 70% reduction in scan overhead Smarter Updates Faster Management Tested and optimized for virtual environments Higher VM densities 22

Unrivaled Security 23

Symantec Insight Proactive Protection from New, Targeted Threats Leverages anonymous telemetry data from 175M+ machines to construct a massive nexus of files, machines and domains Tracks nearly every binary in the world 3.1 billion files, adding 37 million every week Uses age, prevalence, source and other attributes to assign a reputation rating to files Can accurately identify and block threats even if just a single Symantec user encounters them Bad Safety Rating File is blocked No Safety Rating Yet IT can set block/ allow thresholds Good Safety Rating File is whitelisted 24

SONAR Proactive Threat Protection Against: Heuristic Threats Determines if an unknown file behaves suspiciously and might be a high risk or low risk. System Changes Bad Behavior from Trusted Applications Identifies applications or files that try to modify DNS settings or a host file on a client computer. Detects suspicious behavior from trusted files. Removes bad applications before they can do damage. 25

Symantec Protection Model Defense in Depth File Network Website/ Domain/ IP address Network File Reputation Behavioral Repair Network-based Reputation- Protection Stops malware as it travels over the network and tries to take up residence on a system Protocol aware IPS Browser Protection File-based Protection Looks for and eradicates malware that has already taken up residence on a system Antivirus Engine Auto Protect Malheur based Protection Establishes information about entities e.g. websites, files, IP addresses to be used in effective security Domain Reputation File Reputation (Insight) Behavioralbased Protection Looks at processes as they execute and uses malicious behaviors to indicate the presence of malware SONAR Behavioral Signatures Remediation Tools Aggressive tools for hard to remove infections Boot to a clean OS Power Eraser uses aggressive heuristics Threat-specific tools 26

Blazing Performance 27

Insight Faster, Smarter, Fewer Scans On a typical system, 70% of files can be skipped! Traditional Scanning Has to scan every file Insight - Optimized Scanning Skips any file we are sure is good, leading to much faster scan times 28

Built for Virtual Environments 29

Symantec Endpoint Protection Virtualization Features 5 features to optimize 1 Virtual Client Tagging 2 Virtual Image Exception Scan Cache 3 Offline Image Scanner Hypervisor 4 Shared Insight Cache 5 Resource Leveling 30

ESX Host ESX Host Uncompromising Security For Managed VMs Highly Optimized Agented Protection with Symantec Endpoint Protection 12.1 Scan Elimination via Insight Cloud & Out-of-Guest De-duplication Guest VMs Guest VMs Insight Security VM Scan 5,000 of 50,000 Files First, eliminate scan activity via easy whitelisting of golden VMs, using new feature Virtual Image Exception Then, eliminate scan activity by offloading to the Insight cloud Works in physical environments too Next, de-duplicate remaining scan activity using new out-of-guest feature Shared Insight Cache One VM de-dupes across the entire virtual environment Finally, smooth out remaining scan and definition activity with the feature Resource Leveling Optional: use new Offline Image Scanner feature (integrates with VMsafe) to find latent threats 31

What s New: Symantec Endpoint Protection Small Business Edition 2013 32

Simplifying SMB Endpoint Protection Previously Now Symantec Endpoint Protection.cloud (cloud-managed service) Symantec Endpoint Protection Small Business Edition 2013 Symantec Endpoint Protection Small Business Edition 12.1 (on-premise management) Login Get Started Choose Cloud- Managed or On-Premise Download 33

Symantec Endpoint Protection Small Business Edition 2013 Key Benefits Simple, Fast & Effective Set up in Just Minutes Cloud-Ready When You Are Always-on protection with automatic security updates Employee systems stay current Intelligent scanning means faster, fewer scans Easily protect remote laptops No additional hardware needed No special IT staff or training needed Fast protection of laptops, desktops and servers Start with on-premise management and move to the cloud-managed service at no additional cost Simple subscription fee covers either management choice and includes maintenance, updates and 24x7 support 34

Coming Soon: Symantec Endpoint Protection 12.1.2 35

What s New in Symantec Endpoint Protection 12.1.2 New Integration with VMware: vshield Endpoint Feature vshield enabled Shared Insight Cache Deduplicates File Scanning Across Multiple Virtual Machines Benefit Significant Resource Reduction for Virtual Machines Great Protection without Sacrificing Performance 36

What s New in Symantec Endpoint Protection 12.1.2 New Operating System Support 37

Enhanced Security: SONAR Drive-by and double-click protection Catches more zero-day threats Increased use of Artificial Intelligence Engine SONAR monitors nearly 1400 behaviors (up from 400) No impact on performance 38

ao Datacenter: Critical System Protection 39

Servers are the Primary Target 97% of stolen data is from servers. More often endpoints / user devices simply provide an initial foothold into the organization, from which the intruder stages the rest of their attack. 40

Servers are Different than Laptops Server Security Must be Different than Laptop Security user centric process centric 41

Symantec Critical System Protection Complete Protection for vsphere Stop Zero-Day and Targeted Attacks Real-time Visibility and Control of Compliance Monitor and harden vcenter Harden guest VMs based on unique workloads Harden VMware hypervisors based on VMware Hardening guidelines Leverage custom reporting for your VMware environment Prevent external attacks and protect against insider abuse Secure against un-patched vulnerabilities Restrict inbound/outbound server communication Provide audit evidence and forensics with detailed reporting Monitor file integrity realtime, report edits with differentials Manage config drift with File and System Tamper prevention 42

How does Critical System Protection Work? Intrusion Detection AUDITING & ALERTING SYSTEM CONTROLS NETWORK PROTECTION EXPLOIT PREVENTION Monitor file integrity in realtime for compliance. Alert/notify for early response. Lockdown configuration settings. Enforce security policy. Restrict device access. Intrusion Prevention Close back doors. Limit connectivity by app. Restrict traffic flow. Prevent zero-day attacks. De-escalate privileges i.e. sandboxing. Restrict behaviors. Buffer overflow protection. 43

Protecting Virtual Environments VM1 VM2 VM3 APP APP APP Harden guest VM s based on unique workloads OS OS OS Monitor and protect hypervisors based on VMware Hardening guidelines ESX/ESXi vcenter Protect vcenter against insider abuse and external attacks 44

Summary 45

Symantec Endpoint Protection 12 Faster Adoption than any Previous Release What s driving adoption? Ease-of-migration Virtualization 8 Million Users In 15 months since release Insight & SONAR Enhanced security, performance and management 46

: do Endpoint ao Datacenter Symantec Endpoint Protection Unrivaled Security Symantec Critical System Protection Protect vsphere Blazing Performance Stop Zero Day Attacks Built for Virtual Environments Visibility & Control of Compliance 47

Thank you! Piero DePaoli piero_depaoli@symantec.com +1 415 203 5991 Leandro Vicente leandro_vicente@symantec.com +55 11 5189 6228 Copyright 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. 48

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information