1 / 21

Proactive Threat Management Strategy by Symantec

Explore how businesses can combat modern security challenges with Symantec's comprehensive threat management solution, addressing known and unknown threats, regulatory compliance, and proactive protection. With multi-tiered security and real-time blocking technology, businesses can mitigate risks and ensure network integrity. Learn about Symantec's innovative approach to threat management, including predictive protection, intrusion mitigation, and unified network security solutions. Stay ahead of threats with Symantec's deep threat intelligence and efficient security protocols for all organizational sizes.

ericae
Download Presentation

Proactive Threat Management Strategy by Symantec

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Comprehensive Threat ManagementA Solution by Symantec November 2005 PRESENTER NAME

  2. Today’s Security Quagmire • Businesses are continuously challenged by modern day security threats • Increased risk from internal users • Businesses are facing more rigorous regulations • Businesses address issues as they occur • Consequences: • Inefficiencies - patch regiment is scattered; reactive “fire drills” • Major breach in the network • Business downtime • Information lock down • Information theft • Regulatory fines / legal liabilities

  3. The “Shielding” Continuum A New Approach to Threat Management Proactive Protection High Known, Unknown & Predicted Threats* Risk Exposure Known & Unknown Threats Known Threats Low Reactive Protection High Low Network Complexity 3

  4. Solution Requirements • Anticipatory protection • Protection against internet threats of known and unknown variety • Necessary information access • Satisfy internal compliance and federal regulations

  5. Proactive Multi-tiered Proven Flexible Efficient Effective The Desired Solution Comprehensive Threat Management

  6. Solution Attributes Solution Benefits • Remediate in a more organized fashion • Get ahead of the threat Anticipatory protection - automatically block threats before they damage systems • Maximum protection against threats of known and unknown variety Multi-tiered, end-to-end security • Immediate security and protection • Enables efficiency and effectiveness Fast deployment and ease of management • Fulfills regulatory and internal compliance needs Provides essential proof of protection • Meets the changing security needs of organizations of all sizes Adaptable • Ensures necessary information accessibility • Business uptime Sustainability Proven technologies • Security you can count on Comprehensive Threat Management

  7. Proactive, Real-Time Blocking Remediate in a More Organized Fashion Get Ahead of the Threat Multi-Layered Protective Force Field Threats of Known & Unknown Variety Comprehensive Threat Management: A Solution from Symantec

  8. Predictive Protection Proactive Protection Active Protection Intrusion Mitigation Unified Network Engine (IMUNE™), LiveUpdate Symantec™ Network Security Symantec™ Gateway Security Vulnerability Attack Interception, LiveUpdate Vulnerability Attack Interception, LiveUpdate, AV Behavior Base Policies Known Threats Unknown Threats Getting Ahead of the Threat Symantec DeepSight™ Threat Management System Symantec DeepSight™ Alert Services Global Threat Intelligence, Alert Services Number of Submissions Symantec™ Critical System Protection

  9. Threat Intelligence that Keeps Getting Smarter Over 20,000 partners in over 180 countries + virus statistics from the Symantec Digital Immune System and many other human intelligence resources YOU LiveUpdate

  10. SGS SGS SGS SGS SGS SGS CSP CSP CSP CSP CSP CSP CSP Internet SNS SNS SNS SNS SCS SCS SCS SCS SCS SCS SCS SCS DSTMS DSTMS Maximum Protection at Multiple Tiers Corporate Network Datacenter Mobile Workers/Branch Offices Gateway Servers Network Client Branch Offices Unix Servers Wireless Users Windows Servers Remote Users Symantec Gateway Security Symantec Network Security DMZ Servers Linux Servers Mobile Clients Symantec Critical System Protection Symantec Client Security Web farm, portals, mail Symantec DeepSight Threat Management System / Alert Services Global Threat Intelligence

  11. Firewall Antivirus Antispam Integrated Security Content Filtering IPS/IDS VPN Symantec’s Approach to Perimeter Protection Full Inspection Firewall • Packet Filtering • Circuit-level analysis • Application proxies • Detection and blocking of buffer overflows • URL pattern matching and blocking • Network address translations Symantec Gateway Security Award-Winning Virus Protection • Heuristic and definition-based detection • Fast detection and repair of HTTP, SMTP, and FTP traffic • Scanning POP3 traffic • Mail policy filter • Block on subject line, file name, and file size URL-Based Content Filtering and Antispam • Block access to undesirable Web content • Dynamic Document Review (DDR) • Reduces load on network from unauthorized traffic Virtual Private Networking • Secure, inexpensive connections over the Internet • IPsec and SSL VPN • Automatic retry on alternate gateways IPS/IDS • Vulnerability attack interception • Signature-based detection • Supported by Symantec Security Response

  12. Each program requires a limited set of resources and limited access rights to perform its normal functions But many programs have privileges and resource rights far beyond what is required How it Works Critical System Protection Creates a “shell” around each program and service that defines acceptable behavior Critical System Protection Protects Vulnerable Endpoints Host Programs Normal Resource Access Core OSServices Application Services Files … … Read/Write Data Files DNA Mail RPC Web Print Spooler Database Registry Read OnlyConfiguration Information … Network Usage of Selected Portsand Devices Email Client Office Browser Devices InteractivePrograms

  13. Antivirus Coordinated Defense at the Client Virus and Spyware Protection • Automatically removes viruses, spyware and other malicious code on desktops and servers • Protects and hides computers from hackers with a desktop firewall • Blocks Internet attacks with intrusion prevention technologies • Repairs changes made by viruses and spyware • Permits administrators to customize spyware/adware policies via existing Symantec AntiVirus management interface • Tamper protection protects itself against malicious code that tries to disable security measures. Symantec Client Security Firewall and Intrusion Prevention • Protects and hides computers from hackers with a desktop firewall • Blocks Internet attacks with intrusion protection technologies • Optimized out-of-the-box firewall configurations minimize configuration efforts • Vulnerability attack interception enhances intrusion prevention capabilities, resulting in reduced time-to-protection after vulnerability announcements Intrusion Prevention Firewall Other capabilities • Offers centralized installation, configuration, and management • LiveUpdate™ can automatically download new security updates • Backed by Symantec™ Security Response, the world’s leading Internet security research and response team Symantec System Center

  14. File Virus 4 mos. Code Red 3 mos. Time to automated exploit 2 mos. Blaster 1 mos. Sasser Witty Worm Weeks Zero Day 1992 2004 Why Network Security? • Network worms targeting vulnerabilities are growing in frequency and complexity • Drastic reduction in window of timebetween a known vulnerability and automated attack/worm • Blaster – 26 days • Sasser – 17 days • Witty – close to 0 day • Fractured Perimeter – multiple entry points for network attacks and worms • Enterprises don’t have enoughtime to test and fully deploypatches to protect their vulnerablesystems before outbreaks • Network IPS solutions stop threats frompropagating until vulnerable systems can be patched

  15. IMUNE architecture combines multiple detection technologies to accurately identify and block attacks Good IMUNETM BAD Symantec Network Security • One-Click-to-Prevention streamlines security administration and saves valuable time during attacks IMUNETM* Intrusion Protection • LiveUpdate delivers Symantec global threat intelligence directly into the SNS 7100 One-Click to PreventionTM LiveUpdateTM T – 3: Symantec DeepSight discovers threat T - 2: Symantec Security Response T - 1: Available via LiveUpdate T - 0: PROTECTED Symantec’s Approach to Internal Network Security * Intrusion Mitigation Unified Network Engine

  16. IMUNE Intrusion Mitigation Unified Network Engine • Vulnerability Attack Interception (VAI) • Detect on vulnerabilities rather than an exploit • Proactive protection against worms such as zotob & esbot • Blocks all exploits that target the vulnerability • Protocol Anomaly Detection • Detects attacks at zero-day without knowledge of a known or disclosed vulnerability • Proactive protection against threats such as Code Red • Signature Detection • A detection signature is written to detect specifically the exploit compromising the system • Detection of known threats & risks such as Spyware, Adware and Bots • Traffic Monitoring • Network behavioral and use policy violation detection • Denial-of-Service Scan Detection • IDS Evasion Detection

  17. SGS CSP SNS SCS DSTMS Ease of Deployment and Management for Immediate Security and Protection

  18. Comprehensive Threat Management Solutions Multiple tools Point tools Comprehensive End-to-End Security Architecture Proactive Protection High Known, Unknown & Predicted Threats* Risk Exposure Known & Unknown Threats Known Threats Low Reactive Protection High Low Network Complexity 18

  19. Brought to you by Symantec • Superior breadth of offering • Best-of-breed products • High yield solutions • Symantec-tested and supported • Significant R&D commitment • World leader in information security and availability

  20. In Summary… Symantec proactively shields organizations against threats while ensuring information accessibility. Comprehensive Threat Management It’s Powerful It’s Efficient And, it’s Proven.

  21. Thank You!

More Related