500 likes | 789 Views
Symantec Mail Security 8300 Series. Ramil Yafizov Ramil_Yafizov@symantec.com. Какие проблемы мы решаем. 1. Как мы их решаем. 2. Почему надо использовать продукты от Symantec для обеспечения безопасности сообщений. 3. Содержание. Какие проблемы мы решаем. Security Management. !. i.
E N D
Symantec Mail Security 8300 Series Ramil Yafizov Ramil_Yafizov@symantec.com
Какие проблемы мы решаем 1 Как мы их решаем 2 Почему надо использовать продукты от Symantec для обеспечения безопасности сообщений 3 Содержание
Security Management ! i Security Dashboard Infrastructure Protection Cell Phone File Server Application Server Messaging Server Database Server Laptop Desktop Видение безопасности Symantec Information Risk Management
Управление информационными рисками Simplify / Manage Protect Control Store Discover
Image Spam Phishing More Damaging HTML Vary message while maintaining the same look ASCII Simple Text Трудность #1: Спам продолжает «засыпать» сервера и почтовые ящики Spammers Innovate to Beat Blocking Technologies Spam Always Evolving PDF Spam Spam as a Percentage of All Email 8 % 75 % Severity/Complexity 2007 2001 Source: October State of Spam Report
Трудность #2: Как сохранить важную информацию внутри не остановив бизнес 99% of data loss caused by breakdowns in process controls by good employees
“We need to control instant messaging too” VP IT “I can’t keep up with the calls” Help Desk “What do you mean you blocked that Contract” VP Sales Systems Effectiveness Users • Multiple applications • Multiple protocols • Scaling systems to meet volume • Tuning / supplementing rules • Tracking down false positives • Parsing through quarantines • End user spam complaints • Quarantine management • Looking for missing emails • Managing own block lists Additional protocols and new technologies multiplies management requirements Дороговизна управления возросшей сложностью
Что это - Symantec Mail Security 8300? Symantec™ Mail Security 8300 gateway appliances deliver best-in-class antispam, antivirus, and compliance technologies to protect email and IM against threats and reduce risks of data leakage. Unprecedented 35th Consecutive VB100 Award Since 1999
Protect Control From Spam and Viruses Sensitive Data Flow • 97% effectiveness, accuracy of 1 in 1 million • Global detection & response network • Faster updates – every 5-10 mins • Zero-day antivirus prevention • Integrated IM filtering • Easily meet regulatory and compliance requirements • Selective message encryption • Integrated compliance workflow • Fingerprinting of sensitive data Simplify To Reduce Complexity & Cost • Out of the box reporting • Comprehensive centralized management • Granular message tracking Устранение проблем в области управления сообщениями
Не просто «устройство» • The Power Of Symantec – Global Intelligence • Over 750 Million Mailboxes protected from Viruses and Spam • Automatic updates every 5-10 minutes Dublin, Ireland Calgary, Canada Tokyo, Japan San Francisco, CA Twyford, England Redwood City, CA Munich, Germany Pune, India Santa Monica, CA Alexandria, VA Taipei, Taiwan Sydney, Australia Symantec Security Response Symantec Email Security Group Spam Protection by Email Security Group Virus Protection by Symantec Security Response • 4 Operation Centers • Over 2.5 Million Decoy Accounts • Tens of Millions of Spam Processed Daily • Over 20 Countries • 24 x 365 Response • 8 Security Response Centers • Digital Immune System Infrastructure – Over 120M systems worldwide • Over 45 Countries • 24 x 365 Response 12 12
Лучшая в своем классе защита от спама Leading effectiveness with the industry’s best accuracy rates Symantec takes the prize with superior anti-spam and anti-malware capabilities… 97% accurate 0 critical false positives ... remains unsurpassed for ensuring that spam filters don’t block legitimate e-mail.
Лучшие в своем классе репутационные сервисы Global reputation Local reputation • Leverages Symantec Reputation service • Tracks open proxy senders, zombie IP addresses, suspected spammers, and safe senders • Relies on Symantec’s world-leading probes • Spam throttling tracks local reputation of remote senders • Applies connection shaping to defer connections likely spam senders • Reduces mail to be filtered by over 60% Especially effective against botnets& Distributed Low Volume (DLV)attacks Optimizes protection against highvolume senders 14
Источники данных для глобальных репутационных сервисов Global Customer Base 1Billion+ records daily Message Scanning Verdicts Customer Stats Probe Network Global Network 2.5M Honeypots Symantec Reputation System Verisign Domain Feed Whois ASN Feed 3rd Party Feeds Botnet Intelligence Phishing SRL 15
Как работает глобальный репутационный сервис Global Reputation 16 16
All suspect messages are blocked until updated patterns are available • Delivered FREE with the AV license. Time Защищать как можно раньше
Надежная защита – 36идущих подряд наград VB 100 • Symantec: • Submitted all supported environments for analysis since Nov. ‘99 • ONLY vendor to obtain 35 consecutive VB100 Awards • Pass: Detected all "In the Wild viruses" in comparative tests (with no false positives) • Fail: Missed detection after three attempts • —: Chose not to submit for testing
Встроенные возможности защиты потока мгновенных сообщений IM Platform & Control Spim and Virus control Visibility and Reporting • Active user reporting • Screen name visibility • Spim reporting • File transfer reporting • Group policy-based provisioning of spam and virus protection • Scan files transferred for malicious code (Requires AV license) • Scan IM content for spim and malicious code (Requires AV license) • Multiple types of spim and virus detection including heuristic based (requires AS license) • Gateway IM Protection (along side email) • MSN, AOL, Yahoo and Google Talk support • Control use of IM by network • Control use of IM file transfers • Screen name registration 19
IM Manager and IM on the SMS 8300 8300 Series appliance proxies IM traffic and integrates basic IM security features 20
Selective Encryption Rules Based Encryption • Flexible policy creation • Native TLS encryption • Integration with encryption partners Per-Domain On Policy Basis Encrypt all messages sent to business partner Encrypt messages that trigger the policy 21
Protect Control From Spam and Viruses Sensitive Data Flow • 97% effectiveness, accuracy of 1 in 1 million • Global detection & response network • Faster updates – every 5-10 mins • Zero-day antivirus prevention • Integrated IM filtering • Easily meet regulatory and compliance requirements • Selective message encryption • Integrated compliance workflow • Fingerprinting of sensitive data Simplify To Reduce Complexity & Cost • Out of the box reporting • Comprehensive centralized management • Granular message tracking Устранение проблем в области управления сообщениями
Статистика потерь данных • 1:400 emails contain confidential information • 1:50 network files are wrongly exposed • Breaches on the Rise • 2005:107 companies exposed 56M individual data records • 2006: In 6 months, 40 companies and government agencies have exposed nearly 30M individual data records Customer, Employee Patient Data Intellectual Property Company Confidential Regulatory Compliance • HIPAA, Gramm-Leach-Bliley, PCI, State Data Privacy • SSN, Credit Card Numbers, Health Info Competitive • Source Code • Engineering Specs • Strategy Documents • Pricing Reputation • Press Release • Quarterly Earnings • M&A • CEO Internal Email
Advanced Data Loss Prevention • Classify, control & retain structured and unstructured data • Close the exits: multi-protocol, endpoint • Comprehensive protection Контроль: Data Loss Prevention 1 2 3
Messaging is the most common source of data leakage • Easily deploy and manage effective compliance tools Контроль потока важных данных Dictionaries & Templates LOB Systems Policies Data in Motion Clean Mail for Delivery Hashing Live Systems Data Hashes Saved Mail Held for Review , Release or Rejection Exact Data Matching Rejected Mail Returned or Escalated
Работа с инцидентами • Hold for Review • Keep business moving – via human intervention • Reviewer approves or rejects based on the contents • Predetermined actions • Approve: deliver with TLS, … • Reject: archive, send a notification, block, …
Точное сравнение данных • Protect the exact data you care about • Not just any SSN, but your patient’s specific SSN • Protect data that is difficult to describe and only important if related • Employee first name, last name and salary • Specify what actually defines DLP violation • E.g. fields required for a match 27
Protect Control From Spam and Viruses Sensitive Data Flow • 97% effectiveness, accuracy of 1 in 1 million • Global detection & response network • Faster updates – every 5-10 mins • Zero-day antivirus prevention • Integrated IM filtering • Easily meet regulatory and compliance requirements • Selective message encryption • Integrated compliance workflow • Fingerprinting of sensitive data Simplify To Reduce Complexity & Cost • Out of the box reporting • Comprehensive centralized management • Granular message tracking Устранение проблем в области управления сообщениями
Systems Effectiveness Users • Multiple applications • Multiple protocols • Scaling systems to meet volume • Tuning / supplementing rules • Tracking down false positives • Parsing through quarantines • End user spam complaints • Quarantine management • Looking for missing emails • Managing own block lists Упрощение работы, связанной с безопасностью сообщений • Powerful Control Center for management and administration • Automatic system and threat updates • Integrated multi-protocol protection
Встроенная отчетность • Full set of reporting options • New Reporting in v7.6: • Dashboard • Executive Summary • New Reputation, Virus, and Compliance Summaries • Enhanced Reporting Workflow • Over 50 preset reports • Scheduled report generation • Benefits • Gain insight into performance • Identify Email and IM securitytrends • Track potential compliance issues
Filter with multiple criteria Retrieve Message Status 2 3 1 Упрощение отслеживания сообщений • Sender • Recipient • Subject • etc. • Time message processed • Sender • Recipient • Subject of the message • Disposition (spam, virus, blocked sender, etc) • Actions Taken Drill down for detailed forensics Enterprise Security 32
Автоматическое обновление LiveUpdate High level status… Which viruses am I protected against? …and fine-grained configuration On demand and scheduled updates push new definitions to all scanners at the site
Пользовательский карантин • End users notification is configurable, i.e., daily/weekly about new spam with 24 hour access • Centralized message purging after x days • Search functionality for both administrators and end-users Benefits
Интеграция с существующей LDAP инфраструктурой Directory LDAP User Authentication Email Routing • Removes burden of email management from administrators • Provides End User Quarantine Access 2 1 • New email triggers directory look-up • Routes email to specific mail server based on message recipient Mail Server LDAP Synchronization • Directory Harvest Attack Protection • Drops Invalid recipients • Establish Group Policies 35
Интегрированный контроль за мгновенными сообщениями • Leading Instant Messaging Security On Box • Access control • File transfer filtering • User screen name registration
Hypervisor Symantec Mail Security 8300 – Virtual Edition • Available as part of v7.6 • Designed for production deployments on VMWare Server and ESX • Same SKU’s for Virtual or Physical appliances • User license SKU’s • Hardware SKU’s optional for physical appliances +
Оборудование 38
Возможность выбора All-in one appliance Virtual appliance • All hardware/software included • Pre configured and hardenedagainst security threats • Four models to choose from: • 8380 • 8360 • 8340 • 8320 • 8300 Series – Virtual Edition • Deploy on hardware of your choice • Certified with: • VMware ESX Server (production) • VMware Server (testing) 39
Обзор аппаратных платформ Antispam, Antivirus, Content Filtering, and IM Security Delivered Across all Platforms *Requires User-based SW License Purchase 40
Почему надо использовать продукты от Symantec для обеспечения безопасности сообщений
Признание в отрасли Proven industry leading solution… “Takes the prize with superior anti-spam and anti-malware capabilities, strong enterprise-class features, excellent management and reporting tools, and a very polished and easy-to-use administrative interface.” -InfoWorld 2008 Technology of the Year Awards 4th Consecutive Year - Best Messaging Security
Подтверждено продуктовыми обзорами Brightmail Anti-Spam's false-positive score speaks for itself…Brightmail Anti Spam is the best answer we know of.” "A benchmark in the field… Easy to install and maintain” “Brightmail caught the highest %of spam and had the lowest false-positive rate of any of the products tested.” “…a real "set and forget" system. “ “…spam protection mark was among the highest in our review, which makes the fact that the appliance registered no false positive especially impressive. Symantec appears to have finely tuned engines right out of the box.”
Довольные заказчики We protect over 750M mailboxes at over 90,000 customers, including…
Experts with certifications from more than 20 industry associations and technology providers including: • Microsoft, Cisco, Sun, HP, IBM, SNIA, and CISSP • Rapid resolution of multi-vendor cases provided through: • Cooperative support agreements with more than 200 vendors • TSANet board membership • Support delivered in 10 languages • Awards: • SSPA Star Award (Service and Support Professionals Assoc.) • Omega’s NorthFace ScoreboardSM Award • WebStar Award from Supportgate.com • Global programs to extend support delivery through partners 29 regional support centers 70 regional delivery partners Глобальное присутствие More than 2400 highly trained global support professionals
Business Critical Services • For customers who want the highest level of response • Fastest access to deep technical expertise • Personalized support delivered by a single point of contact • Proactive notifications and account planning • Flexible coverage options: • Remote Product Specialist • DataCenter • National • Global Essential Support • For customers who require 24x7x365 access totechnical experts • Faster response times than Basic Maintenance • Most purchased offering Basic Maintenance • For customers who only desire support during business hours • Includes product upgrades • Lowest price option Достижение успеха с правильным планом поддержки
Symantec Global Services: Integrated to Meet All Your Service Needs Consulting Education TechnicalSupport ManagedSecurity Services EarlyWarning Services • Advisory Services • Enablement Services • Technology Deployment • Operational Integration • Residency Services • Operational Services • Skills Assessment • Classroom Training • Customized Training • Virtual Academy • Self-study • Certification • Business Critical Service Assessments • Incident Management • Problem Resolution • Onsite Support & Best Practices • Monitor • Manage • Respond • DeepSight Threat Management System • DeepSight Alert Services Symantec Global Services provides you with the right people, process, and technology to optimize your IT infrastructure and service delivery while managing your business risk. We keep your enterprise up, running, and growing – no matter what happens. 47
Protect Control From Spam/SPIM, Viruses Sensitive Data flow • Catch rates high 90’s%, accuracy 1/1M • Largest detection & response network • Faster updates – every 7 mins • Zero-day protection • Instant Messaging integration • Easy compliance through PCC • Selective encryption • Hold for Review • Exact data matching Simplify To Reduce Complexity & Cost • Out of the box reporting • Comprehensive management • Granular message tracking ПочемуSymantec Messaging Security
Try the product! • 30-day evaluation of physical or virtual appliance – www.symantec.com/trysms • Compare effectiveness and accuracy • Greater than 97% effectiveness, less than 1 in a million false positives Symantec and our partners can help assess, plan and deploy successfully! Следующие шаги
Thank You Ramil Yafizov Ramil_Yafizov@symantec.com