260 likes | 580 Views
Symantec Endpoint Protection 11 Symantec Network Access Control 11. Symantec™ Global Intelligence Network. 74 Symantec Monitored Countries. 40,000+ Registered Sensors in 180+ Countries. 8 Symantec Security Response Centers. +. +. +. Advanced Honeypot Network. +. +. +.
E N D
Symantec Endpoint Protection 11Symantec Network Access Control 11
Symantec™ Global Intelligence Network 74 Symantec Monitored Countries 40,000+ Registered Sensors in 180+ Countries 8 Symantec Security Response Centers + + + AdvancedHoneypot Network + + + >6,200 Managed Security Devices 120 Million Systems Worldwide 30% of World’s email Traffic Dublin, Ireland Calgary, Canada Tokyo, Japan San Francisco, CA Redwood City, CA Santa Monica, CA Twyford, England Pune, India Munich, Germany Taipei, Taiwan Alexandria, VA Sydney, Australia 4 Symantec SOCs 200,000 malware submissions per month Millions of security alerts per month Millions of threat reports per month Hundreds of MSS customers June 2007
Threat Landscape Is Evolving Percentage of Top 50 Malicious Code June 2007
Threat Landscape is Evolving Number of Zero Day threats June 2007
Causes of Sensitive Data Loss June 2007
Meet Hal, the IT Administrator June 2007
ManageIT Risk Addressing IT Risks & Enabling IT Performance Interactions MaximizeIT Performance Information Infrastructure June 2007 7
INFORMATION MANAGEMENT SECURITY IT COMPLIANCE Symantec Enterprise Solutions:A Powerful Combination of Product & Services MaximizeIT Performance ManageIT Risk STORAGE IT OPERATIONS BUSINESS CONTINUITY June 2007
Includes a NAC agent to ensure each endpoint is “NAC-ready” (Sygate) • Adds endpoint compliance to endpoint protection • Device control to prevent data leakage at the endpoint (Sygate) • Restricts access to registry, files, folders, and processes • Behavior-based Intrusion prevention (Whole Security) • Network traffic inspection adds vulnerability-based protection • Industry’s best managed desktop firewall • Adaptive policies lead the pack for location awareness • Sygate and Symantec Client Security • Best anti-spyware, leading the pack in rootkit detection and removal • Includes VxMS scanning technology (Veritas) • The World’s leading anti-virus solution • More consecutive Virus Bulletin certifications (31) than any vendor Symantec Endpoint Protection in a Nutshell Network AccessControl Device and Application Control IntrusionPrevention Firewall Antispyware AntiVirus June 2007
Ingredients for Endpoint Protection AntiVirus • World’s leading AV solution • Most (32) consecutive VB100 Awards AntiVirus June 2007
Ingredients for Endpoint Protection AntiVirus • AV Comparative Feb 2007 • Symantec on 100% detection for polymorphic viruses in particular AntiVirus June 2007
Source: Thompson Cyber Security Labs, August 2006 Ingredients for Endpoint Protection Antispyware • Best rootkit detection and removal • Raw Disk Scan for superior Rootkit protection Antispyware AntiVirus June 2007
Ingredients for Endpoint Protection Firewall • Industry leading endpoint firewall technology • Gartner MQ “Leader” – 4 consecutive years • Rules based FW can dynamically adjust port settings to block threats from spreading Firewall Antispyware AntiVirus June 2007
Ingredients for Endpoint Protection Intrusion Prevention • Most Comprehensive IPS capabilities in the industry • Generic Exploit Blocking (GEB) – one signature to proactively protect against all variants • Proactive Threat Scan – • Detects 1,000 threats/month not detected by top 4 leading antivirus engines • Very low false positive rate (0.004%) • Only 40 FP for every 1M computers • No set up or configuration required IntrusionPrevention Firewall Antispyware Antivirus June 2007 14
(H)IPS Host IPS (N)IPS Network IPS Behavior-based(Whole Security) Vulnerability-based(Sigs for vulnerability) Generic Exploit Blocking Proactive Threat Scan Signature–based(Can create custom sigs, SNORT-like) Rules-based(System lockdown by controlling an application’s ability to read, write, execute and network connections) Deep packet inspection Application Control Intrusion Prevention System (IPS)Combined technologies offer best defense IntrusionPrevention (IPS) =Services Opportunity June 2007
Ingredients for Endpoint Protection Device Control • Prevents data leakage • Restrict Access to devices (USB keys, Back-up drives) • W32.SillyFDC (May 2007) Device Control IntrusionPrevention • W32.SillyFDC • targets removable memory sticks • spreads by copying itself onto removable drives such as USB memory sticks • automatically runs when the device is next connected to a computer Firewall Antispyware AntiVirus =Services Opportunity June 2007
Ingredient for Endpoint Compliance Network Access Control Network AccessControl • Network access control – ready • Agent is included, no extra agent deployment • Simply license SNAC Server Device Control IntrusionPrevention Firewall Antispyware AntiVirus June 2007
Symantec Network Access Control • Reduce IT costs & greater network availability • Increased control over unmanaged and managed endpoints • Maximize investment of security technologies Ensures endpoints are protected and compliant prior to accessing network resources June 2007
Introducing: Single Agent, Single Console Increased Protection, Control & Manageability Reduced Cost, Complexity & Risk Exposure Symantec Endpoint Protection 11.0 Symantec Network Access Control 11.0 Network AccessControl Results: Device Control IntrusionPrevention Firewall Antispyware AntiVirus June 2007 19
How do we Lower Cost, Complexity and Risk? Cost Lowered system resource demands, smaller footprint Single product, license, support program Operational efficiency Complexity Fewer consoles and agents allows standardization of technologies Improved UI suits any size organization Risk Includes behavior-based IPS to protect against unknown attacks Device control helps protect against data loss and intellectual property theft ???? Average of 84% reduction in memory usage requirements June 2007 20
Symantec AntiVirus Extended Licensing June 2007
SNAC Packaging Enforcement Type Agent Type Endpoint(Uses SEP Desktop Firewall) Gateway(Appliance) DHCP(Appliance/Plug-in) LAN-802.1x(Appliance) Client(Persistent) On-Demand (Dissolvable) Agentless (Scanner) P P P P P P P Symantec Network Access Control v11.0 P P P Symantec Network Access Control Starter Edition V 11.0 Back to Table June 2007
For More Information…www.symantec.com/endpointsecurity June 2007
Thank You! © 2007 Symantec Corporation. All rights reserved. THIS DOCUMENT IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY AND IS NOT INTENDED AS ADVERTISING. ALL WARRANTIES RELATING TO THE INFORMATION IN THIS DOCUMENT, EITHER EXPRESS OR IMPLIED, ARE DISCLAIMED TO THE MAXIMUM EXTENT ALLOWED BY LAW. THE INFORMATION IN THIS DOCUMENT IS SUBJECT TO CHANGE WITHOUT NOTICE. June 2007