Scribd Logo
Upload

Welcome to Scribd!

  • Symantec EndPoint

    Uploaded by

    dsunte
    58 views24 pages
    Symantec EndPoint

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Symantec EndPoint

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    58 views24 pages

    Symantec EndPoint

    Uploaded by

    dsunte
    Symantec EndPoint

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 24

    Symantec Endpoint Protection 11 Symantec Network Access Control 11

    Symantec Global Intelligence Network


    4 Symantec SOCs

    74 Symantec Monitored Countries

    40,000+ Registered Sensors in 180+ Countries

    8 Symantec Security Response Centers

    >6,200 Managed Security Devices

    200,000 Millions Millions Hundreds malware of of security threat of submissions MSS reports alerts customers per per month month month 30% of Worlds email Traffic 120 Million Systems Worldwide +per

    Advanced Honeypot Network

    Dublin, Ireland Tokyo, Japan Calgary, Canada San Francisco, CA Redwood City, CA Santa Monica, CA Twyford, England Munich, Germany Alexandria, VA Taipei, Taiwan

    Pune, India

    Sydney, Australia

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    Threat Landscape Is Evolving


    Percentage of Top 50 Malicious Code

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    Threat Landscape is Evolving


    Number of Zero Day threats

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    Causes of Sensitive Data Loss


    Cause of Data Losses by Number of Events

    Internet Threats, Attacks and Hacks

    Violations of Policies

    User Errors

    0%

    10%

    20%

    30%

    40%

    50%

    ITPolicyCompliance.com Taking Action to Protect Sensitive Data, Feb. 2007


    Symantec Endpoint Protection and Symantec Network Access Control June 2007 5

    Meet Hal, the IT Administrator

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    Addressing IT Risks & Enabling IT Performance

    Interactions

    Manage
    IT Risk

    Information Infrastructure

    Maximize
    IT Performance

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    Symantec Enterprise Solutions:


    A Powerful Combination of Product & Services

    SECURITY

    IT COMPLIANCE

    INFORMATION MANAGEMENT

    Manage
    IT Risk

    Maximize
    IT Performance

    STORAGE

    IT OPERATIONS

    BUSINESS CONTINUITY

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    Symantec Endpoint Protection in a Nutshell


    Network Access Control Device and Application Control Includes a NAC agent to ensure each endpoint is NACready (Sygate) Adds endpoint compliance to endpoint protection Device control to prevent data leakage at the endpoint (Sygate) Restricts access to registry, files, folders, and processes

    Intrusion Prevention

    Behavior-based Intrusion prevention (Whole Security)


    Network traffic inspection adds vulnerability-based protection Industrys best managed desktop firewall Adaptive policies lead the pack for location awareness Sygate and Symantec Client Security Best anti-spyware, leading the pack in rootkit detection and removal Includes VxMS scanning technology (Veritas) The Worlds leading anti-virus solution More consecutive Virus Bulletin certifications (31) than any vendor

    Firewall Antispyware AntiVirus

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    Ingredients for Endpoint Protection


    AntiVirus
    Worlds leading AV solution Most (32) consecutive VB100 Awards

    AntiVirus

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    10

    Ingredients for Endpoint Protection


    AntiVirus
    AV Comparative Feb 2007
    Symantec on 100% detection for polymorphic viruses in particular

    AntiVirus

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    11

    Ingredients for Endpoint Protection


    Antispyware
    Best rootkit detection and removal Raw Disk Scan for superior Rootkit protection

    Antispyware

    AntiVirus
    Source: Thompson Cyber Security Labs, August 2006

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    12

    Ingredients for Endpoint Protection


    Firewall
    Industry leading endpoint firewall technology
    Gartner MQ Leader 4 consecutive years Rules based FW can dynamically adjust port settings to block threats from spreading

    Firewall

    Antispyware

    AntiVirus

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    13

    Ingredients for Endpoint Protection


    Intrusion Prevention
    Most Comprehensive IPS capabilities in the industry Generic Exploit Blocking (GEB) one signature to proactively protect against all variants
    Intrusion Prevention

    Proactive Threat Scan

    Firewall

    Detects 1,000 threats/month not detected by top 4 leading antivirus engines


    Very low false positive rate (0.004%)
    Only 40 FP for every 1M computers

    Antispyware

    Antivirus

    No set up or configuration required

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    14

    Intrusion Prevention System (IPS)


    Combined technologies offer best defense

    Intrusion Prevention (IPS)

    (N)IPS Network IPS


    Generic Exploit Blocking
    Vulnerability-based (Sigs for vulnerability) Signaturebased (Can create custom sigs, SNORT-like)

    (H)IPS Host IPS


    Proactive Threat Scan
    Behavior-based (Whole Security)

    Deep packet inspection

    Application Control

    Rules-based (System lockdown by controlling an applications ability to read, write, execute and network connections)

    =Services Opportunity
    Symantec Endpoint Protection and Symantec Network Access Control June 2007 15

    Ingredients for Endpoint Protection


    Device Control
    Prevents data leakage
    Device Control

    Restrict Access to devices (USB keys, Backup drives) W32.SillyFDC (May 2007)

    Intrusion Prevention

    Firewall

    Antispyware

    AntiVirus

    =Services Opportunity
    Symantec Endpoint Protection and Symantec Network Access Control June 2007 16

    Ingredient for Endpoint Compliance


    Network Access Control

    Network Access Control


    Network access control ready

    Device Control

    Agent is included, no extra agent deployment Simply license SNAC Server

    Intrusion Prevention

    Firewall

    Antispyware

    AntiVirus

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    17

    Symantec Network Access Control


    Ensures endpoints are protected and compliant prior to accessing network resources

    1. Reduce IT costs & greater network availability


    2. Increased control over unmanaged and managed endpoints 3. Maximize investment of security technologies

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    18

    Introducing: Single Agent, Single Console


    Network Access Control

    Results:
    Device Control Increased Protection, Control & Manageability

    Intrusion Prevention

    Firewall Reduced Cost, Complexity & Risk Exposure Antispyware

    Symantec Endpoint Protection 11.0

    Symantec Network Access Control 11.0

    AntiVirus

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    19

    How do we Lower Cost, Complexity and Risk?


    Cost
    Lowered system resource demands, smaller footprint Single product, license, support program Operational efficiency Product
    Symantec AntiVirus Corporate Edition Symantec Client Security Symantec AntiVirus + Symantec Sygate Enterprise Protection McAfee Total Protection SMB Trend Micro OfficeScan Client Server

    Baseline Memory Usage 62 MB 129 MB 72 MB 71 MB 50 MB

    Complexity
    Fewer consoles and agents allows standardization of technologies

    Improved UI suits any size organization

    Risk
    Includes behavior-based IPS to protect against unknown attacks

    Symantec Endpoint Protection 11.0

    21???? MB!

    Device control helps protect against data loss and intellectual property theft

    Average of 84% reduction in memory usage requirements

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    20

    Symantec AntiVirus Extended Licensing


    Symantec Endpoint Protection Symantec Endpoint Protection Small Business Edition Symantec Multi-tier Protection

    Antivirus Antispyware Desktop Firewall Intrusion Prevention Device Control Mail Security

    X X X X X

    X X X X X X
    MS Exchange

    X X X X X X
    MS Exchange/Domino/SMTP Gateway

    Antivirus for Mac and Linux


    Symantec Endpoint Protection and Symantec Network Access Control June 2007

    21

    SNAC Packaging
    Enforcement Type Agent Type

    Endpoint
    (Uses SEP Desktop Firewall)

    Gateway
    (Appliance)

    DHCP
    (Appliance/Plug-in)

    LAN-802.1x
    (Appliance)

    Client (Persistent)

    On-Demand (Dissolvable)

    Agentless (Scanner)

    Symantec Network Access Control v11.0

    PPP P P P P PP P
    June 2007 22

    Symantec Network Access Control Starter Edition V 11.0

    Symantec Endpoint Back to Table Protection and Symantec Network Access Control

    For More Information


    www.symantec.com/endpointsecurity

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    23

    Thank You!

    2007 Symantec Corporation. All rights reserved. THIS DOCUMENT IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY AND IS NOT INTENDED AS ADVERTISING. ALL WARRANTIES RELATING TO THE INFORMATION IN THIS DOCUMENT, EITHER EXPRESS OR IMPLIED, ARE DISCLAIMED TO THE MAXIMUM EXTENT ALLOWED BY LAW. THE INFORMATION IN THIS DOCUMENT IS SUBJECT TO CHANGE WITHOUT NOTICE.

    Symantec Endpoint Protection and Symantec Network Access Control

    June 2007

    24

    You might also like