Symantec
Transcription
Symantec
A Secure Foundation for Your Business Lauren Duda - Product Marketing Manager March 13th, 2007 Sample Agenda Slide 1 Corporate issues and threat landscape 2 MS Vista and Symantec Security 3 Symantec Endpoint Security 4 Network Access Control 5 Closing Thoughts Presentation Identifier Goes Here 2 Corporate Network Is Continually Exposed Internet Kiosks & Shared Computers Guests WANs & Extranets SSL VPN Consultants IPsec VPN Employees Working at Home Wireless Networks Web Applications Presentation Identifier Goes Here 3 Endpoint Security Challenges • Endpoint management costs are increasing – Costs to acquire, manage and administer point products are increasing, as well as the demand on system resources • Complexity as well – Complexity and man power to manage disparate endpoint protection technologies are inefficient and time consuming • Growing number of new known and unknown threats – Stealth-based and silent attacks are increasing, so there is a need for anti-virus to do much more – Large amount of threats coming from internal sources Presentation Identifier Goes Here 4 Is Vista the answer to all security issues? Presentation Identifier Goes Here 5 Breaches and Implications CSO magazine 2006 E-Crime Watch Survey: • 60% of organizations dealing with financial loss • 40% reporting financial loss averaging $740,000 • 23% reporting harm done to company reputation • 27% of threats coming from Insiders Presentation Identifier Goes Here 6 Is Endpoint Protection Enough Protection ? “What “What Are Are The The Most Most Common Common Sources Sources Of Of Automated Automated Internet Internet Worm Worm Attacks Attacks ?” ?” 43% Employee Laptop 39% Internet Through Firewall 34% Non-Employee Laptop 27% VPN Home System Don’t Know 8% Other 8% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50% Source: Enterprise Strategy Group, January 2005 ESG Research Report, Network Security And Intrusion Prevention Presentation Identifier Goes Here 7 Windows Vista & Security • Vista provides a more secure Operating System • Companies need a multi-tier security approach on top of Vista – Complex threats attacking all system layers, not only the O/S – 69% of vulnerabilities target web applications (ISTR X) • Web application vulnerabilities often require no exploit code, allowing for quick attacks right through the firewall with little attacker skill required – Client users are often responsible for system infection • Device usage – MP3 players, USB drives, CD/DVD • Software downloads – Screen savers, P2P, Network games • Misleading Applications – SpySherrif/WinFixer Presentation Identifier Goes Here 8 Symantec-Microsoft • Symantec has a long term partnership with Microsoft • Working together on Vista launch – Symantec Ghost-Backup and AntiVirus ready for Vista • Opportunity for incremental sales revenue with Microsoft sales – Microsoft Servers – Microsoft Exchange – Microsoft Vista Presentation Identifier Goes Here 9 Top 10 reasons why you need Symantec AntiVirus with Windows Vista 10 Vista is an operating, not a security solution 9 Microsoft, CRN and eWeek recommend having an antivirus solution on top of Vista 4 8 Microsoft’s own antivirus even failed to secure Vista! 3 Symantec Global Intelligence & Response provides deeper and faster analysis of threats around the globe 2 Symantec Endpoint Security portfolio provides the most complete & trusted technology for your network & assets 1 Symantec is the dominant worldwide security leader 7 Polymorphic viruses, spyware and other complex threats will go around the O/S and Windows Defender 6 Average financial loss from data theft is $740,000, is that in your security budget??? Trojans/Spyware 5 Your company needs robust & consistent security across the organization Managing security needs to be easy, automated and cost efficient Presentation Identifier Goes Here 10 Compliance Protection Endpoint Security Defined Worms Unknown Attacks Spyware Endpoint Security Policy Status Viruses Trojans Anti-Virus On Anti-Virus Signature Updated Personal Firewall On Service Pack Updated Patch Updated Presentation Identifier Goes Here 11 Symantec Endpoint Compliance Process Step 1 Endpoint Attaches To Network Configuration Is Determined Step 4 Monitor Endpoint To Ensure Ongoing Compliance ✗ Step 2 Compliance Of Configuration Against Policy Is Checked Step 3 Take Action Based On Outcome Of Policy Check Patch Quarantine Virtual Desktop Presentation Identifier Goes Here 12 Forrester Research The State Of Security In Enterprises & SMB December 26th 2006 “… 66% of enterprises will increase their spending on network security equipment and services this year.” “….the widgets most in demand technology is network access control (NAC)… Presentation Identifier Goes Here 13 Symantec Network Access Control Sales Opportunity #1 Mobile Computers Accessing Network Remotely Managed User VPN Corporate Network WEB Hotel Symantec Gateway Enforcer Email Server HR Server Airport CRM Server Café Home Office Symantec Sygate File Server Policy Manager Presentation Identifier Goes Here 14 Symantec Network Access Control Sales Opportunity #2 Local Computers using network Symantec LAN Enforcer Managed Endpoint Corporate Network Corporate Servers Symantec Sygate Policy Manager Presentation Identifier Goes Here 15 Symantec Network Access Control Sales Opportunity #2A Local Computers with DHCP Servers Corporate Network Symantec DHCP Enforcer Managed Endpoint DHCP Server Corporate Servers Symantec Sygate Policy Manager Presentation Identifier Goes Here 16 SNAC slide • May be a change between content on this slide and the next Presentation Identifier Goes Here 17 SNAC Scanner Checks • Over 200 checks – 75 Windows-specific – no Admin credentials – Includes server and desktop checks • Scans for – Buffer overflow vulnerabilities in services and applications (IIS, SSH, – Presence of viruses, worms, or backdoors (Welchia, MyDoom, Trinoo, etc.) – Unpatched or outdated versions of applications (sendmail, BIND, Oracle, OpenSSL) – Services/applications: Windows Messenger, Oracle Listener, MSSQL, SNMP, etc. – NULL or weak passwords – CGI and web server/file retrieval vulnerabilities Presentation Identifier Goes Here 18 Symantec AntiVirus v10.2 • Available now • Same award winning security features as 10.1 – Complete malware detection and removal – Integrated Reporting • Products released – Symantec AntiVirus Corporate Edition 10.2 • Now supporting Windows Vista (32 and 64 bit) – Symantec AntiVirus Enterprise Edition 10.2 • Multi-tier AV protection at desktop, server and gateway • Now includes Symantec Client Security 3.1 (pre-Vista version) Presentation Identifier Goes Here 19 And Coming Soon… • Next-generation of Symantec AntiVirus – Unified management console – Unified agent that combines SYMC, Sygate and Whole Security – Includes proactive, behavioral based protection – Provides layered security: AV,FW, HIPS, device control, SNAC & behavior blocking • We encourage customers to maintain a valid maintenance contract with Symantec • Explore our new license and support programs: – http://www.symantec.com/enterprise/licensing/index.jsp Presentation Identifier Goes Here 20 Q&A Lauren_Duda@symantec.com Q&A Lauren Duda lauren_duda@symantec.com © 2006 Symantec Corporation. All rights reserved. THIS DOCUMENT IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY AND IS NOT INTENDED AS ADVERTISING. ALL WARRANTIES RELATING TO THE INFORMATION IN THIS DOCUMENT, EITHER EXPRESS OR IMPLIED, ARE DISCLAIMED TO THE MAXIMUM EXTENT ALLOWED BY LAW. THE INFORMATION IN THIS DOCUMENT IS SUBJECT TO CHANGE WITHOUT NOTICE. Presentation Identifier Goes Here 22 Back Up Slides Symantec Security Response at a Glance Global Intelligence Network • 150 million client, server, and gateway anti-virus systems • 40,000 sensors in 180 different countries • Over 15 years combating threats • 200+ security specialists • 24x7x365 worldwide operations • 2000 Technical Support Expert • 2 million decoy email accounts • Tracking vulnerabilities in 35,000 product versions from 4,200 vendors • 500 Symantec Managed Security Services customers • Bi-annual Internet Security Threat Reports Presentation Identifier Goes Here 24 Best-of-Breed Personal Firewall Personal Firewall Features • Rule-based firewall engine • Firewall rule triggers • Application, host, service, time • Full TCP/IP support • TCP, UDP, ICMP, Raw IP Protocol • Support for Ethernet protocols • Allow or block • Token ring, IPX/SPX, AppleTalk, NetBEUI • Able to block protocol drivers • E.g., VMware, WinPcap • Adapter-specific rules This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Symantec.The Magic Quadrant is copyrighted Junel 2006 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims allSource: warranties, express or implied, with respect to 1Q06, this research, including Magic Quadrant for Personal Firewalls John Girald, 27 Presentation Identifier Goes Here any warranties of merchantability or fitness for a particular purpose. June 2006 25 Protection Versus The Most Complex Threats • Symantec best at handling sophisticated, dynamic threats • The latest AV Comparative test shows Symantec the top performer in protection versus polymorphic threats Protection Versus Polymorphic Threats 100 99.4 99.4 94.3 84 79.5 N or m an nd a nd itD ef e Pa er e 36 B M cA fe et eS ur e ec FS as pe r K Sy m an te sk y c 37 Source: Andreas Clementi, February 2006 Presentation Identifier Goes Here 26 Symantec for Accurate, Reliable Detection Ziff Davis Editor’s Choice “Symantec… blitzed the field in detection which is what you really want” Ziff Davis Detection Accuracy Comparison Symantec PC Tools Computer Associates Webroot Microsoft McAfee Trend Micro Lavasoft 0 1 2 3 4 5 6 7 8 9 http://www.zdnet.com.au/reviews/software/security/soa/To_catch_a_spy_Eight_anti_spyware_tools_reviewed/0,39023452,39225147,00.htm Presentation Identifier Goes Here 27 Surgical Remediation “Symantec clearly establishes itself as the leader when remediating critical files, which comprises of executable content (i.e. *.exe, *.dll) and essential registry keys.” -Thompson CyberSecurity Labs, 2005 Competitive Comparison - Removal of Executables Files 200 195 190 Symantec Webroot 185 180 175 170 165 160 Microsoft McAfee Spyware Doctor 155 150 Executable Components Removed Presentation Identifier Goes Here 28 Best-of-Breed Spyware Detection & Removal • SAV 11.0 outperforms the competition in spyware detection, disinfection and removal 100% 80% 60% 40% Removal Rate Disinfection Rate 20% Detection Rate W elt S Su nb so ft Mi c ro We br oo t Mc Af ee Sy ma nte c PC To ols 0% From tests performed by Thompson Cyber Security Labs Presentation Identifier Goes Here 29 Endpoint protection built on Symantec AntiVirus Symantec: • Submitted all supported environments for analysis since Nov. ‘99 • ONLY vendor to obtain 30 consecutive VB100 Awards • Pass: Detected all "In the Wild viruses" in comparative tests (with no false positives) • Fail: Missed detection after three attempts • —: Chose not to submit for testing Presentation Identifier Goes Here 30