Presentation is loading. Please wait.

Presentation is loading. Please wait.

Symantec Endpoint Protection Cloud

Similar presentations


Presentation on theme: "Symantec Endpoint Protection Cloud"— Presentation transcript:

1 Symantec Endpoint Protection Cloud
Click to add presenter’s name Click to add presenter’s title Copyright © 2016 Symantec Endpoint Protection Cloud

2 Any information regarding pre-release Symantec offerings, future updates or other planned modifications is subject to ongoing evaluation by Symantec and therefore subject to change. This information is provided without warranty of any kind, express or implied.  Customers who purchase Symantec offerings should make their purchase decision based upon features that are currently available. Copyright © 2016 Symantec Endpoint Protection Cloud

3 Security Challenges Facing Small & Mid-Sized Businesses
ATTACKS ARE INCREASING A MOBILE WORKFORCE THAT DEMANDS CHOICE IN THEIR DEVICES Growth in mobile malware and inadequately secured personal devices Need for stronger protection against zero-day threats and ransomware 65% of attacks target SMEs 70% of mobile workers using personal devices by 2018 Small and mid-sized organizations are feeling multiple pressures from external and internal forces. Externally, attacks are on the rise. More small and mid-sized organizations are targets for attacks. 65% of SMEs were targets of attacks in 2015 – as they give attacks access into larger organizations. Organizations need stronger protection against zero-day threats and targeted attacks. (source: Symantec ISTR 2016) From an internal perspective, employee end users are demanding additional freedom in the devices they choose to conduct work on. Organizations struggle to keep corporate information safe as it flows through corporate and personally owned devices. According to Gartner, 70% of the mobile workforce will be using personal devices by IT needs to look to secure both corporate and personally owned devices hoping to gain access to the network. (Gartner Technology Topic: Bring Your Own Device 2016) Resources are also an issue: 48% of SMBs rank the Lack of IT Staff or Skills as a top tech-related challenge. With these smaller IT teams, mid- market organizations need faster and more intuitive security solutions. (source: SMB Group 2015 SMB Routes to Market) To top it off budgets are limited and costs are constrained, in fact it is the 2nd highest ranked concern in the IDC SMB Vertical Market Profiles with 54% of SMBs listing reducing costs as a top concern. (source: IDC SMB Vertical Market Profiles June 2015) BUDGETS ARE LIMITED IT RESOUCES ARE INCREASINGLY CONSTRAINED IT is being ask to do more with less – fewer resources and more limited budgets Need intuitive, easy to use solutions 48% of SMBs rank the Lack of IT Staff or Skills as a top tech- related challenge 54% of SMBs list reducing costs as a top concern ranking #2 Sources: Symantec Internet Security Threat Report 2016, Gartner 2015, SMB Group, IDC SMB Vertical Market Profiles Copyright © 2016 Symantec Endpoint Protection Cloud

4 INTELLIGENT PROTECTION
How Symantec Can Help Symantec Endpoint Protection Cloud INTELLIGENT PROTECTION EASY TO DEPLOY AND USE AFFORDABLE Introducing Symantec Endpoint Protection Cloud (SEP Cloud). Designed to be highly intuitive and provide an exceptional user experience, IT can now save time and resources during device onboarding and policy creation. Endpoint Protection Cloud leverages Symantec’s industry leading protection with layered security: traditional signature-based AV, firewall, IPS and app blocking alongside advanced protection technologies. Advanced machine learning and proven intelligent protection techniques block unknown threats. SEP Cloud also protects against ransomware and zero day attacks in real-time with Symantec’s global intelligence across 200 million control points. Finally it offers endpoint protection for desktops, laptops, and mobile in a single solution The highly intuitive cloud management console allows IT to easily create policies which automatically translates the policy settings to devices, regardless of device type (PC, laptop, tablet, mobile phone or server) or platform (Windows, Mac OS, Android or iOS). Endpoint Protection Cloud can be set up in as little as 5 minutes using out of the box configuration. Endpoint Protection Cloud’s powerful user centric experience gives IT the option to allow employees to self-enroll devices in minutes, both corporate and personal, on a simple online portal – allowing IT to focus on policy creation OR option for push deployment for Windows devices. And policies can be created based on user roles in an organization and applied to various groups (for example: finance) and all uses in that group will be assigned the same policy. SEP Cloud is also designed to be affordable to small and mid-sized organizations with primarily subscription pricing that allows organizations to use their OpEx budget instead of their CapEx. As a hosted service there is no additional infrastructure or heavy resources commitments required to deploy and use the service. Proven world-class security with advanced endpoint protection against emerging threats Protects against zero-day threats and ransomware Utilizes world leading global intelligence Single, cloud-based console combines endpoint protection, mgmt, mobility, and encryption Sets up in less than 5 mins One-step policy configuration for users, groups, and devices Always-on security SaaS: pay as you go model Uses existing infrastructure Made for the IT Generalist Copyright © 2016 Symantec Endpoint Protection Cloud

5 30% of world’s enterprise email traffic scanned/day
Intelligent Protection Needs Global Intelligence Unique Visibility into Today’s Threat Landscape with Symantec 57M attack sensors in 157 countries Only Symantec has the largest civilian global intelligence network that leverages trillions and trillions rows of telemetry from 200 million control points, across 157 countries to see and block more than any other security vendor. Our better visibility translates to more data for our advanced machine learning to “learn” from to better protect you. The huge amounts of data is all run through 9 threat response centers with highly skilled analysts using big data analytics, experience and intuition to fight the escalating threats. They are unsung heroes in today’s digital age. The result is more #1 security products and market leaders across our entire portfolio that leverage the unique intelligence and advanced engines, including, Symantec Endpoint Protection. 402M web attacks blocked last year 200M control points 3.7T rows of telemetry 30% of world’s enterprise traffic scanned/day 9 threat response centers Copyright © 2016 Symantec Endpoint Protection Cloud

6 FIREWALL AND INTRUSION PREVENTION ADVANCED MACHINE LEARNING
Intelligent Protection Against the Next Generation of Threats Stop Targeted Attacks and Zero-Day Threats with Layered Protection FIREWALL AND INTRUSION PREVENTION Blocks malware before it spreads to your machine and controls traffic NETWORK Determines safety of files and websites using the wisdom of the community REPUTATION INSIGHT Pre-execution detection of new and evolving threats ARTIFICIAL INTELLIGENCE ADVANCED MACHINE LEARNING ANTIVIRUS Scans and eradicates malware that arrives on a system FILE SONAR Monitors and blocks files that exhibit suspicious behaviors BEHAVIOR Blocks infections from USB storage devices, helps prevent data theft DEVICE CONTROL USB STORAGE DEVICES Patented real-time cloud lookup for all scanned files The best way to protect against attacks is through layered protection. We have some protection techniques that you’ve heard of before and some new capabilities in our real-time cloud lookup and advanced machine learning. Network Protection: Layered protection at the endpoint with starts with strong intrusion prevention and firewall capabilities in the Network layer of defense. Stop drive-by downloads, social engineering, fake antivirus, botnets and unpatched vulnerabilities long before they take up residence and controls traffic. It can also be tuned to block out- bound traffic should an infection occur. Reputation Protection: Sophisticated threats require leveraging the collective wisdom of over 200 million systems to identify new and mutating malware. With Symantec’s Insight, companies have access to the largest global intelligence network available to allow them to filter every file on the Internet based on reputation. Artificial Intelligence: Advanced Machine Learning ensures pre-execution detection of threats, Intelligent Threat Cloud is Symantec’s most up-to-date cloud intelligence for every file scan, Generic Exploit Mitigation is Non-signature based to proactively block 0-day attacks File Protection: Signature based antivirus is only as good as the intelligence behind it. Our GIN enables us to identify new threats and update signatures faster to protect against viruses, worms, Trojans, spyware and root kits. It’s looks for and eradicates malware that has already taken up residence on the system. Alone, it’s not enough, however it’s a key component to keeping the billions and billions of known malware at bay while our advance protection focuses on advanced threats. Behavior Protection: Targeted and unknown threats can be caught by aggressively monitoring file processes as they execute and identifying malicious behavior. Symantec’s SONAR uses artificial intelligence, behavior signatures, and policy lockdown to monitor nearly 1400 file behaviors as they execute in real-time. When combined with Insight, this technology is able to aggressively stop zero-day threats, without spiking false-positives. Device Control: Storage Devices (like USBs) can be blocked to help avoid data theft. Copyright © 2016 Symantec Endpoint Protection Cloud

7 Predictive security –machine learning, file scanning, and hardening
Intelligent Protection : Advanced Protection Capabilities Predictive security –machine learning, file scanning, and hardening Advanced Machine Learning Intelligent Threat Cloud Generic Exploit Mitigation Let’s drill into our new Advanced Protection Capabilities a bit more: Advanced Machine Learning - The new machine learning engine is being introduced to detect unknown/0-day malwares using ML techniques. Symantec has been using ML techniques for quite a few years. A clustering system using Big Data techniques classifies malware submissions rapidly – a million samples under 6 hrs The new ML engine on the client will use supervised ML techniques that have been trained on a huge sample set obtained from Symantec’s Global Intelligence Network. Intelligent Threat Cloud Symantec’s most up-to-date cloud intelligence for every file scan. It has 15% faster scanning time with advanced design techniques (like pipelining , trust propagation and batched queries) and a faster boot up time Generic Exploit Mitigation  According to Symantec ISTR 2016, a new 0-day is found every week!  GEM is Non-signature based to block 0-day attacks. It proactively blocks exploits, works at the shell code level, and counters different exploitation techniques. Virtual patching for applications provides vulnerability shielding for applications, allows flexibility in patching schedules, and increases the cost for attackers. Intelligent ability to detect “new” and “unknown” threats Real-time protection from the cloud for every file scanned before it has had a chance to execute Blocks zero day attacks against vulnerable applications Copyright © 2016 Symantec Endpoint Protection Cloud

8 Ease of Deployment and Management
Easy to use single cloud-based console combines security and management: endpoint protection, management, mobility, and encryption Quick time to value - setup, configuration, and deployment in less than 5 minutes Always available and up to date - a cloud-based solution that future proofs your investment Beyond our ability to offer you intelligent protection SEP Cloud also is designed around ease of use and management. The single cloud-based console combines what you need for security and management: endpoint protection, management, mobility, and encryption making it easy for your IT staff. We offer a Quick time to value - setup, configuration, and deployment in less than 5 minutes. And finally, the cloud-based design means it’s always available and always up to date - future proofing your investment. Copyright © 2016 Symantec Endpoint Protection Cloud

9 INTUITIVE POLICY SETTING ALWAYS AVAILABLE CLOUD-BASED ARCHITECTURE
Ready to Protect Users in Under 5 Minutes Giving You Crucial Information To Protect Your Organization INTUITIVE POLICY SETTING FAST ACTION DASHBOARD ALWAYS UP TO DATE Create polices based on employee’s role or group (e.g. legal team vs. sales or marketing) seamlessly applied to all their devices. From the dashboard, find and remediate infected devices with three (3) clicks. Easily take action to bring devices back into compliance based on their status and distribution. information on the latest identified threat families provided automatically from the cloud plus live updates offer protection that is always up to date. To make it easy Endpoint Protection Cloud leverages a highly intuitive cloud management portal. Symantec Endpoint Protection Cloud’s highly intuitive cloud management allows you to secure and manage an expansive list of devices in the cloud including: PCs, laptops, mobile phones, tablets and servers with broad OS support (Mac, Windows, iOS and Android). On-click policy configuration can be applied to any user or group and all their devices. access policies can be created for mobile devices and can be adjusted depending on whether devices are personal or corporate owned The console dashboard allows IT to quickly take action to find and remediate infected devices, without going through an extra device view. The easy to use dashboard also provides a quick view of an entire organization’s devices, their status and distribution; with the ability to run reports and take action quickly to keep devices in compliance and secure. Cloud-based advanced protection and scanning capabilities actively work to identify new malware families. Endpoint Protection Cloud automatically checks the updated cloud information to supplement what is available on the device. Live updates then work to ensure the newest information is downloaded to the device on a regularly scheduled basis so it is always up to date. The cloud-based architecture means IT has access anytime, anywhere. ALWAYS AVAILABLE CLOUD-BASED ARCHITECTURE Cloud-based management console, user portal, real-time dashboard, and advanced endpoint protection Copyright © 2016 Symantec Endpoint Protection Cloud

10 Endpoint Protection Cloud
Low Total Cost of Ownership Endpoint Protection Cloud Finally SEP Cloud has low total cost of ownership. The service is affordably priced on a subscription basis allowing you to choose whether you want to use your CapEx or OpEx budget. The cloud-based architecture does not require any additional hardware to be installed in your environment saving you money on installation and on-going management. Finally, it is designed so that a single admin or IT generalist can successfully use the product. Affordable pricing model designed for small and mid-sized business budgets Low total cost of ownership - a cloud-based service requiring no additional infrastructure investments No dedicated resources or IT specialists (designed for IT generalists) Copyright © 2016 Symantec Endpoint Protection Cloud

11 Intelligent Protection
Endpoint Protection Cloud Intelligent, Simple, Affordable Endpoint Protection Intelligent Protection Advanced endpoint protection against zero-day attacks and ransomware using the worlds largest civilian global intelligence network Simple Intelligent To sum it up Symantec provides Intelligent, Simple, Affordable Endpoint Protection for your small or mid- sized business. When we talk about Endpoint Protection Cloud we talk about it along three pillars: Intelligent Protection Advanced anti-malware protection against zero-day attacks, ransomware, and emerging threats using the worlds largest civilian global intelligence network Easy to deploy and use (Simple) A single, cloud-based console combines security and management with one-step policy configuration based on the role of the user across all devices - deployed in 5 mins. Affordable to fit your budget SaaS pay as you go model that requires no additional infrastructure or IT staffing, and secures all devices for less than a dime a day. Easy to Deploy and Use A single, cloud-based console combines security and management with one-step policy configuration for users, groups, and devices - deployed in 5 mins Affordable SaaS pay as you go model that requires no additional infrastructure or IT staffing, and secures all devices for less than a dime a day Affordable Copyright © 2016 Symantec Endpoint Protection Cloud 11

12 Thank you! Click to add presenter’s name
Presenter’s Presenter’s phone Copyright © 2016 Symantec Endpoint Protection Cloud

13 Predictive security – advanced machine learning on the device
Intelligent Protection : Advanced Machine Learning Predictive security – advanced machine learning on the device Collect Training sets in Real-Time Training Algorithm Trained Machine New & Retrained Advanced ML Detect on client with Advanced Machine Learning 0-day protection against variants of the same malware family Customer Benefits: 0-day Protection against variants of the same malware family Trained with the power and scale of global intelligence and big data to detect large classes of malware generically with a very low FP rate Real time advanced machine Learning on the endpoint that achieves high efficacy with infrequent updates Detects large classes of malware with a low false positive rate High efficacy with infrequent updates Copyright © 2016 Symantec Endpoint Protection Cloud

14 Patented real-time cloud lookup for all scanned files
Intelligent Protection : Intelligent Threat Cloud Patented real-time cloud lookup for all scanned files Most up-to-date cloud intelligence for every file scan Intelligent Threat Cloud provides the freshest protection for all scanned files before the file has had a chance to execute Customer Benefit: Symantec’s most up-to-date cloud intelligence for every file scan 15% faster scanning time with advanced design techniques (like pipelining , trust propagation and batched queries) Faster boot up time 15% faster scanning time with advanced design techniques Faster boot-up time Copyright © 2016 Symantec Endpoint Protection Cloud

15 Blocks zero day attacks by hardening the operation system
Intelligent Protection : Generic Exploit Mitigation Blocks zero day attacks by hardening the operation system Timeline with GEM protection: Preemptively blocks exploit techniques, foiling attempts of attackers to take over a machine Operation Pawn Storm: Exploits attempts to disable Java Security Manager “GEM” stops the exploit Day 0 Signature-less and works regardless of the flaw/bug/vulnerability According to Symantec ISTR 2016 , a new 0-day is found every week! Generic Exploit Mitigation blocks zero day attacks by hardening the operating system and prevents targeted attacks that increasingly use zero-day exploits to take advantage of vulnerabilities in popular software (e.g. Acrobat, Office) Customer Benefit: Preemptively blocks exploit techniques, foiling attempts of attackers to take over a machine. Exploit Behaviors mitigated : SEHOP ( Stops Abuse of the Exception Handler) Heap Spray (Stops exploits that start via the Heap) Java Exploit Protection (Stops exploits that abuse the Java Security Manager) Signature-less and works regardless of the flaw/bug/vulnerability Timeline without GEM protection: Operation Pawn Storm: Java Exploit Reported No patch available yet Patch Available: Customer must schedule time to apply the patch Day 0: Exploit Reported Day 1: Detection Available Day 2: Lag to Patch Day 3: Requires Customer Action Copyright © 2016 Symantec Endpoint Protection Cloud

16 Symantec Global Threat Intelligence
Intelligent Protection : INSIGHT Unknown threats are exposed using age, frequency, and location Attack Quarantine System Good safety rating File is whitelisted Endpoints Analysts Gateways Symantec Insight uses reputation security technology that tracks billions of files from millions of systems to put files in context, using their age, frequency, location and more to identify low-risk vs high-risk threats. Based on advanced data mining techniques, Insight seeks out changing encryption and mutating code. Because of the security expertise of our analytics, robust analytics and warehouse of contextual data, Symantec Insight can identify how common or rare a file is, how old it is, its security rating, and how it might be associated with malware. Through context, Insight can identify new or rapidly mutating threats as well as targeted attacks. Insight separates files at risk from those that are safe, for faster and more accurate malware detection. Insight will boost the detection, performance, and accuracy of Symantec Endpoint Protection Cloud No safety rating yet Can be blocked Honeypots Global Sensor Network 3rd Party Affiliates Bad safety rating File is blocked Analytics Global Data Collection Big Data Analytics Symantec Global Threat Intelligence Warehouse Copyright © 2016 Symantec Endpoint Protection Cloud

17 Stop zero-day and unknown threats with behavioral monitoring
Intelligent Protection : SONAR Stop zero-day and unknown threats with behavioral monitoring Artificial Intelligence Based Classification Engine Human-authored Behavioral Signatures Behavioral Policy Lockdown SONAR™ technology monitors nearly 1400 file behavior as they execute in real-time. If any skeptical behavior is found, SONAR will block it automatically. With both Insight and SONAR, Symantec allows customers to protect against new and rapidly mutating malware and to stop zero-day threats without compromising performance or false-positive. The most advanced zero-day threats require file behavior monitoring only available through SONAR. Symantec’s SONAR uses artificial intelligence, behavior signatures, and policy lockdown to monitor nearly 1400 file behaviors as they execute in real-time. Rather than relying on how a file looks like, SONAR watches what a file does. Having analyzed millions of applications, SONAR quickly determines the behaviors of an application are good or bad. When an executable is launched, SONAR identifies malicious behavior and blocks it in real-time. Malware is stopped before it can run. Monitors nearly 1400 file behaviors to answer: What has it done? Where did it come from? What did it contain? Who is it related to? Copyright © 2016 Symantec Endpoint Protection Cloud

18 True user based pricing
Simple Pricing and Licensing Subscription license 1, 2, 3 year license options True user based pricing Unlimited devices per user* Separate pricing for servers Licensing programs Enterprise/Express/Rewards Customer Programs Government/Educational Programs Service Provider Program Endpoint Protection Cloud will be available as a subscription license with options for 1, 2 and 3 year options. As a true user based priced product, employees will be able to secure multiple devices from a single license. This will allow IT to predictably budget for endpoint security needs – as added devices will be applied to the same license. Endpoint Protection Cloud will be available in the customer, government/educational and service provider programs. Full List of pricing programs: ENTERPRISE EXPRESS ACAD GOV REWARDS XGEO* VPA* XSP* PARTNER PROGRAM EVALs NFR EFLEX *Tentative, based on program requirements changes *Device limitations will be outlined in End User License Agreement. Copyright © 2016 Symantec Endpoint Protection Cloud 18


Download ppt "Symantec Endpoint Protection Cloud"

Similar presentations


Ads by Google