Presentation is loading. Please wait.

Presentation is loading. Please wait.

Symantec Endpoint Protection 11.0 Overview and Architecture Silviu Popescu Symantec Product Manager at Omnilogic SRL.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Symantec Endpoint Protection 11.0 Overview and Architecture Silviu Popescu Symantec Product Manager at Omnilogic SRL."— Presentation transcript:

1 Symantec Endpoint Protection 11.0 Overview and Architecture Silviu Popescu Symantec Product Manager at Omnilogic SRL

2 2 Symantec™ Global Intelligence Network > 6,000 Managed Security Devices + 120 Million Systems Worldwide + 30% of World’s email Traffic + Advanced Honeypot Network Reading, England Alexandria, VA Sydney, Australia Mountain View, CA Santa Monica, CA Calgary, Canada San Francisco, CA Dublin, Ireland Pune, India Taipei, Taiwan Tokyo, Japan 3 Symantec SOCs 80 Symantec Monitored Countries 40,000+ Registered Sensors in 180+ Countries 8 Symantec Security Response Centers

3 3 Attack Trends Data Breaches Information on data breaches that could lead to identity theft. Data collected is not Symantec data. The government sector accounted for the majority of data breaches with 25%, followed by Education (20%) and Healthcare (14%) - the majority of breaches (54%) were due to theft or loss with hacking only accounting for 13%.

4 4 Attack Trends Underground Economy Servers Trading in credit cards, identities, online payment services, bank accounts, bots, fraud tools, etc. are ranked according to goods most frequently offered for sale on underground economy servers. Credit cards were the most frequently advertised item (22%) followed by bank accounts (21%). Email passwords sell for almost as much as a bank account.

5 5 Attack Trends „underground” black trading

6 6 Finance sector – headlines http://money.cnn.com/2005/05/23/news/fortune500/bank_info/

7 7 Finance II http://www.theregister.co.uk/2007/04/19/phishing_evades_two-factor_authentication/

8 8 Malicious Code Trends New malicious code threats In the first half of 2007, 212,101 new malicious code threats were reported to Symantec. This is a 185% increase over the second half of 2006. This increase can mainly be attributed to new Trojans such as staged downloaders. The first stage of a staged downloader is usually written for a specific target or purpose, resulting in the creation of a very large number of them.

9 9 ’05 Threat Landscape Shift Threats are indiscriminate, hit everyone Threats are highly targeted, regionalized Threats are disruptive  impact visible Threats steal data & damage brands  impact unclear Remediation action is technical (“remove”)‏ Remediation more complex, may need to investigate data leak Going through perimeter and gateway Going after uneducated network clients and other endpoints 2006 Landscape Crimeware 2004 Landscape Virus Threats are noisy & visible to everyone Threats are silent & unnoticed with variants The Battle has changed

10 10 Client Firewall O/S Protection Buffer overflow & exploit protection Behaviour Blocking Device controls Network IPS Host integrity & remediation Protection Technology Anti-spyware AntiVirus Network Connection Operating System Memory/ Processes Applications Worms, exploits & attacks Viruses, Trojans, malware & spyware Malware, Rootkits, day-zero vulnerabilities Buffer Overflow, process injection, key logging Zero-hour attacks, identity theft, application injection I/O Devices iPod slurping, IP theft Endpoint Exposures Always on, always up-to- date Data & File System Symantec Confidence Online Symantec Sygate Enterprise Protection Symantec Critical System Protection Symantec Client Security Symantec Mobile Security Symantec Network Access Control Symantec Solution Symantec AntiVirus Symantec Endpoint Protection Anatomy of Layered Endpoint Protection

11 Scope of Endpoint Protection

12 12 Symantec Endpoint Protection - Summary The World’s leading anti-virus solution More consecutive Virus Bulletin certifications (31) than any vendor Best anti-spyware, leading the pack in rootkit detection and removal Includes VxMS scanning technology (Veritas)‏ Industry’s best managed desktop firewall Adaptive policies lead the pack for location awareness Sygate and Symantec Client Security Behavior-based Intrusion prevention (Whole Security)‏ Network traffic inspection adds vulnerability-based protection Device control to prevent data leakage at the endpoint (Sygate)‏ Protection against mp3 players, USB sticks, etc Includes a NAC agent to ensure each endpoint is “NAC- ready” (Sygate)‏ Adds endpoint compliance to endpoint protection AntiVirus Antispyware Firewall Intrusion Prevention Device Control Network Access Control

13 13 Ingredients for Endpoint Security Symantec Endpoint Protection 11.0 AntiVirus Antspyware Firewall Intrusion Prevention Device Control Network Access Control Symantec Network Access Control 11.0

14 14 Ingredients for Endpoint Protection AntiVirus World’s leading AV solution Most (31) consecutive VB100 Awards

15 15 Few more detailed information... Forrás: Andreas Clementi, Antivirus comparative summary report 2006

16 16 Ingredients for Endpoint Protection AntiVirus Antispyware Best rootkit detection and removal Raw Disk Scan for superior Rootkit protection Source: Thompson Cyber Security Labs, August 2006

17 17 Ingredients for Endpoint Protection AntiVirus Antispyware Firewall Industry leading endpoint firewall technology Gartner MQ “Leader” – 4 consecutive years Rules based FW can dynamically adjust port settings to block threats from spreading

18 18 Ingredients for Endpoint Protection AntiVirus Antispyware Firewall Intrusion Prevention Combines network- and host based prevention Generic Exploit Blocking (GEB) – one signature to proactively protect against all variants Granular application access control Proactive Threat Scans - Very low (0.002%) false positive rate 16M Installations Only 20 False Positives for every 1 Million PC’s

19 19 Ingredients for Endpoint Protection AntiVirus Antispyware Firewall Intrusion Prevention Device Control Prevents data leakage Restrict Access to devices (USB keys, Back- up drives, MP3) New Worm - W32.SillyFDC targets removable memory sticks spreads by copying itself onto removable drives such as USB memory sticks automatically runs when the device is next connected to a computer

20 20 Ingredient for Endpoint Compliance AntiVirus Antispyware Firewall Intrusion Prevention Device Control Network Access Control Network access control – ready Agent is included, no extra agent deployment Simply license SNAC Server

21 New Key Features

22 22 Symantec Endpoint Protection Manager Features Overview Monitoring & Reporting  Email report distribution  Centralized event logging  Customizable report filters  Real-time event viewing  Command system  Network security status view  Notifications view  Event export to SSIM & 3 rd -party SIEM solutions  Embedded and MSSQL support Administration  Centralized, web- based console  Simplified user interface for SMB and enterprises  Role-based access  Administrative domains  Assign rights by user or group  User-defined, multi- tiered groups  RSA SecurID authentication Policy Actions  Integrated management of all agent components  Single console to define & manage AV, FW, NAC and other policies  Group-based policy application  Reusable policy objects  Centralized setting of exclusions and exceptions Deployment & Integration  Client Install package builder  Patch & update  Remote agent installation  Import and sync AD users and Org Units  Authenticate admin users via AD  Customizable agent package installation settings  Migration from SAV, SCS, SSEP & SNAC

23 23 Symantec Endpoint Protection 11 Proactuv security solution for endpoints The traditional signature based technology is obsolated 24 MB memory footprint – full arenal;layered securty Network Access Control functionality –LAN (802.1x), Layer-2 and DHCP Device Control –USB, Fireware, Bloototh, Infrared, SCSI,... –„System lockdown” – even the admin can not change... Full, complete integration –Single management console, centralized log, report The price is not a question... and this all for unchanged price – in symantec antivirus price – and this all for unchanged price – in symantec antivirus price

24 24 © 2006 Symantec Corporation. All rights reserved. THIS DOCUMENT IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY AND IS NOT INTENDED AS ADVERTISING. ALL WARRANTIES RELATING TO THE INFORMATION IN THIS DOCUMENT, EITHER EXPRESS OR IMPLIED, ARE DISCLAIMED TO THE MAXIMUM EXTENT ALLOWED BY LAW. THE INFORMATION IN THIS DOCUMENT IS SUBJECT TO CHANGE WITHOUT NOTICE. Thank You

Download ppt "Symantec Endpoint Protection 11.0 Overview and Architecture Silviu Popescu Symantec Product Manager at Omnilogic SRL."

Similar presentations

‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, 2012 1 Industry and the fight against cybercrime.

‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, Industry and the fight against cybercrime.
The System Center Family Microsoft. Mobile Device Manager 2008.

The System Center Family Microsoft. Mobile Device Manager 2008.
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
Bucharest, July 31, 2012 | Bitdefender 2012 Cloud Security for Endpoints Customer Presentation.

Bucharest, July 31, 2012 | Bitdefender 2012 Cloud Security for Endpoints Customer Presentation.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.
What’s New in BMC ProactiveNet 9.5?

What’s New in BMC ProactiveNet 9.5?
The Changing Face of Endpoint Security K Varadarajan Regional Manager, Enterprise Sales, Symantec Security Conference 2010_Bangalore.

The Changing Face of Endpoint Security K Varadarajan Regional Manager, Enterprise Sales, Symantec Security Conference 2010_Bangalore.
Copyright© 2005-2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.

Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
Redefining Endpoint Security Alexander Paral Manager Pre Sales Consulting 19.11.2008.

Redefining Endpoint Security Alexander Paral Manager Pre Sales Consulting
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Information Security in Real Business

Information Security in Real Business
LittleOrange Internet Security an Endpoint Security Appliance.

LittleOrange Internet Security an Endpoint Security Appliance.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.

Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Norman Endpoint Protection Advanced security made easy.

Norman Endpoint Protection Advanced security made easy.
Практические аспекты аутсорсинга ИБ Алексей Чередниченко Ведущий консультант, Symantec Services Group 28 апреля 2009.

Практические аспекты аутсорсинга ИБ Алексей Чередниченко Ведущий консультант, Symantec Services Group 28 апреля 2009.

Similar presentations

Ads by Google