introducing f-secure policy manager. page 2 agenda corporate security information security threats...
TRANSCRIPT
INTRODUCING F-SECURE POLICY MANAGER
Page 2
Agenda
Corporate Security
• Information Security Threats
• What is cybercrime?
• A typical day at the office
What is F-Secure Policy Manager?
• Policy Manager terminology
• Components
• Features
• What is new in Policy Manager 6?
• Another typical day at the office
CORPORATEINFORMATION SECURITY
Page 4
Security Aspects
Corporate security is divided into two groups
• Physical security (e.g. Security guards)
• Information security (e.g. IT systems)
Bringing those two groups under one roof is
essential to guarantee a secure company
environment
F-Secure focuses on corporate information
security
Page 5
Information Security Threats
Viruses and worms still the
largest threat
• Network and email worms
• File and macro viruses
• Mobile phone & handheld viruses
Spyware and spam emerging as
real threats
Various tools that enable hacking, spying and eavesdropping
• Back-door trojans
• Password breaking software
• Network scanners
Page 6
Corporate Risks
Information sharing
• Viruses are spreading very fast
• Unauthorized access to confidential information
Internet access
• Eavesdropping on data in transit
• Network worms
• Hacking tools for dummies
Mobility
• Intrusions to data devices outside corporate premises
Page 7
Cybercrime on the Rise
More and more businesses and private persons become victims of
computer criminals
• Defacements
• Credit card frauds
• Stolen identities
• Access to confidential information
• Taking over somebody’s computer/network
• Using somebody’s computer to launch attacks
Page 8
Computer Crime
Case Queensland
• A computerised waste management system in Australia was hacked in October 1999
• Hacker remotely opened floodgates, flooding raw sewage waste to a golf course and to the lawn of a local hotel
Case Fermi National Accelerator Lab, Illinois
• A computer intrusion was done to a nuclear research facility in USA
• The computers of the weapons test lab was used to store MP3 music files and porn movies
• A British teenager was convicted for this in 2004
Page 9
A Normal Day at the Office
Web Server UnprotectedMobile Host
Unprotected Hosts Unprotected File Server
x
Worm traffic
Normal traffic
INTRODUCING POLICY MANAGER
Page 11
What is F-Secure Policy Manager?
F-Secure Policy Manager is a scalable system to manage corporate
information security from a central point
It can be used to keep security software on hosts up-to-date, manage
configurations and monitor corporate domains
Page 12
F-Secure GatewaySecurity Applications
F-Secure WorkstationSecurity Applications
F-Secure Policy Manager 6.x
Policy Manager Server
Automatic Update System
Automatic Update AgentAutomatic Update ServerAutomatic Update Proxy
Policy Manager Proxy
Policy Manager Web Reporting
Policy Manager Console Certificate Wizard
Management Agent
Internet GatekeeperAnti-Virus for MS Exchange
Anti-Virus for Mimesweeper
Automatic Update Agent
Management Agent
Anti-Virus Client SecurityVPN+
Automatic Update Agent
Page 13
Policy Manager Terminology
System components
• F-Secure Policy Manager Server (PMS)
• F-Secure Policy Manager Web Reporting (PMWR)
• F-Secure Policy Manager Console (PMC)
• F-Secure Management Agent (FSMA)
• F-Secure Automatic Update System (AUSYS)
• F-Secure Automatic Update Agent (AUA)
• F-Secure Automatic Update Server (AUS)
• F-Secure Automatic Update Proxy (AUP)
Page 14
Policy Manager Server (PMS)
Management Agent (FSMA)
Policy Manager Console (PMC)
Web Reporting (PMWR)
Core Components
• Creates wide range of graphical reports• Installed with PMS during installation
• Central data repository• Acts as link between PMC and FSMA hosts
• Used to administer the policy domain • Java-based graphical user interface
• Enforces the security policies on the host• Provides the end user interface
Page 15
F-Secure Automatic Update System
Automatic Update Agent (AUA)
Automatic Update Server (AUS)
Automatic Update Proxy (AUP)
• Installed on PMS and managed hosts• Automatically installed (always required)• Periodically checks for database updates
• Installed on PMS (automatically)• Receives updates from AUA• Provides database updates for AVCS 6 only
• Installed on dedicated PM Proxy• Receives updates from AUS• Provides database updates for AVCS 6 only
Page 16
Policy Manager 6 Core Features
Centralized Security Management
• Centralized software distribution
• First time installations with F-Secure Push Installation
• Policy based installations and updates
• Hotfix distributions
• Centralized policy configuration and distribution
• Managing all point applications settings and restrictions from a single graphical interface
• Policy domain monitoring
• Policy Manager status information, alerts and host properties
• Creating textual and graphical reports on host events
Page 17
Policy Manager 6 Core Features
Automatic Update Mechanism
• Fully automated and distributed updates
• Virus definition updates
• Spyware definitions updates
• Virus news
• Automatic update failover mechanism for managed hosts
Data integrity
• All software packages, updates and policies are digitally signed
• Policy data signed with wrong keys is rejected and alerted
Page 18
Anti-Virus Client Security 6 Core Features
Virus and Spyware Protection
• Real-time scanning
• Virus and Spyware
• HTTP traffic (no HTTPs)
• Registry monitoring
Internet Shield
• Intrusion Prevention (IDS/IPS)
• Personal Firewall
• Application Control (Trojan defence)
Automatic Update Mechanism
• Virus and Spyware updates
• Virus news
Page 19
What is new in Policy Manager 6?
Centrally managed Anti-Spyware
• Spyware Quarantine
Centrally managed web traffic scanning
• Host based HTTP scanning
Enhanced network security
• Network Quarantine for INA
• Cisco Network Admission Control (NAC) support
Page 20
What is new in Policy Manager 6?
Virus Outbreak Management
• Virus news on PMC
• Automatic detection of vulnerable hosts
Improved database update mechanism
• F-Secure Automatic Update Server
• F-Secure Policy Manager Proxy (centrally manageable)
MSI package export from PMC
• Allows software distribution with AD
Page 21
Another Day at the Office
Web Server ManagedMobile Host
Managed Hosts F-Secure Policy Manager
x
Worm traffic
Policy trafficx
Page 22
Summary
Corporate Security
• Information Security Threats
• What is cybercrime?
• A typical day at the office
What is F-Secure Policy Manager?
• Policy Manager terminology
• Components
• Features
• What is new in Policy Manager 6?
• Another day at the office