prueba de presentacion
DESCRIPTION
Prueba de apertura de cuenta y carga de power points para la UTPL materia: Computacion Att. Ruby Chavez VTRANSCRIPT
Redefining Endpoint Security
Entrenamiento Interno:
Seguridad y Disponibilidad
2
Symantec Endpoint Protection11
Symantec Multi-tier Protection22
Symantec Backup Exec44
Agenda
Network Access Control33
Backup Exec System Recovery55
3
Business Problems at the Endpoint
• Endpoint management costs are increasing
– Cost of downtime impacts both productivity and revenue, productivity hit largest in enterprise
– Costs to acquire, manage and administer point products are increasing, as well as the demand on system resources
• Complexity is increasing as well
– Complexity and resources needed to manage disparate endpoint protection technologies are inefficient and time consuming
Source: Internet Security Threat Report Vol. XIII; Mar 2008Source: Internet Security Threat Report Vol. XIII; Mar 2008
• Growing number of known and unknown threats
– Stealth-based and silent attacks are increasing, so there is a need for antivirus to do much more
Significant Increase in Malicious New Code Threats
44
Key Ingredients for Endpoint Protection
Antivirus
AntiVirus
• World’s leading AV solution
• Most (38) consecutive VB100 Awards
Virus Bulletin – June 2008Virus Bulletin – June 2008
55
Key Ingredients for Endpoint Protection
Antivirus
Antispyware
Antispyware
• Best rootkit detection and removal
• VxMS = superior rootkit protection
Source: Thompson Cyber Security Labs, August 2006
Viruses, Trojans, WormsViruses, Trojans, Worms
66
Key Ingredients for Endpoint Protection
Antivirus
Antispyware
Firewall
Firewall
• Industry leading endpoint firewall technology
• Gartner MQ “Leader” – 4 consecutive years
• Rules based FW can dynamically adjust port settings to block threats from spreading
Viruses, Trojans, WormsViruses, Trojans, Worms
Spyware, RootkitsSpyware, Rootkits
77
Key Ingredients for Endpoint Protection
Antivirus
Antispyware
Firewall
IntrusionPrevention
Intrusion Prevention
• Combines NIPS (network) and HIPS (host)
• Generic Exploit Blocking (GEB) – one signature to proactively protect against all variants
• Granular application access control
• TruScanTM - Proactive Threat Scanning technology - Very low (0.0049%) false positive rate
• Detects 1,000 new threats/month - not detected by leading av engines
No False Alarm
False Alarms
25M Installations25M Installations
Fewer than 50 False Positives for every 1 MM PC’s
Fewer than 50 False Positives for every 1 MM PC’s
Worms, SpywareWorms, Spyware
Spyware, RootkitsSpyware, Rootkits
Viruses, Trojans, WormsViruses, Trojans, Worms
8
Vulnerability Announcement
Exploit Timeline
0 Day 6-7 Days
Vulnerability Exploit
Virus Signature
~3 Hours Later
Number of Variants Blocked
Single GEB Signature Threat
814MS RPC DCOM
BOBlaster
426MS_RPC_NETDDE
_BOW32.Mytob.IM@
mm
394 MS LSASS BO Sasser
250RPC_NETAPI32_B
OW97M.Invert.B
121NetBIOS MS NO
(TCP)W32.Gaobot.AA
Y
Generic Exploit Blocking Vulnerability-Based Signature
Based on vulnerabilities’ characteristics
<24 Hours
TruScanTM
Proactive Threat Scan technology Behavior Analysis
99
Key Ingredients for Endpoint Protection
Antivirus
Antispyware
Firewall
IntrusionPrevention
Device and ApplicationControl
Device and Application Control
• Prevents data leakage
• Restrict Access to devices (USB keys, Back-up drives)
• Whitelisting – allow only “trusted” applications to run
W32.SillyFDC
• targets removable memory sticks
• spreads by copying itself onto removable drives
such as USB memory sticks
• automatically runs when the device is next
connected to a computer
Spyware, RootkitsSpyware, Rootkits
Viruses, Trojans, WormsViruses, Trojans, Worms
Worms, SpywareWorms, Spyware
0-day, Key Logging0-day, Key Logging
1010
Key Ingredient for Endpoint Compliance
Antivirus
Antispyware
Firewall
IntrusionPrevention
Device and Application Control
Network AccessControl
Network Access Control
• Comes ready for Network Access Control – add on
• Agent is included, no extra agent deployment
• Simply license SNAC Enforcement
1111
Next Generation Symantec AntiVirus
Results:
Reduced Cost, Complexity &
Risk Exposure
Increased Protection, Control &
Manageability
Antivirus
Antispyware
Firewall
IntrusionPrevention
Device and ApplicationControl
Network AccessControl
Single Agent, Single ConsoleSingle Agent, Single Console
Managed by Symantec Endpoint Protection Manager
Managed by Symantec Endpoint Protection Manager
Symantec Network Access Control 11.0
Symantec Endpoint Protection 11.0
12
Next Generation Management
Comprehensive Reporting
• 50+ canned reports
• Customizable Dashboard
• Monitors
13
Entitlement Summary
If Customer Owns (any): They Get:
1414
Endpoint Bundles/ Multi-Product Packages• Symantec™ Multi-tier Protection 11.0
– Safeguards enterprise assets and lowers risk by providing unmatched protection against threats for multiplatform network environments, mobile devices, mail servers and SMTP gateways
– Includes:• Symantec Endpoint Protection 11.0 • Symantec AntiVirus for Macintosh & Linux• Symantec Mail Security for Domino & MS Exchange • Symantec Mobile AntiVirus for Windows Mobile (NEW!)• SMS 8300 Software Subscription (AV & AS) (NEW!)• Premium Antispam (NEW!)
• Symantec™ Multi-tier Protection Small Business Edition 11.0 – A simple and cost-effective solution designed to safeguard business assets through
Symantec's trusted protection – Includes:
• Symantec Endpoint Protection 11.0 • Symantec Mail Security for MS Exchange • Symantec AntiVirus for Macintosh 10.2 (NEW!)• Premium Antispam (NEW!)
15
Challenge:Access to Corporate Networks
Corporate Network
Partners
Consultants
AuditorsHome PC
Hotel Business Center
Partners
Open access to corporate networks meanshigher risk for infection
Consultants
Solution:Network Access Control
• Checks adherence to endpoint security policies Antivirus installed and current?
Firewall installed and running?
Required patches and service packs?
Required configuration?
• Fixes configuration problems
• Controls guest access
Network Access Control helps prevent malware from spreading throughout the network
NAC is process that creates a much
more secure network
Network Access Control (continued)
• Restricts access to your network by creating a closed system
• Offers automatic endpoint remediation before access is granted
• Checks adherence to endpoint security policies even when connected to network
Corporate Network
Employees Non-employees
ManagedUnmanaged
On-site Remote
18
Symantec Network Access Control 3 Key Components
1. Central Management Console
2. Endpoint Evaluation Technology
3. Enforcer
19
1. Central Management Console
• Policy Management
• Web-based GUI
• Enterprise class/scale
• Role-based access
• Hierarchical views
• Integration with Active Directory
Symantec Endpoint Protection Manager
Same Management Console used for Symantec Endpoint Protection 11.0
20
2. Endpoint Evaluation Technologies
Symantec Endpoint Protection 11.0 agentis SNAC ready
Dissolvable Agents‘Unmanaged’ Endpoints
Better
Remote Scanner‘Unmanagable’ Endpoints
Good
Persistent Agents‘Managed’ Endpoints
Best
21
3. Enforcers
Symantec LAN Enforcer-802.1X
Symantec DHCP Enforcer
Symantec Gateway Enforcer
Symantec Self-Enforcement
Ho
st-b
ased
Net
wo
rk-b
ased
(o
pti
on
al)
Best
Better
Good
22
How SNAC is Packaged
Central Management Console
Endpoint Evaluation Technology
Endpoint Evaluation Technology
Symantec Endpoint Protection Manager
Persistent Agent (SNAC Agent)
Dissolvable Agent (On-Demand Agent)
Remote Vulnerability Scanner
Self - Enforcement
Gateway Enforcement
DHCP Enforcement
LAN (802.1x) Enforcement
*
*
Add On
Add On
Add On
Add On
*
SymantecNetworkAccess Controlv 11.0
SymantecNetworkAccess Control
Starter Editionv 11.0
* Required purchase of an enforcer appliance
23
Symantec NAC Self-Enforcement:How It Works
Onsite or Remote Laptop
Symantec Endpoint
Protection Manager
RemediationResources
Client connects to network and
validates policy
PersistentAgent
performs self-
compliance checks
Compliance fail: Apply “Quarantine”
firewall policy
Compliance pass: Apply “Office” firewall policy
Host Integrity Rule Status
Anti-Virus On Anti-Virus Updated Personal Firewall On Service Pack Updated
Patch Updated
Persistent Agent
Protected Network
Quarantine
Patch Updated
24Backup Exec 12.5 & Backup Exec System Recovery 8.5
Backup Exec 12.5: NEW Comprehensive Data Protection for VMware and Hyper-V Systems
– Reduce Cost and Management of Multiple Products - complete data protection for physical and virtual server environments from a single console
– Reduce Complexity – automatically discover and backup of unlimited guest machines to disk or tape with a single agent
– Reduce Recovery Time - granular file-level and image-level recovery with a single backup
Exchange 2007
VMware ESX Server or Microsoft Hyper-V
Backup Exec 12.5 Media Server
24
25
Backup Exec 12.5: NEW Comprehensive Data Protection for VMware and Hyper-V Systems
Efficient Backup of VMware and Hyper-V
Virtual Server Environments
Efficient Backup of VMware and Hyper-V
Virtual Server Environments
Comprehensive BackupComprehensive Backup
25Backup Exec 12.5 & Backup Exec System Recovery 8.5
26
Backup Exec 12.5: NEW Comprehensive Data Protection for VMware and Hyper-V Systems
26
Easily restore an entire guest machine…
Easily restore an entire guest machine…
Fast RecoveryFast Recovery
Backup Exec 12.5 & Backup Exec System Recovery 8.5
27
Backup Exec 12.5: NEW Comprehensive Data Protection for VMware and Hyper-V Systems
27
…and granular files or folders from a single image-level backup
…and granular files or folders from a single image-level backup
Fast RecoveryFast Recovery
Backup Exec 12.5 & Backup Exec System Recovery 8.5
28Backup Exec 12.5 & Backup Exec System Recovery 8.5
Backup Exec System Recovery 8.5: NEW Immediate System Recovery to Virtual Servers
– Dramatically Reduce System Downtime - Scheduled physical to virtual conversions enable immediate system recovery
– Reduce Management Time and Set-up - Easy-to-use, virtual conversion wizard
– Supports the Latest Virtual Environments - VMware ESX 3.5, Microsoft Hyper-V, and Citrix XenServer 4.x
VMware ESX ServerVMware ESX Server
Microsoft Hyper-VMicrosoft Hyper-V
Physical System with Backup Exec
System Recovery 8.5
Physical System with Backup Exec
System Recovery 8.5
Citrix XenServer 4.xCitrix XenServer 4.x
28
29Backup Exec 12.5 & Backup Exec System Recovery 8.5
Backup Exec Family: NEW Market Leading Windows Data and System Protection
Microsoft Windows Server 2008Windows Small Business Server 2008
Windows Essential Business Server 2008Microsoft Hyper-VSQL Server 2008
Microsoft Windows Server 2008Windows Small Business Server 2008
Windows Essential Business Server 2008Microsoft Hyper-VSQL Server 2008
First to Market Protection for the Complete Microsoft Windows Server 2008 Portfolio
First to Market Protection for the Complete Microsoft Windows Server 2008 Portfolio
Complete Windows recovery from data corruption, human error or IT disasters in minutes!
Complete Windows recovery from data corruption, human error or IT disasters in minutes!
29
3030
Pricing
3131
Backup Exec 12.5 Pricing
Core Products MSRP Licensed
Backup Exec for Windows Servers
Also supports Windows Essential Business Server 2008
Includes: Continuous Protection Server, Advanced Open File and Intelligent Disaster Recovery Functionality
$995Per Media
Server
Backup Exec for Windows
Small Business Servers Standard
*Supports all Backup Exec Agents and Options except Central Administration Server Option (CASO) & Shared Storage Option (SSO)
$595Per SBS Standard
Server
Backup Exec for Windows
Small Business Servers Premium
*Supports all Backup Exec Agents and Options except Central Administration Server Option (CASO) & Shared Storage Option (SSO)
**Includes an additional Agent for Windows Systems
$795Per SBS Premium Server
Backup Exec 12.5 & Backup Exec System Recovery 8.5
3232
Database & Groupware Agents Pricing
Agents MSRP Licensed
Agent for Microsoft Exchange $995 Per Exchange Server
Agent for Microsoft SQL $995 Per SQL Server
Agent for Microsoft SharePoint Server $995 Per SharePoint Server
Agent for DB2 on Windows Servers $995 Per DB2 Server
Agent for Oracle Windows and Linux Servers $995 Per Oracle Server
Agent for Lotus Domino Server $995 Per Lotus Domino Server
Agent for Oracle RAC $3195 Per Oracle RAC Server
Agent for SAP Applications $3195 Per SAP Server
Agent for Enterprise Vault$1595
Per Enterprise Vault Server
Backup Exec 12.5 & Backup Exec System Recovery 8.5
3333
Backup Exec System Recovery 8.5
Backup Exec System Recovery 8.5MSRPUSD
Licensed
Backup Exec System Recovery Server Edition $1,095 Per Server
Backup Exec System Recovery Small Business Server Edition (includes Granular Restore Option)
$695 Per Server
Backup Exec System Recovery Desktop Edition $69Per
Workstation
Backup Exec System Recovery Manager $1,495 Centralized
Backup Exec System Recovery Granular Restore Option $995 Per Server
Backup Exec System Recovery Starter Kit(Includes 5 Server Edition licenses, 1 Manager, and 1 Granular Restore Option – saving of 25% !!)
$5,995Per
Description
Backup Exec 12.5 & Backup Exec System Recovery 8.5
34
• For customers who require 24x7x365 access to technical experts
• FREE Product Upgrades
• Faster response times than Basic Maintenance
• Most purchased offering
• 23% of MSRP
• Recommended minimum for Symantec products:
- Many jobs run in the middle of the night
- Hackers don’t keep business hours
Essential Support
• Support during business hours
• Includes FREE Product Upgrades
• Lowest price option
• 18% of MSRP
Basic Maintenance
Increase Revenue and Customer Success with the Right Support Plan
Attach Support to Every Backup Exec Sale
34Backup Exec 12.5 & Backup Exec System Recovery 8.5
Thank You!
Copyright © 2007 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.