prueba de presentacion

Redefining Endpoint Security

Entrenamiento Interno:

Seguridad y Disponibilidad

2

Symantec Endpoint Protection11

Symantec Multi-tier Protection22

Symantec Backup Exec44

Agenda

Network Access Control33

Backup Exec System Recovery55

3

Business Problems at the Endpoint

• Endpoint management costs are increasing

– Cost of downtime impacts both productivity and revenue, productivity hit largest in enterprise

– Costs to acquire, manage and administer point products are increasing, as well as the demand on system resources

• Complexity is increasing as well

– Complexity and resources needed to manage disparate endpoint protection technologies are inefficient and time consuming

Source: Internet Security Threat Report Vol. XIII; Mar 2008Source: Internet Security Threat Report Vol. XIII; Mar 2008

• Growing number of known and unknown threats

– Stealth-based and silent attacks are increasing, so there is a need for antivirus to do much more

Significant Increase in Malicious New Code Threats

44

Key Ingredients for Endpoint Protection

Antivirus

AntiVirus

• World’s leading AV solution

• Most (38) consecutive VB100 Awards

Virus Bulletin – June 2008Virus Bulletin – June 2008

55


Antivirus

Antispyware

Antispyware

• Best rootkit detection and removal

• VxMS = superior rootkit protection

Source: Thompson Cyber Security Labs, August 2006

Viruses, Trojans, WormsViruses, Trojans, Worms

66


Antivirus

Antispyware

Firewall

Firewall

• Industry leading endpoint firewall technology

• Gartner MQ “Leader” – 4 consecutive years

• Rules based FW can dynamically adjust port settings to block threats from spreading


Spyware, RootkitsSpyware, Rootkits

77


Antivirus

Antispyware

Firewall

IntrusionPrevention

Intrusion Prevention

• Combines NIPS (network) and HIPS (host)

• Generic Exploit Blocking (GEB) – one signature to proactively protect against all variants

• Granular application access control

• TruScanTM - Proactive Threat Scanning technology - Very low (0.0049%) false positive rate

• Detects 1,000 new threats/month - not detected by leading av engines

No False Alarm

False Alarms

25M Installations25M Installations

Fewer than 50 False Positives for every 1 MM PC’s

Fewer than 50 False Positives for every 1 MM PC’s

Worms, SpywareWorms, Spyware



8

Vulnerability Announcement

Exploit Timeline

0 Day 6-7 Days

Vulnerability Exploit

Virus Signature

~3 Hours Later

Number of Variants Blocked

Single GEB Signature Threat

814MS RPC DCOM

BOBlaster

426MS_RPC_NETDDE

_BOW32.Mytob.IM@

mm

394 MS LSASS BO Sasser

250RPC_NETAPI32_B

OW97M.Invert.B

121NetBIOS MS NO

(TCP)W32.Gaobot.AA

Y

Generic Exploit Blocking Vulnerability-Based Signature

Based on vulnerabilities’ characteristics

<24 Hours

TruScanTM

Proactive Threat Scan technology Behavior Analysis

99


Antivirus

Antispyware

Firewall

IntrusionPrevention

Device and ApplicationControl

Device and Application Control

• Prevents data leakage

• Restrict Access to devices (USB keys, Back-up drives)

• Whitelisting – allow only “trusted” applications to run

W32.SillyFDC

• targets removable memory sticks

• spreads by copying itself onto removable drives

such as USB memory sticks

• automatically runs when the device is next

connected to a computer



Worms, SpywareWorms, Spyware

0-day, Key Logging0-day, Key Logging

1010

Key Ingredient for Endpoint Compliance

Antivirus

Antispyware

Firewall

IntrusionPrevention

Device and Application Control

Network AccessControl

Network Access Control

• Comes ready for Network Access Control – add on

• Agent is included, no extra agent deployment

• Simply license SNAC Enforcement

1111

Next Generation Symantec AntiVirus

Results:

Reduced Cost, Complexity &

Risk Exposure

Increased Protection, Control &

Manageability

Antivirus

Antispyware

Firewall

IntrusionPrevention

Device and ApplicationControl

Network AccessControl

Single Agent, Single ConsoleSingle Agent, Single Console

Managed by Symantec Endpoint Protection Manager

Managed by Symantec Endpoint Protection Manager

Symantec Network Access Control 11.0

Symantec Endpoint Protection 11.0

12

Next Generation Management

Comprehensive Reporting

• 50+ canned reports

• Customizable Dashboard

• Monitors

13

Entitlement Summary

If Customer Owns (any): They Get:

1414

Endpoint Bundles/ Multi-Product Packages• Symantec™ Multi-tier Protection 11.0

– Safeguards enterprise assets and lowers risk by providing unmatched protection against threats for multiplatform network environments, mobile devices, mail servers and SMTP gateways

– Includes:• Symantec Endpoint Protection 11.0 • Symantec AntiVirus for Macintosh & Linux• Symantec Mail Security for Domino & MS Exchange • Symantec Mobile AntiVirus for Windows Mobile (NEW!)• SMS 8300 Software Subscription (AV & AS) (NEW!)• Premium Antispam (NEW!)

• Symantec™ Multi-tier Protection Small Business Edition 11.0 – A simple and cost-effective solution designed to safeguard business assets through

Symantec's trusted protection – Includes:

• Symantec Endpoint Protection 11.0 • Symantec Mail Security for MS Exchange • Symantec AntiVirus for Macintosh 10.2 (NEW!)• Premium Antispam (NEW!)

15

Challenge:Access to Corporate Networks

Corporate Network

Partners

Consultants

AuditorsHome PC

Hotel Business Center

Partners

Open access to corporate networks meanshigher risk for infection

Consultants

Solution:Network Access Control

• Checks adherence to endpoint security policies Antivirus installed and current?

Firewall installed and running?

Required patches and service packs?

Required configuration?

• Fixes configuration problems

• Controls guest access

Network Access Control helps prevent malware from spreading throughout the network

NAC is process that creates a much

more secure network

Network Access Control (continued)

• Restricts access to your network by creating a closed system

• Offers automatic endpoint remediation before access is granted

• Checks adherence to endpoint security policies even when connected to network

Corporate Network

Employees Non-employees

ManagedUnmanaged

On-site Remote

18

Symantec Network Access Control 3 Key Components

1. Central Management Console

2. Endpoint Evaluation Technology

3. Enforcer

19

1. Central Management Console

• Policy Management

• Web-based GUI

• Enterprise class/scale

• Role-based access

• Hierarchical views

• Integration with Active Directory

Symantec Endpoint Protection Manager

Same Management Console used for Symantec Endpoint Protection 11.0

20

2. Endpoint Evaluation Technologies

Symantec Endpoint Protection 11.0 agentis SNAC ready

Dissolvable Agents‘Unmanaged’ Endpoints

Better

Remote Scanner‘Unmanagable’ Endpoints

Good

Persistent Agents‘Managed’ Endpoints

Best

21

3. Enforcers

Symantec LAN Enforcer-802.1X

Symantec DHCP Enforcer

Symantec Gateway Enforcer

Symantec Self-Enforcement

Ho

st-b

ased

Net

wo

rk-b

ased

(o

pti

on

al)

Best

Better

Good

22

How SNAC is Packaged

Central Management Console

Endpoint Evaluation Technology

Endpoint Evaluation Technology

Symantec Endpoint Protection Manager

Persistent Agent (SNAC Agent)

Dissolvable Agent (On-Demand Agent)

Remote Vulnerability Scanner

Self - Enforcement

Gateway Enforcement

DHCP Enforcement

LAN (802.1x) Enforcement

*

*

Add On

Add On

Add On

Add On

*

SymantecNetworkAccess Controlv 11.0

SymantecNetworkAccess Control

Starter Editionv 11.0

* Required purchase of an enforcer appliance

23

Symantec NAC Self-Enforcement:How It Works

Onsite or Remote Laptop

Symantec Endpoint

Protection Manager

RemediationResources

Client connects to network and

validates policy

PersistentAgent

performs self-

compliance checks

Compliance fail: Apply “Quarantine”

firewall policy

Compliance pass: Apply “Office” firewall policy

Host Integrity Rule Status

Anti-Virus On Anti-Virus Updated Personal Firewall On Service Pack Updated

Patch Updated

Persistent Agent

Protected Network

Quarantine

Patch Updated

24Backup Exec 12.5 & Backup Exec System Recovery 8.5

Backup Exec 12.5: NEW Comprehensive Data Protection for VMware and Hyper-V Systems

– Reduce Cost and Management of Multiple Products - complete data protection for physical and virtual server environments from a single console

– Reduce Complexity – automatically discover and backup of unlimited guest machines to disk or tape with a single agent

– Reduce Recovery Time - granular file-level and image-level recovery with a single backup

Exchange 2007

VMware ESX Server or Microsoft Hyper-V

Backup Exec 12.5 Media Server

24

25


Efficient Backup of VMware and Hyper-V

Virtual Server Environments

Efficient Backup of VMware and Hyper-V

Virtual Server Environments

Comprehensive BackupComprehensive Backup


26


26

Easily restore an entire guest machine…

Easily restore an entire guest machine…

Fast RecoveryFast Recovery

Backup Exec 12.5 & Backup Exec System Recovery 8.5

27


27

…and granular files or folders from a single image-level backup

…and granular files or folders from a single image-level backup

Fast RecoveryFast Recovery



Backup Exec System Recovery 8.5: NEW Immediate System Recovery to Virtual Servers

– Dramatically Reduce System Downtime - Scheduled physical to virtual conversions enable immediate system recovery

– Reduce Management Time and Set-up - Easy-to-use, virtual conversion wizard

– Supports the Latest Virtual Environments - VMware ESX 3.5, Microsoft Hyper-V, and Citrix XenServer 4.x

VMware ESX ServerVMware ESX Server

Microsoft Hyper-VMicrosoft Hyper-V

Physical System with Backup Exec

System Recovery 8.5

Physical System with Backup Exec

System Recovery 8.5

Citrix XenServer 4.xCitrix XenServer 4.x

28


Backup Exec Family: NEW Market Leading Windows Data and System Protection

Microsoft Windows Server 2008Windows Small Business Server 2008

Windows Essential Business Server 2008Microsoft Hyper-VSQL Server 2008

Microsoft Windows Server 2008Windows Small Business Server 2008

Windows Essential Business Server 2008Microsoft Hyper-VSQL Server 2008

First to Market Protection for the Complete Microsoft Windows Server 2008 Portfolio

First to Market Protection for the Complete Microsoft Windows Server 2008 Portfolio

Complete Windows recovery from data corruption, human error or IT disasters in minutes!

Complete Windows recovery from data corruption, human error or IT disasters in minutes!

29

3030

Pricing

3131

Backup Exec 12.5 Pricing

Core Products MSRP Licensed

Backup Exec for Windows Servers

Also supports Windows Essential Business Server 2008

Includes: Continuous Protection Server, Advanced Open File and Intelligent Disaster Recovery Functionality

$995Per Media

Server

Backup Exec for Windows

Small Business Servers Standard

*Supports all Backup Exec Agents and Options except Central Administration Server Option (CASO) & Shared Storage Option (SSO)

$595Per SBS Standard

Server

Backup Exec for Windows

Small Business Servers Premium

*Supports all Backup Exec Agents and Options except Central Administration Server Option (CASO) & Shared Storage Option (SSO)

**Includes an additional Agent for Windows Systems

$795Per SBS Premium Server


3232

Database & Groupware Agents Pricing

Agents MSRP Licensed

Agent for Microsoft Exchange $995 Per Exchange Server

Agent for Microsoft SQL $995 Per SQL Server

Agent for Microsoft SharePoint Server $995 Per SharePoint Server

Agent for DB2 on Windows Servers $995 Per DB2 Server

Agent for Oracle Windows and Linux Servers $995 Per Oracle Server

Agent for Lotus Domino Server $995 Per Lotus Domino Server

Agent for Oracle RAC $3195 Per Oracle RAC Server

Agent for SAP Applications $3195 Per SAP Server

Agent for Enterprise Vault$1595

Per Enterprise Vault Server


3333

Backup Exec System Recovery 8.5

Backup Exec System Recovery 8.5MSRPUSD

Licensed

Backup Exec System Recovery Server Edition $1,095 Per Server

Backup Exec System Recovery Small Business Server Edition (includes Granular Restore Option)

$695 Per Server

Backup Exec System Recovery Desktop Edition $69Per

Workstation

Backup Exec System Recovery Manager $1,495 Centralized

Backup Exec System Recovery Granular Restore Option $995 Per Server

Backup Exec System Recovery Starter Kit(Includes 5 Server Edition licenses, 1 Manager, and 1 Granular Restore Option – saving of 25% !!)

$5,995Per

Description


34

• For customers who require 24x7x365 access to technical experts

• FREE Product Upgrades

• Faster response times than Basic Maintenance

• Most purchased offering

• 23% of MSRP

• Recommended minimum for Symantec products:

- Many jobs run in the middle of the night

- Hackers don’t keep business hours

Essential Support

• Support during business hours

• Includes FREE Product Upgrades

• Lowest price option

• 18% of MSRP

Basic Maintenance

Increase Revenue and Customer Success with the Right Support Plan

Attach Support to Every Backup Exec Sale


Thank You!

Copyright © 2007 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

prueba de presentacion

Education

worms antivirus

worms spyware

spyware spyware

key ingredients

rootkits worms

rootkits viruses

symantec multitier protection

leading av engines worms