MOP Technical Presentation.Ppt

Sales training presentation

**Panda Managed Office Protection

Switch from Antivirus to Security as a Service

Technical presentation

**

*Security ConcernsWhat is Panda Managed Office Protection?How Does it Work?Competitive AnalysisHow to SellSales PolicyBusiness Opportunity for PartnersFrequently Asked QuestionsSales Kit

Table of Contents

*

*Security ConcernsPanda Managed Office Protection

*

*Security Concerns

TIME: Traditional antivirus require too much time and effort from SMBsCOSTS: Additional hardware and software infrastructure needed. Tight IT budgetCOMPLEXITY: Complicated management requires dedicated and skilled personnel not focused on core business

*Antivirus products require too much time and effort for small and medium sized companies. Once they buy the antivirus, they have to invest time and effort in:Additional hardware such as servers to host a centralized console with the attached services and databases. Additional supporting software licenses such as database software to run protections reports or configuration.Complicated security management requires dedicated and skilled personnel - not focused on the core business- to manage and control protection.Many SMBs do not want these hassles because all these tasks distract them from their core business.

*Complexity and cost in managing desktop antivirusSecurity Concerns

*

*Security Concerns

*SMBs understand full well that they are subject to the same risks and regulations as large organizations. The increasing number of threats makes their protection needs more complex:There are more threats than ever (PandaLabs received more malware last year than in the previous 16 years combined) Malware is silent and more difficult to combat as long as it remains hidden, causing identity theft, financial and productivity losses and other malicious action.

This malware landscape that organizations have to face requires a full set of maximized malware detection capabilities.

When the SMBs implement a security solution, they have to choose one that provides adequate protection and that adapts to their specific needs. In many cases, their limited resources are not enough to obtain the security levels they require.

Small and mid-sized businesses usually lack skilled resources for protecting and managing the security of their networks. They tend to invest all possible resources in their core business activities and this prevents them from assigning an adequate part of their budget to IT security. Most of them invest just enough to get by. They also need a continued monitoring system in order to reduce risk.

Remote and branch offices are often widely distributed and therefore need to be managed remotely from a centralized point. They also need to simplify security management as much as possible and have a continued monitoring service with reduced bandwidth consumption.

Home Offices have nobody in charge of security management and they have no budget for security management.

*What is Panda Managed Office Protection?Panda Managed Office Protection

*

*What is Panda Managed Office Protection?

*SMBs, Remote Offices and Home Offices can use 3 different security models:

Traditional ModelInfrastructure hosted in-house with their own hardware. Their own personnel in charge of management and monitoring network security. In order to have an adequate security level, this model requires well-trained and security-skilled personnel who have sound knowledge of the product and apply the right policies. This is the model used with Panda Security for Business or Panda Security with Enterprise.

Hosted Security ModelThe best alternative that small and mid-sized businesses have starts with hosting their security solutions on an external hardware infrastructure, lowering the operating costs and the total cost of ownership. Hardware and maintenance represent a significant cost and effort for small and mid-sized companies. Although the hardware infrastructure is hosted at a security vendor, the management and monitoring is performed by their own personnel. It still requires well-trained and security-skilled personnel with good knowledge of the product. This could be an adequate model for large organizations with a large number of remote offices.

SaaS ModelThe concept SaaS (Security as a Service) is starting to spread across the IT sector.Hosting security solutions on external infrastructures can also be complemented with the possibility of outsourcing services. This option would let small and medium businesses leave their security in expert hands, allowing them to focus on their core business. The concept of complementing hosted services and outsourced services is known as SaaS (Security as a Service). Organizations would only subscribe to a service and their security protection will be installed and remotely monitored by experts.Outsourcing the security management is a confirmed trend for SMBs: Today, almost 50% of all SMBs that benefit from SaaS are using it for Security.

*Panda Managed Office Protection is a web-based subscription service that removes the cost and management overheads of hardware, personnel and other resources dedicated to antivirus for SMBsWhat is Panda Managed Office Protection?Subscribe to Security as a Service for your organization.

*Panda Managed Office Protection is a web-based subscription service that removes the cost and management overheads of hardware, personnel and other resources dedicated to antivirus for SMBs.

Panda Managed Office Protection is a hosted service that offers Security as a Service for SMBs through a management portal. It is a hosted solution because its hardware infrastructure is based at Panda so there is no need to any of our clients to make investments in this area. Administrators only need a browser to access the console. It offers Security as a Service because it enables SMBs to delegate, if desired, their security management to specialized Service Providers.

Panda Managed Office Protection offers proactive protection with an heuristic engine that will have the capacity to detect known and unknown malware. It can also detect hidden malware.

Panda Managed Office Protection is complemented with periodic security audits. It benefits from Collective Intelligence Technologies by automatically updating its signature file with the latest available provided by the Collective Intelligence Platform

*What is Panda Managed Office Protection?Complete protection for SMBs and remote offices AntimalwareFirewallHIPSProactive ProtectionIn-depth Malware AuditWeb ConsoleInternet*

*Panda Managed Office Protection protects desktops, laptops (mobile users) and file servers, regardless of whether they are in the LAN or in remote branch offices. Panda Managed Office Protection includes anti-malware protection (known malware) and proactive protection (unknown malware), managed personal firewall (HIPS) and in-depth malware audits to be run periodically (Malware Radar).

These protections can be easily monitored from a centralized Web-managed console that will allow administrators to apply any kind of security policies and to get all necessary information about the detection activity of the network.

Unmatched Security Data Processing

Daily Intelligence at Panda Research

4 MILLION PCs Monitored 9 MILLIONUnique Samples Processed 96 MILLION Processes Monitored 340 MILLION Malware CorrelationsDedicated Research & Development team at PandaLabs monitors thousands of malware sites gathering 8 Terabytes of information94.4% of all malware detected in 2007 was managed by Collective Intelligence automaticallyIt is a matter of survival for AV vendors, who increasingly are looking for ways to reinvent themselves as their product struggle to thwart new type of infections. Cloud-based, collective intelligence services are the next big thing for anti-malware. I expect that every AV vendor will need to embrace an approach like this if they expect to survive Yankee GroupCollective Intelligence*

(NOTE: NUMBERS TO BE INCLUDED)

The daily activities of Panda Security generate a huge amount of data and intelligence on the security landscape. That unmatched security intelligence is the raw material that drives all our solution offerings. Only Panda Security has the people and processes to leverage this knowledge and intelligence to make a difference to our customers.

The Collective Intelligence is a security platform which offers proactive and real-time protection to users. It leverages collective knowledge and automates the analysis, correlation, classification and signature generation processes exponentially increasing the malware that it can detect every day.

This technology speeds up Panda Securitys response against any type of threats, maximizing malware detection capacity and minimizing resource usage on IT systems (all the work is done up in the cloud, in our datacenters instead of on our customers computers).

How does Collective Intelligence work?

1. Gathering of Community knowledge to proactively protect othersThe Collective Intelligence platform correlates the first malware detections and their evolution over time on the different affected computers. As soon as a malicious process is detected on a users PC by the Collective Intelligence, the rest of the users worlwide will automatically benefit in real time from that specific detection. This allows the detection of infections at initial stages or targeted attacks that only affect a few users.

2. Automated and enhanced malware collection, classification and remediationThe Collective Intelligence automates the analysis, correlation, classification and signature generation processes. This solves the problem of anti-malware laboratories being overloaded by the thousands of new samples they get every day, as the entire process is mostly manual and can take from minutes to even days or weeks.The process is no longer limited by the memory or CPU resources in the users PC, desktop or server machine. Therefore, many of the more resource-intensive proactive techniques which provide much higher detection rates can now be used massively for the benefit of the users without even touching valuable customers CPU and memory resources.With this approach, the majority of new samples can be analyzed and classified automatically in a matter of minutes. The Collective Intelligence servers are managed by PandaLabs, and therefore samples that cannot be classified automatically are ultimately looked at by an analyst at the lab.

3. Gaining knowledge on techniques to improve existing technologiesMalware detections correlation provides information about the latest techniques of malware infection and malware distribution. This information allows us to improve existing technologies and to develop new ones in order to detect more malware.

4. Developing new generation of security services from the cloudUsing Malware Radar, organizations can benefit from the new technologies and the highly increased detection rate that Collective Intelligence provides. Thus, it complements and maximizes installed traditional security software, regardless of whether it is Pandas or not.

Whaare the analysts saying?It's a matter of survival for AV vendors, which increasingly are looking for ways to reinvent themselves as their products struggle to thwart new types of infections. Cloud-based, collective intelligence services are the next big thing for anti-malware. I expect that every AV vendor will need to embrace an approach like this if they expect to survive[i]. Andrew Jaquith, Yankee Group analyst
[i] Herd Intelligence Will Reshape the Anti-Malware Landscape. Yankee. Andrew Jaquith. December 2007http://www.yankeegroup.com/ResearchDocument.do?docId=16150

Minimizes Operating Costs Eliminates ComplexityReduces Productivity LossImproves Risk ManagementEnsures Business ContinuityPrevents Identity Theft Helps Enforce Regulatory ComplianceBenefits for Clients

Minimizes operating costs. No additional infrastructure investment required as it is a hosted service with a Web console. Moreover, it lets you delegate your IT security management to specialized service providers avoiding additional maintenance personnel.

Eliminates complexity. The Web console allows administrators to easily deploy, manage and monitor protection even for remote branch offices, avoiding the need for additional maintenance personnel.

Reduces productivity loss. It detects malware that causes resource consumption or interrupts employees work. Automated and unattended updates and upgrades allow administrators to focus on other priorities. Workstations will upgrade or update their protection by connecting P2P to their nearest desktop in order to minimize bandwidth consumption.

Improves risk management. The web console provides real-time information and reports about the detection activity in the entire network including remote branch offices. In addition, it allows periodic malware audits with full network status reports.

Ensures business continuity. As a hosted service, it provides high availability, 24x7 support and is always running and using the latest versions of technologies and signature files.

Prevents identity theft. Thanks to Collective Intelligence technologies it identifies hidden malware, that can remove sensitive information from your organization.

Helps enforce Regilatory compliance with SOX, PCI, HIPPA and other regulations by providing periodic security audits of you network.

*How Does it Work?Panda Managed Office Protection

*

*How Does it Work?

Customer 1Office 1Office 2AdministratorPanda Managed Office Protection GNOC

* Panda Managed Office Protection architecture offers control of the protection anytime, anywhere. Regardless of where administrators are located, he only need a browser to manage protection, even in remote branch offices or mobile users which are not LAN connected.

This slide shows how Panda Managed Office Protection can be deployed to the whole network and also how the upgrades and updated are performed.

Log on to the web console and deploy the protection to all your endpoints. You have two different options to do so:Option 1: Sending an email to your end-users. Each user should click on the link to install the protection. The protection agent will be installed in each workstation. Option 2: Pushing installation to all endpoints avoiding user intervention. Panda Managed Office Protection provides a Distribution Tool to select the computers (by computer name, domain, IP address and IP range) and deploy the agent transparently.

From this moment on, users will receive automatic updates and upgrades directly from Panda and the administrator will be able to monitor the status of their network and apply the required security policies.

Workstations will update or upgrade their protection by connecting P2P to the nearest computer minimizing bandwidth consumption. This way, all workstations in the same network can share the latest update or upgrade. Each workstation will firstly search for the update package inside its LAN. If the update package is not in the LAN, then it will get it from Panda through the Internet. This functionality keeps workstations from overusing bandwidth by avoiding Internet connections every time they need to get updated.

Panda Managed Office Protection

Features and Functionalities*

*FeaturesProactive Protection against Unknown Malware

Files, Email, Internet Browsing and Instant Messaging Protection

Managed Personal Firewall and HIPS

In-depth Malware Audits

Web Administration Console

*Antimalware proactive protection for desktops and servers against known and unknown (heuristic) threats or even hidden threats with a low resource consumption.

Files, Email, Internet browsing and Instant Messaging protection. Panda Managed Office Protection protects all entrance points that malware can have such as email (SMTP, POP3, MAPI, NNTP protocols), Internet browsing (protection for downloads and blocking access to phishing websites or others that have malware) and Instant Messaging (such as MSN messenger, Windows Live Messenger, Yahoo! Messenger, AOL Instant Messenger)

Managed personal firewall and HIPS (Host Intrusion Prevention System). Firewalls can be centrally managed through the web console or locally managed from endpoints through a local console in case the administrator delegates this to the users. The firewall offers:Application filtering rules creation for applications, internet or any other networkNetwork access filtering rules creation indicating urls, ports and protocols that each computer can use through IP connections.Intrusion Prevention System detection and blocking of possible intrusion attacks.Network viruses prevention detection and blocking of network viruses and exploits attempting to use techniques of buffer overflowZone based configuration different configurations depending on the computer location.

In-depth Malware Audits service to periodically assess the status of the whole network. This service also enables to automate the disinfection routines through the whole network

Web administration console. Administrators only need a browser to centrally manage the antivirus and firewall protections of all workstations, including those from remote offices that are not connected to the LAN.

*FeaturesWeb Administration Console (Status)

*

Firstly, the main dashboard or status window. This is first window the administrator reaches when opening the console. The web console main dashboard offers information about the detection activity in real time, by type of malware and by source, as well as the licenses usage status.

As we can see at the bottom right of this slide we can see that we will have the choice of connecting directly to the Malware Radar web page in order to perform in-depth audits of our network

*Features Web Administration Console

*By clicking on the Malware Radar logo we will have direct acces to the Malware Radar web page in order to perform in-depth audits. We will have subscription to Malware Radar for the same time as we have licenses for Panda Managed Office Protection

*FeaturesWeb Administration Console (Monitoring)

*

The monitoring window. Here the administrator has the possibility of monitoring all detections, the list of the infected workstations, the type of infection, date and the action (deleted, sent to quarantine, etc.). By putting the mouse on top of the name of the computer we will see all detection details of that particular station. By clicking on the left side, we can get more details about the detected malware.

*FeaturesWeb Administration Console (Protection)

*

The next screenshot shows the protections that each one of the stations have installed. Also, by clicking on the PC name, administrators will see all the details of the protections of the specific station

*FeaturesWeb Administration Console (Install Protection)

*

The next one shows how the administrator can set security policies. Create protection profiles and deploy protection to more computers. Installation can be performed in three different ways.1.- It can be performed by applying the installation package, manually or through different esternal distribution systems sch as Active Directory, SMS or Tivoli. In order to do this administrator will be able to deploy tha installation package in MSI format.Administrators will be able to download the administration program in order to push the installation to the selected stations with no user intervention.


*

They also have the option of sending an e-mail to the users that need to be protected that includes a link. The user will install its protection by clicking the link.

*Features Web Administration Console (Install Protection)

*

They also have the option of sending an e-mail to the users that need to be protected that includes a link. The user will install its protection by clicking the link.


*This slide shows the distribution tool from which administrators will be able to push installation remotelyto all selected stations of the network with no user intervention.

*FeaturesWeb Administration Console (Profile)

*In order to aply security policies we will need to determine different security profiles that can be assigned to selected users or group of users


* For each profile we would need to determine general aspects such as Antivirus or firewall protection , automatic updates, sending suspicious files to PandaLabs for analysis, on-demand analysis planification, alert management, local user visualization of protection etc.


* Here administrators will be able to apply rules for the internet connection, connection to the server or estabish alternative paths for items restores rom quarantine.


*Administrators will also be able to program local warnings or by e-mail


*For each profile, administrators will be able to configure aspects related to the antivirus protection, applying them to each one of the protection levels:FilesMail and messagingInternet useThe heuristic engine

*FeaturesWeb Administration Console (Firewall)

*For each profile, administrators will be able to configure aspects related to the firewall protection. In this section administrators must determine if the firewall policies will be managed centrally or locally by the user of the workstation. In the case that firewall is centrally managed by administrator, it must be determined if the profile that will be configured applies to workstations that are inside or outside the corporate network. In the second case, rules to be applied should be more strict.


*Also, Panda Managed Office Protection offers a set of rules that are configured by default. Administrators will have the option of inhabilitating these set of rules.


*These are the rules that are selected by default. Worm detection is contuniously managed and actualized by Panda

*FeaturesWeb Administration Console

*Administrators will also be able to create new users with adminisrator privileges. In this section the original administrator will need to determine the user and pasword of the new user and also all necessary administration or monitoring privileges such as which groups will be able to manage.


*Lastly, specific firewall rules may be configured in order to be applied to the corporate network

*FeaturesWeb Administration Console (Groups)

*Once we have applied protection profile policies we will need to assign hem to the stations that need to be protected. In order to do this we need to create groups of users so that we can have different profiles for different groups.We select in the left menu the group option and we create a group of users assigning a security profile to each of the groups. Profiles can be reviewed in the bottom of the right.


*

The next one is where the administrator can manage the Quarantine. A list of all suspicious files. This functionality allows administrators to take different actions in order to treat suspicious files: Send to Panda (for a closer analysis)RestoreDelete


*

Finally, the reporting window, where administrators can select the types of reports to be shown (status or detection reports). These reports can be summarized or detailed and can be exported to different formats such as text files, XML, excel or HTML


*This slide will show the main screen shots of the wed console.


Secondly, the monitoring window. Here the administrator has the possibility of monitoring all detections, the list of the infected workstations, the type of infection, date and the action (deleted, sent to quarantine, etc.). By clicking here, we can get more details about the detected malware.

The next screen shot shows the protections that each one of the stations have installed. Also, by clicking on the PC name, administrators will see all the details of the protections of the specific station

The next one shows how the administrator can set security policies. Create protection profiles and deploy protection to more computers.



















*FunctionalitiesP2P Updates / UpgradesProfile Based ProtectionDelegated Administration ManagementFlexible InstallationDaily Status Reports in your e-mail Automatic and on-demand Upgrades / Updates

*P2P Updates / Upgrades. Workstations that do not have internet connection will update or upgrade their protection from the nearest desktop through P2P connections minimizing the bandwidth consumption.

Profile Based Protection. This feature allows administrators to assign different policies or protection profiles to different users or groups according to the organizations needs.

Delegated Administration Management. This enables the administrator to split administration tasks between other privileged users, assigning the computers to which they can access and which tasks they can do.

Flexible installation. Administrators have different options for deploying the protection, either with or without users intervention. To avoid users intervention there is a Distribution Tool that allows protection to be deployed transparently to selected endpoints, selecting them by name, IP, IP range, etc

Daily Status Reports in your e-mail. End users may receive daily reports to their e-mail box through html. Reports can be configured offering information about malware detected, eliminated or localized in quarantine as well as the status of update processes. In addition, reports can be exported to text files, XML, HTML or Excel formats.

Automatic and on demand upgrades/updates against zero-day attacks. Updates frequency can be configured from the centralized web console.

*Uninstallers available* Coming soon

McAfee VirusScan Enterprise 8.5iMcAfee VirusScan Enterprise 8.0iMcAfee Internet Security Suite 2007McAfee Total Protection 2008

F-Secure Protection Service for BusinessF-Secure Antivirus 5.52 Antivirus 2004 (Home Edition)F-Secure Antivirus Client Security 7.X

Kaspersky Work Space SecurityKaspersky Business Space SecurityKaspersky Anti-Virus 7.0

Microsoft Live OneCare

Sophos Anti-virus SBE 2.5Sophos Security SuiteNorton Internet Security (Home, Home/Office, Enterprise and SMB Edition)Symantec EndPoint Protection 11Symantec Antivirus 10.3 (all editions)Symantec Antivirus 10.1 (all editions)

Trend Micro Client Server Security for SMB Trend Micro (PC-cillin) Internet Security 2008*

Panda WebAdmin (all versions)Panda Antivirus 2008Panda Antivirus + Firewall 2008Panda Internet Security 2008Panda for Desktops 4.xPanda for File Servers 4.x

Avast*AVG*

Antivirus Automatically Uninstalled by Panda

*During the installation process, Panda Managed Office Protection will automatically detect and uninstall the following solutions from our competitors, without the user intervention.

When the agent from Panda Managed Office Protection detects the agent from Business or Enterprise protection, it will automatically uninstall the Business or Enterprise protection but will keep the communication agent, so that AdminSecure can detect the new protection but not manage it. This situation could happen when migrating from Panda Security for Business to Manage Office Protection. It also could happen if the client wants to keep AdminSecure for the Domino, Exchange, ISA, etc. but wants to delegate the workstations and file servers protection.

*Competitive AnalysisPanda Managed Office Protection

*

Competitive Analysis

*

Panda SecurityMcAfeeF-SecureTrend MicroPersonal and managed firewall (HIPS)Behavioral proactive heuristic detectionE-mail protectionInternet browsing protectionDelegated Administration managementP2P upgrades and updatesOn-demand local updateOn-demand remote upgrades by group Local console for end userMalware Audit Service

Panda vs McAfee Total Protection for Small Business

McAfees main weakness: lacks some basic protections such as proactive detection, protection for e-mail traffic or for instant messaging traffic. It also lacks the possibility to create user profiles based on management privileges or the possibility to perform on demand remote upgrades by groups. Pandas advantage: offers proactive detection and all necessary protection for securing small business

Panda vs F-Secure Protection Service for Business F-Secure main weakness: lacks functionalities for end user management such as local console or on demand local updatesPandas advantage offers more complete protection and is that it also brings options for local management

Panda vs Trend Micro Client Server Security for SMB + Worry-free management console Trend Micros main weaknes is that its protection needs an installation in house in order to manage protections remotely. This necessary in-house infrastructure makes this solution an indirect competitor (not a direct competitor)Pandas advantage is the solution can be deployed and managedremotely

*Frequently Asked QuestionsPanda Managed Office Protection

*

*Frequently Asked QuestionsHow can Panda Managed Office Protection help SMBs be protected?Panda Managed Office Protection is a solution for small and medium business that removes the cost and management overheads of hardware, personnel and other resources dedicated to antivirus while achieving high level security for PCs, laptops, servers.

What protections does Panda Managed Office Protection include?Panda Managed Office Protection includes protection against virus, worms, trojans, spyware, hacking tools, unproductive applications, phising, hoax, rootkits. Its proactive engine allows small and medium companies to be protected against known and unknown threats. Even hidden threats. In addition it provides the possibility to perform In-depth audits.

How does Panda Managed Office Protection differ from traditional antivirus protection?Panda Managed Office Protection is a web based security solution that can be installed and managed from anywhere. This characteristic opens the possibility to SMBs to subscribe to a security service that can be easily brought by service providers.

*

*Frequently Asked QuestionsHow does Panda Managed Office Protection benefit from Collective Intelligence?The signature file is automatically updated using the latest signature file that the Collective Intelligence provides. The Collective Intelligence is a security platform which offers proactive and real-time protection to users. It leverages collective knowledge and automates the analysis, correlation, classification and signature generation processes exponentially increasing the malware that it can detect every day.

How is Panda Managed Office Protection deployed?Panda Managed Office Protection can be deployed in two different ways. The first way is by sending an e-mail to the end user which includes a link that will install the protection agent. The second way does not require of any user intervention. The administrator can push the installation to the selected workstations and the protection agent will be installed transparently. Administrators will be able to choose the workstations that need to be protected by name, IP address or by domain

*

*Frequently Asked QuestionsHow does Panda Managed Office Protection reduce bandwidth consumption?Panda Managed Office Protection reduces bandwidth consumption by avoiding to have a large number of workstations looking for updates at the Internet. Workstations will share the last protections with other workstations throughout the network. This means that any time one workstation needs to get updated, it will first look at other workstations of the same network for the last update before looking at the Internet.

What types of report show Panda Managed Office Protection?Panda Managed Office Protection offers the possibility to configure high and low level reports of the detection activity of the network. High level reports will show general activity while low level report will also show the detection activity that has taken place in specific workstations. It also brings the possibility to automatically send daily reports to the end user e-mail box.

*

*Frequently Asked QuestionsWhy is it that users cannot manage their antimalware protection locally?The philosophy of Panda Managed Office Protection is to bring a transparent protection for end users so that they do not need to worry about security issues. Panda Managed Office Protection offers all necessary management privileges to network administrators or service providers in order to smoothly deliver its security including the option of distributing protection with no need of user intervention.

What are the main differences between WebAdmin and Panda Managed Office Protection?Panda Managed Office Protection has a Service Provider Console (integrated with an enhanced Web Console with single-sign on), managed firewall protection, Corporate Quarantine, stronger proactive protection (heuristic) and include in-depth audits.

*

*Frequently Asked QuestionsHow can I move from Webadmin to Panda Managed Office Protection?If you are a Webadmin client that subscribe to Panda Managed Office Protection service for one year, we will add to that year the remaining period that you still have from WebadminIf you are a Webadmin client that subscribe to Panda Managed Office Protection service for two years, we will add to those two years the remaining period that you still have from Webadmin and we will give you one extra year of service.

*

Technical Rquirements

Panda Managed Office Protection Management Console

Internet Connection.Applications: Internet Explorer 6.0 or higher (Internet Explorer 6 System Requirements at http://www.microsoft.com/windows/ie/ie6/evaluation/sysreqs/default.mspx).Firefox 2.0 (Firefox System Requirements at http://www.mozilla.com/en-US/firefox/system-requirements.html ).Platforms: Microsoft y Linux.

Panda Managed Office Protection: Distribution Tool

Pentium II 266 MHz (or higher). 64 MB RAM. Hard Disk: 20 MBOperating systems: Windows 2000 Professional. Windows XP (32 y 64 bits). Windows Vista (32 y 64 bits). Windows 2000 Server. Windows Server 2003 (32 y 64 bits). Windows Server 2008 (32 y 64 bits).Applications: Windows Installer 2.0

Panda Managed Office Protection for Windows WorkStations

Pentium 300 MHz (or higher). 256 MB RAM. Hard Disk: 130 MBOperating systems: Windows 2000 Professional. Windows XP (32 y 64 bits). Windows Vista (32 y 64 bits).At least, one WorkStation or Server of the network has to have Internet Connection

Panda Managed Office Protection for Windows Servers

Pentium 300 MHz (or higher). 256 MB RAM. Hard Disk: 130 MBOperating systems: Windows 2000 Server. Windows Server 2003 (32 y 64 bits). Windows Server 2008 (32 y 64 bits)At least, one WorkStation or Server of the network has to have Internet Connection

Revision 1.01 2008

*

**

*

*

*Antivirus products require too much time and effort for small and medium sized companies. Once they buy the antivirus, they have to invest time and effort in:Additional hardware such as servers to host a centralized console with the attached services and databases. Additional supporting software licenses such as database software to run protections reports or configuration.Complicated security management requires dedicated and skilled personnel - not focused on the core business- to manage and control protection.Many SMBs do not want these hassles because all these tasks distract them from their core business.

*

*SMBs understand full well that they are subject to the same risks and regulations as large organizations. The increasing number of threats makes their protection needs more complex:There are more threats than ever (PandaLabs received more malware last year than in the previous 16 years combined) Malware is silent and more difficult to combat as long as it remains hidden, causing identity theft, financial and productivity losses and other malicious action.

This malware landscape that organizations have to face requires a full set of maximized malware detection capabilities.

When the SMBs implement a security solution, they have to choose one that provides adequate protection and that adapts to their specific needs. In many cases, their limited resources are not enough to obtain the security levels they require.

Small and mid-sized businesses usually lack skilled resources for protecting and managing the security of their networks. They tend to invest all possible resources in their core business activities and this prevents them from assigning an adequate part of their budget to IT security. Most of them invest just enough to get by. They also need a continued monitoring system in order to reduce risk.

Remote and branch offices are often widely distributed and therefore need to be managed remotely from a centralized point. They also need to simplify security management as much as possible and have a continued monitoring service with reduced bandwidth consumption.

Home Offices have nobody in charge of security management and they have no budget for security management.

*

*SMBs, Remote Offices and Home Offices can use 3 different security models:

Traditional ModelInfrastructure hosted in-house with their own hardware. Their own personnel in charge of management and monitoring network security. In order to have an adequate security level, this model requires well-trained and security-skilled personnel who have sound knowledge of the product and apply the right policies. This is the model used with Panda Security for Business or Panda Security with Enterprise.

Hosted Security ModelThe best alternative that small and mid-sized businesses have starts with hosting their security solutions on an external hardware infrastructure, lowering the operating costs and the total cost of ownership. Hardware and maintenance represent a significant cost and effort for small and mid-sized companies. Although the hardware infrastructure is hosted at a security vendor, the management and monitoring is performed by their own personnel. It still requires well-trained and security-skilled personnel with good knowledge of the product. This could be an adequate model for large organizations with a large number of remote offices.

SaaS ModelThe concept SaaS (Security as a Service) is starting to spread across the IT sector.Hosting security solutions on external infrastructures can also be complemented with the possibility of outsourcing services. This option would let small and medium businesses leave their security in expert hands, allowing them to focus on their core business. The concept of complementing hosted services and outsourced services is known as SaaS (Security as a Service). Organizations would only subscribe to a service and their security protection will be installed and remotely monitored by experts.Outsourcing the security management is a confirmed trend for SMBs: Today, almost 50% of all SMBs that benefit from SaaS are using it for Security.

*Panda Managed Office Protection is a web-based subscription service that removes the cost and management overheads of hardware, personnel and other resources dedicated to antivirus for SMBs.

Panda Managed Office Protection is a hosted service that offers Security as a Service for SMBs through a management portal. It is a hosted solution because its hardware infrastructure is based at Panda so there is no need to any of our clients to make investments in this area. Administrators only need a browser to access the console. It offers Security as a Service because it enables SMBs to delegate, if desired, their security management to specialized Service Providers.

Panda Managed Office Protection offers proactive protection with an heuristic engine that will have the capacity to detect known and unknown malware. It can also detect hidden malware.

Panda Managed Office Protection is complemented with periodic security audits. It benefits from Collective Intelligence Technologies by automatically updating its signature file with the latest available provided by the Collective Intelligence Platform*Panda Managed Office Protection protects desktops, laptops (mobile users) and file servers, regardless of whether they are in the LAN or in remote branch offices. Panda Managed Office Protection includes anti-malware protection (known malware) and proactive protection (unknown malware), managed personal firewall (HIPS) and in-depth malware audits to be run periodically (Malware Radar).

These protections can be easily monitored from a centralized Web-managed console that will allow administrators to apply any kind of security policies and to get all necessary information about the detection activity of the network.(NOTE: NUMBERS TO BE INCLUDED)

The daily activities of Panda Security generate a huge amount of data and intelligence on the security landscape. That unmatched security intelligence is the raw material that drives all our solution offerings. Only Panda Security has the people and processes to leverage this knowledge and intelligence to make a difference to our customers.

The Collective Intelligence is a security platform which offers proactive and real-time protection to users. It leverages collective knowledge and automates the analysis, correlation, classification and signature generation processes exponentially increasing the malware that it can detect every day.

This technology speeds up Panda Securitys response against any type of threats, maximizing malware detection capacity and minimizing resource usage on IT systems (all the work is done up in the cloud, in our datacenters instead of on our customers computers).

How does Collective Intelligence work?

1. Gathering of Community knowledge to proactively protect othersThe Collective Intelligence platform correlates the first malware detections and their evolution over time on the different affected computers. As soon as a malicious process is detected on a users PC by the Collective Intelligence, the rest of the users worlwide will automatically benefit in real time from that specific detection. This allows the detection of infections at initial stages or targeted attacks that only affect a few users.

2. Automated and enhanced malware collection, classification and remediationThe Collective Intelligence automates the analysis, correlation, classification and signature generation processes. This solves the problem of anti-malware laboratories being overloaded by the thousands of new samples they get every day, as the entire process is mostly manual and can take from minutes to even days or weeks.The process is no longer limited by the memory or CPU resources in the users PC, desktop or server machine. Therefore, many of the more resource-intensive proactive techniques which provide much higher detection rates can now be used massively for the benefit of the users without even touching valuable customers CPU and memory resources.With this approach, the majority of new samples can be analyzed and classified automatically in a matter of minutes. The Collective Intelligence servers are managed by PandaLabs, and therefore samples that cannot be classified automatically are ultimately looked at by an analyst at the lab.

3. Gaining knowledge on techniques to improve existing technologiesMalware detections correlation provides information about the latest techniques of malware infection and malware distribution. This information allows us to improve existing technologies and to develop new ones in order to detect more malware.

4. Developing new generation of security services from the cloudUsing Malware Radar, organizations can benefit from the new technologies and the highly increased detection rate that Collective Intelligence provides. Thus, it complements and maximizes installed traditional security software, regardless of whether it is Pandas or not.

Whaare the analysts saying?It's a matter of survival for AV vendors, which increasingly are looking for ways to reinvent themselves as their products struggle to thwart new types of infections. Cloud-based, collective intelligence services are the next big thing for anti-malware. I expect that every AV vendor will need to embrace an approach like this if they expect to survive[i]. Andrew Jaquith, Yankee Group analyst
[i] Herd Intelligence Will Reshape the Anti-Malware Landscape. Yankee. Andrew Jaquith. December 2007http://www.yankeegroup.com/ResearchDocument.do?docId=16150Minimizes operating costs. No additional infrastructure investment required as it is a hosted service with a Web console. Moreover, it lets you delegate your IT security management to specialized service providers avoiding additional maintenance personnel.

Eliminates complexity. The Web console allows administrators to easily deploy, manage and monitor protection even for remote branch offices, avoiding the need for additional maintenance personnel.

Reduces productivity loss. It detects malware that causes resource consumption or interrupts employees work. Automated and unattended updates and upgrades allow administrators to focus on other priorities. Workstations will upgrade or update their protection by connecting P2P to their nearest desktop in order to minimize bandwidth consumption.

Improves risk management. The web console provides real-time information and reports about the detection activity in the entire network including remote branch offices. In addition, it allows periodic malware audits with full network status reports.

Ensures business continuity. As a hosted service, it provides high availability, 24x7 support and is always running and using the latest versions of technologies and signature files.

Prevents identity theft. Thanks to Collective Intelligence technologies it identifies hidden malware, that can remove sensitive information from your organization.

Helps enforce Regilatory compliance with SOX, PCI, HIPPA and other regulations by providing periodic security audits of you network.

*

* Panda Managed Office Protection architecture offers control of the protection anytime, anywhere. Regardless of where administrators are located, he only need a browser to manage protection, even in remote branch offices or mobile users which are not LAN connected.

This slide shows how Panda Managed Office Protection can be deployed to the whole network and also how the upgrades and updated are performed.

Log on to the web console and deploy the protection to all your endpoints. You have two different options to do so:Option 1: Sending an email to your end-users. Each user should click on the link to install the protection. The protection agent will be installed in each workstation. Option 2: Pushing installation to all endpoints avoiding user intervention. Panda Managed Office Protection provides a Distribution Tool to select the computers (by computer name, domain, IP address and IP range) and deploy the agent transparently.

From this moment on, users will receive automatic updates and upgrades directly from Panda and the administrator will be able to monitor the status of their network and apply the required security policies.

Workstations will update or upgrade their protection by connecting P2P to the nearest computer minimizing bandwidth consumption. This way, all workstations in the same network can share the latest update or upgrade. Each workstation will firstly search for the update package inside its LAN. If the update package is not in the LAN, then it will get it from Panda through the Internet. This functionality keeps workstations from overusing bandwidth by avoiding Internet connections every time they need to get updated.

*Antimalware proactive protection for desktops and servers against known and unknown (heuristic) threats or even hidden threats with a low resource consumption.

Files, Email, Internet browsing and Instant Messaging protection. Panda Managed Office Protection protects all entrance points that malware can have such as email (SMTP, POP3, MAPI, NNTP protocols), Internet browsing (protection for downloads and blocking access to phishing websites or others that have malware) and Instant Messaging (such as MSN messenger, Windows Live Messenger, Yahoo! Messenger, AOL Instant Messenger)

Managed personal firewall and HIPS (Host Intrusion Prevention System). Firewalls can be centrally managed through the web console or locally managed from endpoints through a local console in case the administrator delegates this to the users. The firewall offers:Application filtering rules creation for applications, internet or any other networkNetwork access filtering rules creation indicating urls, ports and protocols that each computer can use through IP connections.Intrusion Prevention System detection and blocking of possible intrusion attacks.Network viruses prevention detection and blocking of network viruses and exploits attempting to use techniques of buffer overflowZone based configuration different configurations depending on the computer location.

In-depth Malware Audits service to periodically assess the status of the whole network. This service also enables to automate the disinfection routines through the whole network

Web administration console. Administrators only need a browser to centrally manage the antivirus and firewall protections of all workstations, including those from remote offices that are not connected to the LAN. *


As we can see at the bottom right of this slide we can see that we will have the choice of connecting directly to the Malware Radar web page in order to perform in-depth audits of our network*By clicking on the Malware Radar logo we will have direct acces to the Malware Radar web page in order to perform in-depth audits. We will have subscription to Malware Radar for the same time as we have licenses for Panda Managed Office Protection*

The monitoring window. Here the administrator has the possibility of monitoring all detections, the list of the infected workstations, the type of infection, date and the action (deleted, sent to quarantine, etc.). By putting the mouse on top of the name of the computer we will see all detection details of that particular station. By clicking on the left side, we can get more details about the detected malware. *

The next screenshot shows the protections that each one of the stations have installed. Also, by clicking on the PC name, administrators will see all the details of the protections of the specific station*

The next one shows how the administrator can set security policies. Create protection profiles and deploy protection to more computers. Installation can be performed in three different ways.1.- It can be performed by applying the installation package, manually or through different esternal distribution systems sch as Active Directory, SMS or Tivoli. In order to do this administrator will be able to deploy tha installation package in MSI format.Administrators will be able to download the administration program in order to push the installation to the selected stations with no user intervention.

*

They also have the option of sending an e-mail to the users that need to be protected that includes a link. The user will install its protection by clicking the link.*

They also have the option of sending an e-mail to the users that need to be protected that includes a link. The user will install its protection by clicking the link.*This slide shows the distribution tool from which administrators will be able to push installation remotelyto all selected stations of the network with no user intervention.*In order to aply security policies we will need to determine different security profiles that can be assigned to selected users or group of users * For each profile we would need to determine general aspects such as Antivirus or firewall protection , automatic updates, sending suspicious files to PandaLabs for analysis, on-demand analysis planification, alert management, local user visualization of protection etc.* Here administrators will be able to apply rules for the internet connection, connection to the server or estabish alternative paths for items restores rom quarantine. *Administrators will also be able to program local warnings or by e-mail*For each profile, administrators will be able to configure aspects related to the antivirus protection, applying them to each one of the protection levels:FilesMail and messagingInternet useThe heuristic engine

*For each profile, administrators will be able to configure aspects related to the firewall protection. In this section administrators must determine if the firewall policies will be managed centrally or locally by the user of the workstation. In the case that firewall is centrally managed by administrator, it must be determined if the profile that will be configured applies to workstations that are inside or outside the corporate network. In the second case, rules to be applied should be more strict.*Also, Panda Managed Office Protection offers a set of rules that are configured by default. Administrators will have the option of inhabilitating these set of rules.*These are the rules that are selected by default. Worm detection is contuniously managed and actualized by Panda *Administrators will also be able to create new users with adminisrator privileges. In this section the original administrator will need to determine the user and pasword of the new user and also all necessary administration or monitoring privileges such as which groups will be able to manage. *Lastly, specific firewall rules may be configured in order to be applied to the corporate network *Once we have applied protection profile policies we will need to assign hem to the stations that need to be protected. In order to do this we need to create groups of users so that we can have different profiles for different groups.We select in the left menu the group option and we create a group of users assigning a security profile to each of the groups. Profiles can be reviewed in the bottom of the right. *


*

Finally, the reporting window, where administrators can select the types of reports to be shown (status or detection reports). These reports can be summarized or detailed and can be exported to different formats such as text files, XML, excel or HTML *This slide will show the main screen shots of the wed console.


















Finally, the reporting window, where administrators can select the types of reports to be shown (status or detection reports). These reports can be summarized or detailed and can be exported to different formats such as text files, XML, excel or HTML *P2P Updates / Upgrades. Workstations that do not have internet connection will update or upgrade their protection from the nearest desktop through P2P connections minimizing the bandwidth consumption.

Profile Based Protection. This feature allows administrators to assign different policies or protection profiles to different users or groups according to the organizations needs.

Delegated Administration Management. This enables the administrator to split administration tasks between other privileged users, assigning the computers to which they can access and which tasks they can do.

Flexible installation. Administrators have different options for deploying the protection, either with or without users intervention. To avoid users intervention there is a Distribution Tool that allows protection to be deployed transparently to selected endpoints, selecting them by name, IP, IP range, etc

Daily Status Reports in your e-mail. End users may receive daily reports to their e-mail box through html. Reports can be configured offering information about malware detected, eliminated or localized in quarantine as well as the status of update processes. In addition, reports can be exported to text files, XML, HTML or Excel formats.

Automatic and on demand upgrades/updates against zero-day attacks. Updates frequency can be configured from the centralized web console.

*During the installation process, Panda Managed Office Protection will automatically detect and uninstall the following solutions from our competitors, without the user intervention.

When the agent from Panda Managed Office Protection detects the agent from Business or Enterprise protection, it will automatically uninstall the Business or Enterprise protection but will keep the communication agent, so that AdminSecure can detect the new protection but not manage it. This situation could happen when migrating from Panda Security for Business to Manage Office Protection. It also could happen if the client wants to keep AdminSecure for the Domino, Exchange, ISA, etc. but wants to delegate the workstations and file servers protection.*

Panda vs McAfee Total Protection for Small Business

McAfees main weakness: lacks some basic protections such as proactive detection, protection for e-mail traffic or for instant messaging traffic. It also lacks the possibility to create user profiles based on management privileges or the possibility to perform on demand remote upgrades by groups. Pandas advantage: offers proactive detection and all necessary protection for securing small business

Panda vs F-Secure Protection Service for Business F-Secure main weakness: lacks functionalities for end user management such as local console or on demand local updatesPandas advantage offers more complete protection and is that it also brings options for local management

Panda vs Trend Micro Client Server Security for SMB + Worry-free management console Trend Micros main weaknes is that its protection needs an installation in house in order to manage protections remotely. This necessary in-house infrastructure makes this solution an indirect competitor (not a direct competitor)Pandas advantage is the solution can be deployed and managedremotely

*

*

*

*

*

*

*

MOP Technical Presentation.Ppt

Business

Transcript of MOP Technical Presentation.Ppt