SR B25 Symantec.cloud Security Solutions: Expert Insights...

1

SR B25 Symantec.cloud Security Solutions: Expert Insights into Email, Web, Endpoint and IM Security Best Practices

Ronald Poserina Director, Systems Engineering

SR B25: Symantec.cloud Security Solutions

SYMANTEC VISION 2012

Session Agenda

SR B25: Symantec.cloud Security Solutions 2

The Challenges of Managing IT 1

Latest Trends from the Threat Landscape 2

The Symantec.cloud Solution 3

Recommendations and Best Practice 4

Q&A 5


The Security Challenges



IT Pressure with Managing Security

• Being asked to do more with less

• Upgrades, Patching & Maintenance of current solutions

• Investing in new technology to address changing business requirements

• Keeping up with the threat landscape

• Demand to support more devices

• Mobile workforce

– Protection that follows the user



Challenges with a Multiple Vendor Approach

• Juggling multiple vendor relationships

• Inability to reduce costs through bundling

• Multiple products to manage

• Differing platforms and technologies to support and learn

• Technical support



The Threat Landscape



Global Intelligence Network Identifies more threats, takes action faster & prevents impact

Information Protection Preemptive Security Alerts Threat Triggered Actions

Global Scope and Scale Worldwide Coverage 24x7 Event Logging

Rapid Detection

Attack Activity • 240,000+ sensors

• 200+ countries and

territories

Malware Intelligence • 135M+ systems monitored

• 11 security response

centers

Vulnerabilities • 50,000+ vulnerabilities

• 15,000+ vendors

• 105,000+ technologies

Spam/Phishing • 5M+ decoy accounts

• 8B+ email messages/day

• 1B+ web requests/day

Austin, TX Mountain View, CA

Culver City, CA

San Francisco, CA

Taipei, Taiwan

Tokyo, Japan

Dublin, Ireland Calgary, Alberta

Chengdu, China

Chennai, India

Pune, India

7 SR B25: Symantec.cloud Security Solutions


Malicious Attacks Are Growing

5.5B Attacks blocked by Symantec +81%

403M Unique Variants of Malware +41%

4,597 Web Attacks per Day +36%

4,989 New Vulnerabilities -20%

8 Zero-Day Vulnerabilities -43%

315 New Mobile Vulnerabilities +93%

75% Spam rate -34%

2011 Statistics from v17 Symantec ISTR



Which Website is More Dangerous?



Most Harmful Websites by Categories



Social Media Changes Everything


SYMANTEC VISION 2012 12

SYMANTEC VISION 2012 13 President’s Forum and WSML 2012


Advanced Targeted Attacks


Your Assumptions are Wrong


Dispelling Assumptions about Targeted Attacks

• 50% are against 2,500 or larger • 17% are targeted at 250 or less

• 70% of targeted are against other sectors

Only Large Organizations

are Targets

Only Gov’t or Defense Sectors

are Targets

• 58% of people targeted are non-execs • Most targeted people are in sales, PR, HR

Only CEO’s or Senior Managers

are Targets


SYMANTEC VISION 2012 SR B25: Symantec.cloud Security Solutions 16

That’s where we come in…


• Procurement

• Deployment

• Testing

• Performance Tuning

• Policy Administration

• Capacity Planning

• High Availability

• Patching

• Upgrades

Management Overhead

Our Goal: Simplify IT & Increase Your Security Posture

Messaging

Web

• Management

• Traffic Shaping

• AV / AS / Content Filtering


• Management



HQ Office Branch Office #1 Branch Office #2…

Messaging

Web





Messaging

Web





IT Admin


Endpoint Security

• Centralized Management Server


Policy Administration

Management Simplified

17


Little or no

software

Easy to deploy/manage

Automatic updates

Easy to scale

Subscription pricing

Integrated solutions

Market leading SLA’s

24 x 7 support

Benefits of Symantec.cloud



Symantec.cloud Security Solutions


IM Security.cloud

Back-up Exec.cloud

Enterprise Vault.cloud

Endpoint Protection.cloud

Email Security.cloud • AntiVirus • AntiSpam • Image Control • Content Control

Web Security.cloud • AntiVirus & AntiSpyware • URL & Content Filtering • Roaming User Protection

Email Encryption.cloud • Boundary Encryption (TLS) • Policy Based Encryption (Push/Pull)

http://bcove.me/c0mlj9iw

http://www.enterprisevault.com/

http://bcove.me/izdwuh6c

http://bcove.me/zc785kt4

http://bcove.me/649ybfcy


Global Infrastructure = Greater Visibility and Protection


• Incorporating 17 data centers spanning four continents • Every data center is scalable and secured to the highest standards

(ISO27001/SAS70II/ISAE 3402) • Clustered high performance servers, each cluster has full redundancy


Identifying more threats, taking action faster & preventing impact


Global Expertise

Billions of email connections and Web requests/week

In-depth Analysis

Zero hour protection

IT Policies and Controls

Converged Threat Protection

Threat intelligence shared across Email, Web, and IM

Relevant

Accurate

Multi-protocol

Skeptic™

Email Security.cloud

Web Security.cloud

Instant Messaging Security.cloud

21


Email Security.cloud AntiVirus & AntiSpam


• Malware “DNA”

• Phishing/Fraud Detection

• Targeted Attack Detection

• Binary Analysis

• Start-up Code Analysis

• Obfuscation/Encryption

• Known Security Vulnerabilities

• Spam Detection Rules

• Image Composition Analysis

• Link Following

Skeptic™ Capabilities

22


Policy Based Encryption.cloud Service for Email

Key Features

• Scans against user policy and automatically encrypts sensitive emails

• Fully hosted service, including management of digital certificates and encryption keys

• Wide range of email delivery mechanisms

• Support for mobile platforms

• Secure reply and compose capabilities

• Read receipts automatically forwarded to email senders

• Can be combined with Symantec.cloud Email Security services



How it Works - Email Delivery

24

Mail Server

Encryption platform

Symantec.cloud Content Control

TLS

Encryption Required?

Encryption Platform

ENCRYPTED S/MIME (via web browser)

Secure Mail Portal

PLAIN TEXT MIME MESSAGE

ENCRYPTED S/MIME MESSAGE

SIGNED NOTIFICATION

Encryption Key Found?

YES

NO

YES

NO



Policy Based Encryption.cloud Recipient Interface

Read the Secure Message



Web Security.cloud

Protect and Control Internet Access



Protecting the Mobile Workforce

• Smart Connect for Web Security.cloud

• Seamlessly logs in users in a variety of network environments

• Ideal for “road-warrior” users and frequent travelers

• Enforces policies and protects users as if they were inside your corporate LAN

• Runs as an agent on the endpoint.


Public Wi-Fi

Hotspots; Pay-for-use portals

Home Offices

Corporate LAN & Regional

Offices

Data center


Instant Messaging Security.cloud

Key Features:

• Protects against viruses transmitted via UC and public IM

• Malicious URL detection

• Intuitive policy building capability including multiple rule stacking

• Logs message transcripts

• Secure directory synchronization

• Dashboard, summary, detailed and scheduled reporting

• Configurable and customizable system notifications



Endpoint Protection.cloud

• Comprehensive protection for your systems (AV, AS , Smart Firewall & IPS)

• Always-on protection for endpoints

• Web-based management console

• Security audit & customizable reporting

• Automatic definition updates and automatic software upgrades



ClientNet: Simple Yet Powerful



ClientNet Management Portal



ClientNet Benefits

• Consolidated view of all of your solutions

• Robust Email Tracing Tools

• Feature rich reporting

• Granular policy creation with directory integration

• Access & Manage your solutions from anywhere

• Ability to create users with differing levels of access

• Technical Support / Documentation / Help



Partner Management

• Management console for partners to manage multiple customers

– Trial Setup

– Reporting

– Configuration

Presentation Identifier Goes Here 33


AntiSpam effectiveness

SLA 99%

Pe

rform

ance

99.99996%

Spam false positive rate

SLA 0.0003%

0.000008%

AntiVirus false positive rate

SLA 0.0001%

0.000003%

Email Service Availability

SLA 100%

100%

Web Service Availability

SLA 100%

100%


Industry Leading Service Level Agreements

Service Level Agreement Performance: August 2011 to January 2012


97% 97%

94% 96% 97%

93%

96%

93% 94% 95% 94% 94% 95% 96% 96% 96% 94%

97% 96% 96% 96% 97%

Targ

et

Jan

-09

Feb

Mar

Ap

ril

May

Jun

e

July

Au

g

Sep

t

Oct

No

v

Dec

Jan

-10

Feb

Mar

Ap

ril

May

Jun

e

July

Au

g

Sep

t

Support: Complementary AND top rated

24/7


97%

Telephone, Portal & email support

Support Ticket Satisfaction

Knowledgeable 1st & 2nd line support to actively manage and resolve client issues

Target response times: 95% of critical issues: 2hrs 85% of major issues: 4hrs 75% of minor issues: 8hrs

35


Benefits of SaaS for Addressing Security


•Reduce threats

•Minimize legal risk

• Increase productivity

•How to do more with less

•Reduce time to benefit

•CAPEX v OPEX

•Limited staffing resource

•Limited time to train

•Focus on core business

Protection & Control

Cost Containment

Staffing

36


Symantec.cloud: Market Leadership

10.9 million SaaS users

32,000 clients 104 Countries

Leader in Gartner MQ for Secure Email Gateway

Leading provider of Web Security hosted services

(IDC)

Worldwide leader in messaging security SaaS

(IDC)



Recommendations and Best Practice

• Employ defense-in-depth strategies

• Antivirus on endpoints is not enough

• Use encryption to protect sensitive data

• Leverage web security solutions to enable safe interactions

• Include the mobile workforce in IT planning

• Use Data Loss Prevention to help prevent data breaches

• Be aggressive on your updating and patching

• Enforce an effective password policy

• Educate users on the changing threat landscape



Additional Hands On .Cloud Sessions

• LAB: SR L20 - Web Security.cloud Management Best Practices

– Monday 2:15-3:15

– Room 121

• LAB: SR L19 - Deep Dive: Email Security.cloud Management

– Wednesday 1:00-2:00

– Room 122


Thank you!

Copyright © 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.


Ronald Poserina

[email protected]

(646) 519-8121

mailto:[email protected]

SR B25 Symantec.cloud Security Solutions: Expert Insights...

Documents

Transcript of SR B25 Symantec.cloud Security Solutions: Expert Insights...