SR B25 Symantec.cloud Security Solutions: Expert Insights...
Transcript of SR B25 Symantec.cloud Security Solutions: Expert Insights...
1
SR B25 Symantec.cloud Security Solutions: Expert Insights into Email, Web, Endpoint and IM Security Best Practices
Ronald Poserina Director, Systems Engineering
SR B25: Symantec.cloud Security Solutions
SYMANTEC VISION 2012
Session Agenda
SR B25: Symantec.cloud Security Solutions 2
The Challenges of Managing IT 1
Latest Trends from the Threat Landscape 2
The Symantec.cloud Solution 3
Recommendations and Best Practice 4
Q&A 5
SYMANTEC VISION 2012
The Security Challenges
SR B25: Symantec.cloud Security Solutions 3
SYMANTEC VISION 2012
IT Pressure with Managing Security
• Being asked to do more with less
• Upgrades, Patching & Maintenance of current solutions
• Investing in new technology to address changing business requirements
• Keeping up with the threat landscape
• Demand to support more devices
• Mobile workforce
– Protection that follows the user
SR B25: Symantec.cloud Security Solutions 4
SYMANTEC VISION 2012
Challenges with a Multiple Vendor Approach
• Juggling multiple vendor relationships
• Inability to reduce costs through bundling
• Multiple products to manage
• Differing platforms and technologies to support and learn
• Technical support
SR B25: Symantec.cloud Security Solutions 5
SYMANTEC VISION 2012
The Threat Landscape
SR B25: Symantec.cloud Security Solutions 6
SYMANTEC VISION 2012
Global Intelligence Network Identifies more threats, takes action faster & prevents impact
Information Protection Preemptive Security Alerts Threat Triggered Actions
Global Scope and Scale Worldwide Coverage 24x7 Event Logging
Rapid Detection
Attack Activity • 240,000+ sensors
• 200+ countries and
territories
Malware Intelligence • 135M+ systems monitored
• 11 security response
centers
Vulnerabilities • 50,000+ vulnerabilities
• 15,000+ vendors
• 105,000+ technologies
Spam/Phishing • 5M+ decoy accounts
• 8B+ email messages/day
• 1B+ web requests/day
Austin, TX Mountain View, CA
Culver City, CA
San Francisco, CA
Taipei, Taiwan
Tokyo, Japan
Dublin, Ireland Calgary, Alberta
Chengdu, China
Chennai, India
Pune, India
7 SR B25: Symantec.cloud Security Solutions
SYMANTEC VISION 2012
Malicious Attacks Are Growing
5.5B Attacks blocked by Symantec +81%
403M Unique Variants of Malware +41%
4,597 Web Attacks per Day +36%
4,989 New Vulnerabilities -20%
8 Zero-Day Vulnerabilities -43%
315 New Mobile Vulnerabilities +93%
75% Spam rate -34%
2011 Statistics from v17 Symantec ISTR
SR B25: Symantec.cloud Security Solutions 8
SYMANTEC VISION 2012
Which Website is More Dangerous?
SR B25: Symantec.cloud Security Solutions 9
SYMANTEC VISION 2012
Most Harmful Websites by Categories
SR B25: Symantec.cloud Security Solutions 10
SYMANTEC VISION 2012
Social Media Changes Everything
SR B25: Symantec.cloud Security Solutions 11
SYMANTEC VISION 2012 12
SYMANTEC VISION 2012 13 President’s Forum and WSML 2012
SYMANTEC VISION 2012
Advanced Targeted Attacks
SR B25: Symantec.cloud Security Solutions 14
Your Assumptions are Wrong
SYMANTEC VISION 2012
Dispelling Assumptions about Targeted Attacks
• 50% are against 2,500 or larger • 17% are targeted at 250 or less
• 70% of targeted are against other sectors
Only Large Organizations
are Targets
Only Gov’t or Defense Sectors
are Targets
• 58% of people targeted are non-execs • Most targeted people are in sales, PR, HR
Only CEO’s or Senior Managers
are Targets
SR B25: Symantec.cloud Security Solutions 15
SYMANTEC VISION 2012 SR B25: Symantec.cloud Security Solutions 16
That’s where we come in…
SYMANTEC VISION 2012
• Procurement
• Deployment
• Testing
• Performance Tuning
• Policy Administration
• Capacity Planning
• High Availability
• Patching
• Upgrades
Management Overhead
Our Goal: Simplify IT & Increase Your Security Posture
Messaging
Web
• Management
• Traffic Shaping
• AV / AS / Content Filtering
• High Availability
• Management
• AV / AS / Content Filtering
• High Availability
HQ Office Branch Office #1 Branch Office #2…
Messaging
Web
• AV / AS / Content Filtering
• High Availability
• AV / AS / Content Filtering
• High Availability
Messaging
Web
• AV / AS / Content Filtering
• High Availability
• AV / AS / Content Filtering
• High Availability
IT Admin
SR B25: Symantec.cloud Security Solutions
Endpoint Security
• Centralized Management Server
• High Availability
Policy Administration
Management Simplified
17
SYMANTEC VISION 2012
Little or no
software
Easy to deploy/manage
Automatic updates
Easy to scale
Subscription pricing
Integrated solutions
Market leading SLA’s
24 x 7 support
Benefits of Symantec.cloud
SR B25: Symantec.cloud Security Solutions 18
SYMANTEC VISION 2012
Symantec.cloud Security Solutions
SR B25: Symantec.cloud Security Solutions 19
IM Security.cloud
Back-up Exec.cloud
Enterprise Vault.cloud
Endpoint Protection.cloud
Email Security.cloud • AntiVirus • AntiSpam • Image Control • Content Control
Web Security.cloud • AntiVirus & AntiSpyware • URL & Content Filtering • Roaming User Protection
Email Encryption.cloud • Boundary Encryption (TLS) • Policy Based Encryption (Push/Pull)
SYMANTEC VISION 2012
Global Infrastructure = Greater Visibility and Protection
SR B25: Symantec.cloud Security Solutions 20
• Incorporating 17 data centers spanning four continents • Every data center is scalable and secured to the highest standards
(ISO27001/SAS70II/ISAE 3402) • Clustered high performance servers, each cluster has full redundancy
SYMANTEC VISION 2012
Identifying more threats, taking action faster & preventing impact
SR B25: Symantec.cloud Security Solutions
Global Expertise
Billions of email connections and Web requests/week
In-depth Analysis
Zero hour protection
IT Policies and Controls
Converged Threat Protection
Threat intelligence shared across Email, Web, and IM
Relevant
Accurate
Multi-protocol
Skeptic™
Email Security.cloud
Web Security.cloud
Instant Messaging Security.cloud
21
SYMANTEC VISION 2012
Email Security.cloud AntiVirus & AntiSpam
SR B25: Symantec.cloud Security Solutions
• Malware “DNA”
• Phishing/Fraud Detection
• Targeted Attack Detection
• Binary Analysis
• Start-up Code Analysis
• Obfuscation/Encryption
• Known Security Vulnerabilities
• Spam Detection Rules
• Image Composition Analysis
• Link Following
Skeptic™ Capabilities
22
SYMANTEC VISION 2012
Policy Based Encryption.cloud Service for Email
Key Features
• Scans against user policy and automatically encrypts sensitive emails
• Fully hosted service, including management of digital certificates and encryption keys
• Wide range of email delivery mechanisms
• Support for mobile platforms
• Secure reply and compose capabilities
• Read receipts automatically forwarded to email senders
• Can be combined with Symantec.cloud Email Security services
SR B25: Symantec.cloud Security Solutions 23
SYMANTEC VISION 2012
How it Works - Email Delivery
24
Mail Server
Encryption platform
Symantec.cloud Content Control
TLS
Encryption Required?
Encryption Platform
ENCRYPTED S/MIME (via web browser)
Secure Mail Portal
PLAIN TEXT MIME MESSAGE
ENCRYPTED S/MIME MESSAGE
SIGNED NOTIFICATION
Encryption Key Found?
YES
NO
YES
NO
SR B25: Symantec.cloud Security Solutions
SYMANTEC VISION 2012
Policy Based Encryption.cloud Recipient Interface
Read the Secure Message
25 SR B25: Symantec.cloud Security Solutions
SYMANTEC VISION 2012
Web Security.cloud
Protect and Control Internet Access
SR B25: Symantec.cloud Security Solutions 26
SYMANTEC VISION 2012
Protecting the Mobile Workforce
• Smart Connect for Web Security.cloud
• Seamlessly logs in users in a variety of network environments
• Ideal for “road-warrior” users and frequent travelers
• Enforces policies and protects users as if they were inside your corporate LAN
• Runs as an agent on the endpoint.
SR B25: Symantec.cloud Security Solutions 27
Public Wi-Fi
Hotspots; Pay-for-use portals
Home Offices
Corporate LAN & Regional
Offices
Data center
SYMANTEC VISION 2012
Instant Messaging Security.cloud
Key Features:
• Protects against viruses transmitted via UC and public IM
• Malicious URL detection
• Intuitive policy building capability including multiple rule stacking
• Logs message transcripts
• Secure directory synchronization
• Dashboard, summary, detailed and scheduled reporting
• Configurable and customizable system notifications
SR B25: Symantec.cloud Security Solutions 28
SYMANTEC VISION 2012
Endpoint Protection.cloud
• Comprehensive protection for your systems (AV, AS , Smart Firewall & IPS)
• Always-on protection for endpoints
• Web-based management console
• Security audit & customizable reporting
• Automatic definition updates and automatic software upgrades
SR B25: Symantec.cloud Security Solutions 29
SYMANTEC VISION 2012
ClientNet: Simple Yet Powerful
SR B25: Symantec.cloud Security Solutions 30
SYMANTEC VISION 2012
ClientNet Management Portal
SR B25: Symantec.cloud Security Solutions 31
SYMANTEC VISION 2012
ClientNet Benefits
• Consolidated view of all of your solutions
• Robust Email Tracing Tools
• Feature rich reporting
• Granular policy creation with directory integration
• Access & Manage your solutions from anywhere
• Ability to create users with differing levels of access
• Technical Support / Documentation / Help
SR B25: Symantec.cloud Security Solutions 32
SYMANTEC VISION 2012
Partner Management
• Management console for partners to manage multiple customers
– Trial Setup
– Reporting
– Configuration
Presentation Identifier Goes Here 33
SYMANTEC VISION 2012
AntiSpam effectiveness
SLA 99%
Pe
rform
ance
99.99996%
Spam false positive rate
SLA 0.0003%
0.000008%
AntiVirus false positive rate
SLA 0.0001%
0.000003%
Email Service Availability
SLA 100%
100%
Web Service Availability
SLA 100%
100%
34 SR B25: Symantec.cloud Security Solutions
Industry Leading Service Level Agreements
Service Level Agreement Performance: August 2011 to January 2012
SYMANTEC VISION 2012
97% 97%
94% 96% 97%
93%
96%
93% 94% 95% 94% 94% 95% 96% 96% 96% 94%
97% 96% 96% 96% 97%
Targ
et
Jan
-09
Feb
Mar
Ap
ril
May
Jun
e
July
Au
g
Sep
t
Oct
No
v
Dec
Jan
-10
Feb
Mar
Ap
ril
May
Jun
e
July
Au
g
Sep
t
Support: Complementary AND top rated
24/7
SR B25: Symantec.cloud Security Solutions
97%
Telephone, Portal & email support
Support Ticket Satisfaction
Knowledgeable 1st & 2nd line support to actively manage and resolve client issues
Target response times: 95% of critical issues: 2hrs 85% of major issues: 4hrs 75% of minor issues: 8hrs
35
SYMANTEC VISION 2012
Benefits of SaaS for Addressing Security
SR B25: Symantec.cloud Security Solutions
•Reduce threats
•Minimize legal risk
• Increase productivity
•How to do more with less
•Reduce time to benefit
•CAPEX v OPEX
•Limited staffing resource
•Limited time to train
•Focus on core business
Protection & Control
Cost Containment
Staffing
36
SYMANTEC VISION 2012
Symantec.cloud: Market Leadership
10.9 million SaaS users
32,000 clients 104 Countries
Leader in Gartner MQ for Secure Email Gateway
Leading provider of Web Security hosted services
(IDC)
Worldwide leader in messaging security SaaS
(IDC)
SR B25: Symantec.cloud Security Solutions 37
SYMANTEC VISION 2012
Recommendations and Best Practice
• Employ defense-in-depth strategies
• Antivirus on endpoints is not enough
• Use encryption to protect sensitive data
• Leverage web security solutions to enable safe interactions
• Include the mobile workforce in IT planning
• Use Data Loss Prevention to help prevent data breaches
• Be aggressive on your updating and patching
• Enforce an effective password policy
• Educate users on the changing threat landscape
SR B25: Symantec.cloud Security Solutions 38
SYMANTEC VISION 2012
Additional Hands On .Cloud Sessions
• LAB: SR L20 - Web Security.cloud Management Best Practices
– Monday 2:15-3:15
– Room 121
• LAB: SR L19 - Deep Dive: Email Security.cloud Management
– Wednesday 1:00-2:00
– Room 122
SR B25: Symantec.cloud Security Solutions 39
Thank you!
Copyright © 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
SR B25: Symantec.cloud Security Solutions 40
Ronald Poserina
(646) 519-8121