Trends in Endpoint Security by Richard Lau Trends in Endpoint Security by Richard Lau 29 September...
74
“ “ Trends in Endpoint Security” Trends in Endpoint Security” by by Richard Lau Richard Lau 29 September 2005
-
Upload
agustin-homans -
Category
Documents
-
view
221 -
download
1
Transcript of Trends in Endpoint Security by Richard Lau Trends in Endpoint Security by Richard Lau 29 September...
““Trends in Endpoint Security”Trends in Endpoint Security”
by by Richard LauRichard Lau
29 September 2005
2
Agenda
The Challenges: Market, Technical, Regulatory
Trends and Key Developments
Requirements of Endpoint Security
Cast Study
Conclusions
3
Business Impact of Multi-Layered Attacks
Code Red700,000 machines infected$2-2.9 billion in damage
$200 million in damage per day during attacks
(Computer Economics)
Average Worm$2 million in lost revenue
per incident per victim (Aberdeen Group)
Worst-Case Worm$50 billion in U.S. damage
alone(International Computer Science
Institute)
4
Enterprise Protection Problem
Inefficiency
Traditional security products aren’t effective99% have AV - 68% get viruses
New agent for every threat, poor management, no integration
You have to choose between security and productivity
Lack ofControl
Difficult to control w/out curtailing benefits
Wireless, Guests, Outsourcing, Mobility, USB, IM, Rogues
Vulnerability
Exploits are attacking every layerOperating System, Application, Network, Device
Spreading faster than patches or Signatures
ComplexityIncreasingly Complex IT InfrastructureDiverse devices, access points, users, agents, applications
5
Vulnerabilities ExploitedVulnerabilities Exploited
Old PatchOld Patch
Recent PatchRecent Patch
New VulnerabilityNew Vulnerability
MisconfigurationMisconfiguration
Copyright © 2002
Misuse, misconfiguration and malicious access of systems compromises business.
The Problems (Gartner Research)
6
The Problems
Compromised and Rogue Devices- 20 percent of the systems that operations, network and
security admins know about are compromised – misused, misconfigured, exposed to malicious access (Gartner).
- 20% of the IP addresses in use on corporate network admins know nothing about (Gartner).
Virus and worm events can cost IT staffs upwards of $250 per system infected
Typical American enterprise spent $200K on worm attacks
7
0 100 200
Zotob 8/05
Sasser - 04/04
Witty - 03/04
Blaster/Welchia - 07/03
WebDAV vuln - 03/03
Slapper - 07/02
SQL Slammer - 07/02
Spida - 04/02
Digispid - 03/02
Code Red - 06/01
Ramen/Adore - 06/00
Vu
lnerab
ility An
no
un
ced
5 variants, 359,000 machines infected
Days Until First Attack
75 variants, 500,000+ machines infected
17 variants, 1,000,000+ machines infected
Vulnerability-Exploit Gap Decreasing
8
Traditional Security Has Not Blocked Attacks
Basic Personal Firewall
Anti-Virus
Patch Management Solutions
Perimeter Firewalls
• Can’t block access to ports used for legitimate purposes• Packet scanning only effective against recognizable signatures
• Window of vulnerability prior to patch being applied• Not effective against unknown attacks
Ex: Zero-Day Worm
• Can’t lockdown the system enough to prevent worms from acting like an authorized applications or traffic.
• Can only reliably detect worms after they have compromised some systems and are actively spreading
Network Intrusion Detection
• Damage is done by the time the virus definition is deployed
Comprehensive NAC and Host-based Intrusion Prevention Systems are required…
9
LAN Security Challenges
The LAN edge represents the largest area of vulnerability
Need to consider securing next generation devices
Opening infected attachment from
hotmail.comMobile User brought
virus with them
Guest user Rouge Device
10
VPN Security Challenges
Non-compliant VPN connected systems may infect the corporate network
Unprotected Systems can launch man-in-the-middle attacks on IPSec VPNs
“Dirty” public systems may contain malware, keyloggers, and other privacy threats
Rogue Device Elimination Security Policy Compliance
11
Regulatory Challenges
Increasing government or industry regulations are presenting new challenges to IT organizations, especially in the financial and health care sectors, e.g. HIPPA, SOX, Basel II and etc.
• How can I ensure continuous compliance?
• How do I know that patient-confidential information is protected?
• Can I demonstrate Sarbanes-Oxley (SOX) compliance?
• What can I do to prevent regulatory violations?
• How can I ensure that my users are not violating use policies?
12
Business Compromised
Companies lose production systems, revenue is compromised,
companies lose customer credit card numbers, relationships are compromised,
companies lose software source code, product lines are compromised,
companies lose copyrighted material, shareholders are compromised.
companies lose employee productivity, profitability is compromised.
13
Agenda
The Challenges: Market, Technical, Regulatory
Trends and Key Developments
Requirements of Endpoint Security
Case Study
Conclusions
14
Magic Quadrant for Personal Firewall
15
Continuous Compliance Model
Rely on User Discipline System Enforcement
SecurityPolicy
16
Network Access Control Process
1. Define Policy
2. Discover Policy Compliance1. Agent
2. On-Demand Agent
3. Network Interrogation
3. Enforce Network Access Control LAN, DHCP, Gateway Enforcer Self-Enforcement Infrastructure Integration Universal Enforcement API
4. Remediate Non-Compliant Endpoints
5. Continuous Monitoring
SecurityPolicy
17
Key Developments –Network Access Control
Gartner created reference design for Network Access Control
Cisco has announced Network Admission Control
Microsoft has announced Network Access Protection
The Trusted Computing Group has announced Trusted Network Connect
802.1x Standard
18
Gartner –Network Access Control
Policy – outline the security configurations wish to enforce as a prerequisite for network access, including patches, AV, custom security software, or special configurations
Baseline – is used to compare systems connecting to the network with the configured policy
Access Control – is used to give the connecting system the appropriate level of network access
Quarantine – systems exhibiting anomalous behavior must be sent into a quarantine area
Remediation – to bring the system into compliance
19
Cisco’s NAC
A closed, “invitation only” architecture for protecting Cisco infrastructures only
Requires end-to-end Cisco to be effective
LAN enforcement will not be available until later this year
Rounded up some AV vendors’ support
20
Cisco NAC Components and Decision Making Flow
AV agent
FW agent
OS agent
CiscoTrustAgent
Cisco ACS Server
1. Individual agents report status
2. CTA delivers to ACS
3. ACS checks configured policy version for each policy
4. Based on results, CTA provisions router
21
Layer 3 Protection is not complete
L3 Cisco NAC Enabled Router
Mobile user spreads infection on his Layer 2 segment
XCNAC Stops infection at router
22
Sygate Simplifies CNAC
Sygate agent
CiscoTrustAgent
Cisco ACS Server
1. Sygate collects all compliance information
2. CTA delivers to ACS
5. Based on results, CTA provisions router
4. ACS checks configured Sygate policy version
23
Cisco NAC Architecture
24
Cisco NAC Architecture In Context Of Other Layers
AccessDevice
PolicyEnforcementPoint
PolicyDecisionPoint CNA
C
PolicyMgmt
25
NAC in a Corporate Network
Clients3rd party Applications (AV, Patch, Config, etc.)
OS (like MSFT) and/or 3rd Party network access clients ( DHCP / VPN / .1x / IPsec / Dialer )
NetworkAccess
Devices
NetworkServices Radius Server DHCP Server
WindowsMacintoshLinuxPocketPC…
DNS Server
…
Security Agent
Policy Decision Point LAN Enforcer DHCP Enforcer Gateway Enforcer Endpoint EnforcerOn Demand Enforcer
Policy Mgmt
SSASSA SODASODA
Site 1 Site 2 Site 3 AD
Modem/DSL
Web ServerACS
Policy
Enforceme
nt
PointsCTA
CNAC
Access
Device
s
26
Microsoft’s NAP
A more open program designed to protect the Microsoft ecosystem only
Open to participation by any network infrastructure vendor
No plans for any support for non-Microsoft OS
Available with Longhorn Server- sometime in 2006
27
Standards Organization focused on computer system security- Over 50 Members
Developing an open standard for any operating system and network infrastructure- Completely open, anyone can join
- Specification available early 2005
Also developed a hardware chip specification to:- Help ensure the authenticity of hardware- prove system
identity
- Protect systems from executing software that has become corrupted or hacked
28
What is 802.1x
802.1x is an IEEE standard for access control for wireless and wired LANs, 802.1x provides a means of authenticating and authorizing devices to attach to a LAN port.
This standard defines the Extensible Authentication Protocol (EAP), which uses a central authentication server to authenticate each user on the network.
Layer 2 protocol
802.1x happens before TCP/IP is established
29
Purpose of 802.1x
Authenticate the user/computer at the network level
Block unauthorized computers from accessing the network
Provide different levels of authentication and encryption security based on administrator’s decision and network needs
Most vendors have extended 802.1x from the RFC definition
30
Enforcement with 802.1x
Remediation Server
Sygate LAN Enforcer
SMS
RADIUS Internet
802.1x and EAP
RADIUS
Login Credentials
Permit or Deny
31
802.1x NAC Solution
Most secure LAN solution- NAC status, or NAC+User credentials
Standards-based - Nearly all vendors support
Ethernet802.1x NAC
Wired User
LE Checks user login
System sends NAC and user data via EAP
RADIUS server Sygate LAN Enforcer
Sygate Policy Server
Switch forwards to LE
QuarantineNetwork
Quarantine Patch Server
LAN Enforcer connects system to corporate or quarantine network
32
How DHCP Enforcement works
Systems connecting to the network get a DHCP lease with a short lease time in a “quarantine address space”
- Secondary IP space or DHCP route filters
DHCP Enforcer checks for SSA agent and status
If the agent is present and system is up-to-date, DHCP Enforcer gives the system a new address in the normal address space
If there is no agent, system remains in the quarantine address space
Exceptions are provided by OS type and MAC address.
33
DHCP NAC Solution- In compliance
Mobile Users, Wireless
EthernetSwitch
Wired UserDHCP Enforcer
Probe for agent and policy status
Trigger release/renew on pass
DHCP Server
DHCP Request
Unknown system- send route filters or Quarantine Address10.1.1.100
Route 10.2.2.2 blah
DHCP Request
Compliant- send regular address10.1.1.100
34
New DHCP NAC Solution- Out of Compliance
Mobile Users, Wireless
EthernetSwitch
Wired User
Remediation Server
DHCP Server
DHCP Request
Probe for agent and policy status
Unknown system- send route filters10.1.1.100
Route 10.2.2.2 blah
Trigger remediation on failure
Trigger Release/Renew upon completion
Perform Remediation action
DHCP Request
DHCP Enforcer
Compliant- Remove route filters10.1.1.100
35
On-Demand Security
36
Ubiquitous Enforcement Requires ON-Demand enforcement capability
Not all systems on a network can have agents installed
Not all systems on a network are owned by the company
Guests may require safe network access
Information must be protected when employees access via 3rd party devices- Internet Kiosks
- Hotel Business Centers
- Home PCs
37
On-Demand Value
Problem- Theft of data from unmanaged devices- Unprotected or compromised devices connecting to the
enterprise via web infrastructure- Delivering endpoint security to unmanaged devices
(contractors, kiosks, home machines)
Solution- Protects confidential data by creating a secure
environment that provides encryption and file deletion upon session termination
- Protection from viruses, worms by enforcing AV, Personal Firewall via Host Integrity
- Lower TCO by delivering endpoint protection on-demand via existing web infrastructure
38
The Market in Which SODA PlaysGartner Has Defined the Market…
Six Critical Requirement for On-Demand Security: Client Integrity Checkers
- SODA Host Integrity
Browser Cache File Cleanup- SODA Cache Cleaner
Behavioral Malicious Code Scanners- SODA Malicious Code Prevention
Personal Firewall Mini-Engines: - SODA Connection Control
Protected Virtual User Sessions- SODA Virtual Desktop
Dynamic User Access Policies- SODA Adaptive Policies
Source: “Access From Anywhere Drives Innovation for On-Demand Security, Gartner, ID Number: G00126242”, March 21, 2005.
39
On-Demand Security Agent
Host Integrity
Adaptive Policies
Virtual Desktop
Data Sanitization
Persistent Desktop
Malicious Code Protection
Customizable User Environment
On-Demand Agent
40
When Do You Need On-Demand?
Web-based Applications
File Share
Thin Client/Server Applications
TraditionalClient/ServerApplications
Traveling Executives
Partner Extranet
Public Kiosk
SSL VPN
Guest Wireless
Webmail
Enterprise Web Apps (ERP/CRM)
Online Banking/E-Commerce
Terminal Services (Citrix)
41
Citrix
Business Drivers:- Speed application
deployment
- Access from anywhere
- Access from any device
Data at Risk:- Citrix login password
- Screen images
- Browser history
42
HR/Financial/Partner Portals
Business Drivers:- Web-based access to payroll
and employee information
- Eliminate cost of printing and mailing paychecks
Data at Risk:- Portal login password
- PDF paycheck stub
- Payroll system
43
Architecture - How It Works
TravelingExecutive
Hotel
Partner
Kiosk
Printer
Workstation
Guest
ATM
Remediation
Radius
Web Applications
Sygate Enforcer
Sygate On-Demand Manager
SSL VPN
IPSEC VPN
Wireless
Firewall
802.1x Switch
Correlator
Discovery Engine
Administrator CreatesSygate On-Demand Agent
Administrator UploadsSygate On-Demand Agent
User Connects to Login Page
VD, HIInternal LANGuest Laptop
VD, HIPublic InternetKiosk
VD, HI, Persistent
Home NetworkEmployee Home
TrustedAirport WLANCorporate-Owned, Running SSA
PolicyNetwork Location
Device Type
Adaptive Policies
Sygate On-Demand AgentDownloads (Java)
Sygate On-Demand AgentAdapts Policies to Environment
Sygate On-Demand AgentVerifies Host IntegrityIf compliant, On-Demand
launches the Virtual Desktop or Cache Cleaner
Patch Updated
Service Pack Updated
Personal Firewall On
Anti-Virus Updated
Anti-Virus On
StatusHost Integrity Rule
Virtual Desktop or Cache Cleaner then launches the
login process
User logs into SSL VPN/Web App and gets
access to network
User can securely download, view, modify, and upload
corporate information
Upon inactivity or closing, VD is closed and data erased
44
Sygate On-Demand Qualification
Enterprises providing access to corporate information through web applications- Web Mail – Outlook Web Access and Lotus Inotes- SSL VPN – Netscreen, Aventail, Nortel, Netilla- Citrix - Portals – Financial, HR, Partner- Web CRM - Siebel- Financial Applications – SAP financials
Critical Qualification Information- What are the web applications in use?- What are the different types of users and devices?- Do they want different policies for different situations?- Do they want to check the security of the computer before
allowing access?
45
SSL VPN
Web-based Applications
File Share
Thin Client/Server Applications
TraditionalClient/ServerApplications
Business Drivers:- Low cost remote access
- Access from anywhere
Data at Risk:- SSL VPN login password
- Shared files
- Application data
Traveling Executives
Partner Extranet
Public Kiosk
46
NetScreen Host Checker packaged with NHC Server API extensions
Securing Remote Accesswith SSL VPN
Upload Sygate On-Demand Agent using either Customer UI or as a Host Checker Package
- User connects to SSL VPN and is subject to Host Integrity Check- Sygate On-Demand Agent checks Host Integrity, and installs Cache Cleaner or Virtual Desktop.
Protected network resource, application, or service
Managed Device
Unmanaged Device
WWW PrivateNetwork
Bind to AM Policy based on scan
Sygate Security Agent is pre-installed on the managed device to provide firewall, intrusion prevention, and policy enforcement. The Juniper Host Checker verifies that the Sygate Security Agent is running.
Sygate On-Demand Agent(Part of Sygate On-Demand)
Sygate Security Agent(Part of Sygate Secure Enterprise)
47
Agenda
The Challenges: Market, Technical, Regulatory
Trends and Key Developments
Requirements of Endpoint Security
Case Study
Conclusions
48
Enterprise Protection
Problem - Networks and endpoints are vulnerable, causing:
Propagation of Malicious codeLeakage of sensitive informationLost user productivityIncreased support costs
Solution - Safeguard computers, networks, and data by:
Ridding the network of non-compliant endpoints with NACEnsuring Compliance on Contact™ across all entry pointsProtecting endpoints with a Host Intrusion Prevention
49
Enterprise Protection Features
FW
TraditionalDesktop FW
IDSFW
Current Enterprise Protection
IDS
AdaptivePolicies
NAC
AS
• OS Protection• Buffer Overflow Protection• File/Registry Access Control• Process Execution Control
FW
Next EnterpriseProtection
IDS
AdaptivePolicies
NAC
AS
Device
HIPS
• Peripheral Device Control
• DHCP Enforcement• Host Integrity IF...Then...Else• 802.1x Wireless Support• Cisco NAC
• Wireless Detection• And...Or...Not Conditions
• Signature-Based IDS
En
terp
rise
Ma
na
ge
me
nt
En
terp
rise
Ma
na
ge
me
nt
• Anti-Spyware
• Desktop Firewall
50
Enterprise End-Point Device Protection Features
Host Intrusion Prevention System (HIPS)
Network Access Control (NAC)
Adaptive Policies
End-Point Intrusion Prevention
End-Point Firewall
51
HIPS & The Vulnerability Lifecycle
0-200 Days
Vul
nera
bilit
yD
isco
vere
d
14-90 Days
Expl
oit R
elea
sed
3 Days to NeverPa
tch
Avai
labl
e
Patc
h D
eplo
yed
Behavioral (HIPS) & White List (Firewall)
Blacklist (Anti-Virus & IDS Signatures)
PatchesNetwork Access Control
52
Host Intrusion Prevention System
Protection Layer
Black ListMethod
White ListMethod
BehaviorMethod
Network Layer
Code Red PersonalFirewall
ARP Poisoning
Application Layer
SQL Slammer
Allow Only Browser, Email
Block IIS Buffer Overflow
OS Layer Blaster Signature
Prevent Malware from Creating Accounts
Block OS Buffer Overflow (RPC DCOM)
Device Layer
Block iPodUSB Key
Allow only Mice and Keyboards
Block read/ write/exeby device and location
53
Server Protection Solution
CPU & Kernel
Rootkits
Account CreationAuto StartCode ExecutionFile Integrity
File Registry
SQL InjectionPrivilege Escalation Applications
File Registry
File AccessRegistry ControlAnti-Hijacking
ApplicationsProcess ExecutionApplication BehaviorBlock DLL Loading
System Lockdown
CPU & Kernel
Memory
Buffer Overflows
Shatter Attacks
DoSWorms Network Memory
Memory FirewallNX Emulation
FirewallIPS Network
Data TheftSpyware
Device
Device ControlFile Read/Write/Exe
Device
54
NAC in a Corporate Network
Clients3rd party Applications (AV, Patch, Config, etc.)
OS (like MSFT) and/or 3rd Party network access clients ( DHCP / VPN / .1x / IPsec / Dialer )
NetworkAccess
Devices
NetworkServices Radius Server DHCP Server
WindowsMacintoshLinuxPocketPC…
DNS Server
…
Security Agent
Policy Decision Point LAN Enforcer DHCP Enforcer Gateway Enforcer Endpoint EnforcerOn Demand Enforcer
Policy Mgmt
SSASSA SODASODA
Site 1 Site 2 Site 3 AD
Modem/DSL
Web ServerPolicy
Enforceme
nt
Points
Access
Device
s
55
Network Access Control Solution
56
Network Access Control
Problem - Insecure Endpoints Connecting to Networks Results In: Malicious Code Propagation
Theft of Sensitive Information
Exposure to Regulatory Penalties
Solution - NAC protects enterprise networks by: Discovering endpoints & compliance w/ security policies
Enforcing network access throughout the entire network
Remediating non-compliant endpoints
Monitoring the network continuously
57
Enterprise NAC Requirements
Pervasive Endpoint Coverage- Managed Laptops, Desktops, Servers
- Unmanaged Guests, Contractors, Home Computers
Central, Scalable, Flexible Policy Management- Distributed servers, redundancy, data base replication, AD integration
Universal enforcement- (W)LAN, IPSec VPN, SSL VPN, Web Portal
Integration with Existing and Emerging Standards- 802.1x, Cisco NAC, Microsoft NAP, TCG’s TNC
Automated Remediation Process- No user intervention required to
Learning mode and discovery tools
58
Endpoint Intrusion Prevention
Intrusion Prevention protects against known attacks on services that are required
Runs “behind the firewall” to increase system protection
Uses signatures to match known attacks, reducing the occurrence of false positives
Examples- SQL Slammer, Code Red
Must log security events
Code Red
X
Firewall IDP
Valid Request
59
Endpoint Firewall Requirements
Packet Filtering- Closes ports that are not required but
left open by default- Windows Messenger, SQL, etc
Stateful Packet Inspection- Block inbound packets that do not
correspond to established flows- Protects open ports from attack- Blocks protocol-based attacks
Must operate both inbound and outbound- Block unauthorized outbound
communications
Must log security events
SQL Port 1434/udp
Slammer Exploit
X
Messenger Port 6891/tcp
Messenger Spam
X
User Request
Permitted Response
XUnexpected Response
Firewall
60
Layered Protection
Old PatchOld Patch
Recent PatchRecent Patch
New VulnerabilityNew Vulnerability
MisconfigurationMisconfiguration
Vulnerabilities Exploited – Gartner
0Day
IPS
61
Continuous Compliance Model
Rely on User Discipline System Enforcement
SecurityPolicy
62
Requirements for Enforcement
Continuous- must work across all access methods, at all times, for all users
Consider corporate owned, guest, managed, unmanaged, and unmanageable systems
Must provide automatic remediation, not just deny access
All endpoints, all accesses, all networks, all users
63
Enterprise Protection Solution
64
Location Based (Adaptive) Rules
Security policies must adapt from HQ to hotel to home to hotspot
Policies must change by role, device type, location and connection
Without adaptive policies, companies must choose either good security or productive users
Adaptive PoliciesRole Device Type Network
LocationPolicy
Executive Corporate Owned
Enterprise LAN
Trusted, file sharing on, full application access
Sales person
Employee Owned
Home wireless
File sharing off, IM off, print sharing off, VPN on, limited application access
Outsourcer Unknown Public Internet
VD, HI, SSL VPN access only and web mail only with data sanitization
65
Enterprise-Class Management
Scalable Multi-Server Architecture- Policy & Log Replication
- Policy Distribution (Push/Pull)
- Configurable Priority/Load Balancing
Policy Management- Group hierarchy w/ inheritance
- Manage by computer or user
- Reusable policy objects
- AD user and group synchronization
Centralized Logging and Reporting- Event forwarding (Syslog, SIMs)
- Daily or Weekly E-mailed Reports
66
Agenda
The Challenges: Market, Technical, Regulatory
Trends and Key Developments
Requirements of Endpoint Security
Case Study
Conclusions
67
Solution Highlights
VPN & Wireless Protection
Rogue Prevention (802.1x)
Zero-Day Protection
Application Control
Device Discovery
Policy Enforcement
Safe Third-Party Access Regulatory Compliance
On-Demand Protection
Solution Highlights
68
Case Study – Enforcing Basic Security Standards
Customer : US division of a large international retail food company
Business : The company owns 1600 retail food stores on the eastern seaboard under various brand names
Business Drivers :- Reduce Cost associated with virus and worm outbreaks
- Support outsourcing relationships in which vendors’ equipment is on site
- Reduce cost of laptop management
69
Business Requirement :- Maintain minimum security safequards on the company’s
2000 laptops, most of which login remotely
- Enable remote 3rd party control (administrative rights) over specific internal servers without compromising corporate security
- Protect internal network from end-point security breaches
- Able to work on a variety of Windows versions, including 2000, XP, and NT
Case Study – Enforcing Basic Security Standards
70
Actions :
- Install End-Point Security Agents on all existing laptops during
scheduled configuration upgrade
- Install End-Point Security Enterprise Management Server for policy
enforcement
- Add End-Point Security Agents to standard configuration policy on all
new machines, including internal servers
- Install End-Point Security Agents on existing internal servers
administered by outside vendor partners
- Install End-Point Security Agents on all new servers deployed
Case Study – Enforcing Basic Security Standards
71
Protecting their network
When the End-Point Security Agents launched Norton Antivirus on those home machines, they caught and identified upwards of 200 viruses that would have otherwise entered their network,
Each incident could have easily cost the company US$50,000 to clean up, not to mention productivity losses during network interruptions.
If one of those viruses had gotten lose in the system, an eight-man LAN server team and a three-man mitigation team would have had to spring into action. This type of remediation could take as many as three days for each virus.
Case Study – Enforcing Basic Security Standards
72
Unexpected Benefit :
Blaster worm outbreak
Use Tivoli software distribution to push out a security patch
End-Point security icons blinking red on executives’ machine
Checking the logs for the attack origin
Followed the IP addresses and find four new laboratory production servers, being as yet unregistered, missed the patch push
Case Study – Enforcing Basic Security Standards
73
Summary
Fusion of endpoint security and network access control will be a top priority for large enterprises
Corporations need more sophisticated endpoint security solutions- E.g. Central management, reporting, policy control
Automates the complete compliance and enforcement process on contact- all computers - corporate, consultant, guest, student, outsourcer- all access - LAN, Wireless, Remote, Mobile,- all users - from engineers to executives,- on all networks friendly or hostile - corporate, home, hotel,
business center, airport, the Internet
from all threats - malicious access, misconfiguration, and misuse
THANK YOU!THANK YOU!Richard LauRichard Lau
[email protected]@udshk.com
UDS Data Systems Ltd.UDS Data Systems Ltd.
