Symantec Global
Intelligence Network
4 Symantec SOCs
74 Symantec Monitored
Countries
8 Symantec Security
Response Centers
200,000
Millions
Millions
Hundreds
malware
of
of security
threat
ofsubmissions
MSS
reports
alerts
customers
per
per
month
month
month
30%
of Worlds email Traffic
120
Million
Systems
Worldwide
+per
Advanced
Honeypot Network
Dublin, Ireland
Tokyo, Japan
Calgary, Canada
San Francisco, CA
Redwood City, CA
Twyford, England
Santa Monica, CA
Munich, Germany
Alexandria, VA
Pune, India
Taipei, Taiwan
Sydney, Australia
June 2007
June 2007
June 2007
Internet Threats,
Attacks and Hacks
Violations of Policies
User Errors
0%
10%
20%
30%
40%
50%
ITPolicyCompliance.com
Taking Action to Protect Sensitive Data, Feb. 2007
Symantec Endpoint Protection and Symantec Network Access Control
June 2007
June 2007
Interactions
Manage
IT Risk
Information
Maximize
IT Performance
Infrastructure
June 2007
STORAGE
INFORMATION
MANAGEMENT
IT COMPLIANCE
SECURITY
Manage
Maximize
IT Risk
IT Performance
IT OPERATIONS
BUSINESS CONTINUITY
June 2007
Intrusion
Prevention
Firewall
Antispyware
AntiVirus
June 2007
AntiVirus
June 2007
10
AntiVirus
June 2007
11
Antispyware
AntiVirus
Source: Thompson Cyber Security Labs, August 2006
June 2007
12
Firewall
Antispyware
AntiVirus
June 2007
13
Firewall
Antispyware
Antivirus
June 2007
14
Intrusion
Prevention
(IPS)
(N)IPS
Network IPS
(H)IPS
Host IPS
Vulnerability-based
(Sigs for vulnerability)
Signaturebased
(Can create custom
sigs, SNORT-like)
Application Control
Behavior-based
(Whole Security)
Rules-based
(System lockdown by
controlling an
applications ability to
read, write, execute and
network connections)
=Services Opportunity
Symantec Endpoint Protection and Symantec Network Access Control
June 2007
15
Intrusion
Prevention
Firewall
Antispyware
AntiVirus
=Services Opportunity
Symantec Endpoint Protection and Symantec Network Access Control
June 2007
16
Device Control
Intrusion
Prevention
Firewall
Antispyware
AntiVirus
June 2007
17
June 2007
18
Introducing:
Single Agent, Single Console
Network Access
Control
Results:
Device Control
Increased
Protection, Control &
Manageability
Intrusion
Prevention
Firewall
Reduced
Cost, Complexity &
Risk Exposure
Antispyware
Symantec Endpoint
Protection 11.0
Symantec Network
Access Control 11.0
AntiVirus
June 2007
19
Product
Baseline
Memory Usage
62 MB
Operational efficiency
129 MB
Symantec AntiVirus +
Symantec Sygate Enterprise Protection
72 MB
71 MB
50 MB
Symantec Endpoint
Protection 11.0
21????
MB!
Complexity
Fewer consoles and agents allows
standardization of technologies
Risk
Includes behavior-based IPS to
protect against unknown attacks
June 2007
20
Symantec
Endpoint
Protection Small
Business Edition
Symantec
Multi-tier
Protection
Antivirus
Antispyware
Desktop Firewall
Intrusion Prevention
Device Control
MS Exchange
MS Exchange/Domino/SMTP
Gateway
Mail Security
June 2007
21
SNAC Packaging
Enforcement Type
Agent Type
Endpoint
Gateway
DHCP
LAN-802.1x
(Appliance)
(Appliance/Plug-in)
(Appliance)
Symantec
Network
Access
Control
v11.0
Symantec
Network
Access
Control
Starter Edition
V 11.0
Client
(Persistent)
On-Demand
(Dissolvable)
Agentless
(Scanner)
PPP P P P P
PP
Symantec
Back toEndpoint
Table Protection and Symantec Network Access Control
P
June 2007
22
June 2007
23
Thank You!
June 2007
24