Symantec Endpoint Protection 11

Symantec Network Access Control 11

Symantec Global
Intelligence Network
4 Symantec SOCs

74 Symantec Monitored
Countries

>6,200 Managed Security Devices

40,000+ Registered Sensors

in 180+ Countries

8 Symantec Security
Response Centers

200,000
Millions
Millions
Hundreds
malware
of
of security
threat
ofsubmissions
MSS
reports
alerts
customers
per
per
month
month
month
30%
of Worlds email Traffic
120
Million
Systems
Worldwide
+per

Advanced
Honeypot Network

Dublin, Ireland
Tokyo, Japan

Calgary, Canada
San Francisco, CA
Redwood City, CA

Twyford, England

Santa Monica, CA

Munich, Germany
Alexandria, VA

Pune, India

Taipei, Taiwan

Sydney, Australia

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

Threat Landscape Is Evolving

Percentage of Top 50 Malicious Code

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

Threat Landscape is Evolving

Number of Zero Day threats

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

Causes of Sensitive Data Loss

Cause of Data Losses by Number of Events

Internet Threats,
Attacks and Hacks

Violations of Policies

User Errors

0%

10%

20%

30%

40%

50%

ITPolicyCompliance.com
Taking Action to Protect Sensitive Data, Feb. 2007
Symantec Endpoint Protection and Symantec Network Access Control

June 2007

Meet Hal, the IT Administrator

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

Addressing IT Risks &

Enabling IT Performance

Interactions

Manage
IT Risk

Information

Maximize
IT Performance

Infrastructure

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

Symantec Enterprise Solutions:

A Powerful Combination of Product & Services

STORAGE

INFORMATION
MANAGEMENT

IT COMPLIANCE

SECURITY

Manage

Maximize

IT Risk

IT Performance

IT OPERATIONS

Symantec Endpoint Protection and Symantec Network Access Control

BUSINESS CONTINUITY

June 2007

Symantec Endpoint Protection in a

Nutshell
Network Access
Control

Device and Application

Control

Intrusion
Prevention

Firewall

Antispyware

AntiVirus

Includes a NAC agent to ensure each endpoint is NACready (Sygate)

Adds endpoint compliance to endpoint protection

Device control to prevent data leakage at the endpoint

(Sygate)

Restricts access to registry, files, folders, and processes

Behavior-based Intrusion prevention (Whole Security)

Network traffic inspection adds vulnerability-based

protection

Industrys best managed desktop firewall

Adaptive policies lead the pack for location awareness

Sygate and Symantec Client Security

Best anti-spyware, leading the pack in rootkit detection

and removal

Includes VxMS scanning technology (Veritas)

The Worlds leading anti-virus solution

More consecutive Virus Bulletin certifications (31) than

any vendor

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

Ingredients for Endpoint Protection

AntiVirus
Worlds leading AV solution
Most (32) consecutive VB100 Awards

AntiVirus

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

10

Ingredients for Endpoint Protection

AntiVirus
AV Comparative Feb 2007
Symantec on 100% detection for polymorphic
viruses in particular

AntiVirus

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

11

Ingredients for Endpoint Protection

Antispyware
Best rootkit detection and removal
Raw Disk Scan for superior Rootkit protection

Antispyware

AntiVirus
Source: Thompson Cyber Security Labs, August 2006

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

12

Ingredients for Endpoint Protection

Firewall
Industry leading endpoint firewall technology
Gartner MQ Leader 4 consecutive years
Rules based FW can dynamically adjust port
settings to block threats from spreading

Firewall

Antispyware

AntiVirus

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

13

Ingredients for Endpoint Protection

Intrusion Prevention
Most Comprehensive IPS capabilities in the industry
Generic Exploit Blocking (GEB) one
signature to proactively protect against all
variants
Intrusion
Prevention

Firewall

Antispyware

Proactive Threat Scan

Detects 1,000 threats/month

not detected by top 4 leading
antivirus engines
Very low false positive rate (0.004%)
Only 40 FP for every 1M computers

Antivirus

No set up or configuration required

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

14

Intrusion Prevention System (IPS)

Combined technologies offer best defense

Intrusion
Prevention
(IPS)

(N)IPS
Network IPS

(H)IPS
Host IPS

Generic Exploit Blocking

Vulnerability-based
(Sigs for vulnerability)

Deep packet inspection

Signaturebased
(Can create custom
sigs, SNORT-like)

Proactive Threat Scan

Application Control

Behavior-based
(Whole Security)

Rules-based
(System lockdown by
controlling an
applications ability to
read, write, execute and
network connections)

=Services Opportunity
Symantec Endpoint Protection and Symantec Network Access Control

June 2007

15

Ingredients for Endpoint Protection

Device Control
Prevents data leakage
Device Control

Restrict Access to devices (USB keys, Backup drives)

W32.SillyFDC (May 2007)

Intrusion
Prevention

Firewall

Antispyware

AntiVirus

=Services Opportunity
Symantec Endpoint Protection and Symantec Network Access Control

June 2007

16

Ingredient for Endpoint Compliance

Network Access
Control

Network Access Control

Network access control ready

Device Control

Agent is included, no extra agent deployment

Simply license SNAC Server

Intrusion
Prevention

Firewall

Antispyware

AntiVirus

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

17

Symantec Network Access Control

Ensures endpoints are protected and compliant prior to
accessing network resources

1. Reduce IT costs & greater network

availability
2. Increased control over unmanaged and
managed endpoints
3. Maximize investment of security
technologies

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

18

Introducing:
Single Agent, Single Console
Network Access
Control

Results:
Device Control
Increased
Protection, Control &
Manageability

Intrusion
Prevention

Firewall
Reduced
Cost, Complexity &
Risk Exposure
Antispyware

Symantec Endpoint
Protection 11.0

Symantec Network
Access Control 11.0

AntiVirus

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

19

How do we Lower Cost, Complexity

and Risk?
Cost
Lowered system resource
demands, smaller footprint

Product

Baseline
Memory Usage

Single product, license, support

program

Symantec AntiVirus Corporate Edition

62 MB

Operational efficiency

Symantec Client Security

129 MB

Symantec AntiVirus +
Symantec Sygate Enterprise Protection

72 MB

McAfee Total Protection SMB

71 MB

Trend Micro OfficeScan Client Server

50 MB

Symantec Endpoint
Protection 11.0

21????
MB!

Complexity
Fewer consoles and agents allows
standardization of technologies

Improved UI suits any size

organization

Risk
Includes behavior-based IPS to
protect against unknown attacks

Device control helps protect against

data loss and intellectual
property theft

Symantec Endpoint Protection and Symantec Network Access Control

Average of 84% reduction in memory usage requirements

June 2007

20

Symantec AntiVirus Extended

Licensing
Symantec
Endpoint
Protection

Symantec
Endpoint
Protection Small
Business Edition

Symantec
Multi-tier
Protection

Antivirus

Antispyware

Desktop Firewall

Intrusion Prevention

Device Control

MS Exchange

MS Exchange/Domino/SMTP
Gateway

Mail Security

Antivirus for Mac and

Linux
Symantec Endpoint Protection and Symantec Network Access Control

June 2007

21

SNAC Packaging
Enforcement Type

Agent Type

Endpoint

Gateway

DHCP

LAN-802.1x

(Uses SEP Desktop

Firewall)

(Appliance)

(Appliance/Plug-in)

(Appliance)

Symantec
Network
Access
Control
v11.0

Symantec
Network
Access
Control
Starter Edition
V 11.0

Client
(Persistent)

On-Demand
(Dissolvable)

Agentless
(Scanner)

PPP P P P P
PP

Symantec
Back toEndpoint
Table Protection and Symantec Network Access Control

P
June 2007

22

For More Information

www.symantec.com/endpointsecurity

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

23

Thank You!

2007 Symantec Corporation. All rights reserved.

THIS DOCUMENT IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY AND IS NOT INTENDED AS ADVERTISING. ALL WARRANTIES RELATING TO THE INFORMATION IN THIS
DOCUMENT, EITHER EXPRESS OR IMPLIED, ARE DISCLAIMED TO THE MAXIMUM EXTENT ALLOWED BY LAW. THE INFORMATION IN THIS DOCUMENT IS SUBJECT TO CHANGE
WITHOUT NOTICE.

Symantec Endpoint Protection and Symantec Network Access Control

June 2007

24