340 likes | 491 Vues
Norman Enterprise Security Suite. Increased control reduce TCO. For an average enterprise, indirect cost elements may contribute 50% or more of the overall TCO Gartner, Inc. Calculating endpoint TCO. Technology procurement Staff maintaing the technology Upgrades Reimaging Replacements
E N D
Norman Enterprise Security Suite Increased control reduce TCO
For an average enterprise, indirect cost elements may contribute 50% or more of the overall TCO Gartner, Inc.
Calculating endpoint TCO Technology procurement Staff maintaing the technology Upgrades Reimaging Replacements Management systems Security systems Security incidents Potential loss value
Endpoint TCO Increasing Due to Malware Malware Signatures Malware Related Costs: • IT Effort To Enforce Endpoint Security Policy • Cost To Reimage Computers • Cost To Upgrade Computers • Cost To Replace Computers • Cost of Increased Help Desk calls • Decreased User Productivity Malware Related Costs Fame to Profit Exponential Growth Increasing Sophistication Traditional Endpoint Security Effectiveness 2013: 2M+ Monthly Malware Signatures Identified 2007: 250K Monthly Malware Signatures Identified
The Endpoint is the main Attack Vector • Rogue USB • Injecting malware: Conficker, Stuxnet Etc. • Data loss/removal • Browsers, Apps and OS all have known vulnerabilities • 2/3 of apps have known vulnerabilities. • Average patch install delay -> 45 days (corporates) • Virus/Malware • 3 Million malware is added to the AV signature files per month • Average 100 000 new malware per day
Industry-wide operating system, browser, and application vulnerabilities, 1H10–2H12 Source: MICROSOFT SECURITY INTELLIGENCE REPORT, VOLUME 14
Unique computers reporting different types of exploits, 3Q11–4Q12 Source: MICROSOFT SECURITY INTELLIGENCE REPORT, VOLUME 14
Vulnerability disclosures for Microsoft and non-Microsoft products, 1H10–2H12 Who takes care of all the other applications? Microsoft takes care of Microsoft Source: MICROSOFT SECURITY INTELLIGENCE REPORT, VOLUME 14
Windows update is a good tool, but... ... generates frustrating restarts
Additional update agents needed • All these agents generates: • Memory footprint • CPU usage • Additional reboots
Growing Endpoint Complexity Many Consoles Many Vendors | Many Consoles | Many Agents • Multiple Consoles • 3-6 different management consoles on average for endpoint security and management • Agent Bloat • 3-10 agents installed per endpoint • Memory and CPU load • Decreased network performance • Lack of Control • 54% of IT security professionals cite managing the complexity of security as their #1 challenge • 43% of existing access rights were either excessive or should have been retired • Increasing TCO of Point Technologies • Integration & Maintenance Disparate Architecture Many Agents
Defense in Depth Endpoint Strategy AntiVirus Device Control Device Control Application Control Application Control • Reduce IT risk by gaining control over unknown and unwanted applications Patch & Config. Mgmt. • 48% of IT departments report that operating expenses are increasing with the main driver tied directly to increasing malware incidents.
Norman Platform Advantage Many Products Many Consoles One Partner One Platform Many Solutions • Single Console • Agile architecture • Single Agent Disparate Architecture Many Agents
Modular Agent • Single common agent delivers and manages many capabilities via pluggable services • Provides single, integrated communication mechanism between the NESEC agent and the server • Monitors and secures NESEC modules on the endpoint Patch and Remediation Event Queue Application Control Client Transport COMM Security
NESEC Platform Architecture Unified Compliance Framework Hashes AV Signatures Unified Content and Integrity Services Systems Management Application Integrity Services Vulnerabilities Configurations Patches Mobile Endpoints Remote Offices & Subsidiaries DMZ Corporate HQ Norman Distribution Server Internet Norman Distribution Server WAN Norman Enterprise Security Server Norman Distribution Server Norman Distribution Server Online-Offline Continuous Policy Enforcement
Vulnerability Management Should Be Easy, Right? “Over 90% of cyber attacks exploit known security flaws for which a remediation is available” - Gartner Proactively managing your vulnerabilities eliminates 90% of your risk… 18
Norman Patch & Remediation Comprehensive and secure Patch Management • Rapid, accurate and secure patch and configuration management for applications and operating systems: • Support for Windows and Non-Windows OS • 3rd Party application support • Avoid patch drift • Granular deployment control for Server and Desktop environments • Systems management capabilities
Content Beyond Windows Update RHEL 3 x86 RHEL 4 x86 SLES 9 x86 SLES 9 x86_64 SLES 10 x86 SLES 10 x86_64 Solaris 8-10 SPARC Solaris 10 x86 Solaris 10 x86_64 HP-UX 11.00-11.23 AIX 5.1-5.3 Mac OS X Adobe Acrobat Reader Adobe Flash Player Apple iTunes Apple QuickTime Apple iLife Apple Safari Mozilla Firefox RealPlayer Sun JRE Citrix Skype WinZip VMware ESX Server VMware Server VMware Player VMware Workstation Windows 2000 SP3 Office 2000 PowerPoint 2000 Project 2000 Word 2000 Excel 2000 Access 2000 Office XP Visual Studio .NET Internet Explorer 5.5 ISA Server 2000 Content Management Server Windows 8 Windows 7 Windows Vista Windows Server 2008 Windows XP Windows Server 2003 Windows 2000 SP4 SQL Server 2000 SP4 - 2005 Exchange Server 2003 - 2007 .NET Framework MDAC Internet Explorer 5.01 SP4 - 9 ISA Server 2004 SharePoint Office Browsers Office 2003, Office 2007 Office XP SP2+ DirectX Windows Defender Legacy Content Addt’lPlatforms Windows Update 3rd Party Apps
Delivering more than just patching… • Systems Management: • Inventory: • Software • Hardware • Services • Software Distribution • Remote Desktop • Power Management • Policy Setting / Enforcement • Wake on LAN • Configuration setting / enforcement • Disable 3rd party vendor auto update, Adobe, Java • Compliance Controls
The USB challenge • “Any USB stick is to be considered as the open Internet” (Kongsberg Maritime) • Rouge USB portable storage devices may inject malware to the PC at insertion • Unintentional Data loss • Intentional data removal
Today’s most wanted criminal..... ... in the hands of your most trusted employee
How we lose our data Un-intentional data loss Intentional data leakage
Norman Device Control • Policy-Based Data Protection and Encryption • Granular Policy Management: • On all ports and removable media devices plugging into the endpoint: • Bi-Directional file copy shadowing • File type filtering • Data copy restrictions • Encrypting sensitive data • Meet compliance mandates
Norman Device Control Controls access to any plug & play device regardless of connectivity type PCMCIA LAN WIFI COM Hard Drive Operating System FIREWIRE World of Devices Bluetooth Kernel Level IrDA Memory USB CPU LPT
Norman Application Control Proactive Protection Against Malware and More • Visibility and Control: • Control local admin rights • Deny unwanted / unapproved application • Easy Audit • Easy Lockdown • Automated whitelist with rules based trust engine: • Trusted Updater • Trusted Publisher • Trusted Path • Local Authorization
Reduce Local Admin Risk with Application Control Action Example How Norman Stops Application Control: Easy Lockdown Trust Engine Install Applications Change Configurations Remove Patches & Uninstall Software Defeat Security Tools Regedit / Command Denied Application: cmd.exe regedit.exe Denied Application: Control Panel – uninstall program control.exe Task Manager – kill process Denied Application: taskmgr.exe
Customer stories • «Number of full time IT maintenance employees reduced from 4 to 1.5» • Freed up 2.5 to other tasks • «Marginal return of over 90%» • Per $ 1.00 spent - avoiding $1.91 in endpoint related cost • Average experienced ROI: 15,4 months
Strategic direction By investing in the neccesary software and automation, IT resources can be freed up to work on strategic initiatives that drive the bottom line