Why Symantec? Symantec is a global leader in Security, Backup and Availability solutions that protect people and information independent of the device and environment.
Download
Report
Transcript Why Symantec? Symantec is a global leader in Security, Backup and Availability solutions that protect people and information independent of the device and environment.
Why Symantec?
Symantec is a global leader in Security,
Backup and Availability solutions that protect
people and information independent of the device
and environment in which information is used
or stored
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
1
Der moderne Endpoint: Die Symantec
Vision und Roadmap für Symantec
Endpoint Protection
Vision Symposium 2014 – München
Marcus Brownell
Thomas Hemker
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
2
Agenda
1
Changing Threat Landscape
2
Protecting Endpoints Today
3
Roadmap – Futures and Near Term
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
3
Symantec IS Security Intelligence
7 Billion
File, URL & IP
1 Billion+
Devices Protected
2.5 Trillion
Rows of Security
2B+ events logged daily
Monitors Threats in
157+ countries
Der moderne Endpoint
Classifications
Telemetry
Capturing previously unseen
threats and attack methods
More visibility across devices
creates better context and
deeper insight
Putting “big data” analytics to
work for every end user
Over 100,000 security alerts
generated annually
200,000 daily code
submissions
14 Data Centers
World Wide
550 Threat
Researchers
SYMANTEC VISION SYMPOSIUM 2014
4
Increase in Targeted Attacks
2013
2012
+91%
Increase in targeted attack campaigns
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
5
Targeted Attack Campaigns
2011
Email per Campaign
Recipient/Campaign
Campaigns
Duration of Campaign
Der moderne Endpoint
2012
2013
122
779
78
111
61
408
29
23
165
4 days
3 days
SYMANTEC VISION SYMPOSIUM 2014
8.3 days
6
Targeted Industries
Top 10 Industries Targeted
in Spear-Phishing Attacks, 2013
Source: Symantec
16%
15
14
13
13
Public Administration (Gov.)
Services – Professional
Services – Non-Traditional
Manufacturing
Finance, Insurance
& Real Estate
6
Transportation, Gas,
Communications, Electric
5
Wholesale
2
Retail
Mining
Construction
Der moderne Endpoint
1
1
SYMANTEC VISION SYMPOSIUM 2014
7
Zero-Day Vulnerabilities
Zero-Day Vulnerabilities, Annual Total,
2006 - 2013
Source: Symantec
30
23
25
20
15
13
15
14
14
12
9
10
8
5
0
2006
2007
2008
2009
2010
2011
2012
2013
23 zero-day vulnerabilities discovered
in 2013
More zero-day vulnerabilities discovered in
2013 than in any year since we started tracking
Increase from 14 in 2012
More zero-days in 2013 than in past two years
combined
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
8
INSIGHT: Reputation Monitoring for SEP
Contextual intelligence for dynamic analysis
Good Safety Rating
Attack
Quarantine
System
Analysts
File is whitelisted
Hosted
Intelligence
Endpoints
DeepSight
Gateways
No Safety Rating Yet
Can be blocked
Honeypots
Analytics
Warehouse
Global Sensor
Network
Intelligence
Feeds
Bad Safety Rating
File is blocked
3rd Party
Affiliates
Global Data Collection
Big Data Analytics
Global Intelligence Network
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
9
Intelligent Endpoint Protection
Layered protection to stop mass, targeted and advanced threats
Network
Threat
Protection
Blocks malware
before it spreads to
your machine
and controls traffic
Der moderne Endpoint
Advanced
Scanning
Insight
Reputation
Blocks suspicious
files – even those
with no fingerprint
– before they
can run and steal
your data
Safety ratings for
every single
software file on
the planet, and
uses this to block
targeted attacks
SONAR
Behavior
Blocking
Symantec
Power
Eraser
Blocks software
with suspicious
behaviors to stop
advanced threats
Aggressive SMR
technology roots
out entrenched
infections and kills
them in seconds
SYMANTEC VISION SYMPOSIUM 2014
10
Granular Controls with Flexibility and Visibility
Extended protection
System
lockdown
Application
control
Device
control
Host integrity
Tightly control
applications through
advanced
whitelisting and
blacklisting
Monitor and control
applications behavior
Restrict and enable
access to the
hardware that can be
used
Ensures endpoints
are protected and
compliant
Reporting and
analytics
Multi-dimensional
analysis, robust graphical
reporting, and an easyto-use dashboard
Integrated add-ons
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
11
Safe Harbor Disclaimer
Any information regarding pre-release Symantec offerings,
future updates or other planned modifications is subject to
ongoing evaluation by Symantec and therefore subject to
change. This information is provided without warranty of any
kind, express or implied. Customers who purchase Symantec
offerings should make their purchase decision based upon
features that are currently available.
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
12
Near-term Roadmap
Enhanced
Protection
Der moderne Endpoint
Improved
Performance
Extended
Platform Support
SYMANTEC VISION SYMPOSIUM 2014
Ease of Use
13
Enhanced Protection
Against advanced threats
Integrated Power Eraser
-Aggressively scan an infected endpoint to
locate APTs
-Reduce time to clean infected systems
-Mitigate false positive
Improved System Lockdown &
Whitelisting
-Easier to enable, update, and manage
Enhanced Device Control
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
14
Improved Performance
Physical and virtual environments
Reduce network load
-Flexible control to connections and bandwidth
Reduce disk space on SEPM by 85-95%
Allow customers to cache more revisions
-Reduces the number of full definitions delivered
Improve scan throttling for virtualization
Improve boot time by more than 10%
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
15
Extended Platform Support
Improved management of endpoints
Linux client management
-Single client package fully managed by SEPM
-Auto update
-Auto-compile kernels during installll
Mac client management
-Client remote deployment
-Device control
-Firewall
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
16
Extended Platform Support
Embedded and VDI enhancements
Embedded support
-Support all flavors of embedded Windows
-Reduce the size of the client
Virtualization and VDI
-Reduce size definition set
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
17
Ease of Use
User friendly and time saving
New web-based console
Support mobile devices and current browsers
Updated competitive uninstaller
-Remove over 300 products from more than
60 vendors
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
18
Customer Participation Opportunities
SEP 12.1.5 Beta Program – Summer 2014
•
•
•
•
Linux & Mac Client Management
Client Performance Enhancements
Better Control of Bandwidth to SEPM
Scan Throttling for Virtualization
SEP 12.1.6 Customer Previews – Second Half, 2014
• New enhanced reporting (mobile support)
• Embedded client updates
• System Lockdown enhancements
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
19
Customers are Demanding a New Approach
Moving Beyond Protection to Detection and Response
“Help me
discover new
targeted attacks”
Der moderne Endpoint
“Minimize my
time to respond
and protect”
“Help me
distinguish
targeted attacks
from other
security events”
SYMANTEC VISION SYMPOSIUM 2014
“Help me block
more attacks
without false
positives”
20
Announcement: Advanced Threat Protection Solution
Advanced Threat
Protection Solution
“Symantec introduces
new advanced threat
detection and response
capabilities unifying
security across the
endpoint, email and
gateway helping
organizations achieve
better protection and
drive down security
OpEx.”
Der moderne Endpoint
Endpoint Security:
Advanced Threat
Protection
Gateway Security:
Advanced Threat
Protection (Threat
Defense)
Email Security:
Advanced Threat
Protection
Three New Offerings Will Provide:
• Better ability to identify targeted attacks, and scope of
attack
• Improved visibility into what is blocked and threat trends
• Increased logging of forensic information
• Global context from the Symantec Global Intelligence
Network aids in prioritization
SYMANTEC VISION SYMPOSIUM 2014
21
Next Steps
• Move “Beyond Antivirus”
• http://www.symantec.com/sep12
– SEP 11 (EOL) to SEP 12.1: Go.symantec.com/beyondantivirus
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
22
Thank you!
YOUR FEEDBACK IS VALUABLE TO US!
Please take a few minutes to fill out the short session survey available on
the mobile app—the survey will be available shortly after the session
ends. Watch for and complete the more extensive post-event survey that
will arrive via email a few days after the conference.
To download the app, go to https://vision2014.quickmobile.com or search
for Vision 2014 in the iTunes or Android stores.
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
23
Thank you!
Marcus Brownell
[email protected]
Thomas Hemker
[email protected]
Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in
the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied,
are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
Der moderne Endpoint
SYMANTEC VISION SYMPOSIUM 2014
24