Antispam aneb plnoleté řešení
-
Upload
marketingarrowecscz -
Category
Technology
-
view
199 -
download
0
Transcript of Antispam aneb plnoleté řešení
An#spam aneb plnoleté řešení 1
ANTISPAM ANEB PLNOLETÉ ŘEŠENÍ
Mar4n Bobek Product Manager, Arrow ECS a.s.
SPEAR-‐PHISHING EMAIL CAMPAIGNS
An#spam aneb plnoleté řešení 2
SPEAR-‐PHISHING EMAIL CAMPAIGNS
An#spam aneb plnoleté řešení 3
SPEAR-‐PHISHING ATTACKS BY SIZE OF TARGETED ORGANIZATION
An#spam aneb plnoleté řešení 4
RISK RATIO OF SPEAR-‐PHISHING ATTACKS BY ORGANIZATION SIZE
An#spam aneb plnoleté řešení 5
ANALYSIS OF SPEAR-‐PHISHING EMAILS USED IN TARGETED ATTACKS
An#spam aneb plnoleté řešení 6
EMAIL SECURITY IS MORE THAN JUST STOPPING SPAM
An#spam aneb plnoleté řešení 7
Lower the expense and
investment in administra2on and infrastructure.
REDUCE COST
Keep unwanted email out of the inbox without blocking
legi2mate messages.
PROTECT USERS
Iden2fy and control the spread of confiden2al informa2on and comply with regula2ons.
CONTROL DATA
Detect and block targeted aKacks, malware, and phishing from entering your environment.
PREVENT THREATS
$
PROACTIVE DEFENSE IS REQUIRED
An#spam aneb plnoleté řešení 8
• Strongest malware preven2on • Protec2on against malicious
URLs and aKachments • Domain valida2on to block
phishing • Data control and protec2on • Intelligent email encryp2on
BASIC EMAIL SECURITY STRATEGY
• Integra2on with full Symantec DLP for inspec2on, encryp2on, and control
• Integra2on with Symantec Cynic™ sandbox execu2on technology for email aKachments.
• Targeted aKack repor2ng and security event correla2on.
ADVANCED EMAIL SECURITY STRATEGY
UNRIVALED SECURITY WITH UNIQUE VISIBILITY Symantec has unique visibility into today`s threat landscape
Presenta#on Iden#fier Goes Here 9
175M endpoints
57M aKack sensors in 157 countries
182M web aKacks blocked last year
3.7T rows of telemetry
30% of world’s enterprise email traffic scanned/day
9 threat response centers
MESSAGING GATEWAY
• 18 years on market • Acquired by Symantec in 2004
• Hardware/virtual appliance • Linux based opera#ng system
• Two subcomponents • Scanner (inbound/outbound messages, download updates, apply ac#ons to messages)
• Control Center (message management, sta#s#c, hosted spam quaran#ne)
• Targeted aUack protec#on
An#spam aneb plnoleté řešení 10
CUSTOMIZABLE PROTECTION AGAINST MALWARE, SPAM AND GREY MAIL
An#spam aneb plnoleté řešení 11
Scans for newsleKers, marke2ng email, and
suspicious URLs
Configure policies by group with dis2nct
ac2ons for each type of mail
PERSONALIZED PROTECTION
Tracks over 400 million known spam and safe
senders IPs.
Filters out up to 95% of spam traffic based on
reputa2on.
ADAPTIVE REPUATATION MANAGEMENT
Disarm aKachment cleaning
Over 20 detec2on
technologies
Greater than 99% an2spam effec2veness
ANTISPAM & ANTIMALWARE
PROTECT AGAINST TARGETED ATTACKS OVER EMAIL
An#spam aneb plnoleté řešení 12
Email and aUacks using malicious document aUachments – Primarily used in spear phishing emails – Advanced Persistent Threat (APT)
– Contain malicious ac#ve content, or exploit payloads targe#ng parser vulnerabili#es
Exis#ng solu#ons only scan aUachments of certain file types – They target only spam and known malicious executables/documents
– Current protec#on is inadequate
Disarm will reconstruct the acachment documents, without the malicious content, before delivering to the user.
DISARM REMOVES ALL VULNERABLE CONTENT, NOT JUST KNOWN THREATS
An#spam aneb plnoleté řešení 13
Vulnerable Content PDF Office 2003 Office 2007+
Javascript !"
Launch !"
Macros !" !"
Flash !" !" !"
3d !"
Acachments !" !" !"
Unused Objects !" !"
Custom Fonts !"
Image Reconstruct !"
Ac4ve X !" !"
Unknown !" !" !"
Embedded Doc !" !" !"
DISARM PROTECTS AGAINST THE MOST COMMONLY EXPLOITED FILE TYPES
An#spam aneb plnoleté řešení 14
• Remove JavaScripts and “launch” ac2on • Remove/replace embedded objects/files, e.g. Flash • Sani2ze XML Forms Architecture (XFA) objects
• Remove macros • Remove/replace embedded objects, e.g. Flash • Reconstruct supported embedded objects, e.g. PDF, images, …
• Remove macros • Remove/replace embedded Flash, EXEs • Reconstruct supported objects, e.g. PDF, OLE inside OLE, …
2007/
CONTROL OUTBOUND EMAIL TO PREVENT DATA LOSS
An#spam aneb plnoleté řešení 15
Use on-‐premise Gateway Email Encryp2on or
cloud-‐based encryp2on
Policy based for automa2c encryp2on
ADD-ON CONTENT ENCRYPTION
Protect confiden2al data across Endpoint,
Network and Storage Systems
Tight integra2on and unified management
INTEGRATE WITH SYMANTEC DLP
Over 100 pre-‐built dic2onaries, paKerns, and policy templates
Workflow and
remedia2on tools
Dedicated DLP quaran2ne
BUILT-‐IN DATA LOSS PREVENTION
CHOICE IN EMAIL ENCRYPTION *ADD ON OPTIONS
An#spam aneb plnoleté řešení 16
Unencrypted Communica2ons
TLS users
admin
Email server
Messaging Gateway
Policy Configura2on
Encrypted Email
Encrypted response
Unencrypted recipient
Encrypted recipient
Symantec Content Encryp2on
On-‐premise op2on
Unencrypted communica2ons
users
admin
Email server
Messaging Gateway Unencrypted recipient
Encrypted recipient
Symantec Gateway Encryp2on
Encrypted communica2ons
SIMPLE MANAGEMENT WITH POWERFUL CAPABILITIES
An#spam aneb plnoleté řešení 17
• Iden2fy email security trends using over 50 pre-‐built reports • Quickly iden2fy top Spam sender, reputa2on effec2veness, and trending analysis to determine ROI.
• Customizable reports can be scheduled to run as needed.
On Demand Repor#ng
• Con2nuous automa2c Spam and Malware updates ensure protec2on stays up to date.
• In-‐product sorware download and update process streamlines product upgrades.
Streamlined Update Process
• Single web based console allows management of mul2ple scanners. • Customizable dashboard quickly highlights problem areas in the email environment.
• Custom group policies through exis2ng LDAP groups, individual users, or domains
Unified Management
and Administra#on
REDUCE COSTS WITH THE POWER OF VIRTUAL APPLIANCE
An#spam aneb plnoleté řešení 18
• Dynamic Resource Alloca#on – Easily accommodate infrastructure growth requirements – Quickly respond to changes in traffic volume
• Cost Savings – BeUer hardware u#liza#on – Lower power consump#on (“green” IT)
• Easy Backup & Disaster Recovery – Cost-‐effec#ve high-‐availability – Easily restore in the event of disaster recovery
• Zero-‐Down#me Maintenance – Decouple physical server maintenance from sofware – Test new sofware versions before deploying
• Flexible Deployment – VMWare ESXi & vSphere – Microsof Hyper-‐V – Same sofware license for virtual or appliance
Hypervisor
ENDPOINT SUITE – TWO VERSIONS
An#spam aneb plnoleté řešení 19
SymantecTM Endpoint Suite SymantecTM Endpoint Suite with Email
• Symantec Endpoint Protec2on • Symantec Endpoint Encryp2on • Symantec Mobile Device Management • Symantec Mobile Threat Protec2on
• Symantec Endpoint Protec2on • Symantec Endpoint Encryp2on • Symantec Mobile Device Management • Symantec Mobile Threat Protec2on
And email protec2on:
• Symantec Messaging Gateway • Symantec Gateway Email Encryp2on • Symantec Mail Security for Microsor
Exchange
ENDPOINT SUITE SIMPLIFIES SECURITY Protect the users, devices and data for less money
An#spam aneb plnoleté řešení 20
• Symantec Messaging Gateway defends your email and infrastructure at the perimeter with real-‐2me an2spam and an2malware protec2on.
• Symantec Email Encryp2on Gateway, powered by PGP, encrypts messages to safeguard the confiden2al data.
• Symantec Mail Security for Microsor Exchange prevents the spread of email-‐borne threats.
• Measurable savings from simplified subscrip2on-‐based pricing and take the mystery out of license, support, and renewal costs.
• Remove complexity and consolidate patchwork, mul2-‐vendor, solu2ons.
• Single purchase, single support for trouble-‐shoo2ng, reduces up-‐front and on-‐going costs.
• Symantec Endpoint Protec2on provides the security with a single, high-‐powered agent, for the fastest, most-‐effec2ve protec2on available.
• Symantec Endpoint Encryp2on, powered by PGP, protects data with strong full-‐disk and removable media encryp2on.
• Symantec Mobile threat protec2on and device management provides trusted security for mobile devices.
Prevent data loss at email gateway/server, and
email encryp2on
Single solu2on to drive down costs and
stretch IT budgets
Complete malware protec2on for endpoints and mobile
Informa2on Protec2on
Lower Cost Solu2on
Threat Protec2on
ENDPOINT SUITE`S PRODUCTS AND BENEFITS
An#spam aneb plnoleté řešení 21
ENDPOINT PROTECTION 12.1
An#spam aneb plnoleté řešení 22
UNRIVALED SECURITY
BLAZING PERFORMANCE
SMARTER MANAGEMENT
Stops targeted aUacks and advanced persistent
threats with intelligent security and layered protec#on that goes beyond an#virus
Performance so fast your users won’t even know its
there
A single management console across Windows, Mac, Linux, and Virtual plalorms with granular
policy control
UNRIVALED SECURITY WITH LAYERED PROTECTION Layered protec4on to stop targeted acacks and zero-‐days
An#spam aneb plnoleté řešení 23
FIREWALL AND INTRUSION PREVENTION
ANTIVIRUS
SONAR
Blocks malware before it spreads to your machine and controls
traffic
Scans and eradicates
malware that arrives on a system
Determines safety of files and
websites using the wisdom of the community
Monitors and blocks files that exhibit suspicious behaviors
Aggressive remedia#on of hard-‐to-‐remove
infec#ons
NETWORK
FILE
REPUTATION
BEHAVIOR
REPAIR
POWER ERASER
INSIGHT
UNRIVALED SECURITY WITH INSIGHT Age, frequency and loca4on are used to expose unknown threats
An#spam aneb plnoleté řešení 24
Big Data Analy2cs
Analy2cs
Warehouse
Analysts
AKack Quaran2ne System
Endpoints
Gateways
3rd Party Affiliates
Global Sensor Network
Global Data Collec2on
Honeypots
Bad safety ra2ng File is blocked
No safety ra2ng yet Can be blocked
Good safety ra2ng File is whitelisted
BLAZING PERFORMANCE WITH INSIGHT Up to 70% reduc4on in scan overhead
An#spam aneb plnoleté řešení 25
Insight allows you to skip known good files only scanning unknown flies
Tradi2onal scanning has to scan every file
ü ü ü ü ü
ü ü ü ü ü
ü ü ü ü ü
UNRIVALED SECURITY WITH SONAR Behavioral monitoring stops zero-‐day and unknown threats
An#spam aneb plnoleté řešení 26
Human-‐authored Behavioral Signatures
Behavioral Policy Lockdown
Who is it related to? What did it contain? Where did it come from? What has it done?
Ar2ficial Intelligence Based Classifica2on Engine
SMARTER MANAGEMENT WITH POLICY CONTROL Customize polices based on user or loca4on
An#spam aneb plnoleté řešení 27
HOST INTEGRITY
Detect unauthorized change, conduct damage assessment and ensures endpoints are protected
and compliant
EXTERNAL MEDIA CONTROL
Restrict and enable access to the hardware (USB, DVD, SD, etc.) that can be used to protect
and increase produc#vity
APPLICATION CONTROL
Monitor and control applica#ons behavior, including automated system lockdown, and advanced whitelis#ng
and blacklis#ng capabili#es
SYMANTEC ENDPOINT ENCRYPTION Protect data stored on endpoint devices
An#spam aneb plnoleté řešení 28
• Supports USBs, portable hard drives, SD cards, and CD/DVD/Blu-‐ray media
• Access U2lity Drive – tool to view data on machines without SEE client installed
Also known as Full-‐Disk or Whole Disk Encryp2on
• Encryp2on happens in the background • No interac2on required by end user • Self-‐Recovery and Help Desk recovery capabili2es • Single Sign-‐On capability • Smart card support for pre-‐boot authen2ca2on
• FileVault Management • Management of Opal Self-‐Encryp2ng Drives* • BitLocker management coming in 2H2015
LAPTOPS AND DESKTOPS
REMOVABLE MEDIA ENCRYPTION
MOBILE DEVICE MANAGEMENT Enable, secure and manage your heterogeneous mobile environment
An#spam aneb plnoleté řešení 29
Ac2vate enterprise access easily and automa2cally
ENABLE SECURE
Enforce device policies and compliance
MANAGE
Visibility and repor2ng with web-‐based management
THREAT PROTECTION
An#spam aneb plnoleté řešení 30
Advanced, proac2ve protec2on
against risky apps
APP ADVISOR ANTI-‐MALWARE
Protect against latest threats with Live-‐Update
Compliance rules based on device security posture
WEB PROTECTION
Detect and block phishing
websites
APP RISK REPORTING POWERED BY NORTON MOBILE INSIGHT
An#spam aneb plnoleté řešení 31
200+ APP STORES Crawled con2nuously
30K NEW APPS Processed every 24 hours
15M ANDROID Android apps in our
database
800K APPS With medium or high baKery or data usage
3M MALICIOUS Apps iden2fied
90M APPS With poten2al privacy
leaks or intrusive behaviors
APP ADVISOR IDENTIFIES RISKY APPS
An#spam aneb plnoleté řešení 32
• Apps that leak informa2on
• Apps that drain baKery
• Apps that consume too much bandwidth
• Proac2ve protec2on before download from Google Play
• Enable users to make informed decisions about apps
PROTECT AGAINST MALICIOUS THREATS
An#spam aneb plnoleté řešení 33
ANTI-‐MALWARE
• Fast and effec2ve on-‐device scans
• Protect against latest threats with Live-‐Update integra2on
• Implement compliance rules based on device security posture
WEB PROTECTION
• Detect and block phishing websites
• Enable safe mobile browsing
An#spam aneb plnoleté řešení 34
MAIL SECURITY FOR MICROSOFT EXCHANGE
• An#virus / An#virus & an#spam • Superior Protec#on
• An#malware technology
• Ability to scan messages in transit or on the mailbox
• Powered by Premium An#Spam • Rapid release defini#ons • Advanced content filtering
• Flexible and Easy to Use Management
• Op#mized for Exchange
Thank you!
Copyright © 2011 Symantec Corpora4on. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corpora#on or its affiliates in the U.S. and other countries. Other names may be trademarks of their respec#ve owners. This document is provided for informa#onal purposes only and is not intended as adver#sing. All warran#es rela#ng to the informa#on in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The informa#on in this document is subject to change without no#ce.
35
Děkuji! Mar#n Bobek mar#[email protected] +420 607 275 843
An#spam aneb plnoleté řešení