Antispam aneb plnoleté řešení

An#spam aneb plnoleté řešení 1

ANTISPAM ANEB PLNOLETÉ ŘEŠENÍ

Mar4n Bobek Product Manager, Arrow ECS a.s.

SPEAR-‐PHISHING EMAIL CAMPAIGNS


SPEAR-‐PHISHING EMAIL CAMPAIGNS


SPEAR-‐PHISHING ATTACKS BY SIZE OF TARGETED ORGANIZATION


RISK RATIO OF SPEAR-‐PHISHING ATTACKS BY ORGANIZATION SIZE


ANALYSIS OF SPEAR-‐PHISHING EMAILS USED IN TARGETED ATTACKS


EMAIL SECURITY IS MORE THAN JUST STOPPING SPAM


Lower the expense and

investment in administra2on and infrastructure.

REDUCE COST

Keep unwanted email out of the inbox without blocking

legi2mate messages.

PROTECT USERS

Iden2fy and control the spread of confiden2al informa2on and comply with regula2ons.

CONTROL DATA

Detect and block targeted aKacks, malware, and phishing from entering your environment.

PREVENT THREATS

$

PROACTIVE DEFENSE IS REQUIRED


•  Strongest malware preven2on •  Protec2on against malicious

URLs and aKachments •  Domain valida2on to block

phishing •  Data control and protec2on •  Intelligent email encryp2on

BASIC EMAIL SECURITY STRATEGY

•  Integra2on with full Symantec DLP for inspec2on, encryp2on, and control

•  Integra2on with Symantec Cynic™ sandbox execu2on technology for email aKachments.

•  Targeted aKack repor2ng and security event correla2on.

ADVANCED EMAIL SECURITY STRATEGY

UNRIVALED SECURITY WITH UNIQUE VISIBILITY Symantec has unique visibility into today`s threat landscape

Presenta#on Iden#fier Goes Here 9

175M endpoints

57M aKack sensors in 157 countries

182M web aKacks blocked last year

3.7T rows of telemetry

30% of world’s enterprise email traffic scanned/day

9 threat response centers

MESSAGING GATEWAY

• 18 years on market • Acquired by Symantec in 2004

• Hardware/virtual appliance •  Linux based opera#ng system

• Two subcomponents •  Scanner (inbound/outbound messages, download updates, apply ac#ons to messages)

•  Control Center (message management, sta#s#c, hosted spam quaran#ne)

• Targeted aUack protec#on


CUSTOMIZABLE PROTECTION AGAINST MALWARE, SPAM AND GREY MAIL


Scans for newsleKers, marke2ng email, and

suspicious URLs

Configure policies by group with dis2nct

ac2ons for each type of mail

PERSONALIZED PROTECTION

Tracks over 400 million known spam and safe

senders IPs.

Filters out up to 95% of spam traffic based on

reputa2on.

ADAPTIVE REPUATATION MANAGEMENT

Disarm aKachment cleaning

Over 20 detec2on

technologies

Greater than 99% an2spam effec2veness

ANTISPAM & ANTIMALWARE

PROTECT AGAINST TARGETED ATTACKS OVER EMAIL


Email and aUacks using malicious document aUachments –  Primarily used in spear phishing emails – Advanced Persistent Threat (APT)

–  Contain malicious ac#ve content, or exploit payloads targe#ng parser vulnerabili#es

Exis#ng solu#ons only scan aUachments of certain file types –  They target only spam and known malicious executables/documents

–  Current protec#on is inadequate

Disarm will reconstruct the acachment documents, without the malicious content, before delivering to the user.

DISARM REMOVES ALL VULNERABLE CONTENT, NOT JUST KNOWN THREATS


Vulnerable Content PDF Office 2003 Office 2007+

Javascript !"

Launch !"

Macros !" !"

Flash !" !" !"

3d !"

Acachments !" !" !"

Unused Objects !" !"

Custom Fonts !"

Image Reconstruct !"

Ac4ve X !" !"

Unknown !" !" !"

Embedded Doc !" !" !"

DISARM PROTECTS AGAINST THE MOST COMMONLY EXPLOITED FILE TYPES


•  Remove JavaScripts and “launch” ac2on •  Remove/replace embedded objects/files, e.g. Flash •  Sani2ze XML Forms Architecture (XFA) objects

•  Remove macros •  Remove/replace embedded objects, e.g. Flash •  Reconstruct supported embedded objects, e.g. PDF, images, …

•  Remove macros •  Remove/replace embedded Flash, EXEs •  Reconstruct supported objects, e.g. PDF, OLE inside OLE, …

2007/

CONTROL OUTBOUND EMAIL TO PREVENT DATA LOSS


Use on-‐premise Gateway Email Encryp2on or

cloud-‐based encryp2on

Policy based for automa2c encryp2on

ADD-ON CONTENT ENCRYPTION

Protect confiden2al data across Endpoint,

Network and Storage Systems

Tight integra2on and unified management

INTEGRATE WITH SYMANTEC DLP

Over 100 pre-‐built dic2onaries, paKerns, and policy templates

Workflow and

remedia2on tools

Dedicated DLP quaran2ne

BUILT-‐IN DATA LOSS PREVENTION

CHOICE IN EMAIL ENCRYPTION *ADD ON OPTIONS


Unencrypted Communica2ons

TLS users

admin

Email server

Messaging Gateway

Policy Configura2on

Encrypted Email

Encrypted response

Unencrypted recipient

Encrypted recipient

Symantec Content Encryp2on

On-‐premise op2on

Unencrypted communica2ons

users

admin

Email server

Messaging Gateway Unencrypted recipient

Encrypted recipient

Symantec Gateway Encryp2on

Encrypted communica2ons

SIMPLE MANAGEMENT WITH POWERFUL CAPABILITIES


•  Iden2fy email security trends using over 50 pre-‐built reports •  Quickly iden2fy top Spam sender, reputa2on effec2veness, and trending analysis to determine ROI.

•  Customizable reports can be scheduled to run as needed.

On Demand Repor#ng

•  Con2nuous automa2c Spam and Malware updates ensure protec2on stays up to date.

•  In-‐product sorware download and update process streamlines product upgrades.

Streamlined Update Process

•  Single web based console allows management of mul2ple scanners. •  Customizable dashboard quickly highlights problem areas in the email environment.

•  Custom group policies through exis2ng LDAP groups, individual users, or domains

Unified Management

and Administra#on

REDUCE COSTS WITH THE POWER OF VIRTUAL APPLIANCE


•  Dynamic Resource Alloca#on –  Easily accommodate infrastructure growth requirements –  Quickly respond to changes in traffic volume

•  Cost Savings –  BeUer hardware u#liza#on –  Lower power consump#on (“green” IT)

•  Easy Backup & Disaster Recovery –  Cost-‐effec#ve high-‐availability –  Easily restore in the event of disaster recovery

•  Zero-‐Down#me Maintenance –  Decouple physical server maintenance from sofware –  Test new sofware versions before deploying

•  Flexible Deployment –  VMWare ESXi & vSphere –  Microsof Hyper-‐V –  Same sofware license for virtual or appliance

Hypervisor

ENDPOINT SUITE – TWO VERSIONS


SymantecTM Endpoint Suite SymantecTM Endpoint Suite with Email

•  Symantec Endpoint Protec2on •  Symantec Endpoint Encryp2on •  Symantec Mobile Device Management •  Symantec Mobile Threat Protec2on

•  Symantec Endpoint Protec2on •  Symantec Endpoint Encryp2on •  Symantec Mobile Device Management •  Symantec Mobile Threat Protec2on

And email protec2on:

•  Symantec Messaging Gateway •  Symantec Gateway Email Encryp2on •  Symantec Mail Security for Microsor

Exchange

ENDPOINT SUITE SIMPLIFIES SECURITY Protect the users, devices and data for less money


•  Symantec Messaging Gateway defends your email and infrastructure at the perimeter with real-‐2me an2spam and an2malware protec2on.

•  Symantec Email Encryp2on Gateway, powered by PGP, encrypts messages to safeguard the confiden2al data.

•  Symantec Mail Security for Microsor Exchange prevents the spread of email-‐borne threats.

•  Measurable savings from simplified subscrip2on-‐based pricing and take the mystery out of license, support, and renewal costs.

•  Remove complexity and consolidate patchwork, mul2-‐vendor, solu2ons.

•  Single purchase, single support for trouble-‐shoo2ng, reduces up-‐front and on-‐going costs.

•  Symantec Endpoint Protec2on provides the security with a single, high-‐powered agent, for the fastest, most-‐effec2ve protec2on available.

•  Symantec Endpoint Encryp2on, powered by PGP, protects data with strong full-‐disk and removable media encryp2on.

•  Symantec Mobile threat protec2on and device management provides trusted security for mobile devices.

Prevent data loss at email gateway/server, and

email encryp2on

Single solu2on to drive down costs and

stretch IT budgets

Complete malware protec2on for endpoints and mobile

Informa2on Protec2on

Lower Cost Solu2on

Threat Protec2on

ENDPOINT SUITE`S PRODUCTS AND BENEFITS


ENDPOINT PROTECTION 12.1


UNRIVALED SECURITY

BLAZING PERFORMANCE

SMARTER MANAGEMENT

Stops targeted aUacks and advanced persistent

threats with intelligent security and layered protec#on that goes beyond an#virus

Performance so fast your users won’t even know its

there

A single management console across Windows, Mac, Linux, and Virtual plalorms with granular

policy control

UNRIVALED SECURITY WITH LAYERED PROTECTION Layered protec4on to stop targeted acacks and zero-‐days


FIREWALL AND INTRUSION PREVENTION

ANTIVIRUS

SONAR

Blocks malware before it spreads to your machine and controls

traffic

Scans and eradicates

malware that arrives on a system

Determines safety of files and

websites using the wisdom of the community

Monitors and blocks files that exhibit suspicious behaviors

Aggressive remedia#on of hard-‐to-‐remove

infec#ons

NETWORK

FILE

REPUTATION

BEHAVIOR

REPAIR

POWER ERASER

INSIGHT

UNRIVALED SECURITY WITH INSIGHT Age, frequency and loca4on are used to expose unknown threats


Big Data Analy2cs

Analy2cs

Warehouse

Analysts

AKack Quaran2ne System

Endpoints

Gateways

3rd Party Affiliates

Global Sensor Network

Global Data Collec2on

Honeypots

Bad safety ra2ng File is blocked

No safety ra2ng yet Can be blocked

Good safety ra2ng File is whitelisted

BLAZING PERFORMANCE WITH INSIGHT Up to 70% reduc4on in scan overhead


Insight allows you to skip known good files only scanning unknown flies

Tradi2onal scanning has to scan every file

ü ü ü ü ü

ü ü ü ü ü

ü ü ü ü ü

UNRIVALED SECURITY WITH SONAR Behavioral monitoring stops zero-‐day and unknown threats


Human-‐authored Behavioral Signatures

Behavioral Policy Lockdown

Who is it related to? What did it contain? Where did it come from? What has it done?

Ar2ficial Intelligence Based Classifica2on Engine

SMARTER MANAGEMENT WITH POLICY CONTROL Customize polices based on user or loca4on


HOST INTEGRITY

Detect unauthorized change, conduct damage assessment and ensures endpoints are protected

and compliant

EXTERNAL MEDIA CONTROL

Restrict and enable access to the hardware (USB, DVD, SD, etc.) that can be used to protect

and increase produc#vity

APPLICATION CONTROL

Monitor and control applica#ons behavior, including automated system lockdown, and advanced whitelis#ng

and blacklis#ng capabili#es

SYMANTEC ENDPOINT ENCRYPTION Protect data stored on endpoint devices


•  Supports USBs, portable hard drives, SD cards, and CD/DVD/Blu-‐ray media

•  Access U2lity Drive – tool to view data on machines without SEE client installed

Also known as Full-‐Disk or Whole Disk Encryp2on

•  Encryp2on happens in the background •  No interac2on required by end user •  Self-‐Recovery and Help Desk recovery capabili2es •  Single Sign-‐On capability •  Smart card support for pre-‐boot authen2ca2on

•  FileVault Management •  Management of Opal Self-‐Encryp2ng Drives* •  BitLocker management coming in 2H2015

LAPTOPS AND DESKTOPS

REMOVABLE MEDIA ENCRYPTION

MOBILE DEVICE MANAGEMENT Enable, secure and manage your heterogeneous mobile environment


Ac2vate enterprise access easily and automa2cally

ENABLE SECURE

Enforce device policies and compliance

MANAGE

Visibility and repor2ng with web-‐based management

THREAT PROTECTION


Advanced, proac2ve protec2on

against risky apps

APP ADVISOR ANTI-‐MALWARE

Protect against latest threats with Live-‐Update

Compliance rules based on device security posture

WEB PROTECTION

Detect and block phishing

websites

APP RISK REPORTING POWERED BY NORTON MOBILE INSIGHT


200+ APP STORES Crawled con2nuously

30K NEW APPS Processed every 24 hours

15M ANDROID Android apps in our

database

800K APPS With medium or high baKery or data usage

3M MALICIOUS Apps iden2fied

90M APPS With poten2al privacy

leaks or intrusive behaviors

APP ADVISOR IDENTIFIES RISKY APPS


•  Apps that leak informa2on

•  Apps that drain baKery

•  Apps that consume too much bandwidth

•  Proac2ve protec2on before download from Google Play

•  Enable users to make informed decisions about apps

PROTECT AGAINST MALICIOUS THREATS


ANTI-‐MALWARE

•  Fast and effec2ve on-‐device scans

•  Protect against latest threats with Live-‐Update integra2on

•  Implement compliance rules based on device security posture

WEB PROTECTION

•  Detect and block phishing websites

•  Enable safe mobile browsing


MAIL SECURITY FOR MICROSOFT EXCHANGE

• An#virus / An#virus & an#spam • Superior Protec#on

•  An#malware technology

•  Ability to scan messages in transit or on the mailbox

•  Powered by Premium An#Spam •  Rapid release defini#ons •  Advanced content filtering

• Flexible and Easy to Use Management

• Op#mized for Exchange

Thank you!

Copyright © 2011 Symantec Corpora4on. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corpora#on or its affiliates in the U.S. and other countries. Other names may be trademarks of their respec#ve owners. This document is provided for informa#onal purposes only and is not intended as adver#sing. All warran#es rela#ng to the informa#on in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The informa#on in this document is subject to change without no#ce.

35

Děkuji! Mar#n Bobek mar#[email protected] +420 607 275 843

An#spam aneb plnoleté řešení

Date post:	07-Jan-2017
Category:	Technology
Upload:	marketingarrowecscz
View:	187 times
Download:	0 times

Antispam aneb plnoleté řešení

Technology