How Altiris Security Offerings Complement HP Security ....doc


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

How Altiris Security Offerings Complement HP Security ....doc

  1. 1. White Paper: How Altiris Complements HP Security Solutions Altiris Security and Compliance Solutions Altiris’ unique, multi-layered approach to security and configuration management helps protect business assets against human, network and system-level threats and vulnerabilities. Altiris solutions are aligned with industry best practices and processes to help ensure client computer security from rapidly proliferating threats. HP ProtectTools ™ security software suite offers security solutions in three key areas or pillars: Identity Protection, Asset Protection, and Network Protection. Altiris security solutions integrate with HP solutions and provide add-on value in all these three security areas. This section describes Altiris security offerings and how they build on HP’s value. HP Client Manager HP Client Manager is a full-feature hardware management tool for HP client computers. Co- developed by Altiris and HP, it is available at no cost to customers. HP Client Manager provides in-depth client inventory, driver and utility updating, remote BIOS management, hardware monitoring, diagnostics, and problem resolution. Figure 1 shows the functional components inside HP Client Manager that deal with security and their relationship to the three pillars of HP Security. A brief description of each component follows. Figure 1. HP Client Manager Security Tie-ins Embedded Security / TPM Remote Management HP offers Embedded Security support through an integrated hardware security chip called the Trusted Platform Module (TPM). HP Client Manager (HPCM) allows administrators to remotely manage TPM embedded security devices present on HP computers. The HPCM Agent is used to configure and set Embedded Security properties based on the changes configured by the administrator. The HPCM Agent discovers the HP computers that support Embedded Security while gathering inventory and executes Embedded Security related tasks as scheduled. The administrator can view information related to inventory and backup data about Embedded
  2. 2. Security-enabled HP computers. This information is available as reports related to Embedded Security. HPCM provides an Embedded Security Wizard as the preferred method for novice TPM administrators to configure systems that contain a TPM. Using this wizard ensures that the proper computer collections are selected for specific TPM tasks. Additional options are provided for advanced administrators to perform configuration and credential management tasks. Using HPCM administrators can perform the following TPM management tasks remotely: • Unhide and initialize TPM chip • Manage Embedded Security tasks using a Wizard • Configure Embedded Security • Configure Embedded Security Credentials • Modify Security Owner Passwords • Manage Security User Passwords • Manage Security Credentials and Settings • Run Embedded Security Reports For more information on remotely managing TPM through HP Client Manager visit BIOS Remote Management HP Client Manager (HPCM) allows administrators to remotely manage the BIOS and security settings for client computers by creating a package and policy that deploys new settings to client computers. HPCM simplifies this task by providing HP BIOS Administration wizards that guide administrators through the process of selecting the BIOS settings to modify and automatically create packages and policies to deploy the BIOS settings to a client computer. For more information on remotely managing BIOS security setting through HP Client Manager visit Out-of-Band Management (OOB) HP client computers with Intel® vPro™ technology support “out-of-band” management, which is the ability to manage these client computers in one of the following out-of-band states: • The computer is plugged in, but not actively running (off, standby, hibernated). • The operating system is in a hung state. • The software-based management agent is not available. HP Client Manager (HPCM) provides the following out-of-band management capabilities for HP client computers: • Network Discovery • Asset Inventory • Hardware Alerting • Power Control (power on, power off, reboot) • Provisioning (secure setup and registration of client computer with management console) Together, these out-of-band capabilities contribute to the overall security of HP client computers with Intel vPro technology by enabling anti-virus updates to be performed during off work times and by providing a more reliable method for both getting BIOS settings and performing BIOS updates. 2
  3. 3. Beyond HP Client Manager Beyond the security capabilities available through HP Client Manager, Altiris offers a comprehensive set of security solutions that can be implemented on top of HP Client Manger or independently. Because HP Client Manager and the Altiris security solutions share the same infrastructure1, it is a simple procedure to implement additional security capabilities on an existing solution. Figure 2 shows how the Altiris security solutions augment the capabilities of the HP security pillars. This section provides descriptions for these solutions and a summary of key benefits they provide to customers. Figure 2. Altiris Full Security Solutions Offering Altiris® Local Security Solution™ Altiris Local Security Solution software provides centralized management that quickly and easily provisions and manages local administrative users and groups within the environment. Local Security Solution’s automated policy enforcement of group membership and randomization of administrative passwords across systems secures the corporate network from malicious attacks on an organization's information assets. Key Features & Benefits: • Gain visibility and control over local users and groups • Enforce consistent local account memberships • Randomize passwords based on strong password criteria • Cycle passwords on administrator-defined schedules 1 Currently SecurityExpressions is an exception to this general statement. 3
  4. 4. • Detect and resolve compliance anomalies Altiris® Application Control Solution™ Altiris Application Control Solution software provides administrators with a policy-driven mechanism for identifying the software programs running on computers under management, and controlling the running of software programs at execution. Application control can improve system integrity, security and manageability, which will ultimately lower the total cost of ownership and satisfy corporate and regulatory compliance. Key Features & Benefits: • Quickly identify and track applications • Protect against zero-day exploits • Ban unauthorized or malicious applications • Implement least-privilege security best practices Altiris® Endpoint Security Solution™ Altiris Endpoint Security Solution software protects customers’ corporate data and prevents malware and hackers from intruding on endpoint client computers. With extensive control over wireless networks, removable storage devices and applications, Altiris provides a single, centralized endpoint solution that maximizes worker productivity without sacrificing security. Key Features & Benefits: • Strike the right balance between security and productivity • Define flexible policies that adjust to user environments • Protect data in motion from tampering or theft • Shield mobile systems and thwart malware and hackers • Maintain and support security policies Altiris® Patch Management Solution™ Altiris Patch Management Solution software allows administrators to proactively manage patches and software updates by automating the collection, analysis, and delivery of patches across the enterprise. The patch management tool can significantly help decrease the costs involved in delivering patches throughout the enterprise. The tool integrates with Altiris® Recovery Solution™ for stable-state rollback. Key Features & Benefits: • Expanded OS and application support • Information repository that provides detailed information about each software bulletin, such as technical details, severity ratings, and number of executables • Software repository that automates the downloads from the vendor site prior to distribution without administrator intervention • Patch-specific inventory for determining supported operating systems, applications and the associated service pack level, and whether a patch is installed • Improved distribution wizard and targeting that automatically determines the patch installation requirements and assigns collections based on the requirements • Extensive control over installations, such as integration with QChain, reboot control, and easy selection of command-line options 4
  5. 5. Altiris® Recovery Solution™ Altiris Recovery Solution software protects organizations’ desktops, notebooks and servers with scheduled backups, allowing administrators to recover lost data or roll back to a known good state. Protection is automatic and doesn’t require user intervention. Patented technology minimizes bandwidth and storage usage, making Recovery Solution an excellent choice for protecting remote and mobile users. Key Features & Benefits: • Taking daily snapshots that automatically capture changes and secure data • Backing up and protecting the operational state of servers to ensure server consistency and increase uptime and availability • Using Web-based file recovery for anytime, anywhere user self-serve access • Rolling back for fast and reliable fixes • Restoring clients quickly to help ensure business continuity • Integration with Patch Management Solutions Altiris® Quarantine Solution™ Altiris Quarantine Solution software and Cisco’s Network Admission Control framework combine to provide CMDB-driven (configuration management database) network access policies that defend your network from risks associated with open access. When used with other Altiris solutions, comprehensive endpoint client computer assessments can result in hands-free, policy- based remediation to fix identified vulnerabilities. Key Features & Benefits: • Simplify client-side configuration for network quarantine with Altiris tools • Automate rollout of Cisco Trust Agent with pre-built Altiris Software Delivery Packages • Create quarantine policies that allow you to pre-flight all policies prior to activation • Get real-time information on the state of the network Altiris® Real-Time System Manager Solution™ Altiris® Real-Time System Manager Solution™ software allows administrators and help desk technicians to manage remote computers using Intel® Active Management Technology (Intel® AMT), Alert Standard Format (ASF), and Windows Management Instrumentation (WMI) technologies through a Web browser. System Defense and Agent Presence are AMT security features of Real-Time System Manager (RTSM). They are targeted at closing two gaps in the Intrusion Detection System (IDS) methods currently employed by IT: • The time window between the identification of an OS/Agent vulnerability and completed deployment of a corresponding patch. • The time between an end-user tampering with an IDS agent and detection of and acting on the tampering. System Defense allows for a set of filters to be applied to incoming and outgoing network packets. Once a System Defense Feature policy is activated, the Intel AMT device quarantines the system, only allowing communication with the client computer to resolve the problem. Agent Presence enables administrators to configure Intel AMT devices to monitor for the presence of software agents such as Anti-Virus and Firewall applications running on the Intel AMT system platform. Administrators can configure the Intel AMT device with timers set to detect when the software agent initializes and periodically transmits "heartbeat" signals. If any of the timers expire, Agent Presence will perform an action. Key Features & Benefits: 5
  6. 6. Through AMT it is possible to realize the following benefits independently of a software agent being available: • Remove infected computers from the network while preserving a remote IT connection to the affected computer for remediation • Reduce end-user tampering, which interferes with enforcing IT policies • Increase hardware and software inventory accuracy while reducing inventory costs • Reduce costly desk side visits for both hardware- and software-based problems • Remotely edit BIOS setting through secure OOB channel Altiris® SecurityExpressions™ Altiris SecurityExpressions software allows administrators to perform a complete vulnerability audit and remediate the desktops, workstations, notebooks and servers in their organizations. SecurityExpressions is the easiest-to-use and most scalable agent-less and agent-based solution available for deploying and managing enterprise system security policies. It can conduct automatic audits and deploy and enforce system security policies across Windows, UNIX and Linux desktops, notebooks, and servers in a fraction of the time previously required. SecurityExpressions dramatically reduces the cost and time to implement, administer and manage formal, defined system security policies that control items such as: • Network authentication • System settings • User rights • Accountability • Resource access controls • Operating systems • Application of patches SecurityExpressions policies can be applied to single machines, workgroups, or entire networks. Administrators can either use the included policies representing the most popular industry standard, best practices system security policies developed by industry experts or create new or extend any of the provided policies. Key Features & Benefits: SecurityExpressions provides detailed, roll-up and trend reporting as well as a security benchmark score with asset weighting for each system audited, including: • Antivirus status • Security patch status • Industry-known vulnerabilities • Personal firewall status • System security configuration settings • Unauthorized software • Unauthorized hardware The table below provides a summary of the capabilities offered by the various Altiris security solutions. 6
  7. 7. ProtectionNetwork ProtectionIdentity Asset Protection Agent – Based Agentless Altiris Solution Security Management Capabilities Central management of TPM and BIOS settings. HP Client Manager Asset inventory, hardware alerting, and power control over Intel’s AMT. Central management of local Local Security administrative users, groups and Solution passwords. Application Control Application usage tracking. Application Solution access control. Access control for wireless network, Endpoint Security removable storage devices, and Solution application access. Patch Management Central management for patches and Solution software updates. Centrally scheduled backups. Data Recovery Solution recovery and rollback to known good state. Automated Cisco Trust Agent rollout. Quarantine Solution Policy-based network quarantine. Real-time Systems Infected computer isolation and remote Management remediation tools, BIOS settings Solution management. Security System-wide vulnerability audit and Expressions remediation. Pre-configured industry Solution standard security policies. Customer Engagement Process With the exception of Application Control Solution, the security solutions discussed on this white paper can be purchased stand alone. HP and Altiris offer a number of suites that bundle these solutions with price advantages. Below are some examples: • HP Premium Suite includes HPCM and Patch Management Solution • Client Security Management Suite includes SecurityExpressions, Endpoint Security Solution, Local Security Solution, and Application Control Solution. • Client Management Suite – Level 1 includes Patch Management Solution • Client Management Suite – Level 2 includes Real-Time System Management Solution • Client Management Suite – Level 3 includes Recovery Solution 7
  8. 8. How Does the Customer Purchase the Solution HP resells Altiris licenses, Annual Upgrade Protection, support and services. To request a quote, prospective buyers contact their HP sales representative. Purchase orders can be placed through standard customer channels within HP. Purchase orders must be accompanied by the end-user name, phone and email address. Altiris will deliver license keys or confirmation of purchase directly to the end-user customer within 3-5 business days of receiving an order from HP. Once received by the customer, licenses can be downloaded. Role of HP Sales in Engagement, Deployment, Support HP and Altiris reps work together to identify a manageability opportunity and discuss with the customer. Once the customer confirms the need, Altiris will do a proof of concept to demonstrate how the product works in the customer environment and would provide a return-on-investment. Usually there is an evaluation against other competitors based on the customer’s requirements outlined in a “request for proposal”. Once the contract is awarded, the customer will issue a purchase order to HP or one of HP’s trusted business partners. Typical Length of Time to Implement Solution As with the implementation of any system-wide solution, the time required to implement Altiris security solutions is highly dependent on the specific characteristics of a customer environment (number of nodes, servers, subnets, sites, topography, internal processes and policies, etc.). Nevertheless, Altiris product implementation cycles are known for being uncommonly short. The technical aspects of an Altiris product implementation (installation, agent rollout, and basic configuration) typically range between a few days and a couple of weeks. Of course, customization of the out-the-box product policies and alignment with company security guidelines can add significant time to the overall implementation. About Altiris Altiris, Inc. is a pioneer of IT lifecycle management software. Altiris service-oriented management solutions provide a modular and future-proof approach to managing highly diverse and widely distributed IT infrastructures. Altiris provides open solutions that enable lifecycle integration of client, handheld, server, network and other IT assets with audit-ready security and automated operation. Manage, Secure & Support IT Assets Altiris solutions snap directly into the Altiris service-oriented architecture, enabling fast, cost- effective IT asset lifecycle management from desktop to the data center. Altiris management solutions are organized into these solution families: • Asset & CMDB • Client & Mobile • Security & Compliance • Server & Infrastructure • Service Desk What Makes Altiris Unique • Lifecycle integration for client, server, security, service and asset • Single, unified configuration management database (CMDB) • Flexible, scalable, open service-oriented architecture • Deep integration for hardware-specific manageability 8
  9. 9. • Extraordinary automation due to industry-leading integration capabilities • Price-value leader For more information on Altiris Security Solutions visit: 9