• Customers point their Mail Exchange (MX) records to Symantec.cloud Infrastructure• Inbound and outbound email is directed by Symantec.cloud, where it is scanned • Our perimeter defenses detect and reject known malware and spam originating from known sources• Proprietary Skeptic™ heuristic technology provides a vital layer of security, identifying and stopping new or unknown threats and proactively detecting and rejecting spam from unknown origins.• Email containing a virus is blocked and quarantined for 30 days, and the recipient is notified. Email containing Spam will be acted on according to your policy. Actions can include, block and delete, quarantine for 14 days or pass through with a tagged subject line or appended header• ‘Link following’ technology checks all web pages referenced within an email for viruses and other threats, blocking the email if malware is found on the linked sites. Suspicious links confirmed as viral will have a signature created for them so that future emails containing that link will be treated as being infected and are quarantined• Administrators and / or end users manage quarantined email and spam pens as well as approved and blocked sender lists
Difesa dell’email in cloudClean pipeOpexottimizzazioneDifesa delle email con Sym.cloudGINUpdate auotomatici e in tempo realeSLA
Hosted services enable organizations to lower total cost of ownership and simplify administration by replacing on-site hardware and software with infrastructure managed by a service provider in the cloud. As with any service arrangement with a third party, it’s critical to know what you’re paying for. One way to tell hosted service providers apart is by looking at the targets and redress policies that are outlined in their Service Level Agreement (SLA). Symantec.cloud has spent more than a decade developing highly accurate, effective, and reliable hosted services for securing and managing information delivered via email, Web, and instant messaging. We have invested heavily in proprietary heuristics for detecting malware and spam, a global infrastructure presence with 14 data centers spread across 4 continents, redundancy within and across our service delivery sites, and high quality technical support delivery. Together, these investments enable us to offer an aggressive, comprehensive and industry leading Service Level Agreement. Email SecurityAntiVirus Effectiveness – 100% protection against known and unknown email viruses AntiVirus Accuracy - no more than 0.0001% false positives AntiSpam Effectiveness – 99% spam capture (95% for email with Asian characters) AntiSpam Accuracy - no more than 0.0003% false positives Email Delivery – 100% email delivery Latency – average email scanning time within 60 seconds Availability – 100% service uptime Web SecurityAntiVirus – 100% protection against known web viruses Latency – average Web content scanning time within 100 milliseconds Availability - 100% service uptime
Unlike competitors, we have made tremendous investments in our architecture to deliver the highest levels of accuracy with the fewest false positives possible. We believe the best approach is to have multiple layers of protection: Traffic management slows down bad traffic at the TCP/IP layer Connection management uses heuristics to block unwanted email and prevents attacks at the user layer. Next, multiple commercial scanners are used to identify known viruses while our proprietary Skeptic technology is used to identify unknown, zero-hour, or emerging threats. Skeptic includes engines and heuristics (10 patents granted and pending) that cannot be tested by attackers. As a result of this unique technology, we capture threats that others miss.When all is said and done, customers benefit from a cleaner inbox, more regained bandwidth, and greater threat protection than they can receive through competitor offerings.
Common Web Security challenges that organizations are facing today include:Malware – malicious software designed to steal information or system resources. Without proper defense measures, web-borne malware can cause system downtime, cause data loss, or reduce productivity.Web Misuse – can reduce employee productivity, consume valuable bandwidth resources, and introduce legal risks to organizations in cases where inappropriate material is being viewed by users in view of peers.Enforcing a Web Acceptable Use Policy – implementing a Web Acceptable Use Policy is critical for controlling web misuse. However, without the proper tools, policies are difficult to monitor and enforce. An Increasingly Mobile Workforce– Remote workers and the need to travel for business have made protection for users who access the Web away from the corporate LAN a necessity for many businesses.
This slide will help you understand how Web Security.cloud works. Web Security.cloud examines the web traffic requests your users initiate and checks them against the policies you create. If a policy rule is triggered, the web request is either logged and allowed to pass or is denied. If no policy rules are triggered the web request is allowed to pass Web page requests are retrieved and scanned by Symantec.cloud using multi-layer malware scanning technologies. If a threat is detected, the web page request is denied and the user is notified with a message in their web browser (which you may choose to customize) If no threats are found, page content is delivered with no noticeable delay
This image shows a screenshot of the ClientNet dashboard reporting console for Symantec.cloud customers detailing the service activities and virus threats processed by our Email AntiVirus.cloud and Email AntiSpam.cloud services. Domains and reflected time period are configurable to the desired level of detail.
Il Cloud a difesa della mail e del web
Il cloud a difesa delle email e del webAntonio RicciSymantec.cloud
Email and Web usage Users’ behaviour is changing Benefits Risks • Job • Phishing attacks optimization • Confidentiality • Improving team • Loss of sensitive collaboration information • Information • Social always available engineering • Quick access to informationIl cloud a difesa delle email e del web 2
The Convergence of Threats:Botnets, Spyware, Viruses and Spam Spyware Spammer Viruses Uses botnet to send spam SpamIl cloud a difesa delle email e del web 3
SPAM – Unsolicited Bulk Email www.symanteccloud.com/intelligenceIl cloud a difesa delle email e del web 4
Email containing Virus www.symanteccloud.com/intelligenceIl cloud a difesa delle email e del web 5
Phishing Distribution and Targets Automated Toolkits 21.8% Other Unique Domains 58.7% IP Address Domains 4.1% Free Web Hosting Sites 13.3% Typosquatting 2.0% Financial 85.7% Information Services 11.6% Others 2.6% Government 0.2% www.symanteccloud.com/intelligenceIl cloud a difesa delle email e del web 6
Email misuse impacts Loss of • Sensitive data sent via email information Loss of • Improper content sent via email reputationIl cloud a difesa delle email e del web 7
Protecting email infrastructure Cloud solutions • Clean Pipe • Opex vs Capex • Workload optimization • Easy to Implement Symantec.cloud • Global Intelligence Network • 10.7 million SaaS users • Service Level Agreement • 24x7 SupportIl cloud a difesa delle email e del web 8
Symantec.cloud SLA Actual Aug SLA 2010 17 Million pieces of Malware captured in August 2010 AntiSpam effectiveness 99% 99.99997% Spam false 0.0003% 0.000007% 1 Billion Web requests per day in August positive rate AntiVirus false positive rate 0.0001% 0.000006% Email & Web 6 Billion emails scanned by Skeptic Service Availability 100% 100%Il cloud a difesa delle email e del web 9
Email flow ACME.COM 10 mail1.acme.com 20 mail2.acme.com XYZ.COM> > host–t–t type mx ACME.COM host type mx ACME.COM ACME.COM 10 mail1.acme.com 10 cluster.symanteccloud.com 20 mail2.acme.com 20 clusterA.symanteccloud.comIl cloud a difesa delle email e del web 10
Email protect and ControlIl cloud a difesa delle email e del web 11
Web Security Challenges Defending Against Malware • Attackers use the Web to deliver viruses, spyware, and other malware Web Misuse • Reduces productivity, consumes bandwidth, and creates exposure to security and legal riskEnforcing a Web Acceptable Use Policy • Often difficult and time consuming An Increasingly Mobile Workforce • Extending security and policy enforcement can be difficult when workers are located away from the corporate LANIl cloud a difesa delle email e del web 12
Web Threat LandscapeAttackers are increasing their volume and frequently use legitimate Websites…Average amount of Website Analysis of Blocked Domains:requests blocked by our Service: +20% Vs. 2009 on a per client per 10% Newly Established month basis. Domains LegitimateNew Malware Sites per Day Websites Sites with spyware = 200+ per day 90% Legitimate Websites compromised by Sites with Web viruses: 4000+ per day malware without the owners knowledge Source: MessageLabs Intelligence, July 2010 Il cloud a difesa delle email e del web 13
Protecting Web Navigation Cloud solutions • Easy to Implement • Scalability • Roaming users control • Cost prediction Symantec.cloud • Global Intelligence Network • 14 Datacenters in the world • URL filtering based on 90 categories • Strong security focus • Protection against known and unknown malwareIl cloud a difesa delle email e del web 14
Web Security.cloud How it worksA user initiates a Web request which is Policies determine whether traffic is sentchecked against the customer policies on, flagged or denied. Each request is logged. Firewall Internet Web content is retrieved by Multi-layer scanning detects Clean content is delivered Symantec.cloud Web-borne threats without noticeable delay Firewall Il cloud a difesa delle email e del web 15
Integrated Management InterfacePortal dashboardIl cloud a difesa delle email e del web 16
Summary Email and Web usage • Benefits and threats Threat landscape is evolving quickly • Need for protection Migration to the cloud • Benfits Symantec.cloud protection: • Leader in security protection • SLA • Email and Web Protection integrationIl cloud a difesa delle email e del web 17
I prossimi appuntamenti online:> 28 novembre“Symantec Endpoint Protection 12.1”> 13 dicembre“Integrare Data Loss Prevention con Encryption per unapiù efficace protezione delle informazioni” Registrati sul sito: www.emea.symantec.com/blackmarket/itIl cloud a difesa delle email e del web 18
Contatti Stop Black Market twitter.com/stopblackmarket@ firstname.lastname@example.orgIl cloud a difesa delle email e del web 19
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.