Introduction to Kaspersky Endpoint Security for Businesss

3,115 views

Published on

Introduction to Kaspersky Endpoint Security for Businesss

Published in: Technology
0 Comments
5 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
3,115
On SlideShare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
222
Comments
0
Likes
5
Embeds 0
No embeds

No notes for slide

Introduction to Kaspersky Endpoint Security for Businesss

  1. 1. See it – Control it – Protect it – An into of Kaspersky Endpoint Security for Business Nathan Wang, VP of Tech Divisions Kaspersky APAC nathan.wang@kaspersky.com KESB Launch | Hong Kong | March 7-8, 2013PAGE 1 | 51
  2. 2. Topics of discussion 1 Business demands and IT challenges 2 Kaspersky Endpoint Security for Business Encryption: a difficult play or an easy game? System Manager: what’s new? MDM: a convenient alternative? Others: KSV 2.0, KS-Exchange and KLMS 8 3 Kaspersky Lab datasheetPAGE 2 | 51
  3. 3. Business drivers and their impact on IT 66% of business owners AGILITY Move fast, be nimble and flexible identify business agility as a priority Cut costs 54% of organizations say that EFFICIENCY their business processes Consolidate and streamline could be improved Maximise the value of existing resources 81% of business owners cite PRODUCTIVITY operational efficiencies as Do more with less their top strategic priority IMPACT on IT IT complexity: more data, more systems, more technology Pressure on resources and budgetsPAGE 3 | 51
  4. 4. And then, there’s the rise of malware… New threats every day 200K Malicious programs specifically targeting mobile devices >35K Malware files in Kaspersky Lab collection Jan 2013 >100m 1999 2001 2003 2005 2007 2009 2011 2013PAGE 4 | 51
  5. 5. The impact on IT security Response: Malware Anti-malware plus management tool / dashboard The #1 target: Response: Systems / patch applications! management YOUR DATA Your data is on Response: the move! Data encryption Response: Mobile / BYOD Mobile device management (MDM)PAGE 5 | 51
  6. 6. What if? Malware The #1 target: 1 applications! PLATFORM MANAGEMENT CONSOLE COST YOUR DATA Your data is on the move! Mobile / BYODPAGE 6 | 51
  7. 7. Topics of discussion 1 Business demands and IT challenges 2 Kaspersky Endpoint Security for Business Encryption: a difficult play or an easy game? System Manager: what’s new? MDM: a convenient alternative? Others: KSV 2.0, KS-Exchange and KLMS 8 3 Kaspersky Lab datasheetPAGE 7 | 51
  8. 8. A high level glance of KES/KSC10 SEE CONTROL PROTECT Physical, virtual, mobile Configure and deploy Evolve beyond anti- Identify vulnerabilities Set and enforce IT virus Inventory HW and SW policies Meet security demands Take action with clear Manage employee- Protect data and reporting owned devices devices anywhere Prioritize patches Rely on Kaspersky License Management expertise NACPAGE 8 | 51
  9. 9. A high level glance of KES/KSC10 Kaspersky Kaspersky Endpoint Security Security Center •Anti-malware •Security policy mgmnt •Control Tools •Mobile Device Mgmnt •Encryption •Systems Management •Mail and Web •Image Mgmnt •Vulnerability Scan •NAC •Patch Mgmnt •Collaboration Server •SW/HW Mgmnt •License Mgmnt •Smartphones •Server •Tablets •Workstation •LaptopPAGE 9 | 51
  10. 10. A high level glance of KES/KSC10 Total Collaboration Mail Gateway Advanced License Network Software Kaspersky Security Center Management Admission (NAC) Installation Systems Management (SMS) Image Patch Vulnerability Management Management Scan Data Protection (Encryption) Select Mobile Endpoint Mobile Device Management Security (MDM) File Server Security Application Control Device Control Web Control Core Anti Malware + Firewall Management Endpoint Infrastructure Cloud protection is enabled for business users via thePAGE 10 | 51 Kaspersky Security Network (KSN)
  11. 11. Topics of discussion 1 Business demands and IT challenges 2 Kaspersky Endpoint Security for Business Encryption: a difficult play or an easy game? System Manager: what’s new? MDM: a convenient alternative? Others: KSV 2.0, KS-Exchange and KLMS 8 3 Kaspersky Lab datasheetPAGE 11 | 51
  12. 12. Encryption – quite difficult mechanism---- Who is listening and what to do? Alice eVe Bob 1 0 0 0 2 0+1 0+1 0+2 1 0+2 0+2 0+1 2 0+1+2 0+1+2 0+1+2PAGE 12 | 51
  13. 13. Encryption – quite difficult mechanism---- Color trick & numerical arithmetic with one-way function Alice eVe BobPAGE 13 | 51
  14. 14. Encryption – quite difficult mechanism  Encryption offering  Full Disk Encryption (FDE)  File Level Encryption (FLE)  Removable Media data Encryption (RME)  Asymmetric encryption — protection for data in transit  Secure connection between EP and KSC (SSL)  User and computer keys’ management exchange  Protection for recovery data  Symmetric encryption — protection for data at rest  Full disk encryption  File level encryption  Removable media data encryption  AES encryption module  256-bit  56-bitPAGE 14 | 51
  15. 15. Encryption – quite difficult mechanism ---- Keys used in encryption An individual master key for each computer An individual key for User’s key each user Master key MS DPAPI The computer key is encrypted using the public key of the Security Center The user’s key is Master key encrypted using Master key the personal key Computer key store User key store PAGE 15 | 51
  16. 16. Encryption – quite difficult mechanism---- Document exchange inside a corp network 1 3 Master key #2 Master key #1 Encrypted file (Master key ID) User key store 4 Computer #1 2 Computer #2PAGE 16 | 51
  17. 17. Encryption – quite difficult mechanism---- Boot order when FDE is used  Authentication Agent starts before the operating system  Key for decrypting the system boot sector  Special drivers are responsible for decrypting disk files during and after the operating system start Password Pre-boot Environment MBR Operating system boot record File system (Authentication Agent) Open data Encrypted dataPAGE 17 | 51
  18. 18. Encryption – an easy operation ---- Single Sign-On for end users Passwords match Passwords do not matchAuthentication Agent WindowsUsername/Password Username/Password Authentication Agent changes the password Next start PAGE 18 | 51
  19. 19. Encryption – an easy operation---- SSO, a routine policy configuration for IT guysPAGE 19 | 51
  20. 20. Encryption – an easy operation---- Enable encryption and policy configurationPAGE 20 | 51
  21. 21. Encryption – an easy operation---- “Tough” requirements for FLE and data recovery  The only requirement for FLE is the accessibility of KSC • The File Level Encryption is integrated to Windows’ authentication; • The key exchange is materialized automatically; • The Kaspersky encryption implementation is seamless to end users and applications, a great example of ease of use;  The data recovery requirement is simple • The computer to which the damaged disk connected can not have FDE enabled; • Just connect the damaged disk and run the recovery utility; No FDE enabled Old hard diskPAGE 21 | 51
  22. 22. Encryption – an easy operation---- Data sent to external partiesPAGE 22 | 51
  23. 23. Encryption – an easy operation---- Removable Media data Encryption in clicksPAGE 23 | 51
  24. 24. Encryption – an easy operation---- Removable Media data Encryption in clicksPAGE 24 | 51
  25. 25. Topics of discussion 1 Business demands and IT challenges 2 Kaspersky Endpoint Security for Business Encryption: a difficult play or an easy game? System Manager: what’s new? MDM: a convenient alternative? Others: KSV 2.0, KS-Exchange and KLMS 8 3 Kaspersky Lab datasheetPAGE 25 | 51
  26. 26. System Management: What’s new?---- SM function via KSC and Network Agent  Software monitoring/inventory  Hardware monitoring/inventory  License Management  Vulnerability detection  Update management  Installation of 3rd party’s applications  Network Access Control (NAC)  Deployment of operating system imagesPAGE 26 | 51
  27. 27. System Management: What’s new?---- Licensed management (remember software inventory?)PAGE 27 | 51
  28. 28. System Management: What’s new?---- Licensed management (NOT licensing enforcement) Examples of use cases:  Error, the number of licenses is exceeded;  Warning, license will expire soon (in 14 days);  Info, 95% of the available licenses are used upPAGE 28 | 51
  29. 29. System Management: What’s new?---- New update management KL Expertise KL Vulnerability DB 1. Missing Windows updates Windows Update 2. Vulnerabilities Vulnerability from KL Scan Task databasePAGE 29 | 51
  30. 30. System Management: What’s new?---- Patching vulnerabilitiesPAGE 30 | 51
  31. 31. System Management: What’s new?---- Testing tasks patch and update installationPAGE 31 | 51
  32. 32. System Management: What’s new?---- SM features in KSC9 and in the new KSC10  The previous implementation in KSC 9 are available: • Find vulnerabilities and Microsoft application updates (via the local WU service); • Installation of selected Microsoft updates (via the local WU service); • Installation of updates manually created and assigned by the administrator;  The new licensed capabilities added to KSC 10: • Automatic installation of updates and patches according to the specified rules; • Using of the KSC Server as a WSUS server; • Installation of updates and patches for the applications; included in the Kaspersky Lab database; • Other new features;PAGE 32 | 51
  33. 33. System Management: What’s new?---- Network Access/Admission Control (NAC)  NAC basics • Usually people think NAC is an appliance using SNMP; • NAC can be used to securely control authenticated/unauthenticated; user traffic according policies (based on port, protocol, subnet);  Capabilities of KL software based NAC • Block Internet access for computers having «bad» protection status; • Redirect unmanaged computers to the authorization portal; • Block any network activity for new devices; • Allow new computers accessing a special isolated subnet;  KL NAC architecture • Enforcers, Policy server, Access policy and Network devices; • Simple deployment and requires no changes on DHCP, DC;PAGE 33 | 51
  34. 34. System Management: What’s new?---- Network Access/Admission Control (NAC)PAGE 34 | 51
  35. 35. System Management: What’s new?---- Remote deployment of operating system images Capturing an Operating System image • Install and use Windows Automated Installation Kit; • Enable representation of the OS image capture and distribution functionality; • Capture a computer image, say a Windows 8 operating system, with application pre-installed; Deploying the image • Remote install the Windows 8 image to managed computers; • Remote install the Windows 8 image to ―bare metal‖ computers;PAGE 35 | 51
  36. 36. Topics of discussion 1 Business demands and IT chandleries 2 Kaspersky Endpoint Security for Business Encryption: a difficult play or an easy game? System Manager: what’s new? MDM: a convenient alternative? Others: KSV 2.0, KS-Exchange and KLMS 8 3 Kaspersky Lab datasheetPAGE 36 | 51
  37. 37. MDM: a convenient alternative?---- What we have been doing manuallyPAGE 37 | 51
  38. 38. MDM: a convenient alternative?---- KL MDM architecturePAGE 38 | 51
  39. 39. MDM: a convenient alternative?---- KL MDM architectureiOS Apple Push Notification Service Android Windows Mobile Windows Phone Palm (WebOS) Nokia (Symbian, Maemo)PAGE 39 | 51
  40. 40. MDM: a convenient alternative?---- KL Mobile Devices Server installation Adding Exchange ActiveSync Mobile Devices Server • Install Agent and MDM server on an Exchange Server;* • Testing the connection with a KSC Server; • Exchange ActiveSync configuration; Profile creation and policy configuration • On the KSC, configures profiles and polices for selected mailbox of the Exchange • Sync the profile and policy with the Exchange Mobile devices receive profiles and polices** • Direct Push is used for pushing notifications (MS Exchange ActiveSync) • Users receive it during the synchronization with the Exchange serverPAGE 40 | 51
  41. 41. MDM: a convenient alternative?---- Synchronizing Mobile Devices with KSC Mobile DevicesPAGE 41 | 51
  42. 42. Kaspersky Mobile Endpoint Security---- Centrally managed by the KSC CONFIGURE/DEPLOY SECURITY ANTI-THEFT Via SMS, email or Anti-malware GPS find tether Anti-phishing Remote block Anti-spam POLICY COMPLIANCE APPLICATIONS DATA ACCESS Set password Containerization Data Encryption Jailbreak / Root Data access Remote wipe notice restriction Force settingsPAGE 42 | 51
  43. 43. MDM: a convenient alternative?---- Still want to go back to the old manual operation?PAGE 43 | 51
  44. 44. KES/KSC10 in a nutshell Platform Console CostSee it Control itPAGE 44 | 51 Protect it
  45. 45. Topics of discussion 1 Business demands and IT challenges 2 Kaspersky Endpoint Security for Business Encryption: a difficult play or an easy game? System Manager: what’s new? MDM: a convenient alternative? Others: KSV 2.0, KS-Exchange and KLMS 8 3 Kaspersky Lab datasheetPAGE 45 | 51
  46. 46. KSV 2, KS-Exchange 8, KLMS 8, SPE 10…---- Kaspersky comprehensive security offering Kaspersky Security for Virtualization • Effectively integrated with vShield, an agentless solution to deliver cloud/local anti-malware, network protection under KSC management; • Materialize the mission for VMware to enhance security via an effective agentless approach; Mail, collaboration and gateway security • Email, SharePoint and gateway security are always the essential; • Multi-layered spam filtering plus the best anti-malware for security elevation and resource optimization; Service Provider Edition • A web application designed for ISPs to provide anti-malware security control/monitoring service for corporate network; • Coupled with KSV, it delivers cloud based security products and services;PAGE 46 | 51
  47. 47. Topics of discussion 1 Business demands and IT challenges 2 Kaspersky Endpoint Security for Business Encryption: a difficult play or an easy game? System Manager: what’s new? MDM: a convenient alternative? Others: KSV 2.0, KS-Exchange and KLMS 8 3 Kaspersky Lab datasheetPAGE 47 | 51
  48. 48. Kaspersky Lab datasheetPAGE 48 | 51
  49. 49. Kaspersky Lab datasheetPAGE 49 | 51
  50. 50. Kaspersky Lab datasheetPAGE 50 | 51
  51. 51. Thank You! Nathan Wang, VP of Tech Divisions Kaspersky APAC nathan.wang@kaspersky.comPAGE 51 | 51

×