Sophos EndUser Protection
Upcoming SlideShare
Loading in...5
×
 

Sophos EndUser Protection

on

  • 1,171 views

With Sophos EndUser Protection you get endpoint security, mobile device management, web protection, protection for your data and email, and more—all in a single license. ...

With Sophos EndUser Protection you get endpoint security, mobile device management, web protection, protection for your data and email, and more—all in a single license.

For more on Sophos EndUser Protection, visit: http://www.sophos.com/en-us/why-sophos/endpoint.aspx

Statistics

Views

Total Views
1,171
Views on SlideShare
1,171
Embed Views
0

Actions

Likes
1
Downloads
38
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Complete security isabout taking care of yourprotection at every stagewithout it having to be complicated.
  • We give you solutions for every part of your business. Endpoint, Network, Data, Email, Web and Mobile. We protect them all. So your users and data are protected wherever they are and whatever they use.
  • We don’t want using all this great technology to be difficult. That’s why we’re doing the hard work. A good example is our HIPs solution which gives you everything we know about how malicious files are constructed and behave and identifies them for you. You don’t have to construct a complex policy, you just tick a box to get it working. And our active protection is truly unified. Identifying and protecting against every type of threat and delivered to the engine that powers all of our products, whether at the endpoint, gateway or across the network.
  • IT professionals are grappling with precisely the kinds of end users you see here… Where Mr. Mac says he needs a mac to do his job… Dr. Smartphone insists on having his work email on his personal iPhone, Ms. Virtual who’s got a variety of virtualized desktops running on her computer, and Mr. BYOD who may be the CEO or anyone else for that matter that wants to do work on their iPad or other tablet. It all creates an immense security challenge.In this brief overview, we’re going to show you how we’re helping solve customers’ top problems in protecting end users on every device they use, every where they want to use them, with everything they need to be secure.
  • The concept of the endpoint is changing… it’s now about protecting the end user – that’s the motive behind our new product names.Sophos EndUser ProtectionEndUser Web SuiteEndUser Data SuiteAll of these products will now include Sophos Mobile Control to protect the devices users love so much. The on-premise software deployment option is also included – if a buyer prefers Software as a Service deployment model, they can certainly do that, but that’s licensed separately. With the focus on securing all end user devices from laptops to smartphones, we’ll be licensing everything by user count, so there’s no need to count the devices.
  • Live URL filter: You can connect your computers to our constantly updated list of millions of infected websites, so your users can’t get to them — even when they're outside your gateway protection. And we keep it updated, adding around 40,000 new sites every day.Live antivirus: When one of your computers identifies a potentially suspicious file, we’ll instantly check it with our database. In seconds, we’ll tell the computer if that file relates to a real threat and block it. Sophos Live Anti-Virus is included in all of our Endpoint products and suites. 
  • Live URL filter: You can connect your computers to our constantly updated list of millions of infected websites, so your users can’t get to them — even when they're outside your gateway protection. And we keep it updated, adding around 40,000 new sites every day.Live antivirus: When one of your computers identifies a potentially suspicious file, we’ll instantly check it with our database. In seconds, we’ll tell the computer if that file relates to a real threat and block it. Sophos Live Anti-Virus is included in all of our Endpoint products and suites.
  • Live URL filter: You can connect your computers to our constantly updated list of millions of infected websites, so your users can’t get to them — even when they're outside your gateway protection. And we keep it updated, adding around 40,000 new sites every day.Live antivirus: When one of your computers identifies a potentially suspicious file, we’ll instantly check it with our database. In seconds, we’ll tell the computer if that file relates to a real threat and block it. Sophos Live Anti-Virus is included in all of our Endpoint products and suites. 
  • We see websites that are either hosting malware or have been exploited by malware authors every 4.3 seconds. As websites become more complex and interactive, the potential for exploiting that complexity grows. We are also seeing more organization amongst cyber criminals as software exploits that can be targeted are sold and automated tools are available to trawl the web for those sites vulnerable to infection.
  • Live URL filter: You can connect your computers to our constantly updated list of millions of infected websites, so your users can’t get to them — even when they're outside your gateway protection. And we keep it updated, adding around 40,000 new sites every day.Live antivirus: When one of your computers identifies a potentially suspicious file, we’ll instantly check it with our database. In seconds, we’ll tell the computer if that file relates to a real threat and block it. Sophos Live Anti-Virus is included in all of our Endpoint products and suites. 
  • Behavioral detection: Tuned to detect variants, families (like the Storm worm) and large categories of malware (like encrypted malware), Genotype Protection guards against unknown malware by analyzing behavior before code executes. It uses pre-execution scanning to determine the functionality of the code, and the behavior it is likely to exhibit, all without allowing the code to run. Our threat detection engine detects zero-day threats without the need for signature updates or separate HIPS software.Suspicious file detection: Where Behavioral Genotype Protection is tuned to detect only malicious files, suspicious file detection will identify files that are highly likely to be malicious, again doing this by determining what the behavior of a file would be if the file were to be run. This detection provides the benefits of a traditional runtime behavior-based system without impacting system performance, or the inherent security issue of allowing a file to run before detection takes place.Suspiciousbehavior detection: This layer of detection watches all system processes for signs of active malware, such as suspicous writes to the registry, or file copy actions. It can be set to warn the administrator and/or block the process. Unlike other behavior-based detection systems, there is no need for the administrator to train or fine tune analysis, as SophosLabs experts do the fine tuning.Buffer overflow detection: A buffer overflow attack is reported when an attempt is made to exploit a running process using buffer overflow techniques. This detection system will catch attacks targeting security vulnerabilities in both operating system software and applications.
  • We help you control the applications that could cause security or legal problems, like P2P or instant messaging. And you'll get a handle on the unwanted applications that clog your network. With Sophos, you can monitor and control what your employees are installing without interfering with their work.
  • You need to control applications that could cause security or legal problems, like P2P or instant messaging. And you'll get a handle on the unwanted applications that clog your network. Monitor and control what your employees are installing without interfering with their work. The Traditional approach often requires additional components or agents to be deployed, and IT admins have to build rules or create identities for applications - updating these when new versions are released and keeping on top of the latest application trends.The process of creating detection and configuring policy is often time consuming, and difficult to stay on top. This impacts the effectiveness of the feature. How we do it better with Active Protection:We don’t just give you a tool to manage applications that asks you to keep it up to date.Instead, our Labs experts create application detection for you and actively maintain the list of applications. If a new version of Skype or peer to peer file sharing software appears, you are automatically protected.We’ve built application control into our antivirus engine, so you don’t have to deploy or manage a separate product. You simply set policies for the whole company or specific groups to block or allow particular applications.
  • Granular controlAdmins can set flexible rules to allow usage for only those that need it, such as blocking USB devices for everyone except the IT department. They can also allow specific devices - such as encrypted USB keys - to guarantee that any data saved on removable devices is secure.Alternatively, read-only access can be granted so employees can access information stored on USB keys or CDs but not write to them.Preventing bridgingComputers can be connected to two networks at once acting as a bridge between the two – the corporate network by a cable and to another network wirelessly.To stop data from travelling between the two networks, putting data security at risk, the wireless interface can automatically be turned off if a computer is connected to the corporate network via a network cable and then re-enabled when the cable is removed.
  • Sophos Endpoint Security protects your data in a virtual environment—simpler and more secure.With Sophos Endpoint Security and Control, you can protect all your physical and virtual computers with the same level of security. And all with the same product—with no extra license costs.
  • Your security solution should give you the best protection against malware and data loss in one, without negative impact on potential cost savings or on the way your users work.You get both with SophosWith Sophos Endpoint Security and Control, you can protect all your physical and virtual computers with the same level of security. And all with the same product—with no extra license costs.You can get more virtual computers on a physical machine because it uses less memory. It's efficient too—you can stagger scan times, so everyday security tasks won't grind your systems to a halt.We partner with VMware®, Citrix® and Microsoft® to give you complete support. Because we know the security requirements for virtualization in the future, we can keep you safe whether you’re virtualized now or will be soon.We provide better performance than other traditional antivirus systems. And our solution offers a full array of protection currently unsupported by our competitors' central scanning products, including HIPS, DLP and URL filtering. 
  • LiveConnectconnects endpoints to the central web appliance. It provides immediate policy updates:Apply policy in appliance as usual – same console foronsite and offsite endpoints. Policy changes are immediately sync’d to Endpoints everywhere.Instant activity reporting: Endpoint sends activity updates continuouslyOnly available with the fullsolutionSecure end to end encryption – we don’t see the traffic, just facilitate the connection.
  • Data exit points are:Removable storage / optical mediaRead only mode for storageInternet applications (web browser, email client, IM client)
  • The main trouble with the typical approaches is that the IT admin is blind to the patched state of their endpoints and how vulnerable they really are....and the result is that endpoints get compromised. Remember, according to Gartner, 90% of those could be prevented!
  • Sophos helps, firstly by assessing patches for all the commonly exploited software applications, not just Microsoft.Secondly, we accurately detect installed O/S and applications locally on each managed endpoint and only reports missing patches relevant to an endpoint.Our detections use complex fingerprinting methods to ensure we report any patches that are not fully installed. Thirdly, we make life easy by presenting the missing patches prioritized using SophosLabsintelligence, which enables customers to only worry about the relatively small subset (5-10%) of patches that stop actively exploited vulnerabilitiesThe SophosLabs rating process takes into consideration a number of factors, including the difficulty of the exploit and the existence and prevalence of the threats attacking it.
  • Sophos PureMessage for Microsoft Exchangeblocks spam, viruses, spyware and phishing. Scanning all inbound, outbound and internal email and Exchange message stores, it proactively protects against email-borne threats, and prevents confidential data being lost.
  • Sophos research shows that connecting an unprotected,unpatched computer running Windows XP (without SP2) tothe internet leads to a 40% risk ofinfection from an internetworm within about 10 minutes, rising to a 94% chance after60 minutes. There may not even be enoughtime to download andinstall security patches or firewalls, socomputers must be protected before going online.
  • Reduce impact with our quick scans that detect malware, adware, suspicious files and behavior, and unauthorized software—faster than any other major vendor, and now up to 15% faster than our last major upgrade.Get the most effective threat protection with our built-in host intrusion prevention systems (HIPS), web-based script attack detection and Live Anti-Virus real-time lookups to SophosLabs’ reputation database.Block access to websites hosting malicious code and inappropriate content.Control the installation and use of removable storage devices and unauthorized applications like P2P and IM.Automatically assess managed and guest computers for out-of-date security and patch status before they join your network.Protect against accidental loss of sensitive information with a unique and simple approach to data control, that integrates scanning into the antivirus agent.One console simplifies it allGet instant visibility of security status for all Windows computers from the same console used to manage Mac, Linux, UNIX and virtualized computers.  Keep track of activity with computer and user based reports that can be scheduled to run and automatically emailed to specific recipients.Reduce time required to deploy, manage and update security across all Windows computers and operating systems.Automate protection with Active Directory synchronization; remove old security products automatically during deployment.Get the latest protection with small, frequent protection updates from SophosLabs that are automatically distributed across your network—now up to 41% faster than our last major upgrade.Protect all your Windows and operating systems from Windows 2000 to Windows 7.

Sophos EndUser Protection Sophos EndUser Protection Presentation Transcript

  • EndUser ProtectionSecurity gets… personal
  • We are focused on protecting you Threats Data changing, everywhere, still regulations increasing growing Users everywhere, using everything2
  • We do IT securityBecause you’ve got enough to worry about Security Without Active Everywhere Complexity Protection Wherever Quicker to Our unique the user is, setup, approach for what ever maintain and better they use solve protection you problems can actually deploy3
  • Security everywhereProtecting every part of your business Endpoint Network Web Mobile Email Data
  • Active Protection Our unique approach for better protection with less complexityEndpoint Web Email Data Mobile Network
  • Business today…Increasingly sophisticated threats, mobile workforce, BYOD I need email I’ve got several I need a Mac to access on my virtual desktops I want to use do my job iPhone on my computer my iPad at work Mr. Mac Dr. Smartphone Ms. Virtual Mr. BYOD
  • Introducing EndUser Protection Complete Security Suite Web Protection Suite EndUser Web Suite Data Protection Suite EndUser Data Suite Endpoint Protection - Advanced EndUser Protection Now with Sophos Mobile Control Endpoint Protection - Business Anti-virus - Business
  • Security gets… Personal Easier Sensible •Every device •Easy BYOD •Sensible protection they use that covers all •Easy admin devices •Everywhere they go •Easy support •Sensible licensing from a single per-user •Everything they vendor need •Sensible services with updates and support included8
  • Endpoint product line Complete UTM Fullguard + Endpoint Sophos EndUser EndUser EndUser Security UTM Endpoint Protection - Anti-Virus Data Suite Web Suite Protection Suite (UTM 9) Business Business AV/HIP/Live Protection        Client Firewall       Application Control       Device Control       Web Filtering in Endpoint      DLP, NAC, Patch     Web Gateway   Email Gateway   Full-Disk Encryption   Mobile     UTM FullGuard*  SharePoint, Exchange Exchange Exchange Exchange Groupware Exchange Win, Mac, Linux, Win, Mac, Linux, Win, Mac, Linux, Win, Mac, Linux, Win Win, Mac, Linux, Platforms VM, EMC Win, Mac, VM, Unix, VM, EMC Unix, VM, EMC Unix, VM, EMC Unix, VM, EMC9 *UTM FullGuard includes network, web, email, wireless and webserver protection
  • EndUser Protection at a glance Application Exchange Control Device Control Server Protection Anti-malware Access control Mobile Control Virtualization Web Firewall Protection Encryption Data Control Patch assessment
  • Securing mobile devices The situation: Smartphone and tablet adoption is growing rapidly Employees are using their own devices They need secure access to company email and data The challenge: 113 devices are lost every minute in the US Android is today’s largest malware target … Thousands of rogue apps
  • Mobile Device ManagementUnified policy and management for all devicesiOS, Android, BlackBerry, and Windows MobileSecure access to corporate email via proxyPolicy controls: • Passcode and auto lock enforcement • Compliance enforcement (jailbreaking/rooting) • Encryption enforcementLoss/theft protection: • Remote lock/wipe • Auto wipe after failed login attempts • Locate lost devices
  • Enterprise App Store Control apps on mobile devices Publish in-house, required, recommended apps Block unwanted apps
  • Mobile Security Scans Android apps for malware before they are installed Active Protection cloud technology: • Live real-time cloud lookups • Up-to-the-minute app intelligence Fast and low impact scanning Privacy advisor detects apps accessing your personal data
  • Today’s threats Mainly come from the web Target data, identities and cash Exploit vulnerabilities Often execute silently In families of malware Are produced on a massive scale
  • Anti-malware A single engine to protect from all malware Genotyping technology Active Protection cloud technologies: • Live url filter: Stops urls we know are bad instantly • Live anti-virus: Checks in seconds to see if a suspicious file might be a real threat Fast and low impact scanning Small updates, frequently applied
  • Intrusion Prevention Behavioral detection Suspicious file detection Suspicious behavior detection Buffer overflow detection Rules created by Sophos via Active Protection So reliable it’s on by default
  • Applications wrongly applied Users trying to install and run unauthorized apps Some apps are risky Unwanted apps might use bandwidth Version control isn’t easy
  • Application Control Applications created and updated via Active Protection Over 40 categories including: • Online storage • Browsers • P2P File sharing • Instant messaging • Virtualization tools • Remote access • USB program launchers
  • Plugging the device gap Devices can carry malware They take data everywhere If they’re lost can you be sure they’re secure? People will plug them in anywhere
  • Device ControlControl devices connected to computersGranular control of: • Storage devices: • Removable storage - USB keys, removable hard disks • Optical / disk drives - CD / DVD / HD-DVD / Blu-rayNetwork devices: • Wi-Fi / Modems • Bluetooth • Infra-red
  • Securing virtual environments Virtualization saves money Is security on the agenda? Don’t compromise on performance
  • Virtualization We protect virtual environments. At no extra cost Our lighter-weight agent is better than other traditional Endpoint security solutions Stagger scanning for virtual machines No compromise on protection Citrix Reciever plugin Developing Vmware vShield scanner
  • The web: where malware is atA threat network • The number one source of infection • Legitimate sites are regularly infected • Productivity filtering isn’t enough • Many applications accessing the webHow people do web protection today • Large scale deployments that focus on the gateway • Backhauling traffic to appliances • None or limited protection for users not connecting to the gateway
  • Web protection Basic Endpoint • Active Protection from malware and bad sites • Works in any browser Web Filtering in Endpoint • Low-cost add-on integrated into the Endpoint/SEC • Reduce surface area of attack from risky parts of the web (porn, hate, p2p, etc.) • Essential compliance and liability coverage for inappropriate sites Web Protection Suite • Complete protection everywhere users go with LiveConnect • Full coverage of threats, compliance, productivity, liability, and visibility • Reduce investment & complexity in backhauling/VPN/Gateway HW
  • Inside LiveConnectwith Web Protection SuiteEnables full visibility and controlPolicy and reporting synchronizationImmediate and automaticSecure end-to-end encryption
  • Encryption Industrial strength full disk encryption Deployed and managed from your endpoint console Fast initial encryption Full password recovery options
  • Data ControlFully integrated endpoint DLP solutionDesigned to prevent accidental data lossMonitor and enforce on all common data exit pointsTrain staff through use of desktop promptsData types provided from Sophos via Active ProtectionIntegrated with email protection
  • The problem with patching No visibility of exposure level • Have users installed vulnerable applications? • Have users disabled automatic updates? • Is Microsoft WSUS/SCCM working correctly? • Don’t know which patches to worry about! Compliance audits become a real headache Machines get compromised • Gartner: 90% of situations where machines got compromised, a patch or configuration change existed that could have prevented it!
  • Patch Assessment1. We assess all the key exploited applications • Checking for patches from 11 vendors2. We accurately assess each endpoint • Local scans on every managed endpoint • Complex fingerprinting ensures patches accurately detected • Centralized reporting of relevant missing patches • Simple: no end-user interaction or messaging3. We prioritize patches to make life easier • Sophos rates patch criticality via Active Protection • Sophos shows any malware associated with patches • Creates a focus on the patches that really matter!
  • Spam, spam, spam and malwareSpam emails contain weblinks to malwareThey might also carry viruses in themOver 90% of the worlds email is spamNasty emails might be stored on your local exchange servers too
  • Exchange Server protection • Stop viruses and other threats in inbound, outbound and items inside Microsoft Exchange • Unique real-time Behavioral Genotype malware engine • Live anti-spam via Active Protection stops 99% • Gives instant visibility of status, email throughput, quarantine databases and all policy rules from a single console • Generate graphical management reports showing trends in email throughput, protection level and issues needing action
  • Where’s the fire? Open ports on PCs and Laptops are open doors to hackers A computer without a firewall and connected to the internet is a target Worms often target particular ports and protocols Laptops can connect anywhere, you need different rules when they’re outside your network
  • Client firewall Location aware policies Identifies apps by checksum Rollout invisible to users Interactive management alerts to create rules Stealth mode prevents unauthorized network access by hackers
  • Who’s on my LAN?Do your computers have all the right software installed?You don’t know when guests are connecting computers and if they’re secureIf guests don’t use the same software you do then you don’t know if they’re OK to connect
  • Access Control Prevent security issues by assessing managed and unmanaged computers. Detect and fix managed endpoint vulnerabilities Ensure that any guest computers match your security requirements before they access your network Updated database of over 600 security applications Prevent unauthorized computers from accessing the network
  • Complexity Users may complain about PC performance Does implementing a new feature mean a whole new rollout? Can you see every platform you’ve deployed to? How easy is it to perform common tasks or cleanup threats?
  • Deploy and manageA single deployment wizard for all endpoint featuresSingle agent for: • Anti malware • HIPS • Device Control • Data Control • Web protectionWidest platform supportConsole built for usabilityMobile Device Management • Over-the-air policy updates • Self-serve user portal for registration reduces help desk burden
  • Staying ahead of the curveStaying ahead of the curve US and Canada facebook.com/securitybysophos 1-866-866-2802 NASales@sophos.com Sophos on Google+ UK and Worldwide linkedin.com/company/sophos + 44 1235 55 9933 Sales@sophos.com twitter.com/Sophos_News nakedsecurity.sophos.com 39
  • www.sophos.com/endpoint