Sophos Complete Security

1,959 views

Published on

Sophos Security Solution : Complete Security Without Complexity

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,959
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
0
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide
  • Hello, we’re Sophos. And we take a different approach to protecting your IT and data. We want to make sure you get complete security without having to work too hard.
  • We see that there are three main problems making IT security more difficult today:Threats like fakeAV are still getting through defensesData is still getting lost on disks, laptops and via email. At the same time your IT infrastructure is getting more complex with users on mobile devices, using home computers, in satellite offices - all using data and services in the cloud, as well as behind your firewall.Too often the onus is put on the IT teamto address all these risks. This means you buy, configure and manage multiple security software and hardware solutions that let you deal with the aftermath of defenses being breached. You also have to solve new security problems as they emerge, often by buying and deploying even more new products. What you need is complete security from a vendor you trust.
  • Stopping threats and protecting your data is what we do. And we believe our job is to do that comprehensively, without making your job more complicated. This is our mantra: Complete Security, Without Complexity, Active protection.What we do, How we do it, How we do it better.Complete security isabout taking care of yourprotection at every stagewithout it having to be complicated..
  • That’s why we give you solutions for every part of your business. Endpoint, Network, Data, Email, Web and Mobile. We protect them all. So your users and data are protected wherever they are and whatever they use.
  • Complete security means we don’t just detect threats, we:Reduce the attack surface – We address the things that bring risk like vulnerabilities and applications.Protect everywhere – We make sure your users are protected wherever they are and whatever device they’re using.Stop attacks and breaches – Of course we can detect and prevent threats and data loss. But we’ve moved beyond signatures with innovations like live protection, which means we can stop new threats instantly.Crucially, we Keep people working – Both your users and the IT team. We engineer our products to simplify the tasks that take too much time today, like cleaning up infections and recovering forgotten passwords. So, as the threat and the ways that we use IT for work evolve, so does your protection. We stay on top of them, to simply give you all you need to stay secure. We engineer our products to work better together. And we look for opportunities to unify endpoint agents, gateway defenses, security policies and intelligence so it’s even easier.Agents – for every device, combining security to maximise protection and performanceAt the Gateway – virtual or hardware appliances and software options that match your protection priorities and sizeThroughPolicies - We let you create a policy once, and apply it anywhere to give you consistent protection and user experienceFrom our Labs - our experts have visibility of all aspects of security threats and use that expertise to actively fine-tune your protection for you and deliver instantly from the cloud
  • We don’t want using all this great technology to be difficult. That’s why we’re doing the hard work. A good example is our HIPs solution which gives you everything we know about how malicious files are constructed and behave and identifies them for you. You don’t have to construct a complex policy, you just tick a box to get it working. And our active protection is truly unified. Identifying and protecting against every type of threat and delivered to the engine that powers all of our products, whether at the endpoint, gateway or across the network.
  • So what do you need to do? All of us at Sophos work hard to make sure that these features are easy to deploy. So you’re being protected straight away. Like a simple interface for filtering web access, with a single policy for endpoint and gateway.Our R.E.D, remote ethernet device means that even your smallest remote offices can be instantly secured, without having to send one of your engineers on site to set it up.Data control that lets you choose from a list of the most up to date content types, as well as sorting by regions or specific data regulationsAnd an easy user interface to make sure forgotten passwords aren’t your problem any more, users can help themselves.
  • Let’s look at some examples. Fake antivirus is one of the most recognisable and widespread threats in the wild today. But this certainly doesn’t mean you should waste your time worrying about how it might affect users in your business. Our solutions are working together at every step to make sure they don’t get infected. Reduce the attack surfaceFirstly we want to make sure you don’t become another statistic. Lots of the websites that host fake antivirus are legitimate ones that haven’t been properly secured, so we reduce the attack surface on your servers with our web application firewall. And you can also secure browsing by filtering sites and content accessed through your web gateway. Protect EverywhereIf your users are mobile and not connected to your own internet gateway you still want to know they’re protected, we make sure by providing security in the cloud, checking any site they visit against a list of the ones we know are bad. And very soon all of the capabilities in our web gateway software will be unified with the endpoint, so wherever the user is you can guarantee they’re browsing safely. Stop attacks and breachesIf the website is only recently infected and users can still browse to it our intelligent anti malware engine can scan the scripts running inside the site and stop the threat from there too, before anything’s saved locally to the computer. And with our threat intelligent patch assessment feature instead of seeing a daunting list of the ones that are available, you’ll soon be able to know which you actually need to apply to stay protected. It’s patching for the real world.Keep people workingWe don’t pretend that we block 100% of all the threats out there. So if the worst happens we make sure that our products help you identify infected computers and deal with them quickly. Sometimes it’s the small things that make the difference so we make sure you can get from opening our console to finding infected endpoints in just one click. That means you spend less time reacting, and your users are productive again more quickly.
  • Today there’s data everywhere. It might be your businesses own or even personal information about your customers and employees. Whatever it is, your people need to access it, work with it and share it. And you need to keep it safe.Reduce the attack surfaceAccording to research 86% of IT professionals say that their business has lost a laptop or hard disk carrying corporate data. Encrypting is the easiest way to make sure that if a device goes missing that data is still secure. We can also help you make sure that risky applications you haven’t approved aren’t being installed on machines. Protect EverywhereThe explosion in mobile working and superfast connections wherever we are mean that securing data at every point is a priority. That’s why we let you set security policies for the latest mobile devices and remote lock or wipe them if they go missing. And very soon we’ll be able to offer complete security for files uploaded and accessed from the cloud, whether from PCs or mobile devices. Stop attacks and breachesWe give you data control solutions that you can actually implement. These policies can be enforced from the endpoint and the email gateway, so you can easily make sure that data exiting your network is audited and controlled. And as a Sophos customer you also get easy access to our data protection expertise to help your users understand why it’s important. Keep people workingWe think that having effective data protection shouldn’t be at the expense of keeping your users working day to day. So we make accessing encrypted laptops easy and familiar for them. And if a user sends an email with confidential data in it you don’t always have to block it, we can seamlessly encrypt that email at the gateway. Delivering an easy password protected pdf at the other end.
  • Today people work from everywhere. It might a branch of the organisation in a far off town or a maintenance engineer working on the road. Whoever it is, they will need access to your network, your data so they can work efficiently from wherever they are. And you need to keep them secure.Reduce the attack surfaceTo reduce the attack surface you’ll need to make sure protection is installed everywhere and the policy is consistent. Remote offices are less likely to have IT skills to hand. That’s why we engineer our protection, like our Remote Ethernet Devices (RED) to take the complexity out of getting security up and running. And to keep security policy consistent we build features like tamper protection to prevent protection being deactivated or policies changes by those without authorisation to do so.Protect EverywhereThe explosion in mobile working and superfast connections wherever we are mean that securing data at every point is a priority. That’s why we let you set security policies for the latest mobile devices and remote lock or wipe them if they go missing. And very soon we’ll be able to offer complete security for files uploaded and accessed from the cloud, whether from PCs or mobile devices. Stop attacks and breachesWe give you data control solutions that you can actually implement. These policies can be enforced from the endpoint and the email gateway, so you can easily make sure that data exiting your network is audited and controlled. And as a Sophos customer you also get easy access to our data protection expertise to help your users understand why it’s important. Keep people workingWe think that having effective data protection shouldn’t be at the expense of keeping your users working day to day. So we make accessing encrypted laptops easy and familiar for them. And if a user sends an email with confidential data in it you don’t always have to block it, we can seamlessly encrypt that email at the gateway. Delivering an easy password protected pdf at the other end.
  • You need to control applications that could cause security or legal problems, like P2P or instant messaging. And you'll get a handle on the unwanted applications that clog your network. Monitor and control what your employees are installing without interfering with their work. Traditional approachOften requires additional component or agent to be deployedIT admins have to build rules or create identities for applications - updating these when new versions are released and keeping on top of the latest application trendsThe process of creating detection and configuring policy is often time consuming, and difficult to stay on top. This impacts the effectiveness of the feature. How we do it better with Active ProtectionWe don’t just give you a tool to manage applications that asks you to keep it up to date. Instead: Our labs experts create application detection for you and actively maintain the list of applications. If a new version of Skype or peer to peer file sharing software appears you are automatically protected.We’ve built application control into our antivirus engine, so you don’t have to deploy or manage a separate product. You simply set policies for the whole company or specific groups to block or allow particular applications.
  • A single agent that scans for sensitive data and threats at the same time Our experts build pre-packaged and customizable data types for controlling sensitive content like credit card details and social security numbers, or healthcare identifiers. This data is then built into our antivirus engine for our endpoint and email appliances. So you don’t have to buy, deploy or manage a separate product and you get consistent protection at the endpoint and gateway.You simply set policies for the whole company or specific groups to block transfer of data, or simply warn users of the risk they are taking and ask them to authorize the transfer. As new regulations appear, or data protocols change or emerge our labs experts will update the data control lists that power the product. Simplifying identificationSophosLabs removes the need for complex, time consuming creation of sensitive data lists by delivering an extensive library of global definitions which can be used out-of-the-box.These lists cover things like social security numbers, credit card numbers and postal addresses.All files transferred will be scanned and checked against the data control policy.
  • Acting on breachesThere are a number of options open to the administrator if the agent detects that sensitive information is being moved.Firstly, the transfer can be allowed and simply be reported back to the Enterprise Console.Secondly, the transfer can be blocked.The third option is to check with the user and give them the ability to authorize the transfer. This can be can be used to train users that the data they are transferring may breach a company policy without actually preventing them from carrying out their work. The end-users decision is audited and can be reviewed at a later date.
  • 90% of vulnerabilities can be patched. Yet, many computers remain at risk because patching is hard. IT Managers don’t know which patches are needed, and they’re not confident their computers are patched.Traditional approachTypical mid-tier customer approach is to rely on the built-in update mechanisms for operating systems and applications The more vigilant are using Microsoft patching tools but, as the statistics now show, we have reached the point where the majority of application exploits are against non-Microsoft applications. So, using the included Microsoft tools can only solve half the problem at best.IT admin is blind to the patched state of their endpoints and how vulnerable they really are.Endpoints get compromised. According to Gartner 90% of those could be prevented.How we do it better with Active ProtectionWith our Endpoint Patch Add-on we prioritize the most critical patches for you by tying them to the threats they prevent.One scan finds un-patched computers helping you fix vulnerabilities and keep your data and network safe. We scan for application and OS patches for widely-used products from Adobe, Apple, Citrix, Microsoft, Skype and more.Only Sophos experts give patches a true security rating - critical, high, medium and low. And, we tell you which threats a patch prevents so you can easily identify the most important patches. Right within our Endpoint Console you can create patch assessment policies, setup alerts, and reporting. No separate deployment or console is required.
  • Our combination with Astaro means we’re now able bring complete security to Unified Threat Management too. We’re moving beyond a simple antivirus plugin to offer Active Protection inside a full range of web, email and network solutions. And we’re making threat management truly unified by letting you manage your Sophos Endpoint clients from inside the Astaro security gateway.
  • We hope you can see how complete security helps you at every point in the the threat lifecycle. And is engineered so you can actually use it. But there are other advantages too, like multi product discounts and unrivalled technical support from a single point.
  • We hope you can see how complete security helps you at every point in the the threat lifecycle. And is engineered so you can actually use it. But there are other advantages too, like multi product discounts and unrivalled technical support from a single point.
  • To find out more about us visit www.sophos.com, thanks for listening.
  • Sophos Complete Security

    1. 1. Complete Security
    2. 2. We’re focused on protecting youWhat’s the problem with IT security today? Data Threats everywhere, changing, still regulations increasing growing Users everywhere, using everything
    3. 3. We do IT securityBecause you’ve got enough to worry about Complete Without Active Security Complexity Protection Wherever Quicker to Our unique the user is, setup, approach for what ever maintain and better they use solve protection you problems can actually deploy3
    4. 4. Complete security Endpoint Network Web Mobile Email Data4
    5. 5. Complete security Endpoint Web Email Data Mobile NetworkReduce attack surface Protect everywhere Stop attacks and breaches Keep people working URL Filtering Web Application Endpoint Web Encryption Data Control Access control Automation WiFi security Firewall Protection for cloud Anti-spam Patch Manager Mobile Control Virtualization Anti-malware User education Visibility Local self-help Application Mobile app Clean up Technical Device Control Secure branch Intrusion Firewall Control security support offices prevention Encryption Live Protection Email encryption
    6. 6. Active ProtectionOur unique approach for better protection with less complexity Endpoint Web Email Data Mobile Network
    7. 7. Complete but not complexDefense in depth that you can actually deploy Reduce the attack surface Protect everywhere Stop attacks and breaches Keep people working
    8. 8. Example: Fake antivirusDelivering complete protection from a rampant threatEndpoint URL Filtering Endpoint Web Protection Web Web Application Live Protection Firewall Complete Email Security Visibility Anti-malware Data Clean up Patch Manager Mobile Network
    9. 9. Example: Data lossProtecting personal information and sensitive dataEndpoint Encryption Mobile Control Web Encryption Application for cloud Control Complete Email Security Local self-help Data Control Data Automation User education Mobile Network
    10. 10. Example 3: Remote office and usersProtecting personal information and sensitive dataEndpoint Tamper Mobile Control protection Web Encryption Secure branch for cloud offices Complete Email Security Small Endpoint Web Data updates Protection Mobile app Local self-help security Mobile Network
    11. 11. Active Protection: Application ControlOur labs experts create application detection for you and actively maintain the list of applications. Over 20 categories Online storage Browsers File sharing Instant messaging Virtualization tools Remote access USB program launches (U3, Ceedo)11
    12. 12. Active Protection: DLPOur experts build pre-packaged and customizable data types for controlling sensitive content Over 50 default sensitive data descriptions covering: Financial data (credit/debit card numbers) Personally Identifiable Information (national identification codes) Confidential document markers12
    13. 13. Active Protection: DLPMaking it easy to deploy and use Range of actions to meet different use cases: Log event only – initial deployment and silent monitoring Request user approval – train and inform Block – appropriate for highly sensitive data13
    14. 14. Active Protection: Patch AssessmentOur experts actively provide a true security rating - critical, high, medium and low • Reduce your risk of infection • Scan for application and OS patches • Prioritized patches tied to threats • Know your patch status with certainty • No added deployment14
    15. 15. Active Protection: Web ProtectionOur experts actively analyze and catalog malicious web sites and threats • Thousands of infected sites added daily • Automatic protection from the latest web threats • Instant updates through Live URL filtering • Activate at the flip of a switch15
    16. 16. Completing the visionIntegrating Astaro Network Security Astaro Secure Gateway Sophos Endpoint Active Protection Managed in Astaro Secure • Anti malware Gateway • Web reputation checking • Application Control • Anti spam • Client Firewall • Full Disk Encryption Data features • Device and media Encryption • SPX Email Encryption • Manage Sophos Endpoint clients • Data control for web and email • Anti malware • Device Control • Web Protection
    17. 17. Complete Security Complete Data Web Endpoint UTM Fullguard + Endpoint Sophos Security Protection Protection Protection – UTM Endpoint Protection - Anti-Virus Suite Suite Suite Advanced (UTM 9) Business Business AV/HIP/Live Protection        Client Firewall       Application Control       Device Control       Web Filtering in Endpoint      DLP, NAC, Patch     Web Gateway   Email Gateway   Full-Disk Encryption   Mobile  UTM FullGuard*  SharePoint, Exchange Exchange Exchange Exchange Groupware Exchange Win, Mac, Linux, Win, Mac, Linux, Win, Mac, Linux, Win, Mac, Linux, Win Win, Mac, Linux, Platforms VM, EMC Win, Mac, VM, Unix, VM, EMC Unix, VM, EMC Unix, VM, EMC Unix, VM, EMC17 *UTM FullGuard includes network, web, email, wireless and webserver protection
    18. 18. Why do more with Sophos?You’ll get better threat and data protection more simply, and more cost effectively• Complete security that works better together• Defense in depth you can actually deployYou’ll also see the benefits of consolidating your security vendors:• Consolidated licensing costs• One trusted partner for support Complete Without Active Security Complexity Protection
    19. 19. Indonesia References
    20. 20. ContactPT. VIRTUS TECHNOLOGY INDONESIAhttp://www.virtusindonesia.comP: (021) 522 9908E: marketing@virtusindonesia.comGraha BIP 7th floorJl. Jend. Gatot Subroto Kav. 23, Jakarta 12930Indonesia
    21. 21. www.sophos.com

    ×