TECHNICAL BRIEF: Using Symantec Endpoint Protection 12.1 to Protect Against A...Symantec
Advanced persistent threats (APTs) pose serious challenges for organizations of all sizes. Challenges related to advanced persistent threats include cyber attacks that are designed to do anything from steal sensitive data for financial gain, corporate espionage, etc., to sabotage of critical infrastructure. These attacks are specifically targeted and are often carried out using sophisticated malware. The effectiveness of traditional file-based antivirus scanning technology is not by itself sufficient protection because a given malware associated with an APT will have extremely low prevalence, that is, will not be widely seen on the Internet. Traditional antivirus signature-based scanning is reactive in that a signature can only be written to detect a threat that has already been seen.
Symantec Endpoint Protection 12.1 (SEP 12.1) includes protection technologies that go beyond traditional antivirus scanning to provide effective protection of endpoints against the sophisticated malware used by APTs. This paper provides guidelines on how to ensure that SEP protection technologies are enabled and functioning in order to provide best protection for endpoints.
The challenge of Advanced Persistent Threats
Advanced persistent threats often use malware that is difficult to detect using traditional antivirus scanning and are designed specifically to run for long periods of time without being noticed. These threats are targeted and as such do not have wide distribution on the Internet. They are generally intended for specific targets and designed to evade detection in order to steal data. The type of data that is targeted for attacks varies by attacker and target, (financial gain, usernames/passwords, intellectual property, etc.)
Even though the motives and targets used by APTs can vary greatly, they often operate in stages that are common across attacks. They are: Incursion, Discovery, Capture, and Exfiltration and are briefly described in the illustration below:
Symantec Endpoint Protection (SEP 12.1) offers advanced protection by using multiple technologies to combat many targeted attack methods that are prevalent in the current threat landscape. While this document details the configurations and best practices in the use of SEP 12.1 against modern threat vectors, these details are only part of an overall security strategy. Many organizations have some sort of endpoint security solution installed and deployed. Breaches and intrusions can occur when these technology-based safeguards are not supported by sound, realistic, and effective security processes and procedures.
SYMANTEC ENDPOINT PROTECTION Administration IntroductionDsunte Wilson
Symantec Endpoint Protection is a client-server solution that protects laptops, desktops, Windows and Mac computers, and servers in your network against malware.
Symantec Endpoint Protection combines virus protection with advanced threat protection to proactively secure your computers against known and unknown threats.
SYMANTEC ENDPOINT PROTECTION Advanced Monitoring and ReportingDsunte Wilson
Symantec Endpoint Protection collects information about the security events in your network. You can use log and reports to view these events, and you can use notifications to stay informed about the events as they occur.
SYMANTEC ENDPOINT PROTECTION Interfacing the SEPM with Protection CenterDsunte Wilson
Protection Center lets you manage Symantec Endpoint Protection together with other Symantec products in a single environment. Symantec Endpoint Protection is integrated with Protection Center by means of a series of Web services.
These Web services provide communication between the Symantec Endpoint Protection Manager server and the Protection Center server.
TECHNICAL BRIEF: Using Symantec Endpoint Protection 12.1 to Protect Against A...Symantec
Advanced persistent threats (APTs) pose serious challenges for organizations of all sizes. Challenges related to advanced persistent threats include cyber attacks that are designed to do anything from steal sensitive data for financial gain, corporate espionage, etc., to sabotage of critical infrastructure. These attacks are specifically targeted and are often carried out using sophisticated malware. The effectiveness of traditional file-based antivirus scanning technology is not by itself sufficient protection because a given malware associated with an APT will have extremely low prevalence, that is, will not be widely seen on the Internet. Traditional antivirus signature-based scanning is reactive in that a signature can only be written to detect a threat that has already been seen.
Symantec Endpoint Protection 12.1 (SEP 12.1) includes protection technologies that go beyond traditional antivirus scanning to provide effective protection of endpoints against the sophisticated malware used by APTs. This paper provides guidelines on how to ensure that SEP protection technologies are enabled and functioning in order to provide best protection for endpoints.
The challenge of Advanced Persistent Threats
Advanced persistent threats often use malware that is difficult to detect using traditional antivirus scanning and are designed specifically to run for long periods of time without being noticed. These threats are targeted and as such do not have wide distribution on the Internet. They are generally intended for specific targets and designed to evade detection in order to steal data. The type of data that is targeted for attacks varies by attacker and target, (financial gain, usernames/passwords, intellectual property, etc.)
Even though the motives and targets used by APTs can vary greatly, they often operate in stages that are common across attacks. They are: Incursion, Discovery, Capture, and Exfiltration and are briefly described in the illustration below:
Symantec Endpoint Protection (SEP 12.1) offers advanced protection by using multiple technologies to combat many targeted attack methods that are prevalent in the current threat landscape. While this document details the configurations and best practices in the use of SEP 12.1 against modern threat vectors, these details are only part of an overall security strategy. Many organizations have some sort of endpoint security solution installed and deployed. Breaches and intrusions can occur when these technology-based safeguards are not supported by sound, realistic, and effective security processes and procedures.
SYMANTEC ENDPOINT PROTECTION Administration IntroductionDsunte Wilson
Symantec Endpoint Protection is a client-server solution that protects laptops, desktops, Windows and Mac computers, and servers in your network against malware.
Symantec Endpoint Protection combines virus protection with advanced threat protection to proactively secure your computers against known and unknown threats.
SYMANTEC ENDPOINT PROTECTION Advanced Monitoring and ReportingDsunte Wilson
Symantec Endpoint Protection collects information about the security events in your network. You can use log and reports to view these events, and you can use notifications to stay informed about the events as they occur.
SYMANTEC ENDPOINT PROTECTION Interfacing the SEPM with Protection CenterDsunte Wilson
Protection Center lets you manage Symantec Endpoint Protection together with other Symantec products in a single environment. Symantec Endpoint Protection is integrated with Protection Center by means of a series of Web services.
These Web services provide communication between the Symantec Endpoint Protection Manager server and the Protection Center server.
Tips to Remediate your Vulnerability Management ProgramBeyondTrust
In this presentation from her webinar, renowned cybersecurity expert Paula Januszkiewicz delves into what a truly holistic vulnerability management program should look like. When all parts are correctly established and working together, organizations can dramatically dial down their risk exposure. This presentation covers:
- The key phases and activities of the vulnerability management lifecycle
- The tools you need for an effective vulnerability management program
- How to prioritize your VM needs
- How an effective VM program can help you measurably reduce risk and meet compliance objectives
You can watch the full webinar here: https://www.beyondtrust.com/resources/webinar/tips-remediate-vulnerability-management-program
A Symantec Advisory Guide Migrating to Symantec™ Validation and ID Protection...Symantec
Who should read this paper:
IT, security managers, and executives who use legacy on-premise two factor authentication solutions and are considering a switch to another provider’s solution for two-factor authentication should read this document. This solution brief offers advice about gauging the security of a new solution, understanding the ease of deployment and management, choosing the right strategy for migration, and measuring the total cost effectiveness of a new solution.
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsAlienVault
As you've likely heard, Meltdown and Spectre are vulnerabilities that exist in Intel CPUs built since 1995. Hackers can exploit Meltdown and Spectre to get hold of information stored in the memory of other running programs. This might include passwords stored in a password manager or browser, photos, emails, instant messages and even business-critical documents.
Join us for a technical webcast to learn more about these threats, and how the security controls in AlienVault Unified Security Management (USM) can help you mitigate these threats.
You'll learn:
What the AlienVault Labs security research team has learned about these threats
How to scan your environment (cloud and on-premises) for the vulnerability with AlienVault USM Anywhere
How built-in intrusion detection capabilities of USM Anywhere can detect exploits of these vulnerabilities
How the incident response capabilities in USM Anywhere can help you mitigate attacks
Watch the On-Demand Webcast here: https://www.alienvault.com/resource-center/webcasts/meltdown-and-spectre-how-to-detect-the-vulnerabilities-and-exploits?utm_medium=Social&utm_source=SlideShare&utm_content=meltdown-spectre-webcast
Hosted By
Sacha Dawes
Principal Product Marketing Manager
Sacha joined AlienVault in Feb 2017, where he is responsible for the technical marketing of the AlienVault Unified Security Management (USM) family of solutions. He brings multiple years of experience from product management, product marketing and business management roles at Microsoft, NetIQ, Gemalto and Schlumberger where he has delivered both SaaS-delivered and boxed-product solutions that address the IT security, identity and management space. Originally from the UK, Sacha is based in Austin, TX.
Panda Adaptive Defense 360 is the first and only product in the market to combine in a single solution Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) capabilities.
Do you want to get to know more about Adaptive Defense 360?
- Test a demo: http://bit.ly/21jl4Bi
- Talk to an expert: http://bit.ly/1Ouzvve
- Get more info: http://bit.ly/21jljMu
Avoid Meltdown from the Spectre - How to measure impact and track remediationQualys
The recently disclosed Meltdown and Spectre vulnerabilities negatively impact the security of virtually every computer in the world today. These vulnerabilities allow an attacker to gain control of a computer’s processor and steal data located on that computer. Organizations that store data in the cloud are particularly susceptible.
During this webcast, Jimmy Graham, Director of Product Management for Qualys Threat Protection and Asset Inventory, showcased solutions that can help you determine the impact of Spectre and Meltdown across your global IT environments.
Understand how:
• To quickly and easily visualize Spectre and Meltdown vulnerabilities within your environment
• To track remediation progress as you patch against Spectre and Meltdown
• The Qualys Asset Inventory and Threat Protection apps will help you automate detection and track remediation progress
Watch the on-demand webcast: https://goo.gl/6FQ6uJ
Open Source IDS Tools: A Beginner's GuideAlienVault
This SlideShare provides an overview of the various Open Source IDS tools available today. Whether you need to monitor hosts or the networks connecting them to identify the latest threats, these are some great open source intrusion detection (IDS) tools available to you.
How to Solve Your Top IT Security Reporting Challenges with AlienVaultAlienVault
Watch this on-demand webast to learn how to acheive security compliance with AlienVault Unified Security Management (USM): https://www.alienvault.com/resource-center/webcasts/how-to-solve-your-top-it-security-reporting-challenges-with-alienvault?utm_medium=Social&utm_source=SlideShare&utm_campaign=solve-it-compliance-usm-webinar
Learn how you can take your on-premises and cloud security to the next level with a free online demo at: https://www.alienvault.com/products/usm-anywhere/demo?utm_medium=Social&utm_source=SlideShare&utm_campaign=solve-it-compliance-usm-webinar
Symantec will unify information security management across endpoints, gateways and servers, and deliver targeted protection for the Enterprise with the release of new Symantec Protection Suites.
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...AlienVault
Need a crash course on SIEM? No problem. Our security gurus will explain what SIEM is (and isn’t) and how to get up and running with it quickly and painlessly.
You'll learn everything you need to know about:
* Critical information stored in your logs and how to leverage it for better security
*Requirements to effectively perform log collection, log management, and log correlation
*How to integrate multiple data sources
*What features to look for in a SIEM solution
Endpoint security will helps in enhancing protection to corporate networks. It prevents from threats, virus and monitor potential entry in the network. Would you like to know more about the endpoint security working mechanism, then click here https://www.comodo.com/business-enterprise/endpoint-protection/endpoint-security-manager.php
Can Symantec reboot its own blockbuster successSymantec
The company has revealed Advanced Threat Prevention, an on-premises appliance designed to offer a more integrated security product that combines network, endpoint and email security.
Get advice from security gurus on how to get up & running with SIEM quickly and painlessly. You'll learn about log collection, log management, log correlation, integrated data sources and how-to leverage threat intelligence into your SIEM implementation.
Automating Critical Security Controls for Threat Remediation and ComplianceQualys
Trends like the increased use of cloud computing by businesses and their vendors introduce new complexities in reducing risk and assessing security across the supply chain. Demonstrating continuous risk reduction and compliance with internal policies and external regulations, fixing violations and configuration drift, centrally managing exceptions, and documenting progress are all common challenges.
The Center for Internet Security’s (CIS) Critical Security Controls (CSCs) were selected and prioritized by leading security experts to stop today’s most common and serious cyber threats. By implementing these controls, organizations can improve their security posture and reduce the risk of threats to critical assets, data, and network infrastructure.
In this webcast SANS Senior Analyst John Pescatore and Tim White, Director of Product Management for Qualys Policy Compliance (PC), discuss how you can achieve continuous security and compliance, and leverage Qualys solutions to address all 20 CSCs.
The presentation encompasses:
• An overview of the CIS Critical Security Controls, including ongoing updates
• Success patterns organizations have demonstrated for using the controls to their advantage
• How an automation can reduce the staffing load to determine whether controls are in place and effective
• How to prioritize remediation efforts
• Real-world examples of recent attacks that leveraged misconfigured systems
Watch the on-demand webcast: https://goo.gl/j6Posx
People make a decision to buy when the pain of the problem is greater than the pain of change. Learn how to develop the pain by taking customers to the negative future - the nightmare of losing all their valuable business data because they were unprotected, then show them the positive future they will enjoy when they have installed End Point Protection Small Business Edition 2013 from Symantec.
Tips to Remediate your Vulnerability Management ProgramBeyondTrust
In this presentation from her webinar, renowned cybersecurity expert Paula Januszkiewicz delves into what a truly holistic vulnerability management program should look like. When all parts are correctly established and working together, organizations can dramatically dial down their risk exposure. This presentation covers:
- The key phases and activities of the vulnerability management lifecycle
- The tools you need for an effective vulnerability management program
- How to prioritize your VM needs
- How an effective VM program can help you measurably reduce risk and meet compliance objectives
You can watch the full webinar here: https://www.beyondtrust.com/resources/webinar/tips-remediate-vulnerability-management-program
A Symantec Advisory Guide Migrating to Symantec™ Validation and ID Protection...Symantec
Who should read this paper:
IT, security managers, and executives who use legacy on-premise two factor authentication solutions and are considering a switch to another provider’s solution for two-factor authentication should read this document. This solution brief offers advice about gauging the security of a new solution, understanding the ease of deployment and management, choosing the right strategy for migration, and measuring the total cost effectiveness of a new solution.
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsAlienVault
As you've likely heard, Meltdown and Spectre are vulnerabilities that exist in Intel CPUs built since 1995. Hackers can exploit Meltdown and Spectre to get hold of information stored in the memory of other running programs. This might include passwords stored in a password manager or browser, photos, emails, instant messages and even business-critical documents.
Join us for a technical webcast to learn more about these threats, and how the security controls in AlienVault Unified Security Management (USM) can help you mitigate these threats.
You'll learn:
What the AlienVault Labs security research team has learned about these threats
How to scan your environment (cloud and on-premises) for the vulnerability with AlienVault USM Anywhere
How built-in intrusion detection capabilities of USM Anywhere can detect exploits of these vulnerabilities
How the incident response capabilities in USM Anywhere can help you mitigate attacks
Watch the On-Demand Webcast here: https://www.alienvault.com/resource-center/webcasts/meltdown-and-spectre-how-to-detect-the-vulnerabilities-and-exploits?utm_medium=Social&utm_source=SlideShare&utm_content=meltdown-spectre-webcast
Hosted By
Sacha Dawes
Principal Product Marketing Manager
Sacha joined AlienVault in Feb 2017, where he is responsible for the technical marketing of the AlienVault Unified Security Management (USM) family of solutions. He brings multiple years of experience from product management, product marketing and business management roles at Microsoft, NetIQ, Gemalto and Schlumberger where he has delivered both SaaS-delivered and boxed-product solutions that address the IT security, identity and management space. Originally from the UK, Sacha is based in Austin, TX.
Panda Adaptive Defense 360 is the first and only product in the market to combine in a single solution Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) capabilities.
Do you want to get to know more about Adaptive Defense 360?
- Test a demo: http://bit.ly/21jl4Bi
- Talk to an expert: http://bit.ly/1Ouzvve
- Get more info: http://bit.ly/21jljMu
Avoid Meltdown from the Spectre - How to measure impact and track remediationQualys
The recently disclosed Meltdown and Spectre vulnerabilities negatively impact the security of virtually every computer in the world today. These vulnerabilities allow an attacker to gain control of a computer’s processor and steal data located on that computer. Organizations that store data in the cloud are particularly susceptible.
During this webcast, Jimmy Graham, Director of Product Management for Qualys Threat Protection and Asset Inventory, showcased solutions that can help you determine the impact of Spectre and Meltdown across your global IT environments.
Understand how:
• To quickly and easily visualize Spectre and Meltdown vulnerabilities within your environment
• To track remediation progress as you patch against Spectre and Meltdown
• The Qualys Asset Inventory and Threat Protection apps will help you automate detection and track remediation progress
Watch the on-demand webcast: https://goo.gl/6FQ6uJ
Open Source IDS Tools: A Beginner's GuideAlienVault
This SlideShare provides an overview of the various Open Source IDS tools available today. Whether you need to monitor hosts or the networks connecting them to identify the latest threats, these are some great open source intrusion detection (IDS) tools available to you.
How to Solve Your Top IT Security Reporting Challenges with AlienVaultAlienVault
Watch this on-demand webast to learn how to acheive security compliance with AlienVault Unified Security Management (USM): https://www.alienvault.com/resource-center/webcasts/how-to-solve-your-top-it-security-reporting-challenges-with-alienvault?utm_medium=Social&utm_source=SlideShare&utm_campaign=solve-it-compliance-usm-webinar
Learn how you can take your on-premises and cloud security to the next level with a free online demo at: https://www.alienvault.com/products/usm-anywhere/demo?utm_medium=Social&utm_source=SlideShare&utm_campaign=solve-it-compliance-usm-webinar
Symantec will unify information security management across endpoints, gateways and servers, and deliver targeted protection for the Enterprise with the release of new Symantec Protection Suites.
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...AlienVault
Need a crash course on SIEM? No problem. Our security gurus will explain what SIEM is (and isn’t) and how to get up and running with it quickly and painlessly.
You'll learn everything you need to know about:
* Critical information stored in your logs and how to leverage it for better security
*Requirements to effectively perform log collection, log management, and log correlation
*How to integrate multiple data sources
*What features to look for in a SIEM solution
Endpoint security will helps in enhancing protection to corporate networks. It prevents from threats, virus and monitor potential entry in the network. Would you like to know more about the endpoint security working mechanism, then click here https://www.comodo.com/business-enterprise/endpoint-protection/endpoint-security-manager.php
Can Symantec reboot its own blockbuster successSymantec
The company has revealed Advanced Threat Prevention, an on-premises appliance designed to offer a more integrated security product that combines network, endpoint and email security.
Get advice from security gurus on how to get up & running with SIEM quickly and painlessly. You'll learn about log collection, log management, log correlation, integrated data sources and how-to leverage threat intelligence into your SIEM implementation.
Automating Critical Security Controls for Threat Remediation and ComplianceQualys
Trends like the increased use of cloud computing by businesses and their vendors introduce new complexities in reducing risk and assessing security across the supply chain. Demonstrating continuous risk reduction and compliance with internal policies and external regulations, fixing violations and configuration drift, centrally managing exceptions, and documenting progress are all common challenges.
The Center for Internet Security’s (CIS) Critical Security Controls (CSCs) were selected and prioritized by leading security experts to stop today’s most common and serious cyber threats. By implementing these controls, organizations can improve their security posture and reduce the risk of threats to critical assets, data, and network infrastructure.
In this webcast SANS Senior Analyst John Pescatore and Tim White, Director of Product Management for Qualys Policy Compliance (PC), discuss how you can achieve continuous security and compliance, and leverage Qualys solutions to address all 20 CSCs.
The presentation encompasses:
• An overview of the CIS Critical Security Controls, including ongoing updates
• Success patterns organizations have demonstrated for using the controls to their advantage
• How an automation can reduce the staffing load to determine whether controls are in place and effective
• How to prioritize remediation efforts
• Real-world examples of recent attacks that leveraged misconfigured systems
Watch the on-demand webcast: https://goo.gl/j6Posx
People make a decision to buy when the pain of the problem is greater than the pain of change. Learn how to develop the pain by taking customers to the negative future - the nightmare of losing all their valuable business data because they were unprotected, then show them the positive future they will enjoy when they have installed End Point Protection Small Business Edition 2013 from Symantec.
Symantec Next Generation Network ProtectionSymantec
Symantec Next Generation Network Protection allows communication service providers to better secure networks; better manage policy enforcement and user preferences; and increase profitability by boosting customer satisfaction to prevent churn and reduce costs associated with network misuse, malware proliferation and spam.
Each and every business is unique. From healthcare to retail, manufacturing or finance — no two businesses
operate the same way. That’s why the Microsoft Cloud can be tailored to meet the needs of any enterprise.
It’s the cloud that helps drive unparalleled productivity. The cloud that turns massive streams of data into
actionable insight. The cloud that scales rapidly t o meet the growing demands of your business. And the
cloud that transforms a mobile workforce into a connected team. This is the cloud that’s built for your business.
Predicting the Future of Endpoint Management in a Mobile WorldQuest
In this on-demand webcast, you’ll get a feel for looming changes in the endpoint management landscape over the course of the next six months to five years.
BMC - Response to the SolarWinds Breach/MalwareMike Rizzo
BMC response to the SolarWinds Breach
Critical compromise to the Solarwinds Orion platform has created an immediate need to respond to the threat from a likely state sponsored actor (Russia)
IBM Endpoint Manager for Lifecycle Management (Overview)Kimber Spradlin
Complete visibility and management over all endpoints - physical or virtual, on- or off-network across Windows, Max, Unix, and Linux servers, desktops, laptops, and specialty devices. Includes network discovery, deep hardware and software inventory of managed devices, software distribution and patch management, OS deployment and bare-metal provisioning, and remote control.
A Comprehensive Guide to Choosing the Best Network Monitoring SoftwareDevLabs Global
Network monitoring software plays a crucial role in maintaining the performance, security, and reliability of computer networks. Whether you are a small business owner or a large enterprise, investing in the right network monitoring software is essential to ensure smooth operations and minimize potential disruptions.
SMAC Softwares GmbH is an ambitious company located in Stuttgart. With an intention to become the fastest emerging software development company which will help its clients to grow high at a rapid pace. The company provides products and services in the areas of Social, Mobile, Analytics, and Cloud. Hence we named it SMAC! A truly future-oriented company.
Similar to Introduction to Symantec Endpoint Management75.pptx (20)
Helping Innovators to Innovate, Arrow ECS and IBMArrow ECS UK
A reminder of the Arrow ECS and IBM MSP & ISV Jam. Including the future of consumer technology, opportunities for MSP's and ISVs and an update on how IBM continues to innovate.
Gain maximum benefit from Channel Technical Professionals and the technical p...Arrow ECS UK
Gain maximum benefit from Channel Technical Professionals and the technical programs by Colm Kenneally, IBM Business Analytics, Mid-Market and Partner Enablement.
2. Common IT challenges
“How do I manage users who
rarely connect to the
corporate network?”
“How do I manage all the new
devices and software coming
into my environment?”
“How can I make sure we
are not over or under
buying software licenses
and are in compliance
with our license
agreements?”
“How do I protect my corporate
assets and network from
vulnerabilities?”
Introduction to Symantec Endpoint Management
2
3. How does Symantec solve
these challenges?
Introduction to Symantec Endpoint Management
3
4. Manage anywhere across remote sites and users
Symantec Endpoint Management
IT Realities
• By 2015, over 37% of the
global workforce will be
mobile
• Companies with greater than
2,500 employees operate, on
average, more than 60
locations
Introduction to Symantec Endpoint Management
• Securely manage users anywhere on the
internet and eliminate the need for
dedicated VPN or leased lines
• Easily support and manage distributed
locations regardless of bandwidth
constraints
• Maximize administrator to managed
device ratios
4
5. Easily manage diverse platforms
Symantec Endpoint Management
IT Realities
• 46% of corporations now issue
Macs to employees
• BYO devices to grow from 65%
in 2013 to 72% in 2017
• Linux market share expected
to double by 2016
Introduction to Symantec Endpoint Management
• Manage all devices from a single
console, with a singular experience
• Broad systems OS Support for
Windows®, Mac®, Linux®, and Unix®
• Native Mac imaging
• Support for VMware® and Hyper-V®
• Broad mobile OS support for
iOS®, Android™, Windows
Mobile®, Blackberry®, webOS™
5
6. End-to-end software management
Symantec Endpoint Management
IT Realities
• 65% of enterprises were
audited in the past 12 months
• Top vendors to audit
customers include
IBM®, Adobe®, Oracle®, Micro
soft®, and SAP®
• Common data model provides a single
place for purchases/contracts, single
definition of software, single interface for
different users
• Advanced reporting supports financial
costs, departmental expense for
chargeback, alerts on renewal
activities, and trending over time
• Automatic harvesting processes
• Single click application virtualization
• Deploy, update, and run SEP
Introduction to Symantec Endpoint Management
6
7. Broad patch management
Symantec Endpoint Management
IT Realities
• Only 2 out of the 25 top
vulnerable applications are
Microsoft products
• 5,291 vulnerabilities reported
for 2012
• Top 5 exploited vulnerabilities
are several years old with
patches available
Introduction to Symantec Endpoint Management
• Support for multiple platforms and over
50 non-Microsoft applications –
including all browsers and plug-ins
• Routine analysis and compliance
enforcement of applied patches
• Advanced analytic reporting and metrics
• Automation routines to simplify process
• Integration with Symantec’s endpoint
security, compliance and data loss
solutions
7
8. Data insight for faster remediation and planning
Symantec Endpoint Management
IT Realities
• Easily access and share business data
• Data exists in multiple
databases
• Measure improvement with key
performance indicators (KPIs)
• Creating reports can be
extremely time consuming
• Analyze trends over time
• Reports are often inaccurate
and quickly out of date
• Managers frequently want
reports at a moment’s notice
Introduction to Symantec Endpoint Management
• Powerful on-the-fly reporting and charts
• Fast remediation with
dynamic, actionable summaries
8
10. Symantec Endpoint Management
IT Management Suite
Client Management
•
•
•
•
•
•
•
Server Management
•
•
•
•
•
•
•
Provisioning
Inventory
Software management
Patch management
Application virtualization
Remote management
Reporting and analytics
Asset Management
•
•
•
•
•
Provisioning
Inventory
Software management
Patch management
VM management
Server monitoring
Reporting and analytics
Asset tracking
Barcode scanning
Contract management
Compliance
Reporting and analytics
Complementary Solutions
Mobile Management
Data Loss Prevention
Endpoint Protection
Encryption
Introduction to Symantec Endpoint Management
10
11. Strong endpoint management global footprint
90 of the
Fortune 100
10 of top 10
Information
Technology
Companies
Introduction to Symantec Endpoint Management
10 of top 10
Healthcare
Companies
8 of top 10
Global Financial
Institutions
11
12. Analyst & industry accolades
Best Management Suite
Altiris IT Management Suite
November 2012
Symantec Positioned as a Leader in The
Forrester Wave™: Enterprise Client
Management Suites, Q2 2012
“Symantec has made a significant
Application Virtualization
Symantec Workspace Virtualization
January 2013
splash in this Wave, earning a
position as a Leader with longestablished strengths in core and
extended client management
License Management (ITMS)
Software Distribution (DS)
Drive Imaging (Ghost)
January 2013
functionality”
– Forrester, 2012
Source: May 2012 The Forrester Wave™: Enterprise
Client Management Suites, Q2 2012
Introduction to Symantec Endpoint Management
Remote Client Management (CMS)
Patch Management (ITMS)
January 2013
Asset Management (ITMS)
Drive Imaging (CMS)
Overall Migration (CMS)
January 2013
12
14. Client Management Suite Capabilities
Deployment
Inventory
Software
Management
Patch Management
Workspace
Virtualization
pcAnywhere
Real–Time
Management
Out of Band
Management
IT Analytics
Process Automation
Symantec Endpoint
Protection Integration
Capture and deploy disk images, migrate data and system configurations, and change operating
system settings.
Gather inventory data about computers, users, operating systems, and installed software
applications, and monitor and/or deny the usage of applications.
Distribute software and ensure that the correct software gets installed, remains installed, and
runs without interference from other software.
Assess, prioritize and deploy updates for common operating systems and applications to ensure
that managed computers are protected on an on-going basis.
Virtualize applications to reduce application conflicts, testing requirements and support calls.
Resolve help desk issues or stay productive while you work away from your office by providing
secure, remote access to computers.
View detailed real-time information about a managed computer and remotely perform various
administrative tasks, such as restart a computer, reset a password, and terminate a process.
Discover computers with ASF, DASH, and Intel AMT in your environment and configure the
computers for out-of-band management.
Explore data, analyze trends and track IT performance without advanced knowledge of databases
or third-party reporting tools
Create and implement automated processes that link together people, process and technology,
including the ability to create end-users forms and communicate between disparate technologies
Inventory client systems for common endpoint protection products, migrate and rollout Symantec
Endpoint Protection agents, troubleshoot agent problems and report on status and outbreaks.
Introduction to Symantec Endpoint Management
14
15. Asset Management Suite Capabilities
Asset Management
Lets you track and manage the physical, contractual and financial data associated with the IT assets in your
environment.
Configuration
Management Database
Solution (CMDB)
Lets you model configuration items, resources, and the relationships between them in a single central
database.
Barcode
Leverage barcode scanners for a more accurate way of gathering and verifying asset information in the field.
Process Automation
Lets you create and implement automated processes that link together people, process and technology,
including the ability to create end-user forms and communicate between disparate technologies.
IT Analytics Solution
Lets you explore data, analyze trends and track IT performance without advanced knowledge of databases
or third-party reporting tools.
Data Connector
Lets you transfer data between external data sources and the configuration management database (CMDB).
Introduction to Symantec Endpoint Management
15
16. Server Management Suite Capabilities
Deployment
Improve the consistency and quality of server configurations. It delivers the comprehensive deployment
capabilities that include image-based or scripted operating system installation and ongoing provisioning.
Inventory
Identify the devices that are found in your network, and aggregates inventory data across all of your
Windows, UNIX, and Linux assets.
Virtual Machine
Management
View virtual resources across Hyper-V and VMware platforms, and perform virtual machine specific tasks
such as creating virtual machines, modifying settings and changing the power state of a virtual machine.
Software Management
Distribute software and ensure that the correct software gets installed, remains installed, and runs
without interference from other software.
Patch Management
Assess, prioritize and deploy updates for common operating systems and applications to ensure that
managed computers are protected on an on-going basis.
Monitor
Proactively monitor the critical components of your network. You can increase the network uptime with
the self-healing remediation tasks that are configured before the critical events occur.
Real–Time
Management
Manage a single server in real time. View detailed real-time information and remotely perform various
administrative tasks, such as restart a computer, reset a password, terminate a process, and more.
IT Analytics
Explore data, analyze trends and track IT performance without advanced knowledge of databases or thirdparty reporting tools
Process Automation
Create and implement automated processes that link together people, process and technology, including
the ability to create end-users forms and communicate between disparate technologies
Introduction to Symantec Endpoint Management
16
17. Server Management Suite Provisioning Capabilities
Feature
Description
OS Install
Imaging, scripting, or a combination of the two, bare-metal, re-imaging
Configuration
BIOS, RAID, user/network settings, drives, services, location
Jobs, Tasks
Out of the box, sample, and custom jobs
Scripts, Tokens
Task sequencing, decision logic, standard and custom tokens, event chaining
PXE
Zero-touch provisioning / management, bare-metal deployment
HW OEM Integration
HP, Dell, IBM, FSC, SUN specific jobs, installation, drivers, white papers
Blade Rack/Enclosure
Physical mapping, rip-&-replace logic (re-provisioning)
Virtualization
VM imaging, VMware jobs, Virtual Center integration, ESX scripted install
iLO, DRAC, WOL
Remote management, In-Band and Out-of-Band
Packaging
Application and configuration packaging
Multicast
Distributed multicast for imaging, network layout agnostic
Console
Central console, security roles, drag and drop, wizards
Multiple OS
Production: Windows, Linux, Mac, Solaris; Pre-OS: WinPE, Linux, DOS
API
C#, Web Services, COM, and CLI API sets for customization and extensibility
Introduction to Symantec Endpoint Management
17
Editor's Notes
ReferencesWorldwide Mobile Worker Population 2011–2015 Forecast, IDC Research, December 2011 US Census Bureau, Economic Census 2007Cloud Enabled Management (CEM) will help with the management of remote and disconnected users, as well as branch office scenarios. The goal of the feature is to allow admins to manage endpoints over Internet even if the management servers (SMP and site servers) are not accessible directly. CEM does not require you to expose your management servers directly to the internet nor does it require the use of a VPN . As long as your users have internet connectivity, you can mange them.CEM was specifically designed with tight security considerations in mind. The goal was to make a very secure solution that would not put the SMP server and site servers at risk even if the pieces sitting in the DMZ of organization get attacked or, in the worst case, taken over. By placing a management gateway in the DMZ multiple computers or sites can communicate securely over the internet back to a Symantec management server secured inside the corporate firewall. This provides flexibility and cost savings for customers as it removes the need for leased lines or dedicated VPN networks. CEM places an Internet Gateway (IG) in the DMZ to facilitate client server communications. Each agent is issued a certificate that the IG can use to validate communications from authorized devices. Once a device has been authenticated, the gateway acts as a communications broker between the agent, the SMP, and PS’s. Only authenticated (authorized) connections are allowed to communicate to the NS. If a client is trusted (i.e. it has a valid and recognized certificate), the Internet Gateway routes the connection to the server on the internal network as requested by the client. A single Internet Gateway can serve Agents reporting to any number of SMP servers. The Certification Authority from each SMP server needs to be made available to the Internet Gateway for this to work. In cases where there are agents reporting to multiple notification servers (e.g. A Managed Server provider who has separate notification servers for each of their clients), the Internet Gateway is intelligent enough to be able to route communications to the appropriate notification server.Also in 7.5 is an iOS app that can be run from the admins Apple iPad. The ITMS Admin provides quick connectivity to a scaled down console with lightening fast response times. This enables IT admins to quickly see summary group data as well as device specific data that conveys the status of devices within the scope of the IT admin’s environment. Information such as Patch compliance, status of software delivery jobs, and status of AV/malware protection of endpoints is quick and simple using the ITMS Admin app.
Referenceshttp://blogs.wsj.com/cio/2012/04/03/macs-invade-the-enterprise/46% of corporations now issue Macs to employeesForrester’s new report, titled “Apple Infiltrates The Enterprise And Reshapes The Markets For Personal Devices At Work” surveyed more than 3,300 IT professionals in North America and Western Europe and found that 46 percent of enterprises were issuing Macs to employees. Those employees receiving Macs tend to be “senior in rank, higher paid, younger, and in emerging markets,” and managers are much more likely to have Apple products than regular employees. Notably, only 36 percent of small businesses reported issuing Macs in 2011, and that number is stagnant from 2010.Additionally, with enterprises’ growing acceptance of bring your own device (BYOD), there is an increase in consumer-owned devices in the computing world. Gartner forecasts that computing devices bought by consumers will grow from 65 percent in 2013 to 72 percent in 2017. This signifies the growing importance of designing for the consumer inside the enterprise.In an interview with Computerworld, Gartner analyst Carolina Milanesi says a major OS shift is coming. By 2015, she predicts, devices running Apple operating systems will overtake those running Windows. Last year, shipments of products running Windows still handily outnumbered those running Mac OS and iOS, by 347 million to 213 million, according to figures from Gartner published Monday. The lead will be slashed to 23 million in 2014, and the Apple OSes will likely outnumber Windows devices in 2015, said Carolina Milanesi, research vice president at Gartner.Symantec provides full featured support for Windows, Mac, Linux, UNIX and virtual platforms, and integration with our mobile management solutions to ensure consistent support for tablets and smartphones. We understand that systems management is undergoing a evolution with architectural options and end user dynamics and we are aggressively helping customers adjust to an era of user empowerment using the tools and applications they need to be productive.Symantec treats all platforms equally and aggressively supports new OS versions as they are released.
ReferencesSoftware Vendor Auditing Trends: What to Watch for and How to Respond, Gartner Research, May 2012The Software Vendors That Are Auditing Now and What to Do About It, Gartner Research, January 2012Symantec helps organizations manage their systems more effectively and save time and money by eliminating unnecessary purchases and wasted resources. By leveraging an integrated Software Management framework, IT can break down communication barriers and tie together all functions from delivery, metering, contract management, and license harvesting. A Forrester research study found that Symantec customers save millions through penalty avoidance savings from software vendor’s audits, avoiding over-licensing of software, and automating the auditing of physical assets. As a result, Symantec enables executive leadership to permanently control software spend by making software asset management efficient and accurate.Symantec can help in the following situations:Reaction from a true-up. Executives mandated to control software spend. Account for legacy software by discovering and populating a database.Prepare for true-up. Discover excess software before paying for it.Invoke the five basic tenets of software reclaim: 1. Inventory licenses, 2. Match installed against purchases, 3. Measure actual usage, 4. Determine license entitlements, 5.Make reclaim decisions.Implement application streaming to treat desktop licenses as though they were concurrent, thereby proactively solving the problem for all future software.
ReferencesSymantec Internet Threat Security Report, Volume 18http://www.symantec.com/content/en/us/enterprise/other_resources/b-istr_appendices_v18_2012_221284438.en-us.pdfSymantec is first and foremost a security company and the reason our endpoint security and management products work together is to ensure a well-managed endpoint is a secure endpoint. Symantec’s smarter patch management also helps you focus your time and energy on verifying the patches that present the most risk to your organization with a predefine patch verification and rollout process with a full audit trail for accountability. We help organizations follow six best practices for patch management:Automate your patching and include third party apps – We patch Windows, OS X and Linux and over 50 third party applications and help to create rules that automatically patch systems and applications without constant oversight. In-depth reporting and routine audits – With advanced analytics you can see the state of your patch management at any point in time and know exactly which systems are in need of attention.Testing and rollback – We can help you stage the rollout to your patches and we can leverage our industry leading backup tools in case need to roll them back. Maintenance windows – No one wants downtime, but avoiding patch rollouts can lead to just that if you don’t make time for patching. We can help ensure that every system has a monthly maintenance window, and provide an allowance for emergency patches for zero-day issues.Require all new systems be fully patched – We can help you ensure that any new system is full patched before it gets to production. Vulnerability scans and intelligence - It may not sound like it's a part of patch management, but it will help you find new systems that need patching, and others that fall out of compliance. Using Symantec’s control compliance capabilities and security intelligence you can make more proactive decisions and stay on top of what truly matters.
IT reporting. We've all seen the mess. Data from one system trying to combine with data from another system. Employees running around working to get reports ready for the weekly or monthly meetings. Symantec can help you start to simplify IT reporting.1. Only report data that drives decisions. Using our robust it analytics you can select the right information at the right time based on up to date information in a single database. 2. Automate – Leverage the answers to drive decisions and take actions as well as track key indicators.Where can I build in my process a check point, a control point, some place, log, event where a bit gets flipped that can be tracked automatically.3. Skip the Middle Man - Don’t have people pass on data that is not important to them unless they are the only source of that data. Have the data all go directly to the point where it is valuable. This minimizes the data points that a given person in the chain has to report. We can aggregate data across multiple management systems to provide you with a consolidated view. 4. Do Just the Right Amount of Work - Remember that one size does NOT fit all. With that in mind, when tackling a new report recipient, ask what information would help make decisions for which that team is responsible and report only that information. Quickly and efficiently build ad-hoc reports based on future requests.
This slide helps illustrate the comprehensiveness of the customer jobs addressed by Symantec Endpoint Management solutions and how the User is at the center of everything we do.
Use this slide to reinforce our install base. This is a counterpart to the Microsoft argument. You can also pull out the recent Gartner quote “Microsoft System Center 2012 Configuration Manager holds between 50% and 60% of the client management tool market; however, we have found that successful adoption of the product is lower than this.” We have strong success in IT, pharma and across finance – banks, insurance, etc.
Illustrate our strengths in the recent analyst reports. Gartner Magic ™ Quadrant for Client Management Tools Terrence CosgroveClient Management Suite (CMS) is one of the most complete and comprehensive client management products in the market.Symantec remained one of the most frequently considered vendors in 2011. It scored well on the Visionaries scale because it is investing in product capabilities that will help organizations manage an increasingly diverse set of applications and devices.The Forrester Wave™: Enterprise Client Management Suites, Q2 2012 David K. JohnsonSymantec has made a significant splash in this Wave, earning a position as a Leader with long-established strengths in core and extended client management functionality — particularly OS management, software management, and patch. Symantec delivers well-integrated mobile device management capabilities and essential Mac support.Reinforce our core strengths in deployment and patch through recent awards.