Arrow ECS UK, profile picture
Uploaded byArrow ECS UK
PPTX, PDF22,508 views

Managed Security Services from Symantec

Symantec's Managed Security Services (MSS) provide organizations with global threat visibility and 24/7 access to security specialists to combat evolving cyber threats. The service encompasses security monitoring, infrastructure management, and threat intelligence, analyzing over 12 billion logs daily and identifying thousands of security events. Symantec is recognized for its scalable solutions and has maintained Gartner's leader status in the MSS market for 11 consecutive years.

Embed presentation

Downloaded 679 times
Managed Security Services from Symantec Chris Collier Presales Specialist – Security Arrow ECS
Agenda • MSS high-level overview • Industry Examples • Things to think about • Summary • Q&A Symantec Managed Services
Managed Security Services Mission Statement Symantec Managed Security Services (MSS) helps organizations anticipate and counteract the constantly changing threat environment by providing: • Unparalleled global threat visibility. • Comprehensive edge-to-endpoint incident detection and analysis. • 24/7 direct access to Symantec’s industry-leading security specialists. Symantec Managed Security Services
Symantec Managed Security Services Security Monitoring – – – – – – – 24x7x365 global operation >300 staff dedicated to delivering MSS >50 GIAC-certified Intrusion Analysts 10min Severe Event Escalation Warranty High Accuracy, Low False-positive Collect , retain and analyse >400B logs per month Escalate >400 validated severe incidents per day across 1,200 Global customers – Strong Service Governance (ITIL, ISO27001, SSAE 16) Infrastructure Management – Network IDS/IPS Management Services – Firewall Management Services – Symantec Endpoint Protection Management Services Symantec Managed Security Services
Symantec Managed Security Services The only Gartner recognised leader in ALL regions Unparalleled Global Intelligence Network Edge-to-Endpoint Security Monitoring Enterprise-wide Pricing Model NIDS HIDS Web Proxy Firewall Endpoint OS & Apps WebApp Firewall Network Infra. VA Symantec Managed Security Services
Critical Protection Challenges How MSS Can Help Visibility Focus on top priorities Stay ahead of threats Evolving Threat Landscape • Targeted attacks • Social networking • Zero-day vulnerabilities and rootkits • Attack kits • Mobile threats Symantec Managed Security Services Build a sustainable program Connect to Business
Critical Protection Challenges How MSS Can Help Visibility Focus on top priorities Build a sustainable program Connect to Business Stay ahead of threats Where are the gaps? • Complete coverage of surface area, Edge-to-Endpoint • Standardise security monitoring across all sites, all geographies, all systems • Where am I at risk of attack? Symantec Managed Security Services NIDS HIDS Web Proxy Firewall Endpoint OS & Apps WebApp Firewall Network Infra. VA
Critical Protection Challenges How MSS Can Help Visibility Focus on top priorities Stay ahead of threats Actionable Incidents • Focus on the most critical problems first • Eliminate the risk of chasing irrelevant events • Avoid over and under-reacting • Report everything Symantec Managed Security Services Build a sustainable program Connect to Business
Critical Protection Challenges How MSS Can Help Visibility Focus on top priorities Stay ahead of threats Security Operation Demands • • • • • 24x7, Global, Certified Scalable, Available Performing Future ‘proof’ architecture Recruitment Symantec Managed Security Services Build a sustainable program Connect to Business
Critical Protection Challenges How MSS Can Help Visibility Focus on top priorities Stay ahead of threats How to Demonstrate Value? • • • • Protect revenue Process improvement Predictable cost-base Measure and report on effectiveness and improvement • Time-to-Benefit Symantec Managed Security Services Build a sustainable program Connect with Business
Symantec MSS Portfolio Deepsight Global Threat Intelligence • Unified threat Intelligence portal and XML Data Feeds • Vulnerability, Threat and Risk content Log Collection, Retention and Access Firewalls • 2FA Portal Access, tamper proof, searchable, exportable • PCI and ISO27001 reporting features IDS / IPS Real-time Security Monitoring and Analysis Web Proxy • 24x7 security event monitoring and log analysis • Global Intelligence Network correlation Endpoint Security Incident Notification and Reporting OS & Apps • Incident Prioritisation, 10min Severe Event Notification • Real-time security dashboard Switches & Routers Infrastructure Management • Managed Network IDS/IPS, Managed Firewall, Managed SEP
Monitoring Service Tiers Service Transition Essential Advanced Log Collection Correlation Analysis GIN •Collect Logs from Man Systems •Store Logs Online •Available for Download and Reporting •Internal Vulnerabilities •Rate against Assets •Analyze against log/alert data •Enterprise Wide Security Analysis •Expert Human Analysis •Protect Information Assets •Correlate Against GIN •Anomalous Activity monitoring •Protect against Emerging Threats Applicable to ALL Systems Applicable to ALL Systems Applicable to all Systems with Security Data Applicable to Egress Points, such as FW’s Symantec Managed Security Services
Global Intelligence Network Identifies more threats, takes action faster & prevents impact Calgary, Alberta San Francisco, CA Mountain View, CA Culver City, CA Dublin, Ireland Tokyo, Japan Chengdu, China Austin, TX Taipei, Taiwan Chennai, India Pune, India Worldwide Coverage Global Scope and Scale 24x7 Event Logging Rapid Detection Attack Activity Malware Intelligence • 240,000+ sensors • 64M total internet sensors • 200+ countries • 180M+ systems monitored • 13 security response centers Preemptive Security Alerts Symantec Managed Security Services Vulnerabilities • 50,000+ vulnerabilities • 15,000+ vendors • 105,000+ technologies Information Protection Spam/Phishing • 5M+ decoy accounts • 8B+ email messages/day • 1B+ web requests/day Threat Triggered Actions
Process - Symantec Security Monitoring Firewalls/ VPN Intrusion Detection Systems Server and Desktop OS User Activity Monitoring Network Equipment Critical file modifications Vulnerability Assessment Anti-Virus Policy Malicious IP Changes Traffic Applications Web Traffic Identified . threats Known vulnerabilities Business-critical IT assets Risk-based Prioritization Industrial IT Security 2012 Databases Tens of Millions: Raw Events Millions: Security Relevant Events Hundreds: Correlated Events Threat Determined
Without MSS Service Device Logs: Perimeter FW LAN FW IDS Web Proxy http://paypay.co/vv/config.bin Outbound TCP connection acc from 10.1.25.1 to 98.77.1.11/80 10.1.25.1 --> 98.77.1.11 - Overnet Client Scan Inbound TCP connection acc from 14.28.75.64 to 12.55.26.85/80 Inbound TCP connection acc from 10.2.75.64 to 10.1.26.85/445 10.2.1.58 --> 44.75.26.88 - POLICY Yahoo Webmail client chat http://121.242.39.105/www.paypa l.us/account.limited.us/cgi.bin/we bscr.htm Outbound TCP connection acc from 10.1.25.1 to 98.77.1.11/80 Outbound TCP connection acc from 10.1.25.1 to 98.77.1.11/80 10.1.22.7 --> 16.1.82.9 SHELLCODE base64 x86 NOOP http://yeeshiedot.ru/bin/xingaepa. bin Outbound TCP connection acc from 10.1.22.7 to 55.10.17.22/80 Outbound TCP connection acc from 10.1.22.7 to 55.10.17.22/80 10.1.11.4 --> 64.99.57.12 SHELLCODE x86 NOOP http://zsbiz.in/php/cfg002.bin Inbound TCP connection acc from 14.28.75.64 to 12.55.26.85/80 Internet Outbound TCP connection acc from 10.1.25.1 to 10.2.55.17/445 Outbound TCP connection acc from 10.2.14.1 to 10.1.14.1/445 10.2.64.27 --> 18.197.26.177 SNMP trap udp Outbound TCP connection acc from 10.1.25.1 to 98.77.1.11/80 Outbound TCP connection drop from 10.1.25.1 to 98.77.1.11/25 19.11.157.22 --> 45.4.55.1 - SQL Query in HTTP Request Outbound UDP connection acc from 10.235.22.11 to 198.28.22.5/53 Outbound UDP connection acc from 10.2.32.11 to 10.1.19.11/137 48.45.66.99 --> 48.77.88.11 - UDP eDonkey Activity Outbound TCP connection acc from 10.1.17.4 to 18.7.13.2/80 10.2.1.58 --> 44.75.26.88 - WEBMISC cat%20 access Inbound TCP connection acc from 14.28.75.64 to 12.55.26.85/80 Outbound TCP connection acc from 10.1.22.7 to 55.10.17.22/80 Inbound UDP connection acc from 198.28.22.5 to 10.235.22.11/10256 Inbound TCP connection acc from 14.28.75.64 to 12.55.26.85/80 Outbound TCP connection acc from 10.1.25.1 to 98.77.1.11/80 Inbound TCP connection acc from 14.28.75.64 to 12.55.26.85/80 Outbound TCP connection acc from Outbound ICMP ping acc from 10.1.25.1 to 10.2.1.11/ 00-08 Windows SMB 10.1.11.4 --> 64.99.57.12 - WEBtraffic PHP test.php access http://ww3.irs.gov.binnet11.net/re fund/form http://johgheejae.ru/bin/laangiet. LAN bin http://push.bbc.co.uk/http-bind/ http://scores.espn.go.com/ncf/cas ter/snapshot?sessionId=CFBGamec LAN 2 ast9 http://money.cnn.com/.element/s si/main/2.0/content_ssi.exclude.ht ml Outbound TCP connection drop from 10.1.25.1 toEmail traffic 14.231.5.16/25 10.2.64.27 --> 18.197.26.177 SNMP request udp http://www.sunshinelive.de/typo3temp/JS_playlistfeed _hash.txt? Outbound TCP connection acc from 10.1.22.7 to 55.10.17.22/80 10.2.64.27 --> 18.197.26.177 SNMP public access udp 9140000/newsid_9141700/ Inbound TCP connection acc from 14.28.75.64 to 12.55.26.85/80 10.2.1.58 --> 27.192.26.88 IRC_Rogue_Session http://cdnedge.bbc.co.uk/sport/hi /english/static/football/statistics Outbound TCP connection acc from 10.1.25.1 to 10.2.55.17/445 10.1.25.1 --> 98.77.1.11 - Overnet Client Scan http://jskit.com/api/echo/subscribe?existin 15 gRenderers=%5B0%2C1%5D& Inbound TCP connection acc from 10.2.75.64 to 10.1.26.85/445 10.2.1.58 --> 44.75.26.88 - POLICY Web traffic 1 http://www.youtube.com/set_awe
Example Stats, one Wednesday afternoon... • Log lines analysed - 15,279,389,291 • Number of Incidents Created including Summaries - 7966 • Number of Real Time Incidents presented to analysts for validation – 3124 • Number of Real Time Published Incidents – 964 • Number of Summary Published Incidents - 1007 • Number of Real Time Critical Incidents – 244 Symantec Managed Services
Symantec MSS Portal • Customizable modules for organizing data in different ways • Trend graphs for visibility of incident trends • New Incidents arrive in real time to the Home Page • Modular elements customizable to each user Symantec Managed Security Services
Symantec Managed Security Services Reliability and Trust - Symantec Managed Security Services has been a Gartner Quadrant Leader for 11 consecutive years Proven – Symantec Managed Service s clients include 6 of Fortune 10, 44 of Fortune 100 and 117 of Fortune 500 Scalable - Symantec MSS analyzes >12 Billion logs from 727,000 devices every day Detection - Symantec MSS identifies an average of 15,000 security events and escalates 200 critical incidents every day Flexible – Symantec has flexible pricing and service levels to deliver the right protection and compliance at the right price. Personal – Symantec provides Named personnel for transition , service management and security analysis duties to drive personal relationships and customer care Symantec Managed Security Services
Questions? Symantec Managed Services

More Related Content

PPTX
Endpoint Protection
bySophos
 
PPT
A Guide to Managed Security Services
byGraham Mann
 
PPTX
Sailpoint Online Training on IAM overview
byITJobZone.biz
 
PPTX
Cyber Security Needs and Challenges
byHappiest Minds Technologies
 
PDF
IBM Security Identity & Access Manager
byIBM Sverige
 
PPTX
CyberSecurity Portfolio Management
byPriyanka Aash
 
PDF
Cybersecurity leaders guide to xdr for business
byfilin5
 
PDF
Security Consulting Services
byePlus
 
Endpoint Protection
bySophos
 
A Guide to Managed Security Services
byGraham Mann
 
Sailpoint Online Training on IAM overview
byITJobZone.biz
 
Cyber Security Needs and Challenges
byHappiest Minds Technologies
 
IBM Security Identity & Access Manager
byIBM Sverige
 
CyberSecurity Portfolio Management
byPriyanka Aash
 
Cybersecurity leaders guide to xdr for business
byfilin5
 
Security Consulting Services
byePlus
 

What's hot

PDF
Microsoft Zero Trust
byDavid J Rosenthal
 
PDF
Global Cyber Threat Intelligence
byNTT Innovation Institute Inc.
 
PPTX
Cloud security ppt
byVenkatesh Chary
 
PPTX
Zero trust Architecture
byAddWeb Solution Pvt. Ltd.
 
PPTX
Cloud Computing Security
byNinh Nguyen
 
PPTX
Azure sentinel
byMarius Sandbu
 
PPTX
Netpluz Managed SOC - MSS Service
byNetpluz Asia Pte Ltd
 
PPTX
Cloud security and security architecture
byVladimir Jirasek
 
PPT
Cloud Computing Security Challenges
byYateesh Yadav
 
PDF
Overview of Data Loss Prevention (DLP) Technology
byLiwei Ren任力偉
 
PPTX
The Open Group - ZT Commandments and Reference Model.pptx
byMark Simos
 
PPTX
Zero Trust
byBoaz Shunami
 
PPTX
Endpoint Security Pres.pptx
byNBBNOC
 
PDF
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
byParishSummer
 
PPT
Apresentação fortinet
byinternetbrasil
 
PPTX
Cybersecurity Risk Management Program and Your Organization
byMcKonly & Asbury, LLP
 
PPTX
The Zero Trust Model of Information Security
byTripwire
 
PDF
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
byEdureka!
 
PPSX
2 Security Architecture+Design
byAlfred Ouyang
 
PDF
Endpoint Security
byAhmed Hashem El Fiky
 
Microsoft Zero Trust
byDavid J Rosenthal
 
Global Cyber Threat Intelligence
byNTT Innovation Institute Inc.
 
Cloud security ppt
byVenkatesh Chary
 
Zero trust Architecture
byAddWeb Solution Pvt. Ltd.
 
Cloud Computing Security
byNinh Nguyen
 
Azure sentinel
byMarius Sandbu
 
Netpluz Managed SOC - MSS Service
byNetpluz Asia Pte Ltd
 
Cloud security and security architecture
byVladimir Jirasek
 
Cloud Computing Security Challenges
byYateesh Yadav
 
Overview of Data Loss Prevention (DLP) Technology
byLiwei Ren任力偉
 
The Open Group - ZT Commandments and Reference Model.pptx
byMark Simos
 
Zero Trust
byBoaz Shunami
 
Endpoint Security Pres.pptx
byNBBNOC
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
byParishSummer
 
Apresentação fortinet
byinternetbrasil
 
Cybersecurity Risk Management Program and Your Organization
byMcKonly & Asbury, LLP
 
The Zero Trust Model of Information Security
byTripwire
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
byEdureka!
 
2 Security Architecture+Design
byAlfred Ouyang
 
Endpoint Security
byAhmed Hashem El Fiky
 

Viewers also liked

PDF
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
byinfoLock Technologies
 
PDF
ePlus Managed Security Services
byePlus
 
PDF
Managed Security Services Infographic
byUnisys Corporation
 
PPT
Managed Services Presentation
byScott Gombar
 
PPTX
Introduction to STIX 101
bystixproject
 
PDF
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
byGlobal Business Events
 
PDF
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
bySounil Yu
 
PPTX
Understanding the Cyber Security Vendor Landscape
bySounil Yu
 
PDF
Powering IT Transformation For Any Business
byePlus
 
PPT
SOC presentation- Building a Security Operations Center
byMichael Nickle
 
PDF
hhue logo (1)
byKysha Cameron
 
PDF
Grad's ! What’s next ?
byNimish Joseph
 
PDF
PhD and Post PhD Network Security Visualization Research
byKulsoom Abdullah
 
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
byinfoLock Technologies
 
ePlus Managed Security Services
byePlus
 
Managed Security Services Infographic
byUnisys Corporation
 
Managed Services Presentation
byScott Gombar
 
Introduction to STIX 101
bystixproject
 
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
byGlobal Business Events
 
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
bySounil Yu
 
Understanding the Cyber Security Vendor Landscape
bySounil Yu
 
Powering IT Transformation For Any Business
byePlus
 
SOC presentation- Building a Security Operations Center
byMichael Nickle
 
hhue logo (1)
byKysha Cameron
 
Grad's ! What’s next ?
byNimish Joseph
 
PhD and Post PhD Network Security Visualization Research
byKulsoom Abdullah
 

Similar to Managed Security Services from Symantec

PDF
Si InfoSecMiddleEastLR0516
bySaad Khan
 
PDF
MID_SIEM_Boubker_EN
byVladyslav Radetsky
 
PDF
Eximbank security presentation
bylaonap166
 
PPT
Information Security
byMohit8780
 
PDF
Axxera Security Solutions
byakshayvreddy
 
PDF
Addressing the cyber kill chain
bySymantec Brasil
 
PPTX
Tictaclabs Managed Cyber Security Services
byTicTac Data Recovery
 
PDF
Network Security - Luxury or Must Have?
byAllot Communications
 
PPTX
Managed Security Operations Centre Alternative - Managed Security Service
byNetpluz Asia Pte Ltd
 
PDF
Atelier Technique SYMANTEC ACSS 2018
byAfrican Cyber Security Summit
 
PPTX
Build a Cyber Resilient Network with Symantec
byArrow ECS UK
 
PDF
Active security monitoring
byPetra Divekyova
 
PPTX
Standardizing and Strengthening Security to Lower Costs
byOpenDNS
 
PPTX
Karunia Wijaya - Proactive Incident Handling
byIndonesia Honeynet Chapter
 
PPTX
You Spent All That Money And Still Got Owned
byJoe McCray
 
PPTX
Esteban Próspero
byClusterCba
 
PPTX
Delivering Security Within the MAX Remote Management Platform - Todd Haughland
byMAXfocus
 
PDF
SIEM evolution
byStijn Vande Casteele
 
PDF
Improve network safety through better visibility – Netmagic
byNetmagic Solutions Pvt. Ltd.
 
PDF
Managed security services for financial services firms
byJake Weaver
 
Si InfoSecMiddleEastLR0516
bySaad Khan
 
MID_SIEM_Boubker_EN
byVladyslav Radetsky
 
Eximbank security presentation
bylaonap166
 
Information Security
byMohit8780
 
Axxera Security Solutions
byakshayvreddy
 
Addressing the cyber kill chain
bySymantec Brasil
 
Tictaclabs Managed Cyber Security Services
byTicTac Data Recovery
 
Network Security - Luxury or Must Have?
byAllot Communications
 
Managed Security Operations Centre Alternative - Managed Security Service
byNetpluz Asia Pte Ltd
 
Atelier Technique SYMANTEC ACSS 2018
byAfrican Cyber Security Summit
 
Build a Cyber Resilient Network with Symantec
byArrow ECS UK
 
Active security monitoring
byPetra Divekyova
 
Standardizing and Strengthening Security to Lower Costs
byOpenDNS
 
Karunia Wijaya - Proactive Incident Handling
byIndonesia Honeynet Chapter
 
You Spent All That Money And Still Got Owned
byJoe McCray
 
Esteban Próspero
byClusterCba
 
Delivering Security Within the MAX Remote Management Platform - Todd Haughland
byMAXfocus
 
SIEM evolution
byStijn Vande Casteele
 
Improve network safety through better visibility – Netmagic
byNetmagic Solutions Pvt. Ltd.
 
Managed security services for financial services firms
byJake Weaver
 

More from Arrow ECS UK

PDF
Grow your future with leasing.
byArrow ECS UK
 
PDF
Arrow are No.1 Juniper Networks Authorised Education Partner
byArrow ECS UK
 
PDF
Arrow are No.1 Check Point Training Centre
byArrow ECS UK
 
PDF
Arrow Live Class Link
byArrow ECS UK
 
PDF
Arrow ECS Social Media for Business Partners
byArrow ECS UK
 
PDF
2014 ofcom communications_market_report_internet
byArrow ECS UK
 
PDF
Arrow IBM MSP & ISV Jam - Jonathan MacDonald Presentation
byArrow ECS UK
 
PDF
Arrow IBM MSP & ISV Jam - Stuart Simmons
byArrow ECS UK
 
PDF
Arrow IBM MSP & ISV Jam - Jonathan MacDonald
byArrow ECS UK
 
PDF
Arrow IBM MSP & ISV Jam - Ian French
byArrow ECS UK
 
PDF
Arrow IBM MSP & ISV Jam - David Fearne
byArrow ECS UK
 
PDF
Arrow IBM MSP & ISV Jam - The Complete Story
byArrow ECS UK
 
PDF
Helping Innovators to Innovate, Arrow ECS and IBM
byArrow ECS UK
 
PDF
Arrow and IBM, MSP & ISV Jam
byArrow ECS UK
 
PPTX
IBM Business Analytics Marketing Overview
byArrow ECS UK
 
PPTX
Gain maximum benefit from Channel Technical Professionals and the technical p...
byArrow ECS UK
 
PPTX
IBM - Full year Go-to-market plan template
byArrow ECS UK
 
PPT
How to Win against the Competition
byArrow ECS UK
 
PPT
Align IBM with your business for IBM Business Partners
byArrow ECS UK
 
PPTX
Working with the IBM Business Analytics Channel
byArrow ECS UK
 
Grow your future with leasing.
byArrow ECS UK
 
Arrow are No.1 Juniper Networks Authorised Education Partner
byArrow ECS UK
 
Arrow are No.1 Check Point Training Centre
byArrow ECS UK
 
Arrow Live Class Link
byArrow ECS UK
 
Arrow ECS Social Media for Business Partners
byArrow ECS UK
 
2014 ofcom communications_market_report_internet
byArrow ECS UK
 
Arrow IBM MSP & ISV Jam - Jonathan MacDonald Presentation
byArrow ECS UK
 
Arrow IBM MSP & ISV Jam - Stuart Simmons
byArrow ECS UK
 
Arrow IBM MSP & ISV Jam - Jonathan MacDonald
byArrow ECS UK
 
Arrow IBM MSP & ISV Jam - Ian French
byArrow ECS UK
 
Arrow IBM MSP & ISV Jam - David Fearne
byArrow ECS UK
 
Arrow IBM MSP & ISV Jam - The Complete Story
byArrow ECS UK
 
Helping Innovators to Innovate, Arrow ECS and IBM
byArrow ECS UK
 
Arrow and IBM, MSP & ISV Jam
byArrow ECS UK
 
IBM Business Analytics Marketing Overview
byArrow ECS UK
 
Gain maximum benefit from Channel Technical Professionals and the technical p...
byArrow ECS UK
 
IBM - Full year Go-to-market plan template
byArrow ECS UK
 
How to Win against the Competition
byArrow ECS UK
 
Align IBM with your business for IBM Business Partners
byArrow ECS UK
 
Working with the IBM Business Analytics Channel
byArrow ECS UK
 

Recently uploaded

PPTX
CTO Strategy OS 2026: The Tech, AI & Cloud Playbook Boards Want
byridwansassman
 
PPTX
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
PDF
From Artificial Intelligence to African Intelligence: Transforming Research &...
byMoses Kemibaro
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
PDF
February 2026 Patch Tuesday hosted by Chris Goettl and Todd Schell
byIvanti
 
PPTX
Celonis Optimizing your future with process
bydevjeremyappleyard
 
PDF
apidays Paris 2025 | Zero Trust By Design
byapidays
 
PDF
How does MES(Manufacturing Execution System) work?
byakipii ogaoga
 
PPTX
PPTX game guess the logo with a twistppt
byAdrianAnig
 
PDF
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
PPTX
Spacecraft Guidance Quick Research Guide by Arthur Morgan
byArthur Morgan
 
PDF
Explaining the flow of purpose-specific BOM
byakipii ogaoga
 
PDF
Empower your IT team with cloud-based PC management using Dell Management Por...
byPrincipled Technologies
 
PDF
Explaining specific examples of purpose-specific BOM
byakipii ogaoga
 
PDF
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
PDF
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
PDF
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
PDF
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
PPTX
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
PPTX
apidays Paris 2025 | Building Agentic Workflows
byapidays
 
CTO Strategy OS 2026: The Tech, AI & Cloud Playbook Boards Want
byridwansassman
 
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
From Artificial Intelligence to African Intelligence: Transforming Research &...
byMoses Kemibaro
 
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
February 2026 Patch Tuesday hosted by Chris Goettl and Todd Schell
byIvanti
 
Celonis Optimizing your future with process
bydevjeremyappleyard
 
apidays Paris 2025 | Zero Trust By Design
byapidays
 
How does MES(Manufacturing Execution System) work?
byakipii ogaoga
 
PPTX game guess the logo with a twistppt
byAdrianAnig
 
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
Spacecraft Guidance Quick Research Guide by Arthur Morgan
byArthur Morgan
 
Explaining the flow of purpose-specific BOM
byakipii ogaoga
 
Empower your IT team with cloud-based PC management using Dell Management Por...
byPrincipled Technologies
 
Explaining specific examples of purpose-specific BOM
byakipii ogaoga
 
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
apidays Paris 2025 | Building Agentic Workflows
byapidays
 

Managed Security Services from Symantec

  • 1.
    Managed Security Servicesfrom Symantec Chris Collier Presales Specialist – Security Arrow ECS
  • 2.
    Agenda • MSS high-leveloverview • Industry Examples • Things to think about • Summary • Q&A Symantec Managed Services
  • 3.
    Managed Security ServicesMission Statement Symantec Managed Security Services (MSS) helps organizations anticipate and counteract the constantly changing threat environment by providing: • Unparalleled global threat visibility. • Comprehensive edge-to-endpoint incident detection and analysis. • 24/7 direct access to Symantec’s industry-leading security specialists. Symantec Managed Security Services
  • 4.
    Symantec Managed SecurityServices Security Monitoring – – – – – – – 24x7x365 global operation >300 staff dedicated to delivering MSS >50 GIAC-certified Intrusion Analysts 10min Severe Event Escalation Warranty High Accuracy, Low False-positive Collect , retain and analyse >400B logs per month Escalate >400 validated severe incidents per day across 1,200 Global customers – Strong Service Governance (ITIL, ISO27001, SSAE 16) Infrastructure Management – Network IDS/IPS Management Services – Firewall Management Services – Symantec Endpoint Protection Management Services Symantec Managed Security Services
  • 5.
    Symantec Managed SecurityServices The only Gartner recognised leader in ALL regions Unparalleled Global Intelligence Network Edge-to-Endpoint Security Monitoring Enterprise-wide Pricing Model NIDS HIDS Web Proxy Firewall Endpoint OS & Apps WebApp Firewall Network Infra. VA Symantec Managed Security Services
  • 6.
    Critical Protection Challenges HowMSS Can Help Visibility Focus on top priorities Stay ahead of threats Evolving Threat Landscape • Targeted attacks • Social networking • Zero-day vulnerabilities and rootkits • Attack kits • Mobile threats Symantec Managed Security Services Build a sustainable program Connect to Business
  • 7.
    Critical Protection Challenges HowMSS Can Help Visibility Focus on top priorities Build a sustainable program Connect to Business Stay ahead of threats Where are the gaps? • Complete coverage of surface area, Edge-to-Endpoint • Standardise security monitoring across all sites, all geographies, all systems • Where am I at risk of attack? Symantec Managed Security Services NIDS HIDS Web Proxy Firewall Endpoint OS & Apps WebApp Firewall Network Infra. VA
  • 8.
    Critical Protection Challenges HowMSS Can Help Visibility Focus on top priorities Stay ahead of threats Actionable Incidents • Focus on the most critical problems first • Eliminate the risk of chasing irrelevant events • Avoid over and under-reacting • Report everything Symantec Managed Security Services Build a sustainable program Connect to Business
  • 9.
    Critical Protection Challenges HowMSS Can Help Visibility Focus on top priorities Stay ahead of threats Security Operation Demands • • • • • 24x7, Global, Certified Scalable, Available Performing Future ‘proof’ architecture Recruitment Symantec Managed Security Services Build a sustainable program Connect to Business
  • 10.
    Critical Protection Challenges HowMSS Can Help Visibility Focus on top priorities Stay ahead of threats How to Demonstrate Value? • • • • Protect revenue Process improvement Predictable cost-base Measure and report on effectiveness and improvement • Time-to-Benefit Symantec Managed Security Services Build a sustainable program Connect with Business
  • 11.
    Symantec MSS Portfolio DeepsightGlobal Threat Intelligence • Unified threat Intelligence portal and XML Data Feeds • Vulnerability, Threat and Risk content Log Collection, Retention and Access Firewalls • 2FA Portal Access, tamper proof, searchable, exportable • PCI and ISO27001 reporting features IDS / IPS Real-time Security Monitoring and Analysis Web Proxy • 24x7 security event monitoring and log analysis • Global Intelligence Network correlation Endpoint Security Incident Notification and Reporting OS & Apps • Incident Prioritisation, 10min Severe Event Notification • Real-time security dashboard Switches & Routers Infrastructure Management • Managed Network IDS/IPS, Managed Firewall, Managed SEP
  • 12.
    Monitoring Service Tiers ServiceTransition Essential Advanced Log Collection Correlation Analysis GIN •Collect Logs from Man Systems •Store Logs Online •Available for Download and Reporting •Internal Vulnerabilities •Rate against Assets •Analyze against log/alert data •Enterprise Wide Security Analysis •Expert Human Analysis •Protect Information Assets •Correlate Against GIN •Anomalous Activity monitoring •Protect against Emerging Threats Applicable to ALL Systems Applicable to ALL Systems Applicable to all Systems with Security Data Applicable to Egress Points, such as FW’s Symantec Managed Security Services
  • 13.
    Global Intelligence Network Identifiesmore threats, takes action faster & prevents impact Calgary, Alberta San Francisco, CA Mountain View, CA Culver City, CA Dublin, Ireland Tokyo, Japan Chengdu, China Austin, TX Taipei, Taiwan Chennai, India Pune, India Worldwide Coverage Global Scope and Scale 24x7 Event Logging Rapid Detection Attack Activity Malware Intelligence • 240,000+ sensors • 64M total internet sensors • 200+ countries • 180M+ systems monitored • 13 security response centers Preemptive Security Alerts Symantec Managed Security Services Vulnerabilities • 50,000+ vulnerabilities • 15,000+ vendors • 105,000+ technologies Information Protection Spam/Phishing • 5M+ decoy accounts • 8B+ email messages/day • 1B+ web requests/day Threat Triggered Actions
  • 14.
    Process - SymantecSecurity Monitoring Firewalls/ VPN Intrusion Detection Systems Server and Desktop OS User Activity Monitoring Network Equipment Critical file modifications Vulnerability Assessment Anti-Virus Policy Malicious IP Changes Traffic Applications Web Traffic Identified . threats Known vulnerabilities Business-critical IT assets Risk-based Prioritization Industrial IT Security 2012 Databases Tens of Millions: Raw Events Millions: Security Relevant Events Hundreds: Correlated Events Threat Determined
  • 15.
    Without MSS Service Device Logs: PerimeterFW LAN FW IDS Web Proxy http://paypay.co/vv/config.bin Outbound TCP connection acc from 10.1.25.1 to 98.77.1.11/80 10.1.25.1 --> 98.77.1.11 - Overnet Client Scan Inbound TCP connection acc from 14.28.75.64 to 12.55.26.85/80 Inbound TCP connection acc from 10.2.75.64 to 10.1.26.85/445 10.2.1.58 --> 44.75.26.88 - POLICY Yahoo Webmail client chat http://121.242.39.105/www.paypa l.us/account.limited.us/cgi.bin/we bscr.htm Outbound TCP connection acc from 10.1.25.1 to 98.77.1.11/80 Outbound TCP connection acc from 10.1.25.1 to 98.77.1.11/80 10.1.22.7 --> 16.1.82.9 SHELLCODE base64 x86 NOOP http://yeeshiedot.ru/bin/xingaepa. bin Outbound TCP connection acc from 10.1.22.7 to 55.10.17.22/80 Outbound TCP connection acc from 10.1.22.7 to 55.10.17.22/80 10.1.11.4 --> 64.99.57.12 SHELLCODE x86 NOOP http://zsbiz.in/php/cfg002.bin Inbound TCP connection acc from 14.28.75.64 to 12.55.26.85/80 Internet Outbound TCP connection acc from 10.1.25.1 to 10.2.55.17/445 Outbound TCP connection acc from 10.2.14.1 to 10.1.14.1/445 10.2.64.27 --> 18.197.26.177 SNMP trap udp Outbound TCP connection acc from 10.1.25.1 to 98.77.1.11/80 Outbound TCP connection drop from 10.1.25.1 to 98.77.1.11/25 19.11.157.22 --> 45.4.55.1 - SQL Query in HTTP Request Outbound UDP connection acc from 10.235.22.11 to 198.28.22.5/53 Outbound UDP connection acc from 10.2.32.11 to 10.1.19.11/137 48.45.66.99 --> 48.77.88.11 - UDP eDonkey Activity Outbound TCP connection acc from 10.1.17.4 to 18.7.13.2/80 10.2.1.58 --> 44.75.26.88 - WEBMISC cat%20 access Inbound TCP connection acc from 14.28.75.64 to 12.55.26.85/80 Outbound TCP connection acc from 10.1.22.7 to 55.10.17.22/80 Inbound UDP connection acc from 198.28.22.5 to 10.235.22.11/10256 Inbound TCP connection acc from 14.28.75.64 to 12.55.26.85/80 Outbound TCP connection acc from 10.1.25.1 to 98.77.1.11/80 Inbound TCP connection acc from 14.28.75.64 to 12.55.26.85/80 Outbound TCP connection acc from Outbound ICMP ping acc from 10.1.25.1 to 10.2.1.11/ 00-08 Windows SMB 10.1.11.4 --> 64.99.57.12 - WEBtraffic PHP test.php access http://ww3.irs.gov.binnet11.net/re fund/form http://johgheejae.ru/bin/laangiet. LAN bin http://push.bbc.co.uk/http-bind/ http://scores.espn.go.com/ncf/cas ter/snapshot?sessionId=CFBGamec LAN 2 ast9 http://money.cnn.com/.element/s si/main/2.0/content_ssi.exclude.ht ml Outbound TCP connection drop from 10.1.25.1 toEmail traffic 14.231.5.16/25 10.2.64.27 --> 18.197.26.177 SNMP request udp http://www.sunshinelive.de/typo3temp/JS_playlistfeed _hash.txt? Outbound TCP connection acc from 10.1.22.7 to 55.10.17.22/80 10.2.64.27 --> 18.197.26.177 SNMP public access udp 9140000/newsid_9141700/ Inbound TCP connection acc from 14.28.75.64 to 12.55.26.85/80 10.2.1.58 --> 27.192.26.88 IRC_Rogue_Session http://cdnedge.bbc.co.uk/sport/hi /english/static/football/statistics Outbound TCP connection acc from 10.1.25.1 to 10.2.55.17/445 10.1.25.1 --> 98.77.1.11 - Overnet Client Scan http://jskit.com/api/echo/subscribe?existin 15 gRenderers=%5B0%2C1%5D& Inbound TCP connection acc from 10.2.75.64 to 10.1.26.85/445 10.2.1.58 --> 44.75.26.88 - POLICY Web traffic 1 http://www.youtube.com/set_awe
  • 16.
    Example Stats, oneWednesday afternoon... • Log lines analysed - 15,279,389,291 • Number of Incidents Created including Summaries - 7966 • Number of Real Time Incidents presented to analysts for validation – 3124 • Number of Real Time Published Incidents – 964 • Number of Summary Published Incidents - 1007 • Number of Real Time Critical Incidents – 244 Symantec Managed Services
  • 17.
    Symantec MSS Portal •Customizable modules for organizing data in different ways • Trend graphs for visibility of incident trends • New Incidents arrive in real time to the Home Page • Modular elements customizable to each user Symantec Managed Security Services
  • 18.
    Symantec Managed SecurityServices Reliability and Trust - Symantec Managed Security Services has been a Gartner Quadrant Leader for 11 consecutive years Proven – Symantec Managed Service s clients include 6 of Fortune 10, 44 of Fortune 100 and 117 of Fortune 500 Scalable - Symantec MSS analyzes >12 Billion logs from 727,000 devices every day Detection - Symantec MSS identifies an average of 15,000 security events and escalates 200 critical incidents every day Flexible – Symantec has flexible pricing and service levels to deliver the right protection and compliance at the right price. Personal – Symantec provides Named personnel for transition , service management and security analysis duties to drive personal relationships and customer care Symantec Managed Security Services
  • 19.

Editor's Notes

  • #7 Symantec detected over 286 million new malware variants and recorded over 3 billion malware attacks in 2010. Average cost of U.S. data breach: $7.2 million1
  • #13 Advanced Security MonitoringSymantec MSS Advanced Security Monitoring Service provides enterprise-wide, intelligence-driven security analysis to identify known and emerging threats to critical infrastructure, enabling clients to protect their information assets and demonstrate compliance with industry regulations.Essential Security MonitoringSymantec MSS Essential Security Monitoring Service provides enterprise-wide security analysis to identify threats to critical infrastructure, enabling clients to protect their information assets and demonstrate compliance with industry regulations.Talk about HLR for some systems, and how this relates.NOTE ESSENTIALSOC writes own signaturesEmerging ThreatsNOTE ADVANCEDDon’t need to do day oneDue Diligence for choice of systems to uplift
  • #14 Slide ObjectiveDescribe the strength of the Global Intelligence Network, which is truly a differentiator for Symantec. ScriptAt the heart of all of our products is the Symantec Global Intelligence Network. We are incredibly proud of this Network, and it just gets more and more powerful all the time.We have a 95% detection rate—that’s the highest of any security vendor And the lowest number of false positives (0.0001%)***KM: This is just the anti-spam stat. What stat do we have for our overall effectiveness?***This is, by far, the largest, most sophisticated intelligence network on the planet.It processes over 8 billion email messages daily and gathers malicious code data from 130 million systemsThe Network updates every 5-10 Minutes from 240,000 Sensors In over 200 CountriesThere are more than 35,000 vulnerabilities in the Symantec vulnerability databaseThere are 5 million decoy accounts in the Symantec Probe NetworkThere are 4 Symantec Security Operations Centerslocated in Australia, UK, USA, IndiaThere are 11 Security Response Centers in the USA, Australia, Canada, India, China, IrelandWhat all of this means is that if there is a malicious attack about to hit you, we know about it first. We block it, we keep it from affecting your business, and we tell you how to take action. It’s about prioritized risk and response, and our intelligence network keeps you protected and tells you what to do first. There simply is no approach that’s faster or more thorough than ours. This Network is the main reason that 99% of the Fortune 500 & 1000 utilize our products. This is what makes all the difference between having security software and knowing that your information is protected 24/7.
  • #16 The theme of this slide is “There are five things wrong with this network that are invisible wit h your current monitoring”.Host infected with Botnet malware via browser attackTCP 445 worm on the LANSMTP spambot infectionSMTP server being used as open relayWeb server being targetted by vulnerability scan
  • #19 Endpoint Security (#1 market position2, Positioned in Leader’s Quadrant in Gartner Magic Quadrant3)• Messaging Security (#1 market position4, Positioned in Leader’s Quadrant in Gartner Magic Quadrant leader5) • Policy & Compliance (#1 market position6)• Email Archiving (#1market position7, Positioned in Leader’s Quadrant in Gartner Magic Quadrant8, Forrester Wave leader9)• Data Loss Prevention (#1 market position, Positioned in Leader’s Quadrant in Gartner Magic Quadrant10 and Forrester Wave leader11)• Security Management (#1 market position12)• Security Information & Event Management (SIEM) (Positioned in Leader’s Quadrant in Gartner Magic Quadrant13)• Network Access Control (Positioned in Leader’s Quadrant in Gartner Magic Quadrant14)• Endpoint Management (Positioned in Leader’s Quadrant in Gartner Magic Quadrant15)