The document discusses securing endpoints using Novell Zenworks Endpoint Security Management, highlighting economic impacts on security, compliance with regulations like PCI and ISO 27002, and threats from data breaches. It emphasizes the importance of data loss prevention strategies and the challenges posed by the evolving nature of endpoints as external threats. The presentation includes a demonstration of Zenworks' security features and an invitation for questions and further discussion.

1. Securing Your Endpoints
Using Novell ZENworks ® ®
Endpoint Security Management
Pete Green Scott Guscar
Technical Specialist - ZENworks Technology Sales Specialist
Novell, Inc./pegreen@novell.com Novell, Inc./sguscar@novell.com

2. Agenda
• Economic Effects on Security
• Compliance
• High Profile Breaches
• DLP/ILP
• “Yes. Endpoints are Outsiders.”
• ZENworks Endpoint Security Features
®
• Demonstration
• Questions and Answers
2 © Novell, Inc. All rights reserved.

3. Economic Effects on IT Security
2010

4. Economic Effects on IT Security 2010
4 © Novell, Inc. All rights reserved.

5. Economic Effects on IT Security 2010
(cont.)
Threats
Information
Security
Budgets
C
h
a
n
g
e
Upturn Downturn Upturn
Time
5 © Novell, Inc. All rights reserved.

6. Compliance
2010

7. Compliance 2010
• PCI Focus • Legal picture of PCI is
• SAS-70 very bleak and very real
• ISO 27002
• Who is minding the legal
risk?
– Instead of focusing on detail
of PCI-DSS, adopt ISO • Negligence is no excuse
27002 for holistic security
T.J. Hooper as precedent
“Radio is new technology. We can’t be expected to have radio on our cargo ships!”
There are precautions so imperative that even their universal disregard will
not excuse their omission.
The T.J.Hooper 60 F.2d 737 (2nd cir), cert. denied, 287 U.S. 662 (1932).
7 © Novell, Inc. All rights reserved.

8. High Profile Breaches

9. High Profile Breaches
Source: Privacy Rights Clearinghouse
9 © Novell, Inc. All rights reserved.

10. DLP/ILP

11. DLP 2010
• Data Leakage Prevention
• Data Loss Prevention
• Data Loss Protection
• Information Leak Prevention
• Information Loss Prevention DLP Calculator - http://www.tech-404.com/calculator.html
• Information Loss Protection
11 © Novell, Inc. All rights reserved.

12. DLP 2010
(cont.)
Endpoint Network/E-mail Appps/DB FS/CMS Storage
LAN
Internal Enterprise Production
Employee Applications Database File Server
Disk Arrays Backup Tape
WAN
Remote VPN Disk Arrays Backup Systems
Employee Business Replica File Server
Analytics
Disk Arrays Backup Disk
Partners Collaboration and
Outsourced Staging Content Mgmt.
Dev. Systems
Endpoint Network/E-mail Appps/DB FS/CMS Storage
12 © Novell, Inc. All rights reserved.

13. DLP 2010
(cont.)
Endpoint Network/E-mail Appps/DB FS/CMS Storage
LAN
Network Leak
Endpoint Priviledge User Priviledge User Tapes lost or
Internal Email-IM- HTTP- EnterpriseBreachProduction
theft/loss FileBreach
Server stolen
Employee FTP-etc. Applications Database
Disk Arrays Backup Tape
WAN
Remote VPN Disk Arrays Backup Systems
Endpoint Leak Email leak or BusinessApps. DB or
Replica File Server
Employee File Server/CMS
Via print/copy Packets sniffed Encryption Key
Analytics Hack
In transit Hack
Disk Arrays Backup Disk
Partners Public
Collaboration and
(Semi)
IP Sent to
Infrastructure Outsourced Staging
Unintentional Content User
Trusted Mgmt.
Discarded disk
non trusted user Dev. Distribution Systems exploited
Access Hack Misuse
Endpoint Network/E-mail Appps/DB FS/CMS Storage
13 © Novell, Inc. All rights reserved.

14. DLP 2010
(cont.)
Endpoint Network/E-mail Appps/DB FS/CMS Storage
LAN
Network Leak
Endpoint Priviledge User Priviledge User Tapes lost or
Internal Email-IM- HTTP- EnterpriseBreachProduction
theft/loss FileBreach
Server stolen
Employee FTP-etc. Applications Database
Disk Arrays Backup Tape
WAN
Remote VPN Disk Arrays Backup Systems
Endpoint Leak Email leak or BusinessApps. DB or
Replica File Server
Employee File Server/CMS
Via print/copy Packets sniffed Encryption Key
Analytics Hack
In transit Hack
Disk Arrays Backup Disk
Partners Public
Collaboration and
(Semi)
IP Sent to
Infrastructure Outsourced Staging
Unintentional Content User
Trusted Mgmt.
Discarded disk
non trusted user Dev. Distribution Systems exploited
Access Hack Misuse
Endpoint Network/E-mail Appps/DB FS/CMS Storage
14 © Novell, Inc. All rights reserved.

15. DLP 2010
(cont.)
File shares, Servers, Laptops 300+ File Typed Databases and Repositories
-Microsoft file shares -Microsoft Office Files -SharePoint, Documentum
-Unix file shares -PDF's -Lotus Notes, Exchange
-NAS/SAN storage -PSTs -Microsoft Access
-Oracle, SQL, DB2
-Windows 2000, 2003 -Zip Files
Data at Rest -Windows XP, Vista
-Contact Mgmt Systems
File shares, Servers, Laptops Instant Messages Web Traffic
-SMTP email -Yahoo IM -FTP
-Exchange, Lotus, etc. -MSN Messenger -HTTP
-Webmail -AOL Messenger -HTTPS
-Text and attachments -TCP/IP
Data in Motion
Print and Burn USB Copy and Save As
-Local printers -External hard drives -Copy to Network shares
-Network printers -Memory sticks -Copy to external drives
-Burn ro CDs/DVDs -Removable media -Save As to external
drives
Data in Use
15 © Novell, Inc. All rights reserved.

16. DLP 2010
(cont.)
File shares, Servers, Laptops 300+ File Typed Databases and Repositories
-Microsoft file shares -Microsoft Office Files -SharePoint, Documentum
-Unix file shares -PDF's -Lotus Notes, Exchange
-NAS/SAN storage -PSTs -Microsoft Access
-Oracle, SQL, DB2
-Windows 2000, 2003 -Zip Files
Data at Rest -Windows XP, Vista
-Contact Mgmt Systems
File shares, Servers, Laptops Instant Messages Web Traffic
-SMTP email -Yahoo IM -FTP
-Exchange, Lotus, etc. -MSN Messenger -HTTP
-Webmail -AOL Messenger -HTTPS
-Text and attachments -TCP/IP
Data in Motion
Print and Burn USB Copy and Save As
-Local printers -External hard drives -Copy to Network shares
-Network printers -Memory sticks -Copy to external drives
-Burn ro CDs/DVDs -Removable media -Save As to external
drives
Data in Use
16 © Novell, Inc. All rights reserved.

17. Yes. Endpoints are Outsiders

18. Endpoints are Outsiders 2010
• “There used to be this thing called the ‘Network Perimeter’”.
Exhibit 2.
The B orderless Enterprise
Source: Yankee Group, 2009
Desktop Pager
video
E-mail
Mobile Phone
Conferencing Audio
Your Business Conferencing
Front Back Fax
Suppliers SCM Office ERP Office
CRM Customers
Collaboration
Software
Employees
Voice Mail
Messaging
Software Laptop
Phone
PDA Room Based
video
18 © Novell, Inc. All rights reserved.

19. Endpoints are Outsiders 2010
(cont.)
Source: ISSA Journal, June 2009 – A Forward-looking Approach to the Network Perimeter Paradigm, by Fernando Alonso
19 © Novell, Inc. All rights reserved.

20. Endpoints are Outsiders 2010
(cont.)
• Over 26,000 different USB • Billions and billions of USB
products exist, 4.3 billion devices have been sold to date
shipped in 2007 – Over 220 million iPods
– Storage devices – Over 30 million iPhones
– Networking adapters – ANY form factor
– Printers, scanners, webcams – Music albums now sold as USB
– Coffee warmers, hand – Their capacity keeps growing –
massagers 16GB flash drive is $20
– Virtually impossible to trace
Source: In-STAT/MDR
20 © Novell, Inc. All rights reserved.

21. Inside ZENworks Endpoint Security
®

22. Inside ZENworks Endpoint Security ®
22 © Novell, Inc. All rights reserved.

23. ZENworks Endpoint Security
®
Demonstration

24. ZENworks Endpoint Security
®
Questions and Answers

25. Inside ZENworks Endpoint Security ®
(cont.)
25 © Novell, Inc. All rights reserved.

26. Inside ZENworks Endpoint Security ®
(cont.)
26 © Novell, Inc. All rights reserved.

27. Inside ZENworks Endpoint Security ®
(cont.)
27 © Novell, Inc. All rights reserved.

28. Inside ZENworks Endpoint Security ®
(cont.)
28 © Novell, Inc. All rights reserved.

29. Inside ZENworks Endpoint Security ®
(cont.)
29 © Novell, Inc. All rights reserved.

30. Inside ZENworks Endpoint Security ®
(cont.)
30 © Novell, Inc. All rights reserved.

31. Inside ZENworks Endpoint Security ®
(cont.)
31 © Novell, Inc. All rights reserved.

33. Unpublished Work of Novell, Inc. All Rights Reserved.
This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc.
Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope
of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified,
translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc.
Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General Disclaimer
This document is not to be construed as a promise by any participating company to develop, deliver, or market a
product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in
making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents
of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any
particular purpose. The development, release, and timing of features or functionality described for Novell products
remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to
make changes to its content, at any time, without obligation to notify any person or entity of such revisions or
changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc.
in the United States and other countries. All third-party trademarks are the property of their respective owners.