The document summarizes Symantec Endpoint Suite, which includes several security products that provide layered protection for endpoints, email, and mobile devices. It discusses Symantec Endpoint Protection for antivirus and antimalware on endpoints, Symantec Endpoint Encryption for data encryption, Symantec Mobile Threat Protection and Management for mobile security, and Symantec Messaging Gateway for email security. The suite aims to simplify security management and reduce costs through an integrated platform that protects against threats, data loss, and reduces complexity.

1. SYMANTEC ENDPOINT SUITE
SYMANTEC ENDPOINT SUITE WITH EMAIL
Ján Kvasnička
Senior Pre-Sales Consultant

2. ENDPOINT SUITE’S PRODUCTS AND BENEFITS
2

3. Agenda
1 Symantec Endpoint Protection
2 Symantec Endpoint Encryption
3
Symantec Mobile Threat Protection
and
Symantec Mobile Management
4 Symantec Messaging Gateway
Copyright © 2014 Symantec Corporation
3

4. Symantec Endpoint Protection
4

5. WHAT THIS MEANS FOR ENDPOINT PROTECTION
5
Simple
Management
Optimized for
Performance
Layered Protection
at the Endpoint
Need layers of protection in a single client, managed
through a single console
Must protect against mass malware, mutating malware,
zero-day threats and targeted attacks
Solution should be designed to minimize impact on systems
and users, especially endpoints with low bandwidth
Security
Intelligence and
Analytics
Need security intelligence backed by global data collection
capabilities and highly skilled security analysts

6. UNRIVALED SECURITY WITH LAYERED PROTECTION
Layered protection to stop targeted attacks and zero-day threats
6
FIREWALL AND
INTRUSION
PREVENTION
ANTIVIRUS SONAR
Blocks malware
before it spreads
to your machine
and controls
traffic
Scans and
eradicates
malware that
arrives on a
system
Determines safety
of files and
websites using
the wisdom of the
community
Monitors and
blocks files
that exhibit
suspicious
behaviors
Aggressive
remediation of
hard-to-remove
infections
NETWORK FILE REPUTATION BEHAVIOR REPAIR
POWER
ERASER
INSIGHT

7. UNRIVALED SECURITY WITH INSIGHT
Age, frequency, and location are used to expose unknown
threats
7
Big Data Analytics
Analytics
Warehouse
Analysts
Attack Quarantine
System
Endpoints
Gateways
3rd Party
Affiliates
Global Sensor
Network
Symantec Threat Intelligence Network
Global Data Collection
Honeypots
Bad safety rating
File is blocked
No safety rating yet
Can be blocked
Good safety rating
File is whitelisted

8. UNRIVALED SECURITY WITH SONAR
Behavioral monitoring stops zero-day and unknown threats
8
Human-authored
Behavioral Signatures
Behavioral Policy
Lockdown
Monitors nearly 1400 file behaviors to answer:
Who is it related to?What did it contain?Where did it come
from?What has it done?
Artificial Intelligence
Based Classification Engine

9. BLAZING PERFORMANCE WITH INSIGHT
Up to 70% reduction in scan overhead
9
Insight allows you to skip known good
files only scanning unknown flies
Traditional scanning has to scan
every file

10. SMARTER MANAGEMENT
10
VDI
SEP Manager
MAC
OSX
LINUX
GUP
EMBEDDEDWINDOWS
Single high-performance
client
Broad platform support
• Windows (+Win 10), Mac,
Linux, Virtual machines,
embedded systems
Single management
console
Reporting and Analytics
• Multi-dimensional analysis,
robust graphical reporting,
and an easy-to-use
dashboard (IT Analytics)
Remote deployment and
management
Efficient updates with
Group Update Provider

11. SYMANTEC ENDPOINT PROTECTION 12.1.6
11
UNRIVALED
SECURITY
BLAZING
PERFORMANCE
SMARTER
MANAGEMENT
• Layered endpoint
protection
• Insight reputation
analysis
• SONAR behavioral
analysis
• Largest civilian threat
intelligence network
• 70% less scan overhead
• Reduced client size
• 90% smaller clients for
embedded
• Scan de-duplication
• Smaller definition sets
• Single client and
management console
• Granular policy control
• Broad OS support
• Remote management
• Integrated reporting and
repair

12. Symantec Endpoint Encryption
12

13. SEE 11.0.1 Drive Encryption
Demonstration
Pre-Boot

14. Authentication Screen

15. After authentication, Windows loads…

16. No Windows login needed (Single Sign On)

17. Incorrect authentication

18. Help screen

19. Recovery Options

20. Help Desk Recovery Option

21. Or Self-Help Recovery Option

22. Symantec Endpoint Encryption Manager

23. Configure software options

24. Group and user management

25. Built-In reports

26. Client information

27. Client drive encryption information

28. Users associated with a client system

29. Symantec Mobile Threat Protection
Symantec Mobile Management

30. Norton Mobile Insight: Proactive App Risk Reporting
010
101
010
101
010
101
010
101
010
101
101
010
101
010
010
101
010
101
010
101
010
101
010
101
010
101
111
1
1 Android only. Data as of February 2015
16 MILLION
Android apps in our database
30,000 NEW APPS
Processed every 24 hours
200+ APP STORES
Crawled continuously
900,000 APPS
With medium or high battery or data usage
4 MILLION MALICIOUS
Apps identified
10 MILLION APPS
With intrusive behaviors or potential privacy leaks
Cloud-enabled, automated system dynamically generating unique mobile app risk intelligence
1TM
30

31. Refreshed UI
apps with
non-malware risks
Enables users to easily
make informed choices
about potentially risky apps
Default is to display only the
“Highest Concern” risks to
avoid unnecessary worry
App Advisor
31

32. Scans and notifies users about apps
that can excessively drain the
battery or have high data usage
1 Data collection in early stages.
Users can make informed choices
about apps that can impact their
experience and increase data plan cost
App Scanning for Performance Risks
32

33. Scans and notifies users about
potential app issues. Users can click
on the notification for further
information before downloading
Users can make informed choices
about apps before they download
App Advisor for Google Play1
33
1Auto scan of apps on Google Play supported on Android 4.0 or later except for
Samsung devices. Samsung devices running Android 4.2 or later is supported.

34. Web protection from known Malicious sites
34

35. Symantec Messaging Gateway
35

36. EMAIL SECURITY IS MORE THAN JUST STOPPING SPAM
36
Lower expenses
and investment in
administration
and infrastructure.
REDUCE COST
Keep
unwanted mail
out of the inbox
without blocking
legitimate
messages.
PROTECT USERS
Identify and
control the spread
of confidential
information and
comply with
regulations.
CONTROL DATA
Detect and block
targeted attacks,
malware, and
phishing from
entering your
environment.
PREVENT THREATS
$

37. CUSTOMIZABLE PROTECTION AGAINST MALWARE,
SPAM, AND GREY MAIL
37
Scans for newsletters,
marketing email, and
suspicious URLs
Configure policies by
group with distinct
actions for each type of
mail
PERSONALIZED
PROTECTION
Tracks over 400 million
known spam and safe
senders IPs.
Filters out up to 95% of
spam traffic based on
reputation.
ADAPTIVE REPUATATION
MANAGEMENT
Disarm attachment
cleaning
Over 20 detection
technologies
Greater than 99%
antispam effectiveness
ANTISPAM &
ANTIMALWARE

38. CONTROL OUTBOUND EMAIL TO PREVENT DATA LOSS
38
Use on-premise Gateway
Email Encryption or
cloud-based encryption
Policy based for
automatic encryption
ADD-ON CONTENT
ENCRYPTION
Protect confidential data
across Endpoint,
Network and Storage
Systems
Tight integration and
unified management
INTEGRATE WITH
SYMANTEC DLP
Over 100 pre-built
dictionaries, patterns,
and policy templates
Workflow and
remediation tools
Dedicated DLP
quarantine
BUILT-IN DATA LOSS
PREVENTION

39. Inbound Email
Security.cloud protection
Outbound Messaging
Gateway control with
DLP
HYBRID SOLUTION
VMware ESX, ESXi,
vSphere
Microsoft Hyper-V
VIRTUAL APPLIANCE
Three appliance sizes to
meet business needs
PHYSICAL APPLIANCE
FLEXIBLE DEPLOYMENT OPTIONS FOR ON-PREMISE
MAIL
39

40. • First layer of email security
• Network and protocol level email
security appliance
• Throttles and drops spam connections
to reduce load on internal mail servers
• Protects internal mail servers from
SMTP attacks
• Scans email to eliminate viruses, spam,
and advanced attacks
• Ensures compliance with corporate
email policies
• Prevents sensitive data from leaving
the organization
Overview – Symantec Messaging Gateway
40

41. Multiple layers of antivirus protection
41
• Virus Signature Protection
• Block executable file types
• Filter based on attachments, subject lines, SMTP headers,
etc.
Complete Message Content Analysis
• Zero-day Malware Protection
• Bloodhound Heuristic Analysis
• In-depth macro scanning
Predictive Content Inspection
• Multi-threaded Scanning
• LiveUpdate enables definition updates without downtime
• Flexible Workflow with Multiple Dispositions
• Mail/Zip Bomb Protection
High Performance
Symantec Antivirus Engine
• Viruses
• Mass-mailer
worms
• Trojan horses
• Spyware
• Bloodhound™
Heuristic
Definitions
• Script-Blocking
• Mail/zip Bomb
Protection
• Multi-threaded
Scanning for
Performance
• Engine Repair
• Decomposer and
File Typer for
Attachment
Scanning
• Scans within
container files
(zip, rar, etc.)

42. Disarm Advanced Persistent Threats & Targeted Attacks
42
• 85% of all recent high profile targeted attacks leveraged exploits in
email attachments for incursion.
• Luckcat, Nitro, Duqu, Taidoor, Elderwood
• The most secure approach is to remove this attack vector
completely.
Disarm can remove all potentially malicious
content, while preserving the visual integrity of
the document.
Disarm can remove all potentially malicious
content, while preserving the visual integrity of
the document.

43. Diarm removes all vulnerable content, not just
identified threats.
43
Vulnerable Content PDF Office 2003 Office 2007+
Javascript
Launch
Macros
Flash
3d
Attachments
Unused Objects
Custom Fonts
Image Reconstruct
Active X
Unknown
Embedded Doc

44. Antispam Protection
Multiple Layers of Antispam Protection
44
Adaptive
Reputation
Analysis
Signatures &
Heuristics
Authentication
User & Admin
Rules
1
2
3
4

45. Adaptive
Reputation
Analysis
Antispam Protection
Multiple Layers of Antispam Protection
45
• Global Reputation
• Open Proxy/Zombies
• Safe/Trusted Senders
• Suspect Spam
• Local Reputation
• Connection Classification
• Fastpass
Signature &
Heuristics
Authentication
User & Admin
Rules
1
2
3
4

46. Adaptive Reputation Management
46
• DNS Based lists leveraging Symantec’s Global Bad and Good Senders Lists
• Directory Harvest Attack protection
• Mass virus email attack recognition and protection
• Customizable administrator level bad and good sender lists
• Fastpass spam bypass to conserve system resources
Key Features

47. Adaptive
Reputation
Analysis
Antispam Protection
Multiple Layers of Antispam Protection
47
• Message Body & Attachment Signatures
• Fuzzy Body Hash Analysis
• URL Filtering (Fraud, HTTP, Adult)
• Message Header, Content, Language,
Structural, and Image AnalysisAuthentication
User & Admin
Rules
1
3
4
Signatures &
Heuristics
2

48. Optional Suspected Spam Threshold
48
• Message is assigned a spam score
• Messages over 90 are confirmed “spam”
• Administrators can set a lower threshold
• Message scored between 90 and the admin set
threshold is “Suspect Spam”
How it works
• Allows for more aggressive spam filtering
• Flexible policy enforcement
• Set different actions for spam and suspect spam
Benefits

49. 49
Pre-defined Antispam Policies
Symantec Messaging Gateway
• Production ready with pre-defined policies
• Customize actions based on end-user requirements
• Set different actions for confirmed spam and suspect spam
Key Features

50. Web-Based Spam Quarantine
50
Symantec Messaging Gateway
• Release quarantined message to the inbox
• Integration with LDAP for single sign-on
• Customizable end-user digest
• Flexible search functionality
• Automated message expiration
Key Features

51. End-user Quarantine Notifications
51
• Configurable delivery of email digest
• Informs users of new spam only
• Users can access, view, and release
messages quickly
• Users do not have to check quarantine
directly
Key Features

52. Adaptive
Reputation
Analysis
Antispam Protection
Multiple Layers of Antispam Protection
52
• Bounce Attack Prevention
• SMTP Authentication
• SPF, SenderID, DKIM
• SMTP over TLS
User & Admin
Rules
1
4
Authentication
/Encryption
3
Signatures &
Heuristics
2

53. Adaptive
Reputation
Analysis
Antispam Protection
Multiple Layers of Antispam Protection
53
• End-User and Global Allow and Block Lists
• Global 3rd Party IP List Integration
• Probe Accounts
• Multiple Dispositions:
o Spam, Suspect Spam, Newsletters,
Marketing Mail, Bounce Attacks, Sender
Authentication Failures, and Suspicious
URLs
• Customer-specific rules
1
Signatures &
Heuristics
2
Authentication3
User & Admin
Rules
4

54. Multiple Dispositions
54
• Gives more control to the customer
• Customizable actions for each disposition
• Allows customers the ability to define what is spam to them
• Available dispositions (spam): Bounce Attacks, Marketing Mail, Suspicious URLs, Newsletters,
Spam, Sender Authentication Failure, and Suspect Spam
Key Features

55. Sensitive Data is Leaving the Enterprise, Risking Brand and
Reputation
55
Intellectual Property
Competitive
Source Code
Engineering Specs
Strategy Documents
Pricing
Customer, Employee,
Patient Data
Regulatory Compliance
HIPAA, GLBA, PCI, State
Data Privacy, Caldicott,
PIPEDA
SSN, Credit Card
Numbers, Health Info
Company Confidential
Reputation
Press Release
Quarterly Earnings
M&A
CEO Internal Email
• 1:400 emails contain confidential information
• 99% of data loss caused by breakdowns in process controls by good
employees

56. • Intelligent dictionaries for
many data classifications
• PCI, HIPPA, Personally Identifiable
Information (PII)
• Wizard-based rule creation
for simple policy enforcement
Built-in data loss prevention and compliance features
56

57. • Directory Integration via LDAP
– Control Center authentication
– Recipient validation
– Address resolution
– Administrative rights
– Quarantine access
• Control Center
– Deploys software settings
– Manages encryption keys
– Central quarantine
Centralized Management
57

58. Centralized Reporting
58
Logs consolidated from
all scanners to a single
Control Center,
enabling both granular
and summary reports

59. ENDPOINT SUITE’S PRODUCTS AND BENEFITS
59

60. ENDPOINT SUITE SIMPLIFIES SECURITY
• Symantec Messaging
Gateway defends your
email and infrastructure at
the perimeter with real-
time antispam and
antimalware protection.
• Symantec Email Encryption
Gateway, powered by PGP,
encrypts messages to
safeguard the confidential
data.
• Symantec Mail Security for
Microsoft Exchange
prevents the spread of
email-borne threats.
• Measurable savings from
simplified subscription-
based pricing and take the
mystery out of license,
support, and renewal costs.
• Remove complexity and
consolidate patchwork,
multi-vendor, solutions.
• Single purchase, single
support for trouble-
shooting, reduces up-front
and on-going costs.
• Symantec Endpoint
Protection provides the
security with a single, high-
powered agent, for the
fastest, most-effective
protection available.
• Symantec Endpoint
Encryption, powered by
PGP, protects data with
strong full-disk and
removable media
encryption.
• Symantec Mobile threat
protection and device
management provides
trusted security for mobile
devices.
Prevent data loss at
email gateway/server, and
email encryption
Single solution
to drive down costs and
stretch IT budgets
Complete
malware protection for
endpoints and mobile
Information
Protection
Lower Cost
Solution
Threat
Protection
Protect the users, devices and data for less money
60

61. Thank you!
Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its
affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or
implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
Ján Kvasnička
jan_kvasnicka@symantec.com