Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Sophos EndUser Protection


Published on

With Sophos EndUser Protection you get endpoint security, mobile device management, web protection, protection for your data and email, and more—all in a single license.

For more on Sophos EndUser Protection, visit:

Published in: Technology
  • Be the first to comment

Sophos EndUser Protection

  1. 1. EndUser ProtectionSecurity gets… personal
  2. 2. We are focused on protecting you Threats Data changing, everywhere, still regulations increasing growing Users everywhere, using everything2
  3. 3. We do IT securityBecause you’ve got enough to worry about Security Without Active Everywhere Complexity Protection Wherever Quicker to Our unique the user is, setup, approach for what ever maintain and better they use solve protection you problems can actually deploy3
  4. 4. Security everywhereProtecting every part of your business Endpoint Network Web Mobile Email Data
  5. 5. Active Protection Our unique approach for better protection with less complexityEndpoint Web Email Data Mobile Network
  6. 6. Business today…Increasingly sophisticated threats, mobile workforce, BYOD I need email I’ve got several I need a Mac to access on my virtual desktops I want to use do my job iPhone on my computer my iPad at work Mr. Mac Dr. Smartphone Ms. Virtual Mr. BYOD
  7. 7. Introducing EndUser Protection Complete Security Suite Web Protection Suite EndUser Web Suite Data Protection Suite EndUser Data Suite Endpoint Protection - Advanced EndUser Protection Now with Sophos Mobile Control Endpoint Protection - Business Anti-virus - Business
  8. 8. Security gets… Personal Easier Sensible •Every device •Easy BYOD •Sensible protection they use that covers all •Easy admin devices •Everywhere they go •Easy support •Sensible licensing from a single per-user •Everything they vendor need •Sensible services with updates and support included8
  9. 9. Endpoint product line Complete UTM Fullguard + Endpoint Sophos EndUser EndUser EndUser Security UTM Endpoint Protection - Anti-Virus Data Suite Web Suite Protection Suite (UTM 9) Business Business AV/HIP/Live Protection        Client Firewall       Application Control       Device Control       Web Filtering in Endpoint      DLP, NAC, Patch     Web Gateway   Email Gateway   Full-Disk Encryption   Mobile     UTM FullGuard*  SharePoint, Exchange Exchange Exchange Exchange Groupware Exchange Win, Mac, Linux, Win, Mac, Linux, Win, Mac, Linux, Win, Mac, Linux, Win Win, Mac, Linux, Platforms VM, EMC Win, Mac, VM, Unix, VM, EMC Unix, VM, EMC Unix, VM, EMC Unix, VM, EMC9 *UTM FullGuard includes network, web, email, wireless and webserver protection
  10. 10. EndUser Protection at a glance Application Exchange Control Device Control Server Protection Anti-malware Access control Mobile Control Virtualization Web Firewall Protection Encryption Data Control Patch assessment
  11. 11. Securing mobile devices The situation: Smartphone and tablet adoption is growing rapidly Employees are using their own devices They need secure access to company email and data The challenge: 113 devices are lost every minute in the US Android is today’s largest malware target … Thousands of rogue apps
  12. 12. Mobile Device ManagementUnified policy and management for all devicesiOS, Android, BlackBerry, and Windows MobileSecure access to corporate email via proxyPolicy controls: • Passcode and auto lock enforcement • Compliance enforcement (jailbreaking/rooting) • Encryption enforcementLoss/theft protection: • Remote lock/wipe • Auto wipe after failed login attempts • Locate lost devices
  13. 13. Enterprise App Store Control apps on mobile devices Publish in-house, required, recommended apps Block unwanted apps
  14. 14. Mobile Security Scans Android apps for malware before they are installed Active Protection cloud technology: • Live real-time cloud lookups • Up-to-the-minute app intelligence Fast and low impact scanning Privacy advisor detects apps accessing your personal data
  15. 15. Today’s threats Mainly come from the web Target data, identities and cash Exploit vulnerabilities Often execute silently In families of malware Are produced on a massive scale
  16. 16. Anti-malware A single engine to protect from all malware Genotyping technology Active Protection cloud technologies: • Live url filter: Stops urls we know are bad instantly • Live anti-virus: Checks in seconds to see if a suspicious file might be a real threat Fast and low impact scanning Small updates, frequently applied
  17. 17. Intrusion Prevention Behavioral detection Suspicious file detection Suspicious behavior detection Buffer overflow detection Rules created by Sophos via Active Protection So reliable it’s on by default
  18. 18. Applications wrongly applied Users trying to install and run unauthorized apps Some apps are risky Unwanted apps might use bandwidth Version control isn’t easy
  19. 19. Application Control Applications created and updated via Active Protection Over 40 categories including: • Online storage • Browsers • P2P File sharing • Instant messaging • Virtualization tools • Remote access • USB program launchers
  20. 20. Plugging the device gap Devices can carry malware They take data everywhere If they’re lost can you be sure they’re secure? People will plug them in anywhere
  21. 21. Device ControlControl devices connected to computersGranular control of: • Storage devices: • Removable storage - USB keys, removable hard disks • Optical / disk drives - CD / DVD / HD-DVD / Blu-rayNetwork devices: • Wi-Fi / Modems • Bluetooth • Infra-red
  22. 22. Securing virtual environments Virtualization saves money Is security on the agenda? Don’t compromise on performance
  23. 23. Virtualization We protect virtual environments. At no extra cost Our lighter-weight agent is better than other traditional Endpoint security solutions Stagger scanning for virtual machines No compromise on protection Citrix Reciever plugin Developing Vmware vShield scanner
  24. 24. The web: where malware is atA threat network • The number one source of infection • Legitimate sites are regularly infected • Productivity filtering isn’t enough • Many applications accessing the webHow people do web protection today • Large scale deployments that focus on the gateway • Backhauling traffic to appliances • None or limited protection for users not connecting to the gateway
  25. 25. Web protection Basic Endpoint • Active Protection from malware and bad sites • Works in any browser Web Filtering in Endpoint • Low-cost add-on integrated into the Endpoint/SEC • Reduce surface area of attack from risky parts of the web (porn, hate, p2p, etc.) • Essential compliance and liability coverage for inappropriate sites Web Protection Suite • Complete protection everywhere users go with LiveConnect • Full coverage of threats, compliance, productivity, liability, and visibility • Reduce investment & complexity in backhauling/VPN/Gateway HW
  26. 26. Inside LiveConnectwith Web Protection SuiteEnables full visibility and controlPolicy and reporting synchronizationImmediate and automaticSecure end-to-end encryption
  27. 27. Encryption Industrial strength full disk encryption Deployed and managed from your endpoint console Fast initial encryption Full password recovery options
  28. 28. Data ControlFully integrated endpoint DLP solutionDesigned to prevent accidental data lossMonitor and enforce on all common data exit pointsTrain staff through use of desktop promptsData types provided from Sophos via Active ProtectionIntegrated with email protection
  29. 29. The problem with patching No visibility of exposure level • Have users installed vulnerable applications? • Have users disabled automatic updates? • Is Microsoft WSUS/SCCM working correctly? • Don’t know which patches to worry about! Compliance audits become a real headache Machines get compromised • Gartner: 90% of situations where machines got compromised, a patch or configuration change existed that could have prevented it!
  30. 30. Patch Assessment1. We assess all the key exploited applications • Checking for patches from 11 vendors2. We accurately assess each endpoint • Local scans on every managed endpoint • Complex fingerprinting ensures patches accurately detected • Centralized reporting of relevant missing patches • Simple: no end-user interaction or messaging3. We prioritize patches to make life easier • Sophos rates patch criticality via Active Protection • Sophos shows any malware associated with patches • Creates a focus on the patches that really matter!
  31. 31. Spam, spam, spam and malwareSpam emails contain weblinks to malwareThey might also carry viruses in themOver 90% of the worlds email is spamNasty emails might be stored on your local exchange servers too
  32. 32. Exchange Server protection • Stop viruses and other threats in inbound, outbound and items inside Microsoft Exchange • Unique real-time Behavioral Genotype malware engine • Live anti-spam via Active Protection stops 99% • Gives instant visibility of status, email throughput, quarantine databases and all policy rules from a single console • Generate graphical management reports showing trends in email throughput, protection level and issues needing action
  33. 33. Where’s the fire? Open ports on PCs and Laptops are open doors to hackers A computer without a firewall and connected to the internet is a target Worms often target particular ports and protocols Laptops can connect anywhere, you need different rules when they’re outside your network
  34. 34. Client firewall Location aware policies Identifies apps by checksum Rollout invisible to users Interactive management alerts to create rules Stealth mode prevents unauthorized network access by hackers
  35. 35. Who’s on my LAN?Do your computers have all the right software installed?You don’t know when guests are connecting computers and if they’re secureIf guests don’t use the same software you do then you don’t know if they’re OK to connect
  36. 36. Access Control Prevent security issues by assessing managed and unmanaged computers. Detect and fix managed endpoint vulnerabilities Ensure that any guest computers match your security requirements before they access your network Updated database of over 600 security applications Prevent unauthorized computers from accessing the network
  37. 37. Complexity Users may complain about PC performance Does implementing a new feature mean a whole new rollout? Can you see every platform you’ve deployed to? How easy is it to perform common tasks or cleanup threats?
  38. 38. Deploy and manageA single deployment wizard for all endpoint featuresSingle agent for: • Anti malware • HIPS • Device Control • Data Control • Web protectionWidest platform supportConsole built for usabilityMobile Device Management • Over-the-air policy updates • Self-serve user portal for registration reduces help desk burden
  39. 39. Staying ahead of the curveStaying ahead of the curve US and Canada 1-866-866-2802 Sophos on Google+ UK and Worldwide + 44 1235 55 9933 39
  40. 40.