Norman Enterprise Security Suite

Increased control reduce TCO

For an average enterprise, indirect cost elements may contribute 50% or more of the overall TCOGartner, Inc.

Calculating endpoint TCO

• Technology procurement

• Staff maintaing the technology

• Upgrades

• Reimaging

• Replacements

• Management systems

• Security systems

• Security incidents• Potential loss value

Endpoint TCO Increasing Due to Malware

Malware Related Costs:

– IT Effort To Enforce Endpoint Security Policy

– Cost To Reimage Computers

– Cost To Upgrade Computers

– Cost To Replace Computers

– Cost of Increased Help Desk calls

– Decreased User Productivity

4

Malware Signatures

Malware Related Costs

Traditional Endpoint Security

Effectiveness

2007: 250K Monthly

Malware Signatures Identified

2013: 2M+ Monthly

Malware Signatures Identified

Fame to ProfitExponential

GrowthIncreasing

Sophistication

The Endpoint is the main Attack Vector

Browsers, Apps and OS all have known vulnerabilities• 2/3 of apps have known

vulnerabilities.

• Average patch install delay -> 45 days (corporates)

Rogue USB • Injecting malware: Conficker,

Stuxnet Etc.

• Data loss/removal

Virus/Malware• 3 Million malware is added to the

AV signature files per month

• Average 100 000 new malware per day

Industry-wide operating system, browser, and application vulnerabilities, 1H10–2H12

Source: MICROSOFT SECURITY INTELLIGENCE REPORT, VOLUME 14

Unique computers reporting different types of exploits, 3Q11–4Q12

Source: MICROSOFT SECURITY INTELLIGENCE REPORT, VOLUME 14

Vulnerability disclosures for Microsoft and non-Microsoft products, 1H10–2H12

Source: MICROSOFT SECURITY INTELLIGENCE REPORT, VOLUME 14

Microsoft takes care of Microsoft

Who takes care of all the other applications?

Windows update is a good tool,

but...

... generates frustrating

restarts

Additional update agents needed

All these agents generates:• Memory footprint• CPU usage• Additional reboots

Growing Endpoint Complexity

Many Consoles

Disparate Architecture

ManyAgents

Multiple Consoles• 3-6 different management consoles on average

for endpoint security and management

Agent Bloat• 3-10 agents installed per endpoint

• Memory and CPU load

• Decreased network performance

Lack of Control• 54% of IT security professionals cite managing

the complexity of security as their #1 challenge

• 43% of existing access rights were either excessive or should have been retired

Increasing TCO of Point Technologies• Integration & Maintenance

Many Vendors | Many Consoles | Many Agents

Solution Strategy

Defense in Depth Endpoint Strategy

Patch & Config.Mgmt.

Reduce IT risk by gaining control over unknown and unwanted applications

48% of IT departments report that operating expenses are increasing with the main driver tied directly to increasing malware incidents.

Norman Platform Advantage

ManyProducts

ManyConsoles

Disparate Architecture

ManyAgents

One Partner One Platform Many Solutions

• Single Console

• Agile architecture

• Single Agent

Modular Agent

• Single common agent delivers and manages many capabilities via pluggable services

• Provides single, integrated communication mechanism between the NESEC agent and the server

• Monitors and secures NESEC modules on the endpoint

15

Patch and Remediation

Application Control

Client Transport

SecurityCO

MM

Eve

nt

Qu

eu

e

NESEC Platform Architecture

Norman Enterprise Security Server

Corporate HQ

Remote Offices & Subsidiaries

DMZ

Online-Offline Continuous Policy Enforcement

Norman Distribution Server

Norman Distribution Server

VulnerabilitiesPatches

Hashes

Unified Compliance Framework

Application Integrity Services

AV Signatures

Configurations

Systems Management

WAN

Norman Distribution Server

Norman Distribution Server

Unified Content and Integrity Services

Mobile Endpoints

Internet

Patch & Remediation

Vulnerability Management Should Be Easy, Right?

Proactively managing your vulnerabilities eliminates 90% of your risk…

“Over 90% of cyber attacks exploit known security flaws for which a remediation is available”

- Gartner

18

Norman Patch & Remediation

Comprehensive and secure Patch Management

• Rapid, accurate and secure patch and configuration management for applications and operating systems:

– Support for Windows and Non-Windows OS– 3rd Party application support– Avoid patch drift– Granular deployment control for Server and Desktop

environments• Systems management capabilities

RHEL 3 x86RHEL 4 x86SLES 9 x86

SLES 9 x86_64SLES 10 x86

SLES 10 x86_64Solaris 8-10 SPARC

Solaris 10 x86Solaris 10 x86_64

HP-UX 11.00-11.23AIX 5.1-5.3Mac OS X

Adobe Acrobat ReaderAdobe Flash Player

Apple iTunesApple QuickTime

Apple iLifeApple Safari

Mozilla FirefoxRealPlayer

Sun JRECitrixSkype

WinZipVMware ESX Server

VMware ServerVMware Player

VMware Workstation

Windows 2000 SP3Office 2000

PowerPoint 2000Project 2000

Word 2000Excel 2000

Access 2000Office XP

Visual Studio .NETInternet Explorer 5.5

ISA Server 2000Content Management

Server

Content Beyond Windows Update

Windows 8Windows 7Windows VistaWindows Server 2008Windows XPWindows Server 2003Windows 2000 SP4SQL Server 2000 SP4 - 2005Exchange Server 2003 - 2007.NET FrameworkMDACInternet Explorer 5.01 SP4 - 9ISA Server 2004SharePointOffice BrowsersOffice 2003, Office 2007Office XP SP2+DirectXWindows Defender

Windows Update

Legacy Content

3rd Party Apps

Addt’l Platfo

rms

Delivering more than just patching…

• Systems Management:• Inventory:

– Software– Hardware– Services

• Software Distribution• Remote Desktop• Power Management

– Policy Setting / Enforcement– Wake on LAN

• Configuration setting / enforcement– Disable 3rd party vendor auto

update, Adobe, Java• Compliance Controls

Device Control

The USB challenge

• Unintentional Data loss

• Intentional data removal

• “Any USB stick is to be considered as the open Internet” (Kongsberg Maritime)

• Rouge USB portable storage devices may inject malware to the PC at insertion

Today’s most wanted criminal.....

... in the hands of your most trusted employee

How we lose our data

Un-intentional data loss

Intentional data leakage

Norman Device Control

– Policy-Based Data Protection and Encryption• Granular Policy Management:

– On all ports and removable media devices plugging into the endpoint:

» Bi-Directional file copy shadowing

» File type filtering

» Data copy restrictions

• Encrypting sensitive data

• Meet compliance mandates

Norman Device Control

PCMCIA

WIFI

COM

FIREWIRE

Bluetooth

IrDA

USB

LPT

LAN

Controls access to any plug & play device regardless of connectivity type

World of Devices

Application Control

Norman Application Control

Proactive Protection Against Malware and More

– Visibility and Control:

• Control local admin rights

• Deny unwanted / unapproved application

• Easy Audit

• Easy Lockdown

• Automated whitelist with rules based trust engine:

» Trusted Updater» Trusted Publisher» Trusted Path» Local Authorization

Reduce Local Admin Risk with Application Control

Control Panel – uninstall program

Task Manager – kill process

Regedit / Command

Action Example How Norman Stops

Install Applications

Change Configurations

Remove Patches & Uninstall Software

Defeat Security Tools

control.exe

Denied Application:

Denied Application:cmd.exeregedit.exe

taskmgr.exeDenied Application:

Application Control:Easy LockdownTrust Engine

Return of investment

Customer stories

• «Number of full time IT maintenance employees reduced from 4 to 1.5»

– Freed up 2.5 to other tasks

• «Marginal return of over 90%»– Per $ 1.00 spent - avoiding $1.91 in endpoint

related cost

• Average experienced ROI: 15,4 months

Strategic direction

By investing in the neccesary software and automation, IT resources can be freed up to work on strategic initiatives that drive the bottom line

Thank you!