Symantec Endpoint Protection 12
-
Upload
andrew-ryan -
Category
Technology
-
view
1.386 -
download
4
description
Transcript of Symantec Endpoint Protection 12
1
Symantec Endpoint Protection 12
February 2011
Jan, 2007 - 250,000 viruses
Dec, 2009 – over 240 million
2
Malware authors have switched tactics
3
From:
A mass distribution of a relatively few threats e.g.
Storm made its way onto millions of machines across the globe
To:
A micro distribution model e.g.
The average Vundo variant is distributed to 18 Symantec users!
The average Harakit variant is distributed to 1.6 Symantec users!
75% of malware infect less than 50 machines
0
2,000,000
4,000,000
6,000,000
8,000,000
10,000,000
A Security Catastrophe… the growth in AV signatures
Signature based scanning won’t keep up
Symantec Endpoint
Protection
Malware Protection
PersonalFirewall
Intrusion Prevention
Device Control
App Control
Access Control
Introducing Symantec Endpoint Protection 12
5
What’s New
- Unrivaled Security Insight SONAR
- Blazing PerformanceFaster Scans
- Built for Virtual Environments Identify and Manage Virtual
ClientsReduced Scan Overheads
6
Powered by Insight
Proactive protection against new, mutating threats
• puts files in context, using their age, frequency, location and more to expose threats otherwise missed
• using community-based security ratings
• derived from Symantec's more than 175 million endpoints
2
Prevalence
Age
Source
Behavior3
4
Look for associations
Check the DB during scans
Rate nearly every file on the internet
5 Provide actionable data
1 Build a collection network
Associations
Is it new?
Bad reputation?
175 million
PCs
2.5 billion files
How Insight Works
Unrivaled Security
Hackers mutate threats to evade fingerprints
Mutated threats stick out like a sore thumb
It’s a catch-22 for the virus writers
– Mutate too much =Insight finds it
– Mutate too little = Easy to discover & fingerprint
8
SONAR – Completes the Protection Stack
9
Network IPS & Browser Protect
Insight Lookup
File Based Protection –
Sigs/Heuristics
Real time behavioral
SONAR
SONAR• Monitors processes and
threads as they execute• Rates behaviors• Feeds Insight
Only hybrid behavioral-reputation engine on the planet
Monitors 400 different application behaviors
Selective sandbox (ex Adobe)
Proven Most Effective in Real World Test
10
% o
f sa
mp
les
96.2%
82.7%
63.5%57.7%
53.8% 51.9%
3.8%
3.8% 15.4%
5.8%3.8%
3.8%
13.5%
32.7%26.9%
40.4%44.2%
4%0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Symantec Sophos Kaspersky Trend Micro Microsoft McAfee
Infected
Partial
Blocked
FP
% False Po
sitives
Most Effective Remediation
11
10
5
10
15
20
25
30
0
20
40
60
80
100
120
Symantec Kaspersky Microsoft Sophos Malwarebytes McAfee Trend Micro
Rem
edia
tio
n S
core
(h
igh
er is
bet
ter)
Nu
mb
er of False Po
sitives (lo
we
r is better)
110104
94 93
75
69
24
Insight: Faster than Traditional Scanning
1212
Insight - Optimized ScanningSkips any file we are sure is good,leading to much faster scan timesOn a typical system, 70% of active
applications can be skipped!
Traditional ScanningHas to scan every file
Tests Prove SEP 12 Outperforms Competition
13
0
20
40
60
80
100
120
140
160
Symantec Kaspersky Trend Micro Microsoft Sophos McAfee Average
Symantec Endpoint Protection 12 Scans:
3.5X faster than McAfee
2X faster than Microsoft
Ranked 1st in overall Performance!
Lowest Memory Use
14
Symantec Endpoint Protection 12 uses:
66% less memory than McAfee
76% less memory than Microsoft
Memory Usage
PassMark™ Software, Feb., 2011 - http://www.passmark.com/AVReport
0.0
20.0
40.0
60.0
80.0
100.0
120.0
140.0
160.0
180.0
Symantec Kaspersky Trend Micro
McAfee Sophos Microsoft Average
Built for Virtual Environments
15
Virtual Client Tagging
Virtual Image Exception
Shared Insight Cache
Resource Leveling
Together – up to 90% reduction in disk IO
Symantec Endpoint ProtectionSmall Business Edition 12.1
•Powered by Symantec Insight and SONAR
•Support for Macintosh
•Faster Installs and Upgrades
•Smart Scanning
16
Fastest
Most Effective
Simple
Solutions Tailored for Business of All Sizes
Desktops & Laptops
Servers, Desktops & Laptops
Servers, Desktops & Laptops
Servers, Desktops & Laptops
Servers, Desktops & Laptops
Desktops & Laptops
Servers, Desktops & Laptops
Servers, Desktops & Laptops
Servers, Desktops & Laptops
Desktops & Laptops
17
Desktops & Laptops
What’s Right For Your Business?
18
FeatureEndpoint
Protection Small Business Edition
EndpointProtection
Seats 5-99 seats 100+ seats
Antivirus/Antispyware • •
Desktop Firewall • •
Intrusion Detection/Prevention • •
Generic Exploit Blocking • •
Protection for Mac OS X and Windows • •
Protection for Linux •
Device and Application Control •
Network Access Control Self-Enforcement •
Flexible, granular policy management •
Enhanced Virtualization Features •
Thank you!
SYMANTEC PROPRIETARY/CONFIDENTIAL – INTERNAL USE ONLYCopyright © 2010 Symantec Corporation. All rights reserved.
Thank you!
19
Disclaimer
“Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.”
20