1

Symantec Endpoint Protection 12

February 2011

Jan, 2007 - 250,000 viruses

Dec, 2009 – over 240 million

2

Malware authors have switched tactics

3

From:

A mass distribution of a relatively few threats e.g.

Storm made its way onto millions of machines across the globe

To:

A micro distribution model e.g.

The average Vundo variant is distributed to 18 Symantec users!

The average Harakit variant is distributed to 1.6 Symantec users!

75% of malware infect less than 50 machines

0

2,000,000

4,000,000

6,000,000

8,000,000

10,000,000

A Security Catastrophe… the growth in AV signatures

Signature based scanning won’t keep up

Symantec Endpoint

Protection

Malware Protection

PersonalFirewall

Intrusion Prevention

Device Control

App Control

Access Control

Introducing Symantec Endpoint Protection 12

5

What’s New

- Unrivaled Security Insight SONAR

- Blazing PerformanceFaster Scans

- Built for Virtual Environments Identify and Manage Virtual

ClientsReduced Scan Overheads

6

Powered by Insight

Proactive protection against new, mutating threats

• puts files in context, using their age, frequency, location and more to expose threats otherwise missed

• using community-based security ratings

• derived from Symantec's more than 175 million endpoints

2

Prevalence

Age

Source

Behavior3

4

Look for associations

Check the DB during scans

Rate nearly every file on the internet

5 Provide actionable data

1 Build a collection network

Associations

Is it new?

Bad reputation?

175 million

PCs

2.5 billion files

How Insight Works

Unrivaled Security

Hackers mutate threats to evade fingerprints

Mutated threats stick out like a sore thumb

It’s a catch-22 for the virus writers

– Mutate too much =Insight finds it

– Mutate too little = Easy to discover & fingerprint

8

SONAR – Completes the Protection Stack

9

Network IPS & Browser Protect

Insight Lookup

File Based Protection –

Sigs/Heuristics

Real time behavioral

SONAR

SONAR• Monitors processes and

threads as they execute• Rates behaviors• Feeds Insight

Only hybrid behavioral-reputation engine on the planet

Monitors 400 different application behaviors

Selective sandbox (ex Adobe)

Proven Most Effective in Real World Test

10

% o

f sa

mp

les

96.2%

82.7%

63.5%57.7%

53.8% 51.9%

3.8%

3.8% 15.4%

5.8%3.8%

3.8%

13.5%

32.7%26.9%

40.4%44.2%

4%0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

Symantec Sophos Kaspersky Trend Micro Microsoft McAfee

Infected

Partial

Blocked

FP

% False Po

sitives

Most Effective Remediation

11

10

5

10

15

20

25

30

0

20

40

60

80

100

120

Symantec Kaspersky Microsoft Sophos Malwarebytes McAfee Trend Micro

Rem

edia

tio

n S

core

(h

igh

er is

bet

ter)

Nu

mb

er of False Po

sitives (lo

we

r is better)

110104

94 93

75

69

24

Insight: Faster than Traditional Scanning

1212

Insight - Optimized ScanningSkips any file we are sure is good,leading to much faster scan timesOn a typical system, 70% of active

applications can be skipped!

Traditional ScanningHas to scan every file

Tests Prove SEP 12 Outperforms Competition

13

0

20

40

60

80

100

120

140

160

Symantec Kaspersky Trend Micro Microsoft Sophos McAfee Average

Symantec Endpoint Protection 12 Scans:

3.5X faster than McAfee

2X faster than Microsoft

Ranked 1st in overall Performance!

Lowest Memory Use

14

Symantec Endpoint Protection 12 uses:

66% less memory than McAfee

76% less memory than Microsoft

Memory Usage

PassMark™ Software, Feb., 2011 - http://www.passmark.com/AVReport

0.0

20.0

40.0

60.0

80.0

100.0

120.0

140.0

160.0

180.0

Symantec Kaspersky Trend Micro

McAfee Sophos Microsoft Average

Built for Virtual Environments

15

Virtual Client Tagging

Virtual Image Exception

Shared Insight Cache

Resource Leveling

Together – up to 90% reduction in disk IO

Symantec Endpoint ProtectionSmall Business Edition 12.1

•Powered by Symantec Insight and SONAR

•Support for Macintosh

•Faster Installs and Upgrades

•Smart Scanning

16

Fastest

Most Effective

Simple

Solutions Tailored for Business of All Sizes

Desktops & Laptops

Servers, Desktops & Laptops

Servers, Desktops & Laptops

Servers, Desktops & Laptops

Servers, Desktops & Laptops

Desktops & Laptops

Servers, Desktops & Laptops

Servers, Desktops & Laptops

Servers, Desktops & Laptops

Desktops & Laptops

17

Desktops & Laptops

What’s Right For Your Business?

18

FeatureEndpoint

Protection Small Business Edition

EndpointProtection

Seats 5-99 seats 100+ seats

Antivirus/Antispyware • •

Desktop Firewall • •

Intrusion Detection/Prevention • •

Generic Exploit Blocking • •

Protection for Mac OS X and Windows • •

Protection for Linux •

Device and Application Control •

Network Access Control Self-Enforcement •

Flexible, granular policy management •

Enhanced Virtualization Features •

Thank you!

SYMANTEC PROPRIETARY/CONFIDENTIAL – INTERNAL USE ONLYCopyright © 2010 Symantec Corporation. All rights reserved.

Thank you!

19

Disclaimer

“Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.”

20