endpoint protection
DESCRIPTION
TRANSCRIPT
Endpoint ProtectionSecures your computers and data
Threats changing,
still increasing
Data everywhere, regulations
growing
Users everywhere,
using everything
We are focused on protecting you
3
We do IT securityBecause you’ve got enough to worry about
4
Wherever the user is, what ever they use
Our unique approach for better protection you can actually deploy
Quicker to setup, maintain and solve problems
SecurityEverywhere
WithoutComplexity
Active Protection
Active ProtectionOur unique approach for better protection with less complexity
Email Data Endpoint Mobile Web Network
Security everywhereProtecting every part of your business
Data
Endpoint
Mobile
Web Network
Endpoint Protection
Access control
Firewall
Virtualization
ApplicationControl
Device Control
Encryption
Anti-malware
Intrusion prevention
Data Control
Patch assessment
Web Protection
ExchangeServer Protection
Today’s threats
Mainly come from the web
Target data, identities and cash
Exploit vulnerabilities
Often execute silently
In families of malware
Are produced on a massive scale
Anti-malware
A single engine to protect from all malware
Genotyping technology
Active Protection cloud technologies:• Live url filter: Stops urls we know are bad instantly• Live anti-virus: Checks in seconds to see if a suspicious file might be a real
threat
Fast and low impact scanning
Small updates, frequently applied
Intrusion Prevention
Behavioral detection
Suspicious file detection
Suspicious behavior detection
Buffer overflow detection
Rules created by Sophos via Active Protection
So reliable it’s on by default
Applications wrongly applied
Users trying to install and run unauthorized apps
Some apps are risky
Unwanted apps might use bandwidth
Version control isn’t easy
Application Control
Applications created and updated via Active Protection
Over 40 categories including:• Online storage• Browsers• P2P File sharing• Instant messaging• Virtualization tools• Remote access• USB program launchers
Plugging the device gap
Devices can carry malware
They take data everywhere
If they’re lost can you be sure they’re secure?
People will plug them in anywhere
Device Control
Control devices connected to computers
Granular control of:• Storage devices:
• Removable storage - USB keys, removable hard disks• Optical / disk drives - CD / DVD / HD-DVD / Blu-ray
Network devices:• Wi-Fi / Modems• Bluetooth• Infra-red
Securing virtual environments
Virtualization saves money
Is security on the agenda?
Don’t compromise on performance
Virtualization
We protect virtual environments. At no extra cost
Our lighter-weight agent is better than other traditional Endpoint security solutions
Stagger scanning for virtual machines
No compromise on protection
Citrix Reciever plugin
Developing Vmware vShield scanner
The web: where malware is atA threat network
• The number one source of infection• Legitimate sites are regularly infected• Productivity filtering isn’t enough• Many applications accessing the web
How people do web protection today• Large scale deployments that focus on the gateway• Backhauling traffic to appliances• None or limited protection for users not connecting to the gateway
Web protectionBasic Endpoint
• Active Protection from malware and bad sites
• Works in any browser
Web Filtering in Endpoint• Low-cost add-on integrated into the Endpoint/SEC• Reduce surface area of attack from risky parts of the web (porn,
hate, p2p, etc.)• Essential compliance and liability coverage for inappropriate sites
Web Protection Suite• Complete protection everywhere users go with LiveConnect• Full coverage of threats, compliance, productivity, liability, and
visibility• Reduce investment & complexity in backhauling/VPN/Gateway HW
Inside LiveConnectwith Web Protection SuiteEnables full visibility and control
Policy and reporting synchronization
Immediate and automatic
Secure end-to-end encryption
Knowledge is power
How much is your data worth?
Compliance and it’s consequences
Balancing protection and productivity
Educating your people
Encryption
Industrial strength full disk encryption
Deployed and managed from your endpoint console
Fast initial encryption
Full password recovery options
Data ControlFully integrated endpoint DLP solution
Designed to prevent accidental data loss
Monitor and enforce on all common data exit points
Train staff through use of desktop prompts
Data types provided from Sophos via Active Protection
Integrated with email protection
The problem with patching
No visibility of exposure level• Have users installed vulnerable applications?• Have users disabled automatic updates?• Is Microsoft WSUS/SCCM working correctly?• Don’t know which patches to worry about!
Compliance audits become a real headache
Machines get compromised• Gartner: 90% of situations where machines got compromised, a patch or
configuration change existed that could have prevented it!
Patch Assessment1. We assess all the key exploited applications
• Checking for patches from 11 vendors
2. We accurately assess each endpoint• Local scans on every managed endpoint• Complex fingerprinting ensures patches accurately detected• Centralized reporting of relevant missing patches• Simple: no end-user interaction or messaging
3. We prioritize patches to make life easier• Sophos rates patch criticality via Active Protection• Sophos shows any malware associated with patches• Creates a focus on the patches that really matter!
Spam, spam, spam and malware
Spam emails contain weblinks to malware
They might also carry viruses in them
Over 90% of the worlds email is spam
Nasty emails might be stored on your local exchange servers too
Exchange Server protection
• Stop viruses and other threats in inbound, outbound and items inside Microsoft Exchange
• Unique real-time Behavioral Genotype malware engine• Live anti-spam via Active Protection stops 99%• Gives instant visibility of status, email throughput, quarantine databases and
all policy rules from a single console• Generate graphical management reports showing trends in email
throughput, protection level and issues needing action
Where’s the fire?
Open ports on PCs and Laptops are open doors to hackers
A computer without a firewall and connected to the internet is a target
Worms often target particular ports and protocols
Laptops can connect anywhere, you need different rules when they’re outside your network
Client firewall
Location aware policies
Identifies apps by checksum
Rollout invisible to users
Interactive management alerts to create rules
Stealth mode prevents unauthorized network access by hackers
Who’s on my LAN?
Do your computers have all the right software installed?
You don’t know when guests are connecting computers and if they’re secure
If guests don’t use the same software you do then you don’t know if they’re OK to connect
Access Control
Prevent security issues by assessing managed and unmanaged computers.
Detect and fix managed endpoint vulnerabilities
Ensure that any guest computers match your security requirements before they access your network
Updated database of over 600 security applications
Prevent unauthorized computers from accessing the network
Complexity
Users may complain about PC performance
Does implementing a new feature mean a whole new rollout?
Can you see every platform you’ve deployed to?
How easy is it to perform common tasks or cleanup threats?
Deploy and manage
A single deployment wizard for all features
Single agent for:• Anti malware• HIPS• Device Control• Data Control• Web protection
Widest platform support
Console built for usability
www.sophos.com/endpoint