next generation security managementvox.veritas.com/legacyfs/online/veritasdata/ic b11.pdf · next...
TRANSCRIPT
Next Generation Security Management 1
Next Generation Security Management Gain Oversight and Business-centric Risk View of Your Security
Joe Bertnick Director, Product Management, SPC
Shishir Agrawal Sr. Product Marketing Manager, SPC
SYMANTEC VISION 2013
Agenda
Next Generation Security Management 2
Security Management Challenges 1
SPC Approach 2
SPC Mobile Demo 3
SPC Metrics & Connectors 4
Summary & Roadmap 5
SYMANTEC VISION 2013
Security Management Challenges
Next Generation Security Management 3
1. Jon Oltsik, The Emerging Intersection Between Big Data and Security Analytics, Enterprise Strategy Group, October 2012. 2. Symantec Internet Security Threat Report, April 2012. 3. Technology Adoption Profile, Strengthening Ties Between IT Security And The Business, Forrester, February 2012. 4. Information Risk Executive Council, 2011
More data, fragmented across teams and tools • 86% of enterprises collecting more security data1
• 63% use 2-10 tools to collect, consolidate, and analyze data1
Hard to prioritize growing list of security issues • 41% increase in new malware variants and 4,989 new
vulnerabilities identified in 20112
Difficult to communicate in business terms • 70% report increased executive attention to IT security3
• Yet, only 1in 8 CISOs believe they influence the business4
SYMANTEC VISION 2013
Customer Case Study
Next Generation Security Management 4
Situation:
• Juggle monthly reports for 50+ security technologies
- Two to eight hours for each report
• Six business units, each with one to two security officers
- Limited visibility into business impact and limited ability to develop different views for each business
Desired Approach:
• Automated solution to gather data, provide business-centric information and role-based views
• Easy to deploy–integrate existing technologies and customize
Financial services firm
SYMANTEC VISION 2013
Symantec Protection Center Approach
Next Generation Security Management 5
What is happening?
Symantec Protection
Center (SPC)
• Consolidate and analyze information from across the organization
• Integrate latest threat intelligence from Symantec DeepSight™ Threat Management System
SYMANTEC VISION 2013
Symantec Protection Center Approach
Next Generation Security Management 6
Why should you care?
Symantec Protection
Center (SPC)
• Map devices and technologies to business groups and processes
• Prioritize based on business context
SYMANTEC VISION 2013
Symantec Protection Center Approach
Next Generation Security Management 7
What should you do?
Symantec Protection
Center (SPC)
• Drive executive awareness
• Deliver roles-based views to extended security team
• Automate remediation with action plans and workflows
SYMANTEC VISION 2013
Symantec Protection Center Solution Overview
Next Generation Security Management 8
SPC Enterprise – Data Collection and Analytics Platform
SPC Mobile – Executive Security Dashboard
Symantec Connectors
Security Metrics
Central Data Repository
Business Asset System
Third Party Connectors
Security Workflows
Roles-based Dashboards and Reports
SYMANTEC VISION 2013 Next Generation Security Management 9
SYMANTEC VISION 2013
Symantec Protection Center Benefits
Next Generation Security Management 10
SPC Mobile
SPC Enterprise
Symantec Connectors
Security Metrics
Central Data Repository
Business Asset System
3rd Party Connectors
Security Workflows
Web-Based Dashboards & Reports
Pre-Built Connectors and Metrics for Quick Deployment
Complete View of Security Portfolio
Roles-Based Dashboards
Business-Centric Risk Analysis
Oversight and Action
Executive Communication
SYMANTEC VISION 2013
Easily consolidate data from security solutions into key
security metrics
Access library of pre-defined
security metrics
SPC Product Integration - Security Metrics
Next Generation Security Management 11
Symantec Protection
Center
Information Protection
Endpoint Security
Systems
Security
Network Security*
Application Security*
Security Management*
Identify and Access
Controls*
* Estimated general availability later this year
SYMANTEC VISION 2013
Partner Developed
Community Supported
Additional Connectors
Symantec Connector Strategy
Next Generation Security Management 12
Symantec Built
Symantec Tested
Symantec Supported
Supported Connectors
SYMANTEC VISION 2013
Symantec Protection Center Summary
Next Generation Security Management 13
Relevant to Business Executive Security Dashboard
Fast, Flexible Integration Better Intelligence
• Connect security information to business assets
• Clearly communicate key metrics by business
• Tablet based view of security metrics
• Facilitates communication with both IT and business peers
• Broad range of supported solutions
• Pre-built connectors and metrics for quick integration
• Consolidates security data and applies advanced correlation and analysis
• Integrates DeepSight threat intelligence
Better Security
Decisions
SYMANTEC VISION 2013
• Needed to monitor data from 300K devices
• Measure compliance on core IT systems and databases
• Needed role-based reports and dashboards
National Tax Office
Early Customer Success
Next Generation Security Management 14
• Needed Executive Level Reporting on Security Posture
• Had Disparate tools with silo’d reporting
• Needed to integrate data from existing security solutions
Big Consulting Firm
SYMANTEC VISION 2013
Learn more – Attend SPC labs on Thursday
Thursday, April 18th, 10:15-11:15
• IC L18: Security Management Case Study: Get the Most from Your Security investments with Symantec Protection Center Mobile/Enterprise
• Room 121
Thursday, April 18th, 11:30-12:30
• IC L17:Gain strategic understanding of your IT environment with Symantec Protection Center Enterprise
• Room 101-102
SPC Website: http://go.symantec.com/spc
Next Generation Security Management 15
SYMANTEC VISION 2013
Disclaimer
16
Any information regarding pre-release
Symantec offerings, future updates or
other planned modifications is subject to
ongoing evaluation by Symantec and
therefore subject to change. This
information is provided without warranty of
any kind, express or implied. Customers
who purchase Symantec offerings should
make their purchase decision based upon
features that are currently available.
SYMC Corporate Confidential - NDA Required
SYMANTEC VISION 2013
Proposed Available Today
SPC Product Integration – Connector Roadmap
Next Generation Security Management 17
Sym
ante
c 3
rd P
arty
• Endpoint Protection
• Data Loss Prevention
• CCS Standards Manager
• CCS Vulnerability Manager
• DeepSight
• Security Information Manager
Content Pack 1
• Managed Security Services
• Critical System Protection
• Mail Security for Exchange
• Mail and Web Gateway
• Protection Engine
• Encryption
• VIP User Authentication
• Certificate Intelligence Center
• Mobile Device Management
• Qualys
• Rapid7
• Asset Databases (CMDB)
• Bit9
• Catbird
• Cenzic
• Core Security
• Courion
• eEye
• Hytrust
• Imperva
• RedSeal
• Salesforce
• SailPoint
• Skybox
• Tenable
• VeriCode
• VMWare
• Endpoint Management
• Symantec NetBackup™
• Symantec Backup Exec™
• Big Fix
• Tenable / Nessus
Create custom connectors with open SPC Enterprise platform
SYMANTEC VISION 2013
Roadmap – Key capabilities
Content Pack #1
• Symantec MSS
• Critical Server Protection
• Mail and Web Gateway
• Protection Engine
• Big Fix
• Tenable
SPC Enterprise SP1
• Multi Language Version
• EN,DE,FR,SP,IT,CH,JP,KR
• Customization
• Metrics
• Connectors
• Data Models
• POC Environments
Next Generation Security Management 18
SYMANTEC VISION 2013
Symantec Approach: One Platform, Three Views
Next Generation Security Management 19
Dynamic dashboards (Web and iPad®)
Managed Security Services (inc. SSIM)
Endpoint Protection
CCS Standards Manager
Critical System Protection
Encryption
CCS Vulnerability Manager
Data Loss Prevention
Virtualization Security Manager
Asset system Security intelligence Data store
Security metrics and Analytics platform
Compliance view Security metrics view Risk management view
Thank you!
Copyright © 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. Any information regarding pre-release Symantec offerings, future updates or other planned modifications is subject to ongoing evaluation by Symantec and therefore subject to change. This information is provided without warranty of any kind, express or implied. Customers who purchase Symantec offerings should make their purchase decision based upon features that are currently available.
Next Generation Security Management 20
Joe Bertnick
832-900-5213
Shishir Agrawal
650-527-5515