endpoint security more secure. less complex. less costs...
TRANSCRIPT
Symantec Endpoint Security
Endpoint Security
More secure. Less complex. Less costs... More control.
Today’s complex threat landscape constantly shifts and changes to accomplish
its ultimate goal—to reap fi nancial gain against unsuspecting enterprises.
Professional hackers employ a variety of sophisticated and stealthy measures
that target endpoint devices as vehicles to gain unauthorized access to vital
data. On their own, traditional defensive methods such as antivirus and
antispyware cannot provide complete security for these endpoint devices,
which include laptops, desktops, servers, and mobile devices. Symantec
redefi nes endpoint security to address today’s changing threat landscape—
coupling proactive best-of-breed endpoint protection and endpoint compliance
solutions to deliver more comprehensive security with greater control, at a
lower cost, and with less complexity than competing solutions.
Constantly changing threat landscape
The IT threat landscape has changed dramatically over the past few years. Glory-seeking attacks against the masses have
been replaced by stealthy, targeted, and fi nancially motivated attacks that exploit vulnerabilities in enterprise endpoints
such as laptops, desktops, mobile devices, and servers. To escape detection and discover new points of entry, professional
attackers constantly develop new ways to gain unauthorized, undetected, and ongoing access to enterprise systems
and information. A primary means for gaining this access is by exploiting both known and unknown vulnerabilities
that exist on endpoints.
These targeted and highly sophisticated threats render traditional security solutions ineffective, leaving organizations
vulnerable to data theft and manipulation, disruption of business critical services, and damage to corporate brand and
reputation. Added to these worries is the increasing threat of “data loss” and insider attacks, not to mention the myriad
of security concerns raised by the need to allow guests, contractors, temporary workers, partners, and auditors to
access the network.
To address the complete spectrum of today’s complex and changing threat landscape, enterprises have recognized the
need to enhance their endpoint security efforts. This has often led to the deployment of multiple endpoint security
solutions from multiple vendors, each of which has to be managed from different management consoles. The lack of
standardization and integration between these different solutions creates a costly, complex, and disjointed endpoint
security environment that is increasingly diffi cult to control and expensive to manage. Furthermore, the inability of
these solutions to work together to provide comprehensive endpoint security often results in the creation of signifi cant
threat gaps in an enterprise’s security framework.
Through its holistic and comprehensive approach, Endpoint Security solutions from Symantec redefi nes endpoint
security to address the needs of the changing threat landscape, while enabling organizations to create a security
environment that is easy and cost-effective to manage.
Redefi ning endpoint security
To enable enterprises to combat the full spectrum of endpoint threats that they face in
securing their data and networks, Symantec has redefi ned endpoint security—offering
best-of-breed endpoint compliance technologies that supplement its best-of-breed endpoint
protection technologies.
Symantec delivers endpoint protection that goes far beyond basic antivirus and antispyware
methods as it offers proactive protection mechanisms to protect against unknown
and emerging threats. Symantec also offers protection specifi cally for server and mobile
devices. However, endpoint protection on its own is not enough to secure an enterprise’s
endpoints and networks.
To ensure that threats cannot take advantage of vulnerabilities in the way that a device
is confi gured, enterprises need to ensure that all endpoints—including onsite employee,
remote employee, and guest endpoints—attempting to connect to the network are
confi gured according to corporate security policies. Endpoint compliance from Symantec
provides an end-to-end network access control solution that ensures all endpoints are in
total compliance with established corporate security policies before they can access the
production network and its resources, or only a minimal set of resources such as a
connection to the Internet. These solutions securely control access to corporate networks
based on policy, seamlessly integrate with the enterprise’s existing network infrastructures,
and are simple to deploy and manage.
By offering comprehensive endpoint compliance and endpoint protection technologies,
Symantec delivers true endpoint security. As one of the fi rst security solutions companies
to provide this combination of industry-leading endpoint security offerings, Symantec
enables organizations to eliminate the vulnerabilities and threat gaps that exist in their
endpoint security strategies.
ENDPOINT
PROTECTION
ENDPOINT
COMPLIANCE+
Figure 1
Endpoint security is the combination of endpoint protection with
endpoint compliance
4
ENDPOINT SECURITY
Standardizing with market-leading endpoint security solutions
Deploying multiple discrete solutions from multiple vendors to address the wide array
of diverse threats that affect endpoint security creates an environment of complexity
that is diffi cult and expensive to maintain and manage. Increased complexity can also
create threat gaps that are diffi cult to detect and often go unnoticed until it’s too late.
Symantec simplifi es enterprise security management by delivering a set of market-
leading complementary solutions to deliver comprehensive endpoint security. In fact,
Symantec has even combined many of its market-leading endpoint protection and endpoint
compliance technologies into one easy-to-deploy agent that can be easily managed from
a single, centralized management console.
Whether it’s for desktop, laptops, mobile devices, or servers, Symantec provides a complete
array of solutions that enable organizations to protect a wide array of endpoints against
today’s and tomorrow’s threats. Furthermore, allowing enterprises to standardize with a
single vendor for all of their endpoint security needs not only reduces complexity, but
also reduces costs in licensing, training, support, and overall IT administration.
Holistic approach to endpoint security
With professional hackers targeting multiple entry points with a wide array of different
types of threats to gain unauthorized access and control of vital data, enterprises need
to take a holistic approach to securing their endpoints. It’s no longer suffi cient to deploy
reactive antivirus and antispyware measures. Enterprises need to employ proactive
endpoint security measures that have the ability to prevent zero-day attacks and unknown
threats. They need to combine both reactive and proactive endpoint protection with
comprehensive endpoint compliance measures. And they need to take a structured
approach to security that not only protects their network from threats on all levels, but
also provides a high degree of interoperability, integration, and ease of management.
The breadth and depth of its endpoint security portfolio enables Symantec to take a
holistic approach to endpoint security. Key to this holistic approach is the ability to create,
deploy, manage, and report on a comprehensive array of endpoint security activities that
encompass both endpoint protection and endpoint compliance. By delivering a complete
set of complementary security solutions that work together—including antivirus,
antispyware, network threat protection, proactive threat protection, and network access
control—Symantec delivers holistic endpoint security to address the full spectrum of
endpoint threats in a way that simplifi es endpoint security management efforts and
reduces total cost of ownership.
Symantec simplifi es
enterprise security
management by delivering
a set of market-leading
complementary
solutions to deliver
comprehensive
endpoint security.
5
To provide protection against the multiple
entry points that professional hackers target,
Symantec provides solutions specifi cally
for desktops and laptops, servers, and
mobile devices.
Endpoint protection
Symantec delivers unrivaled endpoint protection for today’s changing threat landscape.
A critical aspect of its endpoint protection offerings is the strength not only in its traditional
antivirus and antispyware technologies, but also in its array of integrated network threat
protection and proactive threat protection technologies. Additionally, to provide protection
against the multiple entry points that professional hackers target, Symantec provides
solutions specifi c to desktops and laptops, servers, and mobile devices through its three
main endpoint protection offerings.
Symantec™ Endpoint Protection
Symantec Endpoint Protection combines Symantec AntiVirus™ with advanced threat
prevention to deliver unmatched defense against malware for laptops, desktops, and
servers. This unmatched level of endpoint protection protects enterprises against known
and unknown targeted threats, including viruses, worms, Trojans, mutating spyware,
adware, rootkits, and zero-day attacks.
This multilayered approach signifi cantly lowers risks and gives organizations the confi dence
that their business assets are protected. It’s a comprehensive product that delivers all
the capabilities that organizations need to secure their endpoints, but with the ability to
enable the pieces of the solution that they need as they need them. Furthermore, all
of these essential technologies are provided in one agent that is administered via a single
management console.
Symantec™ Mobile Security
To protect against the emerging threats targeting mobile endpoint devices, Symantec™
Mobile Security provides comprehensive protection for mobile devices running Windows
Mobile® and Symbian OS™ operating systems. Its on-device, automatic, real-time scanning
helps protect against threats downloaded from the Web, sent via email or a Wi-Fi
connection, or received via Bluetooth® or infrared ports. Symantec™ Mobile Security
Corporate Edition for Symbian OS™ provides even higher levels of protection with its
proactive protection and integrated antivirus and fi rewall capabilities.
Symantec™ Critical System Protection
Symantec Critical System Protection provides proactive host intrusion prevention to
guard against threats that specifi cally target enterprise servers. Its proactive endpoint
defenses employ exploit prevention, endpoint controls, and security monitoring and
auditing to ensure server integrity and compliance across heterogeneous platforms.
Its centralized console enables administrators to confi gure, deploy, and monitor security
policies on a mix of server platforms throughout the enterprise. The console also makes it
easy for administrators to quickly respond to alerts, as well as run reports on system activity.
7
Improved security
Eliminates threat gaps and addresses the vast spectrum
of known and unknown attacks that comprise the
ever-changing threat landscape for desktops, laptops,
servers, and mobile devices.
Decreased complexity
Delivers a complementary set of endpoint security
solutions that improve security, simplify deployment, and
facilitate overall management.
Decreased costs
Eliminates the need to purchase overlapping technology
licenses, and reduces training, support, and management
expenses as a result of vendor standardization.
Benefi ts of Symantec Endpoint Security
Increased control
Gives IT administrators complete control over which
endpoints can and cannot access an enterprise network,
and improves their overall ability to manage their
deployed endpoint security technologies.
Consistent enforcement
Ensures that endpoint security policies are consistently
enforced across the entire enterprise.
Through its coupling of endpoint protection and endpoint compliance solutions,
Symantec enables enterprises to realize:
Symantec endpoint security
solutions deliver unmatched,
comprehensive endpoint
security that enables
enterprises to address the
full spectrum of endpoint
threats against their
desktops, laptops, servers,
and mobile devices.
Endpoint compliance
The managed state of an enterprise’s individual endpoints plays a critical role in the
overall security and availability of its IT infrastructure and related business operations.
The new wave of sophisticated crimeware not only targets specifi c companies, but it also
targets desktops and laptops as backdoor entryways into those enterprises’ business
operations and valuable resources. Further escalating the threat is the fact that enterprises
must also deal with growing user populations that, in addition to regular onsite employees,
include remote employees, short-term employees, guests, contractors, and
other temporary workers. Symantec™ Network Access Control and Symantec™ On-Demand
Protection combine to enable organizations to address these growing threats.
Symantec™ Network Access Control
Symantec Network Access Control enables organizations to ensure the proper confi guration
and security state of user endpoints—including those of onsite employees, remote employees,
guests, contractors, and temporary workers—before they are allowed to access resources on
the corporate network. It discovers and evaluates endpoint compliance status, provisions the
appropriate network access, and provides remediation capabilities to ensure endpoint security
policies and standards are met. Symantec Network Access Control easily integrates with any
network infrastructure, making its implementation more comprehensive, faster to deploy, easier
to manage, and more cost-effective than competing solutions.
To provide enterprises with the most comprehensive and fl exible levels of protection
available, Symantec Network Access Control offers three different evaluation technologies
for assessing the state of endpoints attempting to access the network: persistent agents,
dissolvable agents, and a remote vulnerability scanner. Symantec Network Access Control
also gives enterprises the fl exibility they need to easily integrate multiple enforcement methods
into their existing environment without increasing operational complexity, management, and
maintenance overhead. Enforcement options include LAN, DHCP, and Gateway enforcement
methods along with a host-based self-enforcement solution that provides the easiest and fastest
enforcement deployment option, since it does not require the deployment of a network-based
enforcement solution. Symantec also offers a Symantec Network Access Control Starter Edition
option to help companies easily and quickly begin a network access control implementation.
Symantec™ On-Demand Protection
Symantec On-Demand Protection prevents the loss of enterprise data—such as company
fi nancials, customer information, and intellectual property—caused by unmanaged devices
such as home computers, kiosks, and guest laptops gaining unprotected network access
through Web-enabled applications (e.g., Webmail), SSL VPNs, and wireless LANs. Symantec
eliminates the exposures caused by unmanaged devices by delivering an On-Demand agent
that adapts its policies to the environment. The Symantec On-Demand Protection agent
integrates endpoint security technologies that ensure compliance with security policies,
prevent unauthorized data transfer, and protect confi dential information.
9
Symantec™ Global Intelligence Network
Endpoint security from Symantec is backed by the Symantec Global Intelligence Network,
an integrated service that provides customers with the critical intelligence needed to
reduce security risks, improve regulatory compliance, and strengthen their overall security
posture. Symantec Global Intelligence Services provide insight into the latest global,
industry, and local threats and attacks so an organization can respond proactively to
emerging threats.
Symantec Global Services
To provide customers assistance and guidance on how to best deploy, manage, and maximize
the benefi ts and features provided by Symantec endpoint security solutions, Symantec
Global Services provides a wide range of consulting, technical education, and support
services. Symantec Enterprise Support Services has three levels of protection designed
to meet the needs of the small business or the large enterprise. Symantec Education
has a portfolio of training courses designed to get users and administrators up to speed
quickly. Symantec Consulting Services starts with antivirus deployment and migration
assistance and can provide Residency Services, where Symantec Consultants work
side by side with customers’ IT staff, or Operational Services, where the entire endpoint
security function can be outsourced to Symantec—the security experts.
Unmatched, simplifi ed, and comprehensive endpoint security
Symantec endpoint security solutions empowers enterprises to take the holistic approach
needed to combat the sophisticated, stealthy, and targeted attacks that plague today’s
changing threat landscape. It redefi nes endpoint security by offering endpoint protection
and endpoint compliance technologies to deliver comprehensive security for their
endpoints. It reduces the complexities and costs associated with endpoint security by
enabling organizations to standardize with market-leading solutions that work together to
improve security, reduce total cost of ownership, and ease management efforts. Symantec
endpoint security solutions delivers unmatched, comprehensive endpoint security that
enables enterprises to address the full spectrum of endpoint threats against their
desktops, laptops, servers, and mobile devices.
10
Symantec is a global leader in infrastructure software, as well as endpoint
security, enabling businesses and consumers to have confi dence in a
connected world. It has the industry’s deepest portfolio of security solutions
to help organizations protect endpoint systems and corporate information
from a broad spectrum of internal and external security risks. Symantec
helps customers protect their infrastructure, information, and interactions
by delivering software and services that address risks to security, availability,
compliance, and performance.
About Symantec
Symantec is a global leader in
infrastructure software, enabling
businesses and consumers to have
confi dence in a connected world.
The company helps customers protect
their infrastructure, information, and
interactions by delivering software
and services that address risks to
security, availability, compliance,
and performance. Headquartered
in Cupertino, California, Symantec
has operations in 40 countries.
More information is available at
www.symantec.com.
For specifi c country offi ces and
contact numbers please visit
our Web site. For information
in the U.S., call toll-free
1 800 745 6054.
Symantec Corporation
World Headquarters
20330 Stevens Creek Boulevard
Cupertino, CA 95014 USA
1 408 517 8000
1 800 721 3934
www.symantec.com
Copyright © 2007 Symantec Corporation. All rights
reserved. Symantec and the Symantec logo are
trademarks or registered trademarks of Symantec
Corporation or its affi liates in the U.S. and other
countries. Other names may be trademarks of their
respective owners.
07/07 12098908