sophos security and data protection overview by: mun foong, che – channel manager
TRANSCRIPT
Sophos Security and Data Protection
Overview
by: Mun Foong, Che – Channel Manager
Michael E Porter
• Professor at Harvard Business School
• A leading authority on company
strategy and the competitiveness of
nations and regions
• Six-time winner of the McKinsey Award
for the best Harvard Business Review
• Harvard Business School's program for
newly appointed CEOs of multibillion
dollar corporations
• ‘Father of the Modern Strategy’
3
Sophos – A Leading Security Vendor Globally
Security experts innovating for 23 years
Focused on sophisticated management
capabilities for the enterprise customer
Protecting over 70,000 customers and 100 million end-user in nearly 150 countries
Revenue in 08/09 of US$270m with 27% year-on-year growth
19,000 new customers worldwide during FY 2009. Over half of newly-acquired Sophos customers were Symantec and McAfee displacements.
Providing real-time threat analysis and live
updates 24 hours a day
About Sophos
Privately held since inception in 1985
Sophos and Utimaco combined in 2008
1500+ Employees, more than 600 people in R&D
Solid revenue growth, profitable
Dedicated focus on businesses
4
Global Presence
Asian Offices in Singapore, Hong Kong, Philippines, China, Taiwan,
Indonesia , Malaysia with Representation in Thailand
ReputationAnalysis
BehaviorAnalysis
MalwareAnalysis
Spam Analysis
Application Analysis
Web Analysis
SydneyOxfordBoston
Vancouver
Exploit Analysis
Search engines
Spam Traps
Honey Pots
Customers (WS1000)
Other vendors
Reputation data
Blocking by
reputation
Smallest, fastest
signatures
SophosLabs knows threats better than anyone
Sophos Security and Data Protection
Security that frees organizations to focus on their business
Simplified security enables your business
Trusted expertise and proven solutions
Complete protection for less investment
9
Complete Protection
•Proactive threat protection with a single engine across endpoint, email and web
Anti-malware
•Controlling devices, applications and the use of email/web prevents the inadvertent and deliberate leakage of information
DLP
•Securing data on computers and removable storage devices as well as in email communication
Encryption
•Ensuring computers meet the required internal security policies
•Managing internet acceptable use policy
Compliance
Comprehensive security and control
11
Simplified Management•Intuitive
management provides dashboard view of security status
•New policies and functionality can quickly be deployed across the estate
•Managed appliances automate day-to-day administration of the gateway
•Automatic, frequent, zero-effort updates
Reduces administration
•Sophisticated data leakage prevention across endpoint, email, web
•Certified encryption technologies secures sensitive information
•Centralized encryption policy management enforces company wide
•Anonymizing proxy blocking ensures acceptable internet use
Ensure compliance
•The integrated third party security software removal tool makes deployment easy
•Managed appliances deploy easily offering immediate results
Ease of Switching
Switch or Upgrade?
Switching to Sophos Upgrading to Symantec
1. Install Sophos Enterprise Console on the same server or parallel system (so you are still protected as you switch).
1. Uninstall the Reporting Server if you have it installed.
2. Deploy Sophos Endpoint Security and Data Protection to clients - automatically if you use Active Directory or using the wizard. Our integrated tool will ensure Symantec AntiVirus will be automatically removed.
2. Use Symantec System Center to configure settings for the management server and clients that prepare them for migration. These settings changes consist of: disabling scheduled scans, modifying Quarantine purge options, deleting histories, disabling LiveUpdate, disabling roaming, unlocking server groups, and disabling Tamper Protection.
3. Uninstall Symantec System Center. 3. Install the Symantec Endpoint Protection Manager.
4. Migrate your legacy clients and servers.
5. Uninstall Symantec System Center.
6. Migrate legacy client or server that was used to protect the computer running Symantec System Center.
Source: migration information on www.symantec.com
13
Trusted Solutions
•Minimizes impact on system performance of users machines
•Seamless user experience of internet surfing
Low impact
•Technical Support provided by in-house experts
•Pre-packaged intelligence from SophosLabs
Support
•Recognized as an industry leader
•Award winning products and technologies
Proven
14
Gartner Magic Quadrant for EPP
Gartner recognizes key strengths:
Strong reputation for support and service
from customers and the channel
Good balance of management simplicity
without sacrificing depth of control
Multi-platform management from a
single console
Improved data protection capability with
Utimaco acquisition
Improved malware detection
NAC embedded in the agent
15
Gartner Magic Quadrant for EPP
“Buyers that prefer a broad,comprehensive EPP suitewith simplified management capabilities ......should consider Sophos.”
Gartner, Magic Quadrant for Endpoint Protection Platforms 2009
16
Gartner Magic Quadrant for EPP
“Buyers that prefer a broad,comprehensive EPP suitewith simplified management capabilities ......should consider Sophos.”
Gartner, Magic Quadrant for Endpoint Protection Platforms 2009
17
Gartner Magic Quadrant – Mobile Data Protection
Through its completed acquisition of Utimaco, Sophos has created a combined company that can challenge McAfee.The cultures of the companies were compatible ..and the new road map is impressive.
Gartner, Magic Quadrant for Mobile Data Protection Sep 2009
Virus Bulletin RAP Average Quadrant Jun – Dec 09
Sophos Security and Data Protection
• Anti-virus, -spyware, -
adware
• Application control
• Device control
• Full disk encryption
• Network access control
• Firewall
• Wide range of platform
support
• Spam, phishing, malware
• Sender Genotype
reputation filter
• SXL real-time spam
updates
• Content control
• SPX and TLS Encryption
• Hardware/software
options
• Real-time malware
scanning
• URL/reputation database
• Content control
• Anonymizing proxy
blocking
• HTTPS scanning
• DLP post control
• Managed appliances
Email Securityand
Data Protection
Endpoint Security
andData Protection
Web Securityand Control
Endpoint (90,000 users)
SAP (Germany) – 10,000 Servers
Endpoint– 20,000 User
Key wins (Global)
21
6,000 User LicenseSymantec Displacement
60,000 User LicenseComputer Associates Displacement
10,000 User LicenseMcAfee Displacement
90,000 User License McAfee Displacement
1,400 User License Symantec Displacement
6,000 User LicenseSymantec Displacement
3,800 User License McAfee Displacement
100,000 User LicenseMcAfee Displacement
5,000 User LicenseComputer Associates/Sybari Displacement
22,300 User License Computer Associates Displacement
20,000 User LicenseMcAfee Displacement
15,000 User LicenseSymantec Displacement
350,000 User License Symantec Displacement
20,000 User License Symantec Displacement
11,000 User License Symantec Displacement
5,000 User License Symantec Displacement
20,000 User License Symantec Displacement
Sophos confidential. Not for distribution or external discussion
20,000 User LicenseSymantec Displacement
What’s new in Endpoint 9.0
Endpoint Security and Control 9.0
Enhancements cover:
Management
Security
Data Protection
Making management even easier
Management enhancements
Role based administration:
4 default role levels (admin, sys admin, help desk and guest)
authenticated via Windows groups
customizable control over policies and actions
devolve sub-estate management
Computer based reports (compliance - protection status over time)
User based reports (application, device and data control policies)
Reports can be scheduled and emailed automatically
Event viewer provides quick mechanism to analyse events
Brand new updating technology
Even better security
Security enhancements
Firewall location awareness – rule sets for on and off LAN
DNS or default gateway used to define location
Firewall training – report only mode in console, alert on learning
Combined client GUI and system tray icon (firewall + SAV)
Configurable rootkit detection/blocking
Continued HIPS rules enhancements
Supports Windows 7!
Integrating DLP
Device Control enhancements
Dedicated device control policy
Policy exceptions for individual instance or model types
Ability to control modems as a device type
Network bridging prevention
Granular control of:
Storage devices:
Removable storage - USB keys, removable hard disks
Optical / disk drives - CD / DVD / HD-DVD / Blu-ray
Network devices
Wi-Fi / Modems
Bluetooth
Infra-red
Rich DLP functionality that is simple to manageTOP S
ECRET
First fully integrated endpoint DLP solution
One agent
One license (Endpoint Security and Control)
Monitor and enforce on all common data exit points
Removable storage / optical media
Read only mode for storage
Internet applications (web browser, email client, IM client)
Designed to prevent accidental data loss
Train staff through use of desktop prompts
Events audited and available for review within SEC
Recent Updates
Non-Windows releases
SAV for Mac 7.0
Supports Mac OS X 10.6
New user interface
Scheduled scanning
SAV for UNIX 7.0
Central monitoring and reporting via Enterprise Console
Solaris 9/10 on SPARC and Intel, HP-UX 11i (Itanium)
Scheduled scanning
How do you get it?
Download available now
No license cost upgrade for customers with following:
Endpoint Security and Control
Endpoint Security and Data Protection
https://secure.sophos.com/support/updates
Summary
Key new features
Data loss prevention at the endpoint
Control of access to devices, ports and data from a unified client
Firewall enhancements: location awareness, centralized learning
Anti-virus protection / HIPS enhancements
Integrated and extended role based administration
Improved updating/package management, replacing EM Library
Extended reporting – status, scheduled
Thank you! Any questions?