Sophos Security and Data Protection

Overview

by: Mun Foong, Che – Channel Manager

Michael E Porter

• Professor at Harvard Business School

• A leading authority on company

strategy and the competitiveness of

nations and regions

• Six-time winner of the McKinsey Award

for the best Harvard Business Review

• Harvard Business School's program for

newly appointed CEOs of multibillion

dollar corporations

• ‘Father of the Modern Strategy’

3

Sophos – A Leading Security Vendor Globally

Security experts innovating for 23 years

Focused on sophisticated management

capabilities for the enterprise customer

Protecting over 70,000 customers and 100 million end-user in nearly 150 countries

Revenue in 08/09 of US$270m with 27% year-on-year growth

19,000 new customers worldwide during FY 2009. Over half of newly-acquired Sophos customers were Symantec and McAfee displacements.

Providing real-time threat analysis and live

updates 24 hours a day

About Sophos

Privately held since inception in 1985

Sophos and Utimaco combined in 2008

1500+ Employees, more than 600 people in R&D

Solid revenue growth, profitable

Dedicated focus on businesses

4

Global Presence

Asian Offices in Singapore, Hong Kong, Philippines, China, Taiwan,

Indonesia , Malaysia with Representation in Thailand

ReputationAnalysis

BehaviorAnalysis

MalwareAnalysis

Spam Analysis

Application Analysis

Web Analysis

SydneyOxfordBoston

Vancouver

Exploit Analysis

Search engines

Spam Traps

Honey Pots

Customers (WS1000)

Other vendors

Reputation data

Blocking by

reputation

Smallest, fastest

signatures

SophosLabs knows threats better than anyone

Sophos Security and Data Protection

Security that frees organizations to focus on their business

Simplified security enables your business

Trusted expertise and proven solutions

Complete protection for less investment

9

Complete Protection

•Proactive threat protection with a single engine across endpoint, email and web

Anti-malware

•Controlling devices, applications and the use of email/web prevents the inadvertent and deliberate leakage of information

DLP

•Securing data on computers and removable storage devices as well as in email communication

Encryption

•Ensuring computers meet the required internal security policies

•Managing internet acceptable use policy

Compliance

Comprehensive security and control

11

Simplified Management•Intuitive

management provides dashboard view of security status

•New policies and functionality can quickly be deployed across the estate

•Managed appliances automate day-to-day administration of the gateway

•Automatic, frequent, zero-effort updates

Reduces administration

•Sophisticated data leakage prevention across endpoint, email, web

•Certified encryption technologies secures sensitive information

•Centralized encryption policy management enforces company wide

•Anonymizing proxy blocking ensures acceptable internet use

Ensure compliance

•The integrated third party security software removal tool makes deployment easy

•Managed appliances deploy easily offering immediate results

Ease of Switching

Switch or Upgrade?

Switching to Sophos Upgrading to Symantec

1. Install Sophos Enterprise Console on the same server or parallel system (so you are still protected as you switch).

1. Uninstall the Reporting Server if you have it installed.

2. Deploy Sophos Endpoint Security and Data Protection to clients - automatically if you use Active Directory or using the wizard. Our integrated tool will ensure Symantec AntiVirus will be automatically removed.

2. Use Symantec System Center to configure settings for the management server and clients that prepare them for migration. These settings changes consist of: disabling scheduled scans, modifying Quarantine purge options, deleting histories, disabling LiveUpdate, disabling roaming, unlocking server groups, and disabling Tamper Protection.

3. Uninstall Symantec System Center. 3. Install the Symantec Endpoint Protection Manager.

4. Migrate your legacy clients and servers.

5. Uninstall Symantec System Center.

6. Migrate legacy client or server that was used to protect the computer running Symantec System Center.

Source: migration information on www.symantec.com

13

Trusted Solutions

•Minimizes impact on system performance of users machines

•Seamless user experience of internet surfing

Low impact

•Technical Support provided by in-house experts

•Pre-packaged intelligence from SophosLabs

Support

•Recognized as an industry leader

•Award winning products and technologies

Proven

14

Gartner Magic Quadrant for EPP

Gartner recognizes key strengths:

Strong reputation for support and service

from customers and the channel

Good balance of management simplicity

without sacrificing depth of control

Multi-platform management from a

single console

Improved data protection capability with

Utimaco acquisition

Improved malware detection

NAC embedded in the agent

15

Gartner Magic Quadrant for EPP

“Buyers that prefer a broad,comprehensive EPP suitewith simplified management capabilities ......should consider Sophos.”

Gartner, Magic Quadrant for Endpoint Protection Platforms 2009

16

Gartner Magic Quadrant for EPP

“Buyers that prefer a broad,comprehensive EPP suitewith simplified management capabilities ......should consider Sophos.”

Gartner, Magic Quadrant for Endpoint Protection Platforms 2009

17

Gartner Magic Quadrant – Mobile Data Protection

Through its completed acquisition of Utimaco, Sophos has created a combined company that can challenge McAfee.The cultures of the companies were compatible ..and the new road map is impressive.

Gartner, Magic Quadrant for Mobile Data Protection Sep 2009

Virus Bulletin RAP Average Quadrant Jun – Dec 09

Sophos Security and Data Protection

• Anti-virus, -spyware, -

adware

• Application control

• Device control

• Full disk encryption

• Network access control

• Firewall

• Wide range of platform

support

• Spam, phishing, malware

• Sender Genotype

reputation filter

• SXL real-time spam

updates

• Content control

• SPX and TLS Encryption

• Hardware/software

options

• Real-time malware

scanning

• URL/reputation database

• Content control

• Anonymizing proxy

blocking

• HTTPS scanning

• DLP post control

• Managed appliances

Email Securityand

Data Protection

Endpoint Security

andData Protection

Web Securityand Control

Endpoint (90,000 users)

SAP (Germany) – 10,000 Servers

Endpoint– 20,000 User

Key wins (Global)

21

6,000 User LicenseSymantec Displacement

60,000 User LicenseComputer Associates Displacement

10,000 User LicenseMcAfee Displacement

90,000 User License McAfee Displacement

1,400 User License Symantec Displacement

6,000 User LicenseSymantec Displacement

3,800 User License McAfee Displacement

100,000 User LicenseMcAfee Displacement

5,000 User LicenseComputer Associates/Sybari Displacement

22,300 User License Computer Associates Displacement

20,000 User LicenseMcAfee Displacement

15,000 User LicenseSymantec Displacement

350,000 User License Symantec Displacement

20,000 User License Symantec Displacement

11,000 User License Symantec Displacement

5,000 User License Symantec Displacement

20,000 User License Symantec Displacement

Sophos confidential. Not for distribution or external discussion

20,000 User LicenseSymantec Displacement

What’s new in Endpoint 9.0

Endpoint Security and Control 9.0

Enhancements cover:

Management

Security

Data Protection

Making management even easier

Management enhancements

Role based administration:

4 default role levels (admin, sys admin, help desk and guest)

authenticated via Windows groups

customizable control over policies and actions

devolve sub-estate management

Computer based reports (compliance - protection status over time)

User based reports (application, device and data control policies)

Reports can be scheduled and emailed automatically

Event viewer provides quick mechanism to analyse events

Brand new updating technology

Even better security

Security enhancements

Firewall location awareness – rule sets for on and off LAN

DNS or default gateway used to define location

Firewall training – report only mode in console, alert on learning

Combined client GUI and system tray icon (firewall + SAV)

Configurable rootkit detection/blocking

Continued HIPS rules enhancements

Supports Windows 7!

Integrating DLP

Device Control enhancements

Dedicated device control policy

Policy exceptions for individual instance or model types

Ability to control modems as a device type

Network bridging prevention

Granular control of:

Storage devices:

Removable storage - USB keys, removable hard disks

Optical / disk drives - CD / DVD / HD-DVD / Blu-ray

Network devices

Wi-Fi / Modems

Bluetooth

Infra-red

Rich DLP functionality that is simple to manageTOP S

ECRET

First fully integrated endpoint DLP solution

One agent

One license (Endpoint Security and Control)

Monitor and enforce on all common data exit points

Removable storage / optical media

Read only mode for storage

Internet applications (web browser, email client, IM client)

Designed to prevent accidental data loss

Train staff through use of desktop prompts

Events audited and available for review within SEC

Recent Updates

Non-Windows releases

SAV for Mac 7.0

Supports Mac OS X 10.6

New user interface

Scheduled scanning

SAV for UNIX 7.0

Central monitoring and reporting via Enterprise Console

Solaris 9/10 on SPARC and Intel, HP-UX 11i (Itanium)

Scheduled scanning

How do you get it?

Download available now

No license cost upgrade for customers with following:

Endpoint Security and Control

Endpoint Security and Data Protection

https://secure.sophos.com/support/updates

Summary

Key new features

Data loss prevention at the endpoint

Control of access to devices, ports and data from a unified client

Firewall enhancements: location awareness, centralized learning

Anti-virus protection / HIPS enhancements

Integrated and extended role based administration

Improved updating/package management, replacing EM Library

Extended reporting – status, scheduled

Thank you! Any questions?