Presentation held by Mr.Vladimir Danilenko as a part of the Broadband Session at the 8th SEEITA and 7th MASIT Open Days Conference, 14th-15th October, 2010

1. Internet Security in corporate environment
Kaspersky Lab landscape view and approaches
Vladimir Danilenko
Presale and Consulting Group, EEMEA
Vladimir.Danilenko@kaspersky.com

2. On Kaspersky Lab
Three business areas:
Facts
• Products for Home
• Founded in 1997. • Products and Services
• Headquartered in Moscow, Russia, for Business
19 Local Offices all over the world
• Acknowledged leader in Antivirus • OEM solutions
technologies.
• Over 2000 highly skilled employees Market leader in:
worldwide.
• Over 250 million users worldwide • Key European retail markets
protected by our products and • Russia and CIS
technologies.
• China, India (*In terms of licenses)
• Over 200 000 corporate customers.
• Antivirus technology licensing
• Largest IT-security OEM-solutions
supplier, over 100 global partners. • #4 worldwide in the IT-security
• One of the fastest-growing security corporate market
software companies. • #1 selling security software in the
U.S. retail market

3. Products
For Home For Home Office Products And Services
For Business
Kaspersky Anti-Virus Kaspersky Kaspersky Open Space Security suites
Kaspersky Internet Security Small Office Security Specific products for targeted security
Kaspersky Mobile Security Software-as-a-Service solutions
Kaspersky PURE

4. Number of malware threats increasing rapidly
50.000.000
45.000.000
40.000.000
35.000.000
30.000.000
25.000.000
20.000.000
15.000.000
10.000.000
5.000.000
0
prior 2004 2005 2006 2007 2008 2009 2010
2004
• Over 17,000,000 new malwares in 2009
• Brand new sample for every 2 seconds
• Complexity increases

5. Infected websites number increases as well
Infected websites percentage
0,64%
0,35%
0,11%
0,004%
2006 2007 2008 2009
7

6. User-initiated downloads
Click to edit Master title style
• Click to edit Master text styles
• Attracting web links
• Second level
– Banners and attracting web links
• Third level
• Spam: e-mail, social networking
• SPAM: e-mail, IM, IM, social networks
– Fourth level
» Fifth level
• Black SEO
• Black SEO
June 10th, 2009 Event details (title, place)

7. www.masit.org.mk

8. Drive-by downloads infection mechanism
Web link visit
User computer analysis
Vulnerable application selection
Exploit generation and execution
Dropper generation
Dropper downloading
Rootkit/backdoor installation

9. Summary
• Using AV protection is essential
• New malwares torrent will only be worse
• More reasonable approach is crucial for
IT-security

10. KOSS Release 2

11. Updated applications for corporate protection
New AV engine applications:
 Kaspersky Anti-Virus 6.0 R2 for Windows
Workstations
 Kaspersky Anti-Virus 6.0 R2 for Window Servers
 Kaspersky Second Opinion Solution 6.0 R2
New management tool:
 Kaspersky Administration Kit 8.0

12. Endpoint protection

13. Protection components
File Anti-Virus (improved!)
Web Anti-Virus (improved!)
Mail Anti-Virus (improved!)
Proactive Defense (improved!)
Anti-Hacker (improved!)
Anti-Spam (improved!)
Device Control (Brand new!)
Anti-Spy

14. Web Anti-Virus
 Interception and inspection of HTTP-traffic
 Blocking of dangerous scripts
 Blocking of phishing links
 Protection of SSL connections

15. Mail Anti-Virus
● Intercepts SMTP, POP3, IMAP, NNTP
(including encrypted versions) traffic
● Regardless of the protocol using plug-ins to
Microsoft Outlook and The Bat! mail clients
● Possibility of infiltration and processing
attachments
● Disinfecting viruses in Microsoft Outlook and
Microsoft Outlook Express data files
● ICQ/MSN traffic inspection

16. Proactive protection
PDM 6.0 R2
Proactively blocks
PDM 6.0
• Trojan.Generic / Trojan.Cryptor
 Behavior blocker
• Worm.Generic / Worm.P2P.Generic
 Monitoring registry
• Concealed objects (Rootkits)
• Keyloggers
• Invaders
• Concealed data dispatch
• Attempt to collect passwords in a system
+ Malicious
• Anomalous behavior of applications
modifications rollback

17. Anti-Hacker
● Firewall
● Automatic setting
● Flexible filtering rules
● Training regime
● Intrusion detection system
● Blocking of attacking computer
● Network monitor

18. Anti-Spy
 Anti-banner
 Anti-dialer
 Blocking all types of
keyloggers

19. Device Control
Centralized management via
Kaspersky Administration Kit
• CCD/DVD-rom
• Bluetooth devices
• USB devices:
• Modems
• Phones
• Printers
• Data storage devices

20. What’s new? Comparison chart
Kaspersky Antivirus for
Windows Workstations 6.0 Release 2
File Anti-Virus Improved
Mail Anti-Virus Improved
Web Anti-Virus Improved
Proactive protection Improved
Firewall Improved
Anti-Spy
Anti-Spam Improved
Heuristic Analyzer Increased protection level
Anti-Rootkit
ICQ/MSN traffic inspection
IPv6 support Extra abilities
Device Control
Windows 7 support New platform

21. Servers protection

22. Kaspersky Anti-virus for
Windows Servers 6.0 R2
Kaspersky Anti-Virus for Windows Servers protects data on servers
running under Microsoft Windows from all types of malicious
programs. The product was designed specifically for high-
performance corporate servers that experience heavy loads.
Supported platforms:
• Microsoft Windows Server 2000
• Microsoft Windows Server 2003
• Microsoft Windows Server 2003 R2
• Microsoft Windows Server 2008
• Microsoft Windows Server 2008 R2
• Microsoft Small Business Server 2003
• Microsoft Small Business Server 2008
• Essential Business Server 2008
www.kaspersky.com

23. KAV for Windows File Server
● Network iSwift
● Several instances of antivirus core
● CPU load distributing
● Pausing of scanning process
● Blocking access of infected computers
● Flexible time settings for scanning
● Notification settings

24. New management system

25. Antivirus protection management system
• Centralized installation and management
• Administration groups
• Inheritance of group structure from logical network structure
• Control of antivirus applications through group policies
• Blocking of settings for users
• Group tasks for updates and on-demand check
• Special settings for laptop users
• Cisco NAC support
• Flexible reporting and notfication systems

26. Out-of-the-Box Protection
• Single product package containing everything
required to protect network immediately after
installation
• New deployment scenarios added including 1-
click deployment and native GPO-based
deployment support
• Removal of third-party protection software
and Kaspersky Anti-Virus deployment in one step

27. Out-of-the-Box Protection
•Optimized default settings are based on
best practices and require less customization
• Automatic license management makes
manual license installation obsolete
• Customizable dashboards provide
continuous system health monitoring

28. Usability Improvements
• Easier access to the most important and usable
features for beginners
• More advanced configuration options for expert users
• Better control over user interface can make antivirus
protection completely invisible for end users
• Streamlined policy inheritance supports more
versatile organization structures

29. New Features and Benefits
• Better performance and scalability with tens of
thousands of clients per Administration Server
• Update verification to test updates before
distribution them across the network
• Postponed processing — optional centralized decision
making for infected objects on a per-incident basis

30. Kaspersky Administration Kit 8.0 — The Interface

31. Test results
• Good installation wizard
having excellent user
navigation
• Client installation is fast
• Admin console is
designed clearly and
coherently
Remote installation is
very easy
• Good grouping functions
are available
• Manual is not necessary

32. Kaspersky Open Space Security
World-class security solution for your business

33. Kaspersky Open Space Security
The Kaspersky Open Space Security product line is designed to
protect corporate networks of any scale and complexity from all
types of modern computer threats.
www.kaspersky.com

34. Kaspersky Work Space Security:
protection for workstations / smartphones
Kaspersky Work Space Security provides centralized protection
from all types of contemporary computer threats for workstations
and smartphones on the corporate network and beyond.
Product Highlights
• Antivirus protection for core network nodes:
workstations, laptops, smartphones
• A new antivirus engine ensures
optimal use of resources
• Enhanced proactive protection for workstations
and file servers against new malicious programs
• On-the-fly scanning of email and Internet traffic
• Personal firewall for protection on any type
of network, including Wi-Fi
• Local protection from unsolicited emails
and phishing
• Prevents data leaks from lost smartphones
• Full Support for 64-bit systems
www.kaspersky.com

35. Kaspersky Business Space Security:
protection for workstations /smartphones /file servers
Kaspersky Business Space Security provides high-quality protection
for corporate information assets from all types of contemporary
computer threats.
Product Highlights
• Antivirus protection for key network nodes:
workstations, laptops, file servers and smartphones
• Enhanced proactive protection for workstations and
file servers against new malicious programs
• On-the-fly scanning of email and Internet traffic
• Protection for file servers running Windows, Linux and
Novell NetWare
• Comprehensive protection for terminal servers and
cluster servers
• Load balancing of server processes
• Full support for 64-bit systems
www.kaspersky.com

36. Kaspersky Enterprise Space Security:
protection for workstations/smartphones/file/mail/groupware servers
Kaspersky Enterprise Space Security ensures the free flow of
information within a company and secure communication with the
outside world.
Product Highlights
• Antivirus protection for critical network nodes:
workstations, laptops, file and mail servers as well as
smartphones
• Local protection from unsolicited emails and phishing
• Scanning of all messages on Microsoft Exchange
servers, including public folders
• Antivirus protection for Sendmail, qmail, Postfix and
Exim mail servers
• Scanning of messages, databases and other objects on
Lotus Notes/Domino servers
• Blocks mass mailings and malware outbreaks
www.kaspersky.com

37. Kaspersky Total Space Security:
multi-layer protection
Kaspersky Total Space Security provides integrated protection for
corporate networks of any size or level of complexity from all types
of contemporary computer threats.
Product Highlights
• Integrated protection from malware, spyware, hacker
attacks and spam at all levels of the corporate network
from workstations to Internet gateways
• Centralized protection from spam
• Centralized antivirus scanning of Internet traffic
(HTTP/FTP) in real time
• Protects all popular versions of Microsoft ISA Server
(including server arrays)
• Support for proxy servers (appliances and software)
www.kaspersky.com

38. New applications. October-November 2010
 Kaspersky Security for Exchange 8.0
 KAV for Microsoft TMG (ex-ISA) 8.0
 KAV for Windows Servers Enterprise Edition 8.0
 KAV for Lotus Notes/Domino 8.0
 Kaspersky Endpoint Security 8.0 for Linux
Servers/Workstations
 Kaspersky Endpoint Security 8.0 for Mac
 Kaspersky Endpoint Security 8.0 for Smartphones

39. Thank You
Internet Security in corporate environment
Kaspersky Lab landscape view and approaches
Vladimir Danilenko
Presale and Consulting Group, EEMEA
Vladimir.Danilenko@kaspersky.com