Complete Endpoint protection

1. Complete Endpoint Protection Ahmed Sharaf – Managing Director, Xband Enterprises, Inc.

2. Malware Continues to Grow… 2 Source: McAfee Labs, 2013 Malware continues to grow and get more sophisticated… 0 2,000,000 4,000,000 6,000,000 8,000,000 10,000,000 12,000,000 Q1 2010 Q2 2010 Q3 2010 Q4 2010 Q1 2011 Q2 2011 Q3 2011 Q4 2011 Q1 2012 Q2 2012 Q3 2012 Q4 2012 Q1 2013 14,000,000 New Malware Samples 2012 new malware sample discoveries increased 50% over 2011 New malware samples grew 22% from Q4’12 to Q1‘13

3. Four Phases of an Attack 3 Example: Fake AV How the attacker first crosses path with target. First Contact Malicious Website Network Access Physical Access Unsolicited Message How the attacker gets code running first time on target machine. Local Execution Configuration Error Exploit Social Engineering How the attacker persists code on the system, to survive reboot, stay hidden, hide from user and security software. Establish Presence Persist on System Self-Preservation Download Malware Escalate Privilege The business logic, what the attacker wants to accomplish, steal passwords, bank fraud, purchase Fake AV. Malicious Activity Adware & Scareware Identity & Financial Fraud Propagation Bot Activities Tampering Malicious Website Exploit Persist on System Adware & Scareware

4. Removable Media Storage Laptop Desktop ATM’s Medical Devices Servers (Physical and Virtual) Databases Storage The Evolving Endpoint WORKSPACE FIXED FUNCTIONDATACENTER 4

5. Mobile Devices Systems Management Agent Traditional Architecture for Endpoint Security HIPS Agent Encryption DLP Agent Every SOLUTION has a CONSOLE Every CONSOLE requires a SERVER Every SERVER requires a OS and a DATABASE Every OS/DB requires PEOPLE, MAINTENANCE, PATCHING WHERE DOES IT END? 5

6. McAfee Endpoint Protection Platform Strategy 6 Complete endpoint security Cloud Application Database OS HW-Enhanced Security Information and Events Risk and Compliance Unified Security Operations Desktop Laptop Mobile Server Virtual Embedded DataCenter Desktop/Laptop Windows Only Blacklist Files Focus on Devices Static Device Policy Disparate, Disconnected Management COMPLETE ENDPOINT SECURITYFIRST-GENERATION

7. LOCAL EXECUTION ESTABLISH PRESENCE MALICIOUS ACTIVITYFIRST CONTACT 4 Phase Protection Methods McAfee® SiteAdvisor® Website Filtering McAfee Device Control Physical File Transfer McAfee Desktop Firewall McAfee Desktop Firewall McAfee Web Gateway and McAfee Email Gateway Web Filtering Email Filtering McAfee VirusScan® Enterprise On-Access Scanning File Scanning Write Blocking McAfee Database Activity Monitor Database Vulnerability Blocking McAfee VirusScan® Enterprise Rootkit Detection McAfee Host Intrusion Prevention Buffer Overflow Prevention Behavioral Prevention McAfee Application Control for Servers or Desktops Install and Execution Prevention Change Protection 7

8. Intel Security - A Proven Leader in Endpoint Security 8 Gartner Magic Quadrant Leader for 7 straight years! • Placed furthest on Completeness of Vision axis • Superior Manageability with ePO • Next Generation Endpoint Platform • Security Connected Vision attainable for customers • Advancing Protection Rankings • Comprehensive Solution • Strength of Intel / McAfee Together Gartner Disclaimer This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from http://www.gartner.com/technology/reprints.do?id=1-26F1285&ct=141223&st=sb. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

9. Complete Endpoint Protection—Enterprise Complete Simplicity • Unified, open security management for all endpoints • One solution for PC, Mac, Linux, or virtual • Turnkey simple installation in minutes • Use less resources to manage security with single console Complete Performance • Security optimized for high performance across all platforms • Dynamic whitelisting offers a no -scanning, small desktop footprint • Real-time visibility reducing time to reaction by 10 to 1000 times • Smart scanning technology optimizes CPU and memory usage Complete Protection • The market’s broadest set of security technologies • Proven leader in blocking exploits, evasion and stealthy threats • Application Whitelisting shown to provide 100% protection 9 Endpoint Protection Windows & Unix AV  Mac & Linux AV  Endpoint Firewall  Host Intrusion Prevention  Application Blocking  Application Control – Desktop  Web/Messaging Security SiteAdvisor with Web Filter  Anti-malware Email  Data Protection Device Control  Management & Deployment ePO 

10. Complete Endpoint Protection—Business Complete Simplicity • Unified, open security management for all endpoints • One solution for PC, Mac, Linux, or virtual • Turnkey simple installation in minutes • Use less resources to manage security with single console Complete Performance • Security optimized for ultimate performance on any platform • Real-time visibility reducing time to reaction 10x to 1000x • Smart scanning technology optimizes CPU and memory usage Complete Protection • The market’s broadest set of security technologies • Proven leader in blocking exploits and stealthy threats 10 Endpoint Protection Windows & Unix AV  Mac & Linux AV  Storage Server AV  SharePoint AV  Endpoint Firewall  Intrusion Prevention  Application Blocking  Web/Messaging Security Antimalware Email  SiteAdvisor with Web Filtering  Data Protection Device Control  Drive Encryption  File & Removable Media Protection  Management & Deployment ePO 

11. Complete Protection—Proven by Independent Testing 11 Collection Missed Detected Total Detected (%) Missed (%) Anti-Malware Desktop 0 4634 4634 100.000 0.000 Spyware 0 1773 1773 100.000 0.000 Trojan 0 910 910 100.000 0.000 Overall 0 7317 7317 100.000 0.000 VSE On-Access, HIPS, and Dynamic Application Control Source: Westcoast Labs 2012 Exploit Evasion Combined McAfee 97% 100% 99% Symantec 91% 100% 96% Sophos 88% 97% 93% Kaspersky 92% 92% 92% F-Secure 79% 88% 84% Microsoft 65% 100% 83% AVG 76% 88% 82% ESET 71% 92% 82% Trend 73% 53% 63% Norman 47% 75% 61% Panda 41% 75% 58% Combined Detection Rates Source: NSS Labs 2013

12. • Complete Data Protection • Encryption • Native Encryption Management • DLP: Endpoint and Network Data Protection Broad Solution Coverage for Enterprise Problems 12 • Data Center Suites • Application Control for Servers • MOVE (McAfee Optimized for Virtual Environments) • Database Security Server Protection • Policy Auditor • Risk Analytics Risk Management • ePO Deep Command • ePO Cloud Security Management

13. For More Information: www.McAfee.com/endpoint On The Web Third Party Reviews Whitepapers and Solution Briefs Four Phases Video www.mcafee.com/endpoint 13

14. #1 in Exploit and Evasion Protection. Complete Protection Complete Performance, Protection, Simplicity 14 Dynamic Whitelisting, Smart Scanning, Dynamic Risk Assessment. Complete Performance McAfee leads in Management, Scalability and Reaction time. Complete Simplicity

16. ePolicy Orchestrator McAfee ePolicy Orchestrator (McAfee ePO) Security Management Platform for unified management of endpoint, network, and data security. • End-to-end visibility • An open, extensible architecture • Proven efficiencies 16 • Personalized Command Center • Drag-and-Drop Dashboards and Actionable Reports • Role-based Access Control • Powerful Workflows • Enterprise-ready • Extensible Framework Complete Management

17. McAfee Application Control for Desktop 17 McAfee Application Control software provides complete protection from unwanted applications and code—blocking threats without requiring signature updates. • Protect against zero-day and APTs without signature updates • Strengthen security and lower ownership costs with dynamic whitelisting • Automatically accept new software added through your authorized processes • Provide flexibility to desktop users by optionally allowing them to approve new applications • Block known and unknown threats • Use whitelisting to only allow approved applications to run • Integrates with McAfee ePO console for centralized IT management • Easily protect unsupported legacy systems, such as Microsoft Windows NT and 2000 Complete Endpoint Security

18. McAfee Data Center Suites 18 McAfee Data Center Suites provide complete protection for physical and virtualized server—superior threat blocking with minimal signature-based scans. • Low overhead, increased security for demanding server environments • Use whitelisting to only allow approved applications to run, denies malware • Protect against zero-day and APTs without signature updates • Strengthen security and lower ownership costs with dynamic whitelisting • Integrates with GTI to classify binaries as Good, Bad and Unknown • Integrates with McAfee ePO console for centralized IT management • Integrates with VMware, Microsoft HyperV and Citrix • Easily protect unsupported legacy systems, such as Microsoft Windows NT and 2000 McAfee Datacenter Security Suite for Server McAfee Virus Scan Enterprise – Windows and Linux  McAfee Application Control – Server  McAfee MOVE – Virtual Desktop Infrastructure  McAfee ePO  Complete Endpoint Security

19. Performance 19 McAfee application control = low performance impact 50% 60% 40% 30% 20% 10% Endpoint Resource Usage (for illustration only) Utilization 70% 80% 90% 100% McAfee App Control AV + HIPs

20. McAfee VirusScan Enterprise 20 McAfee VirusScan Enterprise proactively stops and removes threats, extends coverage for new security risks, and reduces the cost of managing responses. • Protect your files from viruses, worms, rootkits, Trojans, and other threats • Proactive protection against new and unknown buffer-overflow exploits that target vulnerabilities in Microsoft applications • Easily configure policies to manage and remove quarantined items • Supports users who are using both Microsoft Outlook and Lotus Notes • Supports Windows desktop OS (2000, XP, Vista, 7, 8) and Windows Server OS (2000, 2003, 2008, 2012) Exploit Evasion Combined McAfee 97% 100% 99% Symantec 91% 100% 96% Sophos 88% 97% 93% Kaspersky 92% 92% 92% F-Secure 79% 88% 84% Microsoft 65% 100% 83% AVG 76% 88% 82% ESET 71% 92% 82% Trend 73% 53% 63% Norman 47% 75% 61% Panda 41% 75% 58% Combined Detection Rates NSS Labs Protection & Evasion Test 2013: (VSE/HIPS/SAE) • Unbeatable malware detection and removal • Proactive protection from zero-day attacks • Integrates with McAfee GTI for real-time defense • Managed by ePO for deployment, configuration, enforcement and reporting • Optimized for fast performance and educed system impact Complete Endpoint Security

21. McAfee Host IPS 21 McAfee Host Intrusion Prevention for Desktop delivers unprecedented levels of protection from known and unknown zero-day threats by combining signature and behavioral intrusion prevention system (IPS). • Enforce the broadest IPS and zero-day threat protection coverage across all levels: network, application, and system execution • Advanced threat protection through dynamic, stateful desktop firewall • Single, unified management by ePO • Patch endpoints less frequently and with less urgency • Location aware policies provide specific protection based on location • Behavioral Analysis - zero-day attack protection • Mitigates patch deployment urgency • Ensure applications only perform legal operation • Vulnerability shielding capabilities for up to 100% MS vulnerability coverage Complete Endpoint Security

22. McAfee Endpoint Encryption 22 McAfee Endpoint Encryption solutions use industry-leading encryption algorithms and offers multiple layers of data protection to transparently secure a broader scope of confidential information. • Drive and file/folder encryption for Microsoft Windows PCs or Mac OS X • Enables automatic, transparent encryption without hindering performance • Enhanced performance through support for Intel AES-NI technology • Remote out-of-band management with ePO Deep Command • Supports: Windows 8, 7, Vista, XP Server 2008, 2003; (32- and 64-bit) • Enforces strong access control with pre- boot authentication • Prevents unauthorized access to information on PCs, laptops, network servers, and removable media • Provides key-sharing mechanisms that allow users to share files securely • Centrally managed with ePO Complete Endpoint Security

23. McAfee Device Control 23 McAfee Device Control protects data from falling into the wrong hands via removable storage devices and media, such as USB drives, MP3 players, CDs, and DVDs. • Control how users copy or retrieve data • Supports USB drives, iPods, recordable CDs/DVDs, Bluetooth and infrared devices, imaging equipment, COM and LPT ports • Centrally define, deploy, manage, and update security policies and agents • Set device and data policies by user, group, or department. • Support compliance with detailed user- and device-level logging • Gather details such as device, time stamp, and data evidence for prompt and proper audits • Protect your business from data loss • Maintain control over your confidential data • Enable productivity while ensuring data protection • Centralize and simplify your security management • Prove compliance with less effort Complete Endpoint Security

24. McAfee VirusScan Enterprise for Storage 24 McAfee Enterprise VirusScan for Storage extends proven real-time threat protection to mission critical NAS environments. • McAfee’s proven, award-winning scanning technology has been extended to storage environments • Rely on always-on, up-to-date, real-time security • High availability ensures business continuity in the unlikely event of a product failure • Multi-vendor support saves time and IT overhead and eliminates the need for separate point products for each vendor • Deploy ePO to manage all of your new security solutions or leverage your current investment by adding VSE for Storage to your ePO infrastructure • Continuous protection for storage devices and their data • Cost-effective solution • Common security management with ePO • Supports: IBM StoreWize V7000 Unified System, IBM Sonas, • HP StorageWorks X9000 Network Storage Systems • Sun Storage 7000 Unified Storage Systems • Isilon Complete Endpoint Security

25. McAfee VirusScan Enterprise for Linux 25 McAfee VirusScan Enterprise for Linux delivers always-on, real- time anti-virus protection for Linux environments. Its unique, Linux- based on-access scanner constantly monitors the system for potential attacks. • Secure your enterprise with always-on protection • Heuristic scanning • Archive scanning • Cross-platform protection • Save time with automatic updates • Make management easy with McAfee ePolicy Orchestrator (ePO) • Deploy new kernels quickly and easily • Supports various Linux distributions • SuSE Linux 9, 10, 11 • Novell Open Enterprise Server 1, 2 • Red Hat Enterprise 4.x; 5.x; 6.x • CentOS 4.x, 5.x, 6.x • Fedora Core 10, 11, and 12 • Ubuntu 8.04, 9.04, 9.10, 10.04, 10.10, and 11.04 Complete Endpoint Security

26. McAfee SiteAdvisor Enterprise with Web Filtering 26 McAfee SiteAdvisor Enterprise rates website safety using comprehensive behavioral and web reputation tests. • Advanced anti-phishing and blocking capabilities • Websites are classified into 104 categories • Secure web browsing and content filtering for business users • GTI integration provides protection at a URL level instead of domain level • Supports IE, Firefox, Chrome browsers • Educate end users about the dangers of searching or surfing the Internet • Browse safely - color-coded rating system lets users know which websites are safe and which are risky improve productivity • Advanced customization to authorize or block websites based on overall site ratings or threat factors • Integrated URL & content filtering • Manage with ePO for deployment, configuration, and reporting Complete Endpoint Security

27. McAfee ePO Deep Command 27 McAfee ePO Deep Command provides secure and remote out-of-band security management access to PCs that may be powered off or disabled. • Utilizes Intel® vPro™ Active Management Technology (AMT) • Discovers Intel vPro-based PCs in infrastructure • Easily configure and provision Intel AMT from ePO console • Put protection in place ahead of threats, even if systems are powered off or using encryption • Ensure that powered-off and remote endpoints adhere to policies and configurations • Connect to the keyboard, video, and mouse (KVM) capabilities of supporting Intel® vPro™ systems • Securely extend the reach of remote remediation with IP-KVM functionality • Remotely remediate PCs when disabled • Conduct wake and patch • Access PCs at hardware level • Improve security to all PCs regardless of state • Remote out-of-band encryption management • Supports Intel Core i5 vPro or Core i7 vPro Complete Endpoint Security

28. McAfee Endpoint Protection for Mac 28 McAfee Endpoint Protection for Mac secures Apple endpoints with complete, advanced protection, including anti-virus, anti-spyware, firewall, and application protection. • Educate On-access scanning - always-on protection to stop threats before they execute • Scan archives & compressed files, Apple Mail messages & network volumes • System firewall stops network- based attacks from infecting the Mac • Application protection provides the ability to deny applications that are not approved to run • Managed by ePO • Adaptive Mode - Helps to learn network traffic and fine tuning the existing firewall policies • Regular mode - Ensures your firewall policies are enforced strictly • DNS Blocking - Blocks access to unwanted sites • Location awareness - Ensures correct policies are enforced based on the location from where you are connecting to the network. Complete Endpoint Security

29. McAfee Security for Email Servers 29 McAfee Security for Email Servers provides comprehensive content security for Microsoft Exchange and Lotus Domino servers. • Comprehensive inbound security against all email-borne threats • Integrated encryption and data loss prevention capabilities for compliance and policy enforcement • Security-as-a-Service (SaaS), on-premises, and integrated hybrid deployment options • Cloud-based computing provides virtually limitless capacity • Platforms supported: • Microsoft Exchange 2003, 2007, 2010, 2013 • Lotus Domino 8.0, 8.5 • Windows Server 2003, 2008, 2012 • Linux (Domino 8.5) Server • Novell SUSE Linux Enterprise Server 10, 11 • Red Hat Enterprise Linux Complete Endpoint Security

30. McAfee Security for Microsoft SharePoint 30 McAfee Security for Microsoft SharePoint ensures that your corporate SharePoint deployment does not spread malware, store inappropriate content, or lead to data loss. • Prevent SharePoint from becoming a malware vector by blocking viruses, worms, Trojans, and other potentially unwanted programs • Centralized and local reporting via the McAfee ePO • Prevent data loss through flexible content filtering • Store quarantined documents locally and search the database by infection name, file name, and other parameters • Prevent inappropriate and unauthorized documents from being stored on your SharePoint server • Supported Platforms: • Microsoft SharePoint Server 2003, 2007, 2010 • Microsoft SharePoint Services 2.0, 3.0 • Microsoft Windows Server Complete Endpoint Security

31. McAfee Policy Auditor 31 McAfee Policy Auditor software automates manual audit processes and helps you report consistently and accurately against internal and external policies. • Unify management of policy audits and endpoint security • Run consolidated audits across both managed (agent-based) and unmanaged (agentless) systems • Report against key industry mandates and internal policies • Up-to-date data, powerful dashboards and reports, and built-in waiver management simplify every step • SCAP-FDCC validated • Validated by the National Institute of Standards and Technology (NIST) as conforming to the SCAP standard Supported operating systems. • Microsoft Windows XP, Vista, 7 • Windows Server 2000, 2003, 2008 • Red Hat Enterprise Linux 3.0,4.0, 5.0, 5.1 • MAC OS X 10.4, 10.5 • HP-UX (RISC) 11iv1, 11iv2 • AIX (Power5, Power6) 5.3 TL8 SP5, 6.1 TL2 SP Complete Endpoint Security

32. McAfee Web Gateway 32 McAfee Web Gateway delivers comprehensive security for all aspects of web traffic, regardless of location or device. McAfee Web Gateway enables today’s web-centric enterprises with a powerful rules-based engine for optimal policy flexibility and control. • Protect Geo-location (McAfee GTI) • Web reputation (McAfee GTI) • Web filtering (McAfee GTI) • Dynamic categorization • File reputation (McAfee GTI) • SSL scanning • Media/file analysis • Data loss prevention • Signature-based antivirus • Proactive anti-malware • Common criteria EAL2+ and FIPS 140-2 Level 2-certified • Leader in Gartner Magic Quadrant, Web Gateway for four years running • Number one-rated antimalware solution on the market (AV-Test.org) Complete Endpoint Security

33. Product Resources (click on image to browse to web) 33

Complete Endpoint protection

Complete Endpoint protection

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente(20)

Similar a Complete Endpoint protection

Similar a Complete Endpoint protection(20)

Más de xband

Más de xband(20)

Último

Último(20)

Complete Endpoint protection