1. Lumension: Because Hope is no Strategy Andreas Müller Regional Sales Manager D/A/CH

2. Press Highlights Conficker hits Kärnten Government! 3000 Clients down! Datatheft at German Telekom: 17.000.000 Data of Customers lost! About 1.000.000 version of new Malware in 2008! Cybercrime cost $1 Trillion in 2008 1

3. Endpoints are the Weakest Link 2 Skript-Kiddies changed to business man

4. 3

5. What Sources of Endpoint Risk do Threats Target? 4 65% Mis- Configurations 30% Missing Patches 5% Zero-day Attacks Exploit Risks at the Core The CORE / Sources of Risk Source: John Pescatore Vice President, Gartner Fellow

6. Traditional, Reactive Security Approaches 5 Security Add-on Solutions Desktop Firewall Anti-Virus Spyware IPS Heuristics Application Blacklist EXTERNAL THREATS The CORE / Sources of Risk X X X X X X

7. Endpoints are the Weakest Link 6 The weakest Point in IT: The User

8. Proactive, Operational Approach 7 Authorize Software Use Eliminate Data Leakage Internal Threats: Enforce Application & Device Use Policies

9. Endpoints are the Weakest Link How has the Security Landscape Changed and What is the Impact? Increasing number of vulnerabilities for all platforms and applications Endpoints are targeted by internal and external threats Attacks from “well funded adversaries” target endpoints Data protection is a major challenge and cost Traditional and reactive security approaches are ineffective Evolving regulations create strict compliance and reporting standards 8

10. What We Deliver 9  Dynamically enforce application/device policies to prevent security threats at the endpoint  Proactively discover and assess risks and threats within the IT environment for comprehensive view of risk profile Lumension delivers best-of-breed, policy-based solutions that address the entire security management lifecycle.  Assess, prioritize and remediate vulnerabilities for continuous validation and compliance reporting

11. Lumension More Effectively Secures the Endpoint 10 Endpoint Security must address internal and external threats Platform Security  VA and Remediation  Application Control User Security  Application Control  Device Control Data Security  Device Control  Data-at-Rest  Content Filtering Internal and External Threats Internal Threats External Threats Vulnerability Management / Patch Solution Endpoint Security Solution Data Security Solution

12. Effective Endpoint Security is a Continuous Process 11 Discover Assets Develop Policy Assess & Remediate Threats Enforce Policy Compliance Audit Centralized Management & Reporting

13. Who is responsible for this? 12 YOU!

14. Patchlink Scan 13

15. Comprehensive Reporting Out-of-the-box reports provide high-level or detailed information on vulnerabilities found Compare security posture to common industry tracking mechanisms 14

16. PatchLink Scan™ Value Quickly Discover All Network Assets and Vulnerabilities Accurate Network-based Assessments Actionable Information Delivered to Make Intelligent Policy Decisions Comprehensive Vulnerability Coverage Highly Scalable Architecture Common Criteria EAL2 Certified 15

17. Patchlink Update

18. PatchLink Update™ Value Stay Ahead of Threats with Automated and Accurate Enterprise-Wide Patch Management »Most accurate patch applicability and assessment »Deploy patches within hours of release from vendor »Capabilities and context to effectively act on information - Role and Task Based »Redundant vulnerability assessment Broad Support of Content via Open Architecture »Leverages content directly from OS/Application vendors »Broad English and international content support »Security and operational patches Protect Heterogeneous Environments with One Solution »All major Operating System platforms »All major third party applications 17

19. Rapid, Accurate Network-based Scans 18 Thorough and accurate discovery of all network devices Detailed assessment checks on configurations, AV, worms, Trojans, missing patches, open ports, services and more Deep inspection of target systems

20. PatchLink Security Configuration Management™ 19

21. PatchLink SCM™ Workflow Policy Management Upload a Security Configuration Specification Customize Security Specifications Policy Assessment Apply a Security Configuration Specification Perform a Manual Assessment Policy Compliance Reporting View Group Policy Compliance Details View Device Security Configuration 20

22. Open, Standards-Based Approach to Policy Compliance Comprehensive Policies »Security Content Automation Protocol (SCAP)Security Content Automation Protocol »Hundreds of pre-defined checks Easy-to-edit XML Format »New policy checklists can be added/created Based on Industry Standards »OVAL, XCCDF, CVE, CME, CPE »Ensure compliance with specific regulations (i.e. FDCC, PCI, etc.) »Improved operational efficiencies due to security best practices 21

23. How Policies get into PatchLink SCM™ 22 XCCDF Policy Instance  Mapping policies and other sets of requirements to high-level technical checks OVAL Archive  Mapping technical checks to the low-level details of executing those checks SCAP Checklist Policy  Government (OMB Mandate)  Industry (PCI, SOX, HIPAA)  US or other Regulations  Corp. Specific best practices PatchLink SCM Automation (monitoring/reporting)

24. How Policies get into PatchLink SCM™: Example 23 XCCDF Policy Instance  Mapping policies and other sets of requirements to high-level technical checks OVAL Archive  Mapping technical checks to the low-level details of executing those checks SCAP Checklist Policy  Government (OMB Mandate)  Industry (PCI, SOX, HIPAA)  US or other Regulations  Corp. Specific best practices NIST SP 800-53 Authentication Management Policy: System’s minimum password length is at least 8 characters XCCDF Mapping: Map specific requirement for system’s minimum password length is at least 8 characters OVAL Check Mapping: Check to be performed (E.g.) on all Windows XP based computers

25. PatchLink SCM™ Value 24 Ensures that security configurations are standardized throughout the enterprise Ensures continuous policy compliance Improves operational efficiency Consolidates vulnerability and mis-configuration monitoring and reporting

26. PatchLink Developers Kit™ 25

27. Develop Custom Patches Create and deliver patches and updates for commercial or proprietary software Patch legacy applications and niche products Open and modify any packages available via PatchLink Update 26

28. PatchLink PDK™ – How it Works 27

29. Lumension VMS 28

30. Comprehensive Vulnerability Assessment and Remediation 29 Discover, Assess and Remediate Vulnerabilities for Policy Compliance Rapid identification of unprotected endpoints Automated remediation of configuration and software vulnerabilities Advanced vulnerability, configuration and policy compliance reporting Flexible, open support for all major platforms, applications and vulnerability and configuration content Purpose-built to support compliance with regulatory policies and industry standards Vulnerability Assessment and Remediation for Configuration Issues & Patches PatchLink Developers Kit™ (Add-On Module) PatchLink Scan™ (Network Based) PatchLink Update™ (Agent Based) PatchLink Security Configuration Management™ (Add-On Module) – FDCC and PCI

31. Sanctuary ® Application Control 30

32. Sanctuary ® Application Control Value Protects against both known and unknown threats Safeguards against zero-day threats and targeted attacks Controls proliferation of unwanted applications from burdening network bandwidth Maximizes benefits of new technologies and minimizes risk of network disruption Stabilizes desktop and Windows server configurations Enables adherence with software license agreements 31

33. Sanctuary ® Device Control 32

34. Automates discovery of peripheral devices Provides granular device control permission settings Offers flexible encryption options 33 PatchLink Developers Kit™ Enforcement of Peripheral Device Use Policies Delivers detailed audit capabilities  Patented bi-directional “Shadowing” of data written to/from a device  All device access attempts  All administrator actions Sanctuary ® Application Control Sanctuary ® Device Control Endpoint Policy Enforcement (Agent Based)

35. Sanctuary ® Device Control Value Minimizes risk of data theft / data leakage via any removable device »Granular Device Control Policies »Forced Encryption »File Type Filtering »Detailed Audit Capabilities »Blocks USB Keyloggers Prevents malware introduction via unauthorized removable media Assures compliance with privacy and confidentiality regulations and policies 34

36. Overall 35

37. Lumension Product Portfolio 36 Sanctuary ® Application Control Sanctuary ® Device Control Vulnerability Management for Configuration Issues & Patches Endpoint Policy Enforcement PatchLink Developers Kit™ (Add-On Module) Enterprise-Wide Compliance Reporting PatchLink Enterprise Reporting ™ Enterprise Policy Management PatchLink Security Management Console ™ PatchLink Scan™ (Network Based) PatchLink Update™ (Agent Based) PatchLink Security Configuration Management™ (Add-On Module) – FDCC and PCI (Agent Based)

38. Who we are? 37

39. Who We Are 38 Leading global security management company, providing unified protection and control of all enterprise endpoints.  Ranked #14 on Inc. 500 list of fast growing companies  Ranked #1 for Patch and Remediation for third consecutive year  Ranked #1 Application and Device Control  Over 5,100 customers and 14 million nodes deployed worldwide Award-Winning, Industry Recognized and Certified

40. Worldwide Customer Deployments 39 Miscellaneous Charities Legal Services Manufacturing Dolphin Drilling Health Care Transportation/Utilities Media Education Bishop’s Stortford College Financial Government/ Military

41. Industry-Leading Partnerships 40

42. Distribution partner Baltics 41

43. Thank you.