Presentation is loading. Please wait.

Presentation is loading. Please wait.

Norman Enterprise Security Suite Increased control reduce TCO.

Published byJonas Garrett Modified over 9 years ago

Similar presentations

Presentation on theme: "Norman Enterprise Security Suite Increased control reduce TCO."— Presentation transcript:

1 Norman Enterprise Security Suite Increased control reduce TCO

2 For an average enterprise, indirect cost elements may contribute 50% or more of the overall TCO Gartner, Inc.

3 Calculating endpoint TCO Technology procurement Staff maintaing the technology Upgrades Reimaging Replacements Management systems Security systems Security incidents Potential loss value

4 Endpoint TCO Increasing Due to Malware Malware Related Costs: –IT Effort To Enforce Endpoint Security Policy –Cost To Reimage Computers –Cost To Upgrade Computers –Cost To Replace Computers –Cost of Increased Help Desk calls –Decreased User Productivity 4 Malware Signatures Malware Related Costs Traditional Endpoint Security Effectiveness 2007: 250K Monthly Malware Signatures Identified 2013: 2M+ Monthly Malware Signatures Identified Fame to Profit Exponential Growth Increasing Sophistication

5 The Endpoint is the main Attack Vector Browsers, Apps and OS all have known vulnerabilities 2/3 of apps have known vulnerabilities. Average patch install delay -> 45 days (corporates) Rogue USB I njecting malware: Conficker, Stuxnet Etc. Data loss/removal Virus/Malware 3 Million malware is added to the AV signature files per month Average 100 000 new malware per day

6 Industry-wide operating system, browser, and application vulnerabilities, 1H10–2H12 Source: MICROSOFT SECURITY INTELLIGENCE REPORT, VOLUME 14

7 Unique computers reporting different types of exploits, 3Q11–4Q12 Source: MICROSOFT SECURITY INTELLIGENCE REPORT, VOLUME 14

8 Vulnerability disclosures for Microsoft and non-Microsoft products, 1H10–2H12 Source: MICROSOFT SECURITY INTELLIGENCE REPORT, VOLUME 14 Microsoft takes care of Microsoft Who takes care of all the other applications?

9 Windows update is a good tool, but...... generates frustrating restarts

10 Additional update agents needed All these agents generates: Memory footprint CPU usage Additional reboots

11 Growing Endpoint Complexity Many Consoles Disparate Architecture Many Agents Multiple Consoles 3-6 different management consoles on average for endpoint security and management Agent Bloat 3-10 agents installed per endpoint Memory and CPU load Decreased network performance Lack of Control 54% of IT security professionals cite managing the complexity of security as their #1 challenge 43% of existing access rights were either excessive or should have been retired Increasing TCO of Point Technologies Integration & Maintenance Many Vendors | Many Consoles | Many Agents

12 Solution Strategy

13 Defense in Depth Endpoint Strategy Patch & Config. Mgmt. Reduce IT risk by gaining control over unknown and unwanted applications 48% of IT departments report that operating expenses are increasing with the main driver tied directly to increasing malware incidents.

14 Norman Platform Advantage Many Products Many Consoles Disparate Architecture Many Agents One Partner One Platform Many Solutions Single Console Agile architecture Single Agent

15 Modular Agent Single common agent delivers and manages many capabilities via pluggable services Provides single, integrated communication mechanism between the NESEC agent and the server Monitors and secures NESEC modules on the endpoint 15 Patch and Remediation Application Control Client Transport Security COMM Event Queue

16 NESEC Platform Architecture Norman Enterprise Security Server Corporate HQ Remote Offices & Subsidiaries DMZ Online-Offline Continuous Policy Enforcement Norman Distribution Server Norman Distribution Server Vulnerabilities Patches Hashes Unified Compliance Framework Application Integrity Services AV Signatures Configurations Systems Management WAN Norman Distribution Server Norman Distribution Server Unified Content and Integrity Services Mobile Endpoints Internet

17 Patch & Remediation

18 Vulnerability Management Should Be Easy, Right? Proactively managing your vulnerabilities eliminates 90% of your risk … “Over 90% of cyber attacks exploit known security flaws for which a remediation is available” - Gartner 18

19 Norman Patch & Remediation Comprehensive and secure Patch Management Rapid, accurate and secure patch and configuration management for applications and operating systems: – Support for Windows and Non-Windows OS – 3rd Party application support – Avoid patch drift – Granular deployment control for Server and Desktop environments Systems management capabilities

20 RHEL 3 x86 RHEL 4 x86 SLES 9 x86 SLES 9 x86_64 SLES 10 x86 SLES 10 x86_64 Solaris 8-10 SPARC Solaris 10 x86 Solaris 10 x86_64 HP-UX 11.00-11.23 AIX 5.1-5.3 Mac OS X RHEL 3 x86 RHEL 4 x86 SLES 9 x86 SLES 9 x86_64 SLES 10 x86 SLES 10 x86_64 Solaris 8-10 SPARC Solaris 10 x86 Solaris 10 x86_64 HP-UX 11.00-11.23 AIX 5.1-5.3 Mac OS X Adobe Acrobat Reader Adobe Flash Player Apple iTunes Apple QuickTime Apple iLife Apple Safari Mozilla Firefox RealPlayer Sun JRE Citrix Skype WinZip VMware ESX Server VMware Server VMware Player VMware Workstation Adobe Acrobat Reader Adobe Flash Player Apple iTunes Apple QuickTime Apple iLife Apple Safari Mozilla Firefox RealPlayer Sun JRE Citrix Skype WinZip VMware ESX Server VMware Server VMware Player VMware Workstation Windows 2000 SP3 Office 2000 PowerPoint 2000 Project 2000 Word 2000 Excel 2000 Access 2000 Office XP Visual Studio.NET Internet Explorer 5.5 ISA Server 2000 Content Management Server Windows 2000 SP3 Office 2000 PowerPoint 2000 Project 2000 Word 2000 Excel 2000 Access 2000 Office XP Visual Studio.NET Internet Explorer 5.5 ISA Server 2000 Content Management Server Content Beyond Windows Update Windows 8 Windows 7 Windows Vista Windows Server 2008 Windows XP Windows Server 2003 Windows 2000 SP4 SQL Server 2000 SP4 - 2005 Exchange Server 2003 - 2007.NET Framework MDAC Internet Explorer 5.01 SP4 - 9 ISA Server 2004 SharePoint Office Browsers Office 2003, Office 2007 Office XP SP2+ DirectX Windows Defender Windows 8 Windows 7 Windows Vista Windows Server 2008 Windows XP Windows Server 2003 Windows 2000 SP4 SQL Server 2000 SP4 - 2005 Exchange Server 2003 - 2007.NET Framework MDAC Internet Explorer 5.01 SP4 - 9 ISA Server 2004 SharePoint Office Browsers Office 2003, Office 2007 Office XP SP2+ DirectX Windows Defender Windows Update Legacy Content 3 rd Party Apps Addt’l Platforms

21 Delivering more than just patching… Systems Management: Inventory: – Software – Hardware – Services Software Distribution Remote Desktop Power Management – Policy Setting / Enforcement – Wake on LAN Configuration setting / enforcement – Disable 3rd party vendor auto update, Adobe, Java Compliance Controls

22 Device Control

23 The USB challenge Unintentional Data loss Intentional data removal “Any USB stick is to be considered as the open Internet” (Kongsberg Maritime) Rouge USB portable storage devices may inject malware to the PC at insertion

24 Today’s most wanted criminal........ in the hands of your most trusted employee

25 How we lose our data Un-intentional data lossIntentional data leakage

26 Norman Device Control – Policy-Based Data Protection and Encryption Granular Policy Management: – On all ports and removable media devices plugging into the endpoint: » Bi-Directional file copy shadowing » File type filtering » Data copy restrictions Encrypting sensitive data Meet compliance mandates

27 Norman Device Control PCMCIA WIFI COM FIREWIRE Bluetooth IrDA USB LPT LAN Controls access to any plug & play device regardless of connectivity type World of Devices

28 Application Control

29 Norman Application Control Proactive Protection Against Malware and More – Visibility and Control: Control local admin rights Deny unwanted / unapproved application Easy Audit Easy Lockdown Automated whitelist with rules based trust engine: » Trusted Updater » Trusted Publisher » Trusted Path » Local Authorization

30 Reduce Local Admin Risk with Application Control Control Panel – uninstall program Task Manager – kill process Regedit / Command ActionExample How Norman Stops Install Applications Change Configurations Remove Patches & Uninstall Software Defeat Security Tools control.exe Denied Application: cmd.exe regedit.exe taskmgr.exe Denied Application: Application Control: Easy Lockdown Trust Engine

31 Return of investment

32 Customer stories «Number of full time IT maintenance employees reduced from 4 to 1.5» – Freed up 2.5 to other tasks «Marginal return of over 90%» – Per $ 1.00 spent - avoiding $1.91 in endpoint related cost Average experienced ROI: 15,4 months

33 Strategic direction By investing in the neccesary software and automation, IT resources can be freed up to work on strategic initiatives that drive the bottom line

34 Thank you!

Download ppt "Norman Enterprise Security Suite Increased control reduce TCO."

Similar presentations

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.
© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Call Center Call Center on a Stick Ceedo for Call Center Presentation.

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Call Center Call Center on a Stick Ceedo for Call Center Presentation.
Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
The System Center Family Microsoft. Mobile Device Manager 2008.

The System Center Family Microsoft. Mobile Device Manager 2008.
Introduction to Systems Management Server 2003 Tyler S. Farmer Sr. Technology Specialist II Education Solutions Group Microsoft Corporation.

Introduction to Systems Management Server 2003 Tyler S. Farmer Sr. Technology Specialist II Education Solutions Group Microsoft Corporation.
Www.cleo.com Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.

Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.
Managed Infrastructure. 2 ©2015 EarthLink. All rights reserved. IT resources are under pressure… is it time to rethink the IT staffing model? Sources:

Managed Infrastructure. 2 ©2015 EarthLink. All rights reserved. IT resources are under pressure… is it time to rethink the IT staffing model? Sources:
Building on the Foundation of Windows Vista: Introduction to Windows 7: Security and Management Dan Stolts IT Pro Evangelist Microsoft

Building on the Foundation of Windows Vista: Introduction to Windows 7: Security and Management Dan Stolts IT Pro Evangelist Microsoft
Benefits of CA Technology & HVB Bank Romania Study Case Bucharest, May 31, 2005.

Benefits of CA Technology & HVB Bank Romania Study Case Bucharest, May 31, 2005.
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
Why Improve Datacenter Automation? “ Studies show up to 80% of network availability incidents and 60% of security issues can be tied to human error” CIO.

Why Improve Datacenter Automation? “ Studies show up to 80% of network availability incidents and 60% of security issues can be tied to human error” CIO.
Shavlik Patch for Microsoft System Center

Shavlik Patch for Microsoft System Center
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Customer confidential 1 Privilege Management Sean Moore Solutions Specialist.

Customer confidential 1 Privilege Management Sean Moore Solutions Specialist.
Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.

Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.
by Evolve IP Managed Services

by Evolve IP Managed Services
Norman Endpoint Protection Advanced security made easy.

Norman Endpoint Protection Advanced security made easy.

Similar presentations

Ads by Google