Transcript PowerPoint
What’s new in SEP 12.1.5
Presenter’s Name Here
Presenter’s Title Here
Major Attacks in 2014…
• Dragonfly
• CryptoLocker
• Gameover ZeuS
• Retail data breach
Increase in Targeted Attacks
ISTR 2014
2013
2012
+91%
Increase in targeted attack campaigns
Targeted Attack Campaigns
ISTR 2014
2011
Email per Campaign
Recipient/Campaign
Campaigns
Duration of Campaign
2012
2013
122
779
78
111
61
408
29
23
165
4 days
3 days
8.3 days
Zero-Day Vulnerabilities
Zero-Day Vulnerabilities, Annual Total,
2006 - 2013
Source: Symantec
30
23
25
20
15
13
15
14
14
12
9
10
8
5
0
2006
2007
2008
2009
2010
2011
2012
2013
23 zero-day vulnerabilities discovered
in 2013
More zero-day vulnerabilities discovered in
2013 than in any year since we started tracking
Increase from 14 in 2012
More zero-days in 2013 than in past two years
combined
Targeted Industries
ISTR 2014
Top 10 Industries Targeted
in Spear-Phishing Attacks, 2013
Source: Symantec
16%
15
14
13
13
Public Administration (Gov.)
Services – Professional
Services – Non-Traditional
Manufacturing
Finance, Insurance
& Real Estate
6
Transportation, Gas,
Communications, Electric
5
Wholesale
2
Retail
Mining
Construction
1
1
Size of Targeted Organization
Targeted attacks
are moving
downstream
Move beyond Antivirus with
Intelligent Security
Symantec IS Security Intelligence
7 Billion
File, URL & IP
1 Billion+
Devices Protected
2.5 Trillion
Rows of Security
2B+ events logged daily
Monitors Threats in 157+
countries
Classifications
Telemetry
Capturing previously unseen
threats and attack methods
More visibility across devices
creates better context and
deeper insight
Putting “big data” analytics to
work for every end user
Over 100,000 security alerts
generated annually
200,000 daily code
submissions
14 Data Centers World
Wide
550 Threat
Researchers
Intelligent Endpoint Protection
Layered protection to stop mass, targeted and advanced threats
Intelligent security technologies
Network
Threat
Protection
Blocks malware
before it spreads to
your machine
and controls traffic
Advanced
Scanning
Insight
Reputation
Blocks suspicious
files – even those
with no fingerprint
– before they
can run and steal
your data
Safety ratings for
every single
software file on
the planet, and
uses this to block
targeted attacks
SONAR
Behavior
Blocking
Symantec
Power
Eraser
Blocks software
with suspicious
behaviors to stop
advanced threats
Aggressive SMR
technology roots
out entrenched
infections and kills
them in seconds
INSIGHT: Reputation Monitoring for SEP
Contextual intelligence for dynamic analysis
Good Safety Rating
Attack
Quarantine
System
Analysts
File is whitelisted
Endpoints
Gateways
No Safety Rating Yet
Can be blocked
Honeypots
Analytics
Warehouse
Global Sensor
Network
Bad Safety Rating
3rd Party
Affiliates
Global Data Collection
Big Data Analytics
Global Intelligence Network
File is blocked
SONAR: Behavior Monitoring in SEP
Provides Zero-Day Protection Against Unknown Threats
Artificial Intelligence Based
Classification Engine
Human-authored
Behavioral Signatures
Behavioral Policy
Lockdown
Monitors 1390 file behaviors to answer:
What has it
done?
Where did it
come from?
What did it
contain?
Who is it
related to?
So… what’s new?
5
What’s New in 12.1.
Performance Enhancements
• Better client performance
• Reduced network load with
bandwidth throttling
• Reduced network storage space
Management Enhancements
• Integrated repair tool for better
control
• Linux client management support
• Integrated Host Integrity tool
• Remote MAC deployment
• Enhanced competitive uninstaller
Performance Enhancements
Client performance
• Improve boot time by more than
10%
Bandwidth throttling
• Better control of bandwidth to SEPM
• Can control connections based on:
– File location
– Bandwidth
– Subnet
– File size
– File type
Content deltas
• Reduces disk space on SEPM by 85-95%
• Store older content revisions as delta files
• Allows customers to cache more revisions
– Reduces the # of full definitions delivered over the network
Management Enhancements
Power Eraser Integration
• New option to run Power Eraser command from SEPM
• Reduce time to clean infected systems
• Mitigate False Positives
Power
eraser
Repair
Linux client management
• Fully managed by SEPM
• Antivirus policy management
• Reporting, monitoring and logging
• Single client package
Host Integrity checking and policy enforcement
• Previously SNAC-only features now added to SEP
– Host Integrity policies: pre-built and custom
– Peer-to-Peer enforcement
– Quarantine location
Remote deployment for Mac
• Remotely install Mac clients from the Symantec Endpoint
Protection Manager (SEPM)
Updated competitive uninstaller
• Removes over 300 products from more than 60 vendors, including:
–
–
–
–
–
–
–
–
–
–
–
–
McAfee
Trend Micro
Kaspersky
Microsoft
Sophos
AVG
AhnLab
Avast
Bitdefender
CA
Eset
Malwarebytes
Symantec Endpoint Protection 12.1.
Unrivaled
Security
• Intelligent Security
• Insight & SONAR
• Advanced extended
protection
Compared to traditional scanning methods.
5
Blazing
Performance
Smarter Management
• 70 % Less scan
overhead
• Smarter updates
• Optimized for higher
VM densities
• Scalable, flexible
control
• Remote management
• Granular policies and
reporting
3rd Party tests confirm Unrivaled Security & Blazing
Performance
• Dennis Technology Labs (2014)
• The only product to receive AAA ratings for
protection for the past FIVE quarters
• PASSMARK Report (2014)
• Received the highest overall score and
dominated other products in terms of product
performance
• AV-Test Org (2013)
• Detects and removes more threats than any
other solution in its class
More Information…
Customer Webcast on Oct.
28
What’s New at the
Endpoint? –
Move beyond AV
Mini Video
Partner Webcast
Blog
Thank you!
Presenter’s Name
Presenter’s email
Presenter’s phone
Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its
affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or
implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.