b Advanced Threat Protection Network DS 21349720
-
Upload
andreja-milovic -
Category
Documents
-
view
6 -
download
2
description
Transcript of b Advanced Threat Protection Network DS 21349720
Symantec™ Advanced Threat Protection:Network
Data Sheet: Advanced Threat Protection
Almost no company, whether large or small, is immune to targeted attacks. Five out of every six large companies (2,500+
employees) were targeted with spear phishing attacks in 2014, a 40 percent increase over the previous year. Small and
medium-sized businesses also saw an uptick, with attacks increasing 26 percent and 30 percent, respectively.1
Advanced threats are engineered to closely resemble legitimate applications, URLs, and emails, so threat signatures,
reputation scoring, and behavioral heuristics alone cannot detect everything, and with the ever increasing number of attack
vectors, systems, adversaries, and targets, it's becoming impossible to block every threat before it reaches a network.
ProProtecttect, Detect, Detect, and Respond, and Respond
Organizations can no longer focus purely on preventing threats at the endpoint; they must also ensure that they can detect
threats as they enter the network, as well as detect and respond to threats which have already taken a foothold. Symantec™
Advanced Threat Protection: Network provides automated threat analysis at the network for rapid detection of even the most
advanced malware designed to evade traditional Virtual Execution techniques.
Agentless integration with Symantec™ Endpoint Protection and Symantec™ Email Security.cloud gives a unique view across
multiple control points. This allows for automated and accurate prioritization of security events, reducing the volume of
security alerts and prioritizing the most significant threats.
Real-time threat prevention blocks netReal-time threat prevention blocks networkwork-based attacks-based attacks
Symantec Advanced Threat Protection: Network is available in either hardware appliance or Virtual Machine (VM) form-factors
and includes multiple protection components on-box, including Symantec Insight™, Mobile Insight, and Symantec Vantage™, to
detect threats and suspicious behavior as they occur on the network. These patented technologies detect and block threats in
real-time.
Symantec Insight and Mobile Insight are reputation-based security technologies that identify how common or rare a file is, how
old it is, and where it was first seen, and through context, it can detect new or rapidly mutating threats, as well as targeted
attacks. Symantec Vantage is an Intrusion Prevention System (IPS) technology, used to identify compromised machines by
detecting suspicious activity inside the network.
In addition, Symantec Advanced Threat Protection: Network includes Symantec Antivirus™ and IP, URL, and Domain blacklists
generated by the Symantec Global Intelligence Network.
Detect intelligent malware designed to evDetect intelligent malware designed to evade virtual exade virtual execution techniquesecution techniques
Symantec Cynic™ is a new, cloud-based service that detects unknown malware and advanced threats by executing content in
virtual and bare-metal sandbox environments. Cynic mimics human behavior over a range of operating systems and commonly
exploited applications to remotely execute suspicious files, and combines SONAR™ behavioral analysis with global threat
intelligence to return a verdict for a faster more confident detection. In 2014, 28 percent of all malware was VM-aware1, and
with most sandboxing technologies heavily reliant on hypervisors for content execution and analysis, the use of bare metal
environments is critical to detecting advanced malware.
1. Symantec Internet Threat Report, Volume 20, April, 2015
1
Symantec Cynic records all actions a file takes as potential Indicators of Compromise, and is able to determine if the content is
malicious within minutes, not hours. All of the file behavior is available within the Symantec Advanced Threat Protection:
Network management console, providing a thorough understanding of the file’s intended action.
Correlate acroCorrelate across netss networkwork, endpoint, endpoint, and email, and email
Advanced Threat Protection: Network is part of Symantec™ Advanced Threat Protection, a solution that detects and prioritizes
threats across network, endpoint, and email. It combines Symantec’s global threat intelligence with local intelligence to
strengthen protection capabilities, accelerate response times, and reduce security operating costs.
Symantec Synapse™ technology enables event correlation between Symantec Advanced Threat Protection: Network, Symantec
Endpoint Protection, and Symantec Email Security.cloud. Synapse removes the need for unnecessary manual investigations of
all reported security events, saving the time and effort of security analysts. With Synapse, only events that need attention are
investigated, driving down the overall cost of the security operations required to manage a steady stream of network events.
FFeatures & Benefitseatures & Benefits
• Agentless integration across Network, Email, and Endpoint
• Detailed file inspection intelligence, behavioral details, and analysis across multiple control points
• Better threat detection with Symantec Cynic, detecting even the most complex threats which are designed to evade the
virtualized sandbox environments commonly used to inspect files for malware
• Save time and effort by only investigating detection events that require the attention and intervention of security operations
Data Sheet: Advanced Threat ProtectionSymantec™ Advanced Threat Protection: Network
2
SSYSYSTEM RETEM REQUIREMENTQUIREMENTSS
Browser Clients fBrowser Clients for the UIor the UI
Microsoft Internet Explorer 11 or later
Mozilla Firefox 26 or later
Google Chrome 32 or later
Virtual Appliance DeploymentVirtual Appliance Deployment
VMware® ESXi 5.1, 5.5
Intel virtualization technology enabled
Virtual Machine (VM) Requirements
• Four CPUs (physical or logical)
• At least 16 GB memory
• 100 GB disk
PhPhysical Appliance Deploymentysical Appliance Deployment
Appliance Model 8840Appliance Model 8840 Appliance Model 8880Appliance Model 8880
Form Factor 1U Rack Mount 2U Rack Mount
CPU Single, Intel Xeon Six-core 2 x 12 core Intel Xeon
Memory 32 GB 96 GB
Hard Drive 1 x 1TB drive RAID 5 4 x 300GB
Power Supply Non-redundant PSU 2 x 750W Redundant power supply
Four Gigabit Ethernet ports: Four 10Gigabit Ethernet ports
Two 1Gigabit Ethernet ports
Network Interface Cards
1 WAN / LAN pair
1 Management port
1 Monitor port
2 WAN / LAN pairs (10Gigabit)
1 Management port (1Gigabit)
1 Monitor port (1Gigabit)
Data Sheet: Advanced Threat ProtectionSymantec™ Advanced Threat Protection: Network
3
More Information
Visit our website
http://enterprise.symantec.com
To speak with a Product Specialist in the U.S.
Call toll-free 1 (800) 745 6054
To speak with a Product Specialist outside the U.S.
For specific country offices and contact numbers, please visit our website.
About Symantec
Symantec Corporation (NASDAQ: SYMC) is an information protection expert that helps people, businesses, and governments
seeking the freedom to unlock the opportunities technology brings—anytime, anywhere. Founded in April 1982, Symantec, a
Fortune 500 company operating one of the largest global data intelligence networks, has provided leading security, backup,
and availability solutions for where vital information is stored, accessed, and shared. The company's more than 20,000
employees reside in more than 50 countries. Ninety-nine percent of Fortune 500 companies are Symantec customers. In fiscal
2014, it recorded revenue of $6.7 billion. To learn more go to www.symantec.com or connect with Symantec at:
go.symantec.com/socialmedia.
Symantec World Headquarters
350 Ellis St.
Mountain View, CA 94043 USA
+1 (650) 527 8000
1 (800) 721 3934
www.symantec.com
Copyright © 2015 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S.and other countries. Other names may be trademarks of their respective owners.
21349720 04/15
Data Sheet: Advanced Threat ProtectionSymantec™ Advanced Threat Protection: Network
4