Effectively Utilizing LEMSS: Top 11 Security Capabilities You Can Implement Today
-
Upload
lumension -
Category
Technology
-
view
518 -
download
0
description
Transcript of Effectively Utilizing LEMSS: Top 11 Security Capabilities You Can Implement Today
Effectively Utilizing L.E.M.S.S.
Top 11 Security Capabilities You Can Implement Today
Today’s Speakers
Chris MerrittSolution MarketingLumension
Kevin GarnierSales Engineering and Professional Services Lumension
2
Traditional Defenses Don’t Always Work
Traditional Technical IT Defenses
• Antivirus
• Patching Microsoft OS and Apps
• Gateway Firewalls
• Strong Passwords
3
If They Did, We Wouldn’t HaveIT Security Breaches!
Where Traditional Defenses Fall Short
Gaps in Technical IT Defenses
• Risk from Unpatched 3rd Party Apps
• Preventing Zero-Day Attacks and Targeted Malware
• Controlling “Local Admins Gone Wild”
• Actionable Reporting and Security Measurement
4
New Defense-in-Depth Approach
5
Por
t / D
evic
e C
ontr
ol
Full DiskEncryption
Fire
wal
l Man
agem
ent
Ant
i-Mal
war
e
App
licat
ion
Con
trol
/ W
hite
listin
g
Physical Access
NetworkAccess
11 Low-Cost Security CapabilitiesYou Can Implement Today
1 – Leverage the Platform
7
Patch & Remediation
• Heterogeneous Platform Support
• Broadest 3rd Party Vulnerability Content
• Automated Baselines and Advanced Patch
• Deployment and Reboot Control
Application Control
• Whitelisting with Reputation Service
• Simplified Whitelist and Policy Creation
• Automated “Trust Engine” Whitelist Maintenance
• Deny Unwanted Applications
AntiVirus
• Comprehensive Malware Signature Database
• Variant and Exploit Detection
• Sandbox Analysis
• Run-time Scanning
• CPU Throttling
Device Control
• Control Removable Devices
• Enforced Encryption for Removable Storage
• Filename Tracking & Full File Shadowing Audits
Lumension® Endpoint Management and Security Suite
Discovery & Agent DeploymentRole Based Access ControlHW/SW Inventory Assessment
Enhanced Wake on LANActive Directory SynchronizationCentralized Reporting
Scalable | Modular Extensible Agent | Modular Products | Secure
2 – Improve Patch Coverage
8
Expanded Microsoft Windows content » Targeting non-Security updates to platforms
and applications
New process for generating and releasing Microsoft content» Support uninstall for Windows content
when supported by Microsoft» Support automated superseding and
aging of Microsoft Windows content
Faster release of Patch Tuesday content» Built when Windows Update receives
content, not when MBSA is updated
Optimized content delivery » Improved detection times on WinXP
and Win2003
Available MS Content
Support for more non-security patches» Eliminates the need to build as
many non-security patches via standard content
Over 1000 new non-security bulletins added to the content repository
3 – Streamline Patch Process
9
Leverage endpoint agent status to home in on priority tasks
Feature» Ability to sort endpoints by status Benefits» Allows admin to easily sort and select
machines by patch status» Easily select machines in “Dirty C” or
“Dirty R” state for rebooting» Streamlines reboot process to save
admin time / effort
Sort by Agent Status Icon
4 – Centrally Manage Power Usage
10
Step 1: Set Your Power Policy
Define and distribute power policies for your systems
“Turn OFF your PCs”
Step 2: Manage Your Endpoints
Secure / manage your systems
“Turn ON your PCs”
Step 3: Audit Your Savings
Audit and Report on your PCs and qualify for a power company rebate
“Audit Your Power Savings”
Step 4: Qualify for a Rebate
Qualify for a rebate with your local power company
“Apply for a Rebate”
5 – Enforce Windows Security Settings
11
Simple wizard-based policy creation and baseline enforcement – without requiring additional tools:
» Patch Creation» Software Installs and Uninstalls » Windows Security Policies » Power Management Policies » NEW! Windows Firewall Policies
6 – Incorporate Add’l Defenses
12
Known Malware
Unknown Malware
Unwanted, Unlicensed, Unsupported Applications
Application Vulnerabilities
Configuration Vulnerabilities
AntiVirus X X
ApplicationControl X X
Patch & Remediation X X
Security Configuration Management
X
7 – Augment Local App Knowledge
13
Workflow1. Hashes sent to EIS
2. EIS returns verification rating for known files
3. App Library displays rating in verification column
4. Dashboard widget updated
Trust Rating» Confidence level that file is what it
claims to be• High/Medium/Low• Unknown / Not Assessed
Benefits» Reduces App Library management
overhead• Use verification rating to make
authorization/grouping decisions• Additional features to further simplify the
task of App Library management» Select all across multiple pages» Drag & Drop» Authorize/Deny from Library
1 2
34
Lumension Endpoint
Integrity Service
8 – Introduce “Denied Apps” Policy
14
Eliminate unknown or unwanted applications on your endpoints
Prevent applications from executing even while endpoints are in monitor mode only
Admin Console View
User Endpoint View
9 – Maintain Flexible Security
15
Admin Console View
User Endpoint View
Effectively Balance Security and Productivity• End user flexibility
• “Third Way” between Monitor and Lockdown
10 – Protect Against Physical Infiltration
16
11 – Introduce Reporting Transparency
17
“I no longer have to wait for a report. I can get the information I need immediately.”
Lumension Customer
» Graphical
» Customizable
» Interactive
» Schedulable
» Dynamic
» Flexible
» Secure
» Instantaneous
Enhanced Reporting
12 – Encrypt HDs / Removable Storage
18
Q & A
More Information
• Free Security Scanner Tools» Application Scanner – discover all the apps
being used in your network» Vulnerability Scanner – discover all OS and
application vulnerabilities on your network » Device Scanner – discover all the devices
being used in your network
http://www.lumension.com/Resources/Security-Tools.aspx
• Lumension® Intelligent Whitelisting™» Online Demo Video:
http://www.lumension.com/Resources/Demo-Center/Endpoint-Security.aspx
» Free Trial (virtual or download):http://www.lumension.com/intelligent-whitelisting/free-trial.aspx
• Get a Quote (and more)http://www.lumension.com/intelligent-whitelisting/buy-now.aspx#7
20
For in-depth technical discussion …• [email protected]• [email protected]
Global Headquarters8660 East Hartford Drive
Suite 300
Scottsdale, AZ 85255
1.888.725.7828