Effectively Utilizing L.E.M.S.S.

Top 11 Security Capabilities You Can Implement Today

Today’s Speakers

Chris MerrittSolution MarketingLumension

Kevin GarnierSales Engineering and Professional Services Lumension

2

Traditional Defenses Don’t Always Work

Traditional Technical IT Defenses

• Antivirus

• Patching Microsoft OS and Apps

• Gateway Firewalls

• Strong Passwords

3

If They Did, We Wouldn’t HaveIT Security Breaches!

Where Traditional Defenses Fall Short

Gaps in Technical IT Defenses

• Risk from Unpatched 3rd Party Apps

• Preventing Zero-Day Attacks and Targeted Malware

• Controlling “Local Admins Gone Wild”

• Actionable Reporting and Security Measurement

4

New Defense-in-Depth Approach

5

Por

t / D

evic

e C

ontr

ol

Full DiskEncryption

Fire

wal

l Man

agem

ent

Ant

i-Mal

war

e

App

licat

ion

Con

trol

/ W

hite

listin

g

Physical Access

NetworkAccess

11 Low-Cost Security CapabilitiesYou Can Implement Today

1 – Leverage the Platform

7

Patch & Remediation

• Heterogeneous Platform Support

• Broadest 3rd Party Vulnerability Content

• Automated Baselines and Advanced Patch

• Deployment and Reboot Control

Application Control

• Whitelisting with Reputation Service

• Simplified Whitelist and Policy Creation

• Automated “Trust Engine” Whitelist Maintenance

• Deny Unwanted Applications

AntiVirus

• Comprehensive Malware Signature Database

• Variant and Exploit Detection

• Sandbox Analysis

• Run-time Scanning

• CPU Throttling

Device Control

• Control Removable Devices

• Enforced Encryption for Removable Storage

• Filename Tracking & Full File Shadowing Audits

Lumension® Endpoint Management and Security Suite

Discovery & Agent DeploymentRole Based Access ControlHW/SW Inventory Assessment

Enhanced Wake on LANActive Directory SynchronizationCentralized Reporting

Scalable | Modular Extensible Agent | Modular Products | Secure

2 – Improve Patch Coverage

8

Expanded Microsoft Windows content » Targeting non-Security updates to platforms

and applications

New process for generating and releasing Microsoft content» Support uninstall for Windows content

when supported by Microsoft» Support automated superseding and

aging of Microsoft Windows content

Faster release of Patch Tuesday content» Built when Windows Update receives

content, not when MBSA is updated

Optimized content delivery » Improved detection times on WinXP

and Win2003

Available MS Content

Support for more non-security patches» Eliminates the need to build as

many non-security patches via standard content

Over 1000 new non-security bulletins added to the content repository

3 – Streamline Patch Process

9

Leverage endpoint agent status to home in on priority tasks

Feature» Ability to sort endpoints by status Benefits» Allows admin to easily sort and select

machines by patch status» Easily select machines in “Dirty C” or

“Dirty R” state for rebooting» Streamlines reboot process to save

admin time / effort

Sort by Agent Status Icon

4 – Centrally Manage Power Usage

10

Step 1: Set Your Power Policy

Define and distribute power policies for your systems

“Turn OFF your PCs”

Step 2: Manage Your Endpoints

Secure / manage your systems

“Turn ON your PCs”

Step 3: Audit Your Savings

Audit and Report on your PCs and qualify for a power company rebate

“Audit Your Power Savings”

Step 4: Qualify for a Rebate

Qualify for a rebate with your local power company

“Apply for a Rebate”

5 – Enforce Windows Security Settings

11

Simple wizard-based policy creation and baseline enforcement – without requiring additional tools:

» Patch Creation» Software Installs and Uninstalls » Windows Security Policies » Power Management Policies » NEW! Windows Firewall Policies

6 – Incorporate Add’l Defenses

12

Known Malware

Unknown Malware

Unwanted, Unlicensed, Unsupported Applications

Application Vulnerabilities

Configuration Vulnerabilities

AntiVirus X X

ApplicationControl X X

Patch & Remediation X X

Security Configuration Management

X

7 – Augment Local App Knowledge

13

Workflow1. Hashes sent to EIS

2. EIS returns verification rating for known files

3. App Library displays rating in verification column

4. Dashboard widget updated

Trust Rating» Confidence level that file is what it

claims to be• High/Medium/Low• Unknown / Not Assessed

Benefits» Reduces App Library management

overhead• Use verification rating to make

authorization/grouping decisions• Additional features to further simplify the

task of App Library management» Select all across multiple pages» Drag & Drop» Authorize/Deny from Library

1 2

34

Lumension Endpoint

Integrity Service

8 – Introduce “Denied Apps” Policy

14

Eliminate unknown or unwanted applications on your endpoints

Prevent applications from executing even while endpoints are in monitor mode only

Admin Console View

User Endpoint View

9 – Maintain Flexible Security

15

Admin Console View

User Endpoint View

Effectively Balance Security and Productivity• End user flexibility

• “Third Way” between Monitor and Lockdown

10 – Protect Against Physical Infiltration

16

11 – Introduce Reporting Transparency

17

“I no longer have to wait for a report. I can get the information I need immediately.”

Lumension Customer

» Graphical

» Customizable

» Interactive

» Schedulable

» Dynamic

» Flexible

» Secure

» Instantaneous

Enhanced Reporting

12 – Encrypt HDs / Removable Storage

18

Q & A

More Information

• Free Security Scanner Tools» Application Scanner – discover all the apps

being used in your network» Vulnerability Scanner – discover all OS and

application vulnerabilities on your network » Device Scanner – discover all the devices

being used in your network

http://www.lumension.com/Resources/Security-Tools.aspx

• Lumension® Intelligent Whitelisting™» Online Demo Video:

http://www.lumension.com/Resources/Demo-Center/Endpoint-Security.aspx

» Free Trial (virtual or download):http://www.lumension.com/intelligent-whitelisting/free-trial.aspx

• Get a Quote (and more)http://www.lumension.com/intelligent-whitelisting/buy-now.aspx#7

20

For in-depth technical discussion …• kevin.garnier@lumension.com• chris.merritt@lumension.com

Global Headquarters8660 East Hartford Drive

Suite 300

Scottsdale, AZ 85255

1.888.725.7828

info@lumension.com