Lumension: Because Hope is no Strategy Andreas Müller Regional Sales Manager D/A/CH.

Lumension: Because Hope is no Strategy Andreas Mller Regional Sales Manager D/A/CH

Press Highlights Conficker hits Krnten Government! 3000 Clients down! Datatheft at German Telekom: 17.000.000 Data of Customers lost! About 1.000.000 version of new Malware in 2008! Cybercrime cost $1 Trillion in 2008 1

Endpoints are the Weakest Link 2 Skript-Kiddies changed to business man

What Sources of Endpoint Risk do Threats Target? 4 65% Mis- Configurations 30% Missing Patches 5% Zero-day Attacks Exploit Risks at the Core The CORE / Sources of Risk Source: John Pescatore Vice President, Gartner Fellow

Traditional, Reactive Security Approaches 5 Security Add-on Solutions Desktop Firewall Anti-Virus Spyware IPS Heuristics Application Blacklist EXTERNAL THREATS The CORE / Sources of Risk X X X X X X

Endpoints are the Weakest Link 6 The weakest Point in IT: The User

Proactive, Operational Approach 7 Authorize Software Use Eliminate Data Leakage Internal Threats: Enforce Application & Device Use Policies

Endpoints are the Weakest Link How has the Security Landscape Changed and What is the Impact? Increasing number of vulnerabilities for all platforms and applications Endpoints are targeted by internal and external threats Attacks from well funded adversaries target endpoints Data protection is a major challenge and cost Traditional and reactive security approaches are ineffective Evolving regulations create strict compliance and reporting standards 8

What We Deliver 9 Dynamically enforce application/device policies to prevent security threats at the endpoint Proactively discover and assess risks and threats within the IT environment for comprehensive view of risk profile Lumension delivers best-of-breed, policy-based solutions that address the entire security management lifecycle. Assess, prioritize and remediate vulnerabilities for continuous validation and compliance reporting

Lumension More Effectively Secures the Endpoint 10 Endpoint Security must address internal and external threats Platform Security VA and Remediation Application Control User Security Application Control Device Control Data Security Device Control Data-at-Rest Content Filtering Internal and External Threats Internal Threats External Threats Vulnerability Management / Patch Solution Endpoint Security Solution Data Security Solution

Effective Endpoint Security is a Continuous Process 11 Discover Assets Develop Policy Assess & Remediate Threats Enforce Policy Compliance Audit Centralized Management & Reporting

Who is responsible for this? 12 YOU!

Patchlink Scan 13

Comprehensive Reporting Out-of-the-box reports provide high-level or detailed information on vulnerabilities found Compare security posture to common industry tracking mechanisms 14

PatchLink Scan Value Quickly Discover All Network Assets and Vulnerabilities Accurate Network-based Assessments Actionable Information Delivered to Make Intelligent Policy Decisions Comprehensive Vulnerability Coverage Highly Scalable Architecture Common Criteria EAL2 Certified 15

Patchlink Update

PatchLink Update Value Stay Ahead of Threats with Automated and Accurate Enterprise-Wide Patch Management Most accurate patch applicability and assessment Deploy patches within hours of release from vendor Capabilities and context to effectively act on information - Role and Task Based Redundant vulnerability assessment Broad Support of Content via Open Architecture Leverages content directly from OS/Application vendors Broad English and international content support Security and operational patches Protect Heterogeneous Environments with One Solution All major Operating System platforms All major third party applications 17

Rapid, Accurate Network-based Scans 18 Thorough and accurate discovery of all network devices Detailed assessment checks on configurations, AV, worms, Trojans, missing patches, open ports, services and more Deep inspection of target systems

PatchLink Security Configuration Management 19

PatchLink SCM Workflow Policy Management Upload a Security Configuration Specification Customize Security Specifications Policy Assessment Apply a Security Configuration Specification Perform a Manual Assessment Policy Compliance Reporting View Group Policy Compliance Details View Device Security Configuration 20

Open, Standards-Based Approach to Policy Compliance Comprehensive Policies Security Content Automation Protocol (SCAP)Security Content Automation Protocol Hundreds of pre-defined checks Easy-to-edit XML Format New policy checklists can be added/created Based on Industry Standards OVAL, XCCDF, CVE, CME, CPE Ensure compliance with specific regulations (i.e. FDCC, PCI, etc.) Improved operational efficiencies due to security best practices 21

How Policies get into PatchLink SCM 22 XCCDF Policy Instance Mapping policies and other sets of requirements to high-level technical checks OVAL Archive Mapping technical checks to the low-level details of executing those checks SCAP Checklist Policy Government (OMB Mandate) Industry (PCI, SOX, HIPAA) US or other Regulations Corp. Specific best practices PatchLink SCM Automation (monitoring/reporting)

How Policies get into PatchLink SCM: Example 23 XCCDF Policy Instance Mapping policies and other sets of requirements to high-level technical checks OVAL Archive Mapping technical checks to the low-level details of executing those checks SCAP Checklist Policy Government (OMB Mandate) Industry (PCI, SOX, HIPAA) US or other Regulations Corp. Specific best practices NIST SP 800-53 Authentication Management Policy: Systems minimum password length is at least 8 characters XCCDF Mapping: Map specific requirement for systems minimum password length is at least 8 characters OVAL Check Mapping: Check to be performed (E.g.) on all Windows XP based computers

PatchLink SCM Value 24 Ensures that security configurations are standardized throughout the enterprise Ensures continuous policy compliance Improves operational efficiency Consolidates vulnerability and mis-configuration monitoring and reporting

PatchLink Developers Kit 25

Develop Custom Patches Create and deliver patches and updates for commercial or proprietary software Patch legacy applications and niche products Open and modify any packages available via PatchLink Update 26

PatchLink PDK How it Works 27

Lumension VMS 28

Comprehensive Vulnerability Assessment and Remediation 29 Discover, Assess and Remediate Vulnerabilities for Policy Compliance Rapid identification of unprotected endpoints Automated remediation of configuration and software vulnerabilities Advanced vulnerability, configuration and policy compliance reporting Flexible, open support for all major platforms, applications and vulnerability and configuration content Purpose-built to support compliance with regulatory policies and industry standards Vulnerability Assessment and Remediation for Configuration Issues & Patches PatchLink Developers Kit (Add-On Module) PatchLink Scan (Network Based) PatchLink Update (Agent Based) PatchLink Security Configuration Management (Add-On Module) FDCC and PCI

Sanctuary Application Control 30

Sanctuary Application Control Value Protects against both known and unknown threats Safeguards against zero-day threats and targeted attacks Controls proliferation of unwanted applications from burdening network bandwidth Maximizes benefits of new technologies and minimizes risk of network disruption Stabilizes desktop and Windows server configurations Enables adherence with software license agreements 31

Sanctuary Device Control 32

Automates discovery of peripheral devices Provides granular device control permission settings Offers flexible encryption options 33 PatchLink Developers Kit Enforcement of Peripheral Device Use Policies Delivers detailed audit capabilities Patented bi-directional Shadowing of data written to/from a device All device access attempts All administrator actions Sanctuary Application Control Sanctuary Device Control Endpoint Policy Enforcement (Agent Based)

Sanctuary Device Control Value Minimizes risk of data theft / data leakage via any removable device Granular Device Control Policies Forced Encryption File Type Filtering Detailed Audit Capabilities Blocks USB Keyloggers Prevents malware introduction via unauthorized removable media Assures compliance with privacy and confidentiality regulations and policies 34

Overall 35

Lumension Product Portfolio 36 Sanctuary Application Control Sanctuary Device Control Vulnerability Management for Configuration Issues & Patches Endpoint Policy Enforcement PatchLink Developers Kit (Add-On Module) Enterprise-Wide Compliance Reporting PatchLink Enterprise Reporting Enterprise Policy Management PatchLink Security Management Console PatchLink Scan (Network Based) PatchLink Update (Agent Based) PatchLink Security Configuration Management (Add-On Module) FDCC and PCI (Agent Based)

Who we are? 37

Who We Are 38 Leading global security management company, providing unified protection and control of all enterprise endpoints. Ranked #14 on Inc. 500 list of fast growing companies Ranked #1 for Patch and Remediation for third consecutive year Ranked #1 Application and Device Control Over 5,100 customers and 14 million nodes deployed worldwide Award-Winning, Industry Recognized and Certified

Worldwide Customer Deployments 39 Miscellaneous Charities Legal Services Manufacturing Dolphin Drilling Health Care Transportation/Utilities Media Education Bishops Stortford College Financial Government/ Military

Industry-Leading Partnerships 40

Distribution partner Baltics 41

Thank you.

Lumension: Because Hope is no Strategy Andreas Müller Regional Sales Manager D/A/CH.

Documents

Transcript of Lumension: Because Hope is no Strategy Andreas Müller Regional Sales Manager D/A/CH.