Sophos Live Protection. Agenda 1.Before and After Scenarios 2.Minimum Required Capabilities 3.How we do it 4.How we do it better.
Post on 02-Jan-2016
220 Views
Preview:
Transcript
Sophos Live Protection
Agenda
1. Before and After Scenarios
2. Minimum Required Capabilities
3. How we do it
4. How we do it better
Prevent malware infectionBefore:Still getting infected
After/Positive Outcome:Productivity/efficiency gains
• Current AV solution either doesn’t provide effective proactive protection of new and unknown malware threats or is slow to update protection
• Not cleaning up malware incidents so IT delivers strategic projects on time and on budge and maximize return on existing and future IT investments
• Infection occurs when mobile or remote users visit websites that have been compromised (not protected by gateway protection)
• End-users have the tools they need to be productive without compromising security
• Improved IT productivity – focus on value-added business initiatives
• Multiple vendors/components required to provide a comprehensive solution
• Greater system performance and uptime and better employee productivity
• Security vendor acts as a partner – solving issues and applying best practices
Minimum Required Capabilities
4
Metrics• % of new threats stopped without requiring update• # of URLs scanned by vendor• Time taken to install/manage• Cost of licensing/deploying protection
AV Scanning
Intrusion Prevention
Real-time Protection
Sophos Threat Protection Intelligent protection that detects and stops zero-day threats
Anti-Virus Scanning
Anti-Virus Identities (IDE)
Behavioral Genotype Protection
Web Browser Protection
Intrusion Prevention
Runtime Behavior Detection
Sophos Client Firewall
Buffer Overflow Protection
Live Protection
Live Anti-Virus
Live URL Filtering
Live Anti-Spam
Prevent malware infection: How we do it
In-the-cloud protection against the latest threats
Sophos Live Anti-Virus
Web protection for fixed and mobile endpoints
Sophos Live URL Filtering
Single vendor, console and integrated agent
SophosESDP
Before:Still getting infected
• Current AV solution either doesn’t provide effective proactive protection of new and unknown malware threats or is slow to update protection
• Infection occurs when mobile or remote users visit websites that have been compromised (not protected by gateway protection)
• Multiple vendors/components required to provide a comprehensive solution
Sophos Live Anti-virusNew – In-the-cloud protection against the latest threats
Checks suspicious files with SophosLabs
Reputation database of good and bad data
Reduces reliance on updating
Live in-the-cloud
lookups
Live in-the-cloud
lookups
?
10
Sophos Live URL FilteringNew – Web protection for fixed and mobile endpoints
Live in-the-cloud
lookups
Live in-the-cloud
lookups
Built into the endpoint agent
Preventing access to malicious URLs
Protects users in the office, at home or on public WiFi
http://www.risky-site.com
How we do it better – competitive comparison
Sophos Symantec McAfee Trend KasperskyLive Anti-Virus half Live URL Filtering HIPS half half half
Clear advantages:
SophosLabs expertise does the heavy lifting and delivers pre-packaged intelligence (Eliminates complex configuration)
Comprehensive combination of threat protection technologies
Threat protection agent also delivers prevention technologies and DLP
Single vendor, console and integrated agent
Summary
Sophos Live Protection’s in-the-cloud technologydelivers fast, effective detection of zero-day and web based
threats without the need for an update
Live Anti-Virus Live URL Filtering
Stops previously unseen threats faster
Protection for mobile/remote endpoints
Appendix
In-the-cloud...
What is this cloud?
Put simply, the cloud is the internet
Vendors provide software and services via the internet
What is Sophos doing?
Providing direct connections to the constantly updated reputation databases in SophosLabs
How do customers benefit?
Protected against the very latest threats
Make the most of the expertise in SophosLabs
Sophos Live Protection
in-the-cloud technologydelivering fast, effective
detection of zero-day and web based threats without
the need for an update
top related