ESM6.0售前.ppt

2003SymantecCorporation AllRightsReserved GlobalLearningandCertification EnterpriseSecurityManager 6 0 售前 2 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 网络安全事件和漏洞趋势 3 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 商业影响 每年的损失高达 202million只有30 的事件得以付诸法律因私有信息被窃取引起的损失达 70M 2 7Mistheaveragereportedloss多达82 的病毒事件和80 的内部用户非法访问仍旧是发生最频繁的问题互联网依然是攻击发生最频繁的环节 占所有攻击事件的78 Source 2003CSI FBIComputerCrime SecuritySurvey 4 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 主要的安全驱动 主动防御混合式威胁 做到PROACTIVE日益增加的调整压力开发的互联的机构带来更多的漏洞和攻击攻击发生时灾难事件会影响到公司财政和品牌形象事故的危害越来越大 5 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 谁将面临风险 业务面向互联网的公司和组织 B2B B2C 保密需求很高的公司和机构 healthcare 品牌和公众信誉良好的公司 utilities consumerproducts IT环境及其复杂的大规模公司 apossiblemerger 6 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 谁需要ESM6 0 ESM5 5不是最好的 ESM6 0才是最好的 现有的ESM用户 包括准备好更新维护或者已经超出维护期限的现有的准备购买更多License的ESM用户新的要采购策略一致性解决方案的用户FocusingonavulnerabilityparadigmratherthanathreatparadigmOrganizationswhoarerequiredtocomplytogovernmentregulations 7 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 那些行业更需要ESM FinanceandbankingCommunicationsHighTechGovernment especiallythemilitary ApplicationServiceProvidersInternetServiceProvidersHealthcare 8 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification CxO们关心 确保有效的安全管理ITassetsareeffectivelycontributingtobusinessgoalsIFtheyareusedaccordingtopolicyCompliancewithmountingindustryandgovernmentregulations实现管理层和董事会的期望MaintainongoingriskmanagementEffectivelymanagesecurityinvestments 9 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 安全问题出自哪里 10 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 风险何在 11 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 如何减轻风险 安全策略Informationsecurityisabusinessissue notjustatechnologyissueThreatsexistbothinsideandoutsidethecorporateinfrastructureGoalofasecuritypolicyDefineprocedures guidelines andpracticesforconfiguringandmanagingsecurityEnforceasecuritypolicyMinimizeriskShowduediligencetotheircustomersandshareholders 12 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 实施安全策略的好处 GUIDESusersintoknowingwhatisallowedandHEIGHTENSsecurityawarenessofcompanypersonnelGUIDESadministratorsandmanagersaboutmakingdecisionsProvidesaSTANDARDbaselineofsecuritymodulesandchecksHelpsorganizationsdemonstratetheirCOMMITMENTtoprotectingtheirvitalinformationassets 13 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 策略一致性管理 14 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 评估策略的实现 安全策略 Detailedinspectionofsettingsandconfigurationagainstpolicybaseline 详尽的一致性报告 TechnicalControlsandStandards Servers ApplicationPlatforms 15 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 策略一致性管理和风险评估比较 16 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification VulnerabilityAssessment 赛门铁克安全管理系统 EnterpriseSecurityManager IncidentManager 17 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 客户需要什么 他们需要 提高企业的安全报警和风险评估的能力ESM6 0automaticallyassessescriticalbusinessdeliverysystemsforviolationofpolicyANDdiscoveryofmissingpatches事件的集成的关联分析SymantecIncidentManagerHolisticriskmitigationESMreportedviolationsarecorrelatedwithothersecuritypointproducteventstocreaterelevantsecurityincidentswhichareprioritizedinIMThisguidestheenterprisetoaddressthemostimportantissueswithwhatmaybelimitedresources 18 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 客户需求 他们还需要 集成基于行业标准和规范的评估DatabaseAssessmentKeyCapabilitiesWebServerAssessmentKeyCapabilitiesHIPPAAssessmentKeyCapabilitiesBS7799 ISO7799AssessmentKeyCapabilities可信度ALLbackedbySymantecSecurityResearchESMstayscurrentwithregularandtimelyupdatesManageemergingthreatsbyidentifyingthemandfixingthembeforetheycostyourcompanymoneyandreputation 19 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification ESM保护企业投资 ROI PositioningDriversSavethecompanymoneyHaslowTotalCostofOwnershipHasdemonstrableReturnonInvestment BehindthewheelofESMProactivestanceonsecuritybypreparingforpotentialtrouble rapiddeploymentandlessonsdowntimeLiveUpdateautomatesretrievalanddeploymentofsecurityupdates freesupexpensivesecuritystaffformissioncriticalprojectsReducetimeneededtocertifymissioncriticalsystems 20 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 易于使用 PositioningDriversEasytoUseEasytoDeployInteroperableIntegrated BehindthewheelofESMCentralizedmanagementconsoleforauditcontrols OnebuttonLiveUpdate Pre definedsecurityauditcontrolsUtilizingexistingsoftwaredeploymentExportESMsecuritydatatootherapplications heterogeneoussupportIntegrationwithIncidentManager PolicyCompliance vulnerabilityAssessmentdataandsecurityintelligencedata 21 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 高可信度 PositioningDriversFromafinanciallystablevendorFromadependablevendorIsendorsedbyrespectedcompany BehindthewheelofESMSymantecistheLEADERinInformationSecurity2years 28consecutiveprofitablequartersSymantecSecurityResponse LiveUpdateOver2milliondeployedagentsandthousandsofcustomers 22 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 强有力的安全控制 PositioningDriversIntegratesOSandApplicationlevelauditingEffectivelyprioritizesnon compliantsystemsCustomizable BehindthewheelofESMAutomatedsecurityauditsofoperatingsystemsandapplicationsfromasinglesolutionPrioritizesseverityofnon compliantsystemsenablingstafftofocusonbiggestthreatsfirstFlexibleadministrationandreporting createcustomauditorpre definedcontrols 23 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 强有力的安全控制 cont d PositioningDriversPreventsBreachesEnablesComplianceScalable BehindthewheelofESMEffectivelyfiltersfalsepositives effectivepasswordmanagementPre definedauditcontrolsforgovernmentregulationsandindustrystandards reporting prioritizeswithrecommendationsScalable three tier architecturewithfullencryptioncapabilities 24 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 新增特性 对现有的ESM客户的支持 新增平台支持NowsupportsMicrosoft2003forIntelandIBMiSeriesNativesupportforOracleandIBMDB2NativesupportforMicrosoftInternetInformationServer SunMicrosystemSunOne andApacheWebServer预制安全策略PolicycompliancemodulestoholisticallymanageandmeasurecomplianceFormarketleadingwebserversanddatabaseapplicationsFormarketleadingfirewallsForpopularindustrystandards与SESA集成 25 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 主要竞争对手 MainCompetitorsBindview Bv ControlforWindows7 1 7 5andforUNIXv2 2ISSRealSecure SystemScanner4 2NetIQ Pentasafe VigilEnt3 0 26 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 竞争优势vsBindView TOPREASONSTOBUYESMOVERbv CONTROLBestofBreedEnterpriseLevelOSPlatformSupportESMbv ControlMarketleaderinscalabilityandperformanceBindviewhandles10 sofcomputers QueryEngine Symantechandles1000 spermanagerFrequentupdateswithLiveUpdateCorporateDependabilityBindviewissufferingfinancially 27 2003SymantecCorporation AllRightsReserved GlobalLearningandCertification 竞争优势vsISS BestofBreed thecompetitionismeasuredagainstESM s1 700securitychecksandsophisticatedmanagementtechniquesPlatformSupport supportsmoreplatformsandmorelegacyversionsScalabili