SlideShare une entreprise Scribd logo

4 Steps to Optimal Endpoint Settings

Télécharger en tant que PPT, PDF
Sophos
Sophos

Sophos Professional services reviews how to optimally configure your Sophos Endpoint Product. This slide deck covers: • Anti-virus policy live protection • Anti-virus policy web protection • Data control policy options to track files and removable storage • Web control multi-browser inappropriate filtering and full web control

Technologie
1  sur  31
SOPHOS Sophos EP Policy Webinar 02/12/2013 Presenter: Tom Farrell Sophos Professional Services Topics:  Policies and demonstrations of Anti-Virus Live Protection.  Policies and demonstrations of Anti-Virus Web Protection.  Policies and demonstrations of Data Control.  Policies and demonstrations of Web Control.
Live protection  Sophos has two primary types of file checking technologies  OnAccess  LiveProtection
Live protection  OnAccess examines files as they are “accessed”  As they are Written  As they are Read  As they are Renamed
Live protection  OnAccess uses onboard virus detection database 4.5 million identities. “VDL”
Live protection  Live Protection, is cloud based technology.  Live Protection releases are immediate.  Using Sophos SXL DNS transport lookup.
Live protection
Live protection  Additional events can trigger Live checks  Buffer Overflows  Host intrusion protection events  Suspicious files  Suspicious behavior  Malicious file events
Live protection  Live protection demonstrations
Detection events & Cleanup Best practice Not recommended
Web protection  Web Protection  There are two features to Web Protection.  Block access to malicious websites.  Download scanning
Web protection  Block access to malicious websites  Uses WinSock 2 API layered service provider (LSP)  LSP is a DLL that is inserted into the TCP/IP stack, once registered it can examine network traffic. With Sophos this is browser traffic for reputation and content.
Web protection  Download scanning  Performs scans of temporary internet files.  Can rely on On-Access configuration or can operate independent of On-Access settings.
Web protection  Web Protection transport similar to Live protection.  Very fast checksum based queries.  Transport using DNS/SXL.  SXL response defines content type:  Malicious  Adult / Sexual  Crime / Violence, etc...
Web protection  Web Protection demo
Data Leakage Prevention  Tracks moving data.  Data source can be local HD and network volumes.  Rules can be content expression based and or file matching.  Destinations include:  Removable storage  Browsers  Instant messenger  Email clients
Data Leakage Prevention  Managing DLP events  Actions that can be applied  Allow and log  Block and log  Allow on user acceptance and log  All events are centrally reported and reports can be built using the Enterprise Console “EventViewer”
Data Leakage Prevention  DLP use cases  Good people doing dumb things.  Bad people doing bad things.  The enemy within.
DLP demonstration
Web control • There are two types:  Inappropriate  Full web control
Web control  Both use Winsock 2 LSP  Uses WinSock 2 API layered service provider (LSP)  LSP is a DLL that is inserted into the TCP/IP stack, once registered it can examine browser based network traffic for reputation and content.
Web control  Inappropriate filtering uses built in 14 categories of controls.  Control can be of Allow, Block or Warn.
Inappropriate Web control
Web control  Web Control client events can be accessed through the Enterprise Console event viewer.
Web control  Full Web Control requires Sophos Web Appliance physical or virtual.
Full Web Control
Sophos Web Appliance
Web control  Key benefits of full web control  Greater control than just the built in 14 categories  Centrally store and report on users ENTIRE internet history, not just the violations.  Web control policies extend out of the office without any special network configurations using “live connect”
Web Control Demo
Getting started & getting help  Documentation and resources  http://www.sophos.com/en-us/support/documentation/enterprise-console.aspx  http://www.sophos.com/en-us/support/professional-services.aspx  Contacting support  http://www.sophos.com/en-us/support/contact-support.aspx  support@sophos.com  1-888-767-4679
Sophos Professional Services • Sophos PS is the global team that… • Enables ‘best practice’ adoption of Sophos solutions • Optimizes your security posture to your needs • Our experience.. • Over 3500 engagements every year • Hundreds of thousands of endpoints every year • Engagements with a few endpoints to 50k+ endpoints • Tom Farrell • Most senior PS engineer in North America Who are we, who am I
31 US and Canada 1-866-866-2802 NASales@sophos.com UK and Worldwide + 44 1235 55 9933 Sales@sophos.com nakedsecurity.sophos.com Staying ahead of the curve Staying ahead of the curve facebook.com/securitybysophos twitter.com/Sophos_News Sophos on Google+ linkedin.com/company/sophos

Recommandé

2013 Security Threat Report Presentation
2013 Security Threat Report Presentation2013 Security Threat Report Presentation
2013 Security Threat Report Presentation
Sophos
 
UTM - The Complete Security Box
UTM - The Complete Security BoxUTM - The Complete Security Box
UTM - The Complete Security Box
Sophos
 
Preparing Your School for BYOD with Sophos UTM Wireless Protection
Preparing Your School for BYOD with Sophos UTM Wireless ProtectionPreparing Your School for BYOD with Sophos UTM Wireless Protection
Preparing Your School for BYOD with Sophos UTM Wireless Protection
Sophos
 
Get the Most From Your Firewall
Get the Most From Your FirewallGet the Most From Your Firewall
Get the Most From Your Firewall
Sophos
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made Simple
David Fuchs
 
Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014
Sophos Benelux
 
XG Firewall
XG FirewallXG Firewall
XG Firewall
DeServ - Tecnologia e Servços
 
Sophos Utm Presentation 2016
Sophos Utm Presentation 2016Sophos Utm Presentation 2016
Sophos Utm Presentation 2016
InformatikaFortuno
 

Recommandé

2013 Security Threat Report Presentation
2013 Security Threat Report Presentation2013 Security Threat Report Presentation
2013 Security Threat Report Presentation
Sophos
 
UTM - The Complete Security Box
UTM - The Complete Security BoxUTM - The Complete Security Box
UTM - The Complete Security Box
Sophos
 
Preparing Your School for BYOD with Sophos UTM Wireless Protection
Preparing Your School for BYOD with Sophos UTM Wireless ProtectionPreparing Your School for BYOD with Sophos UTM Wireless Protection
Preparing Your School for BYOD with Sophos UTM Wireless Protection
Sophos
 
Get the Most From Your Firewall
Get the Most From Your FirewallGet the Most From Your Firewall
Get the Most From Your Firewall
Sophos
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made Simple
David Fuchs
 
Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014
Sophos Benelux
 
XG Firewall
XG FirewallXG Firewall
XG Firewall
DeServ - Tecnologia e Servços
 
Sophos Utm Presentation 2016
Sophos Utm Presentation 2016Sophos Utm Presentation 2016
Sophos Utm Presentation 2016
InformatikaFortuno
 
Sophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser ProtectionSophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser Protection
Giovanni Giovannelli
 
Is Your Network Ready for BYOD?
Is Your Network Ready for BYOD?Is Your Network Ready for BYOD?
Is Your Network Ready for BYOD?
Sophos
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
Sophos Benelux
 
What's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized SecurityWhat's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized Security
Sophos Benelux
 
Sophos Wireless Protection Overview
Sophos Wireless Protection OverviewSophos Wireless Protection Overview
Sophos Wireless Protection Overview
Sophos
 
Sophos EndUser Protection
Sophos EndUser ProtectionSophos EndUser Protection
Sophos EndUser Protection
Sophos
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT security
Sophos Benelux
 
8 Threats Your Anti-Virus Won't Stop
8 Threats Your Anti-Virus Won't Stop8 Threats Your Anti-Virus Won't Stop
8 Threats Your Anti-Virus Won't Stop
Sophos
 
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security Evasion
Invincea, Inc.
 
Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012
dvanwyk30
 
Sophos Cloud - breaking the stereotypes
Sophos Cloud - breaking the stereotypesSophos Cloud - breaking the stereotypes
Sophos Cloud - breaking the stereotypes
Sophos Benelux
 
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Benelux
 
Exposing the Money Behind Malware
Exposing the Money Behind MalwareExposing the Money Behind Malware
Exposing the Money Behind Malware
Sophos
 
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...
SWITCHPOINT NV/SA
 
Complete Security
Complete SecurityComplete Security
Complete Security
Sophos
 
Sandboxing
SandboxingSandboxing
Sandboxing
Lan & Wan Solutions
 
This is Next-Gen IT Security - Introducing Intercept X
This is Next-Gen IT Security - Introducing Intercept XThis is Next-Gen IT Security - Introducing Intercept X
This is Next-Gen IT Security - Introducing Intercept X
Sophos Benelux
 
Sandboxing
SandboxingSandboxing
Sandboxing
Lan & Wan Solutions
 
Sophos Security Day Belgium - The Hidden Gems of Sophos
Sophos Security Day Belgium - The Hidden Gems of SophosSophos Security Day Belgium - The Hidden Gems of Sophos
Sophos Security Day Belgium - The Hidden Gems of Sophos
Sophos Benelux
 
Why Choose the Nalpeiron Licensing Service vs. Building Your Own
Why Choose the Nalpeiron Licensing Service vs. Building Your OwnWhy Choose the Nalpeiron Licensing Service vs. Building Your Own
Why Choose the Nalpeiron Licensing Service vs. Building Your Own
Jon Gillespie-Brown
 
Sophos Endpoint - GVTech
Sophos Endpoint - GVTechSophos Endpoint - GVTech
Sophos Endpoint - GVTech
DeServ - Tecnologia e Servços
 
The Design of iOS-Trello
The Design of iOS-TrelloThe Design of iOS-Trello
The Design of iOS-Trello
VinceMansel
 

Contenu connexe

Tendances

Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012
dvanwyk30
 

Tendances (19)

Sophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser ProtectionSophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser Protection
 
Is Your Network Ready for BYOD?
Is Your Network Ready for BYOD?Is Your Network Ready for BYOD?
Is Your Network Ready for BYOD?
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
 
What's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized SecurityWhat's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized Security
 
Sophos Wireless Protection Overview
Sophos Wireless Protection OverviewSophos Wireless Protection Overview
Sophos Wireless Protection Overview
 
Sophos EndUser Protection
Sophos EndUser ProtectionSophos EndUser Protection
Sophos EndUser Protection
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT security
 
8 Threats Your Anti-Virus Won't Stop
8 Threats Your Anti-Virus Won't Stop8 Threats Your Anti-Virus Won't Stop
8 Threats Your Anti-Virus Won't Stop
 
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security Evasion
 
Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012
 
Sophos Cloud - breaking the stereotypes
Sophos Cloud - breaking the stereotypesSophos Cloud - breaking the stereotypes
Sophos Cloud - breaking the stereotypes
 
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
 
Exposing the Money Behind Malware
Exposing the Money Behind MalwareExposing the Money Behind Malware
Exposing the Money Behind Malware
 
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...
 
Complete Security
Complete SecurityComplete Security
Complete Security
 
Sandboxing
SandboxingSandboxing
Sandboxing
 
This is Next-Gen IT Security - Introducing Intercept X
This is Next-Gen IT Security - Introducing Intercept XThis is Next-Gen IT Security - Introducing Intercept X
This is Next-Gen IT Security - Introducing Intercept X
 
Sandboxing
SandboxingSandboxing
Sandboxing
 
Sophos Security Day Belgium - The Hidden Gems of Sophos
Sophos Security Day Belgium - The Hidden Gems of SophosSophos Security Day Belgium - The Hidden Gems of Sophos
Sophos Security Day Belgium - The Hidden Gems of Sophos
 

En vedette

AppDirect Company Overview
AppDirect Company OverviewAppDirect Company Overview
AppDirect Company Overview
Tom Rice
 
Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint Protection
Sophos
 
Customer Centric View of Best Practices in Software Monetization
Customer Centric View of Best Practices in Software MonetizationCustomer Centric View of Best Practices in Software Monetization
Customer Centric View of Best Practices in Software Monetization
team-WIBU
 
Scaling Your Software Sales: A Guide to the AppDirect Monetization Suite
Scaling Your Software Sales: A Guide to the AppDirect Monetization SuiteScaling Your Software Sales: A Guide to the AppDirect Monetization Suite
Scaling Your Software Sales: A Guide to the AppDirect Monetization Suite
AppDirect
 
Rethink Your Software Licensing Monetization Strategy
Rethink Your Software Licensing Monetization StrategyRethink Your Software Licensing Monetization Strategy
Rethink Your Software Licensing Monetization Strategy
Flexera
 

En vedette (18)

Why Choose the Nalpeiron Licensing Service vs. Building Your Own
Why Choose the Nalpeiron Licensing Service vs. Building Your OwnWhy Choose the Nalpeiron Licensing Service vs. Building Your Own
Why Choose the Nalpeiron Licensing Service vs. Building Your Own
 
Sophos Endpoint - GVTech
Sophos Endpoint - GVTechSophos Endpoint - GVTech
Sophos Endpoint - GVTech
 
The Design of iOS-Trello
The Design of iOS-TrelloThe Design of iOS-Trello
The Design of iOS-Trello
 
Software Monetization for the Software Business
Software Monetization for the Software Business Software Monetization for the Software Business
Software Monetization for the Software Business
 
How to Monetize and Distribute Software with Somoto
How to Monetize and Distribute Software with SomotoHow to Monetize and Distribute Software with Somoto
How to Monetize and Distribute Software with Somoto
 
AppDirect Company Overview
AppDirect Company OverviewAppDirect Company Overview
AppDirect Company Overview
 
Startup Monetization in the Trenches
Startup Monetization in the TrenchesStartup Monetization in the Trenches
Startup Monetization in the Trenches
 
Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint Protection
 
Steps For Software Monetization
Steps For Software MonetizationSteps For Software Monetization
Steps For Software Monetization
 
Customer Centric View of Best Practices in Software Monetization
Customer Centric View of Best Practices in Software MonetizationCustomer Centric View of Best Practices in Software Monetization
Customer Centric View of Best Practices in Software Monetization
 
The Science and Art of Pricing
The Science and Art of PricingThe Science and Art of Pricing
The Science and Art of Pricing
 
Scaling Your Software Sales: A Guide to the AppDirect Monetization Suite
Scaling Your Software Sales: A Guide to the AppDirect Monetization SuiteScaling Your Software Sales: A Guide to the AppDirect Monetization Suite
Scaling Your Software Sales: A Guide to the AppDirect Monetization Suite
 
Software Monetization KickStart
Software Monetization KickStartSoftware Monetization KickStart
Software Monetization KickStart
 
Rethink Your Software Licensing Monetization Strategy
Rethink Your Software Licensing Monetization StrategyRethink Your Software Licensing Monetization Strategy
Rethink Your Software Licensing Monetization Strategy
 
Patterns for Monetizing the IoT
Patterns for Monetizing the IoTPatterns for Monetizing the IoT
Patterns for Monetizing the IoT
 
Customer Acquisition & Monetization - Keys to your Business Model
Customer Acquisition & Monetization - Keys to your Business ModelCustomer Acquisition & Monetization - Keys to your Business Model
Customer Acquisition & Monetization - Keys to your Business Model
 
The SaaS business model
The SaaS business modelThe SaaS business model
The SaaS business model
 
State of the Word 2011
State of the Word 2011State of the Word 2011
State of the Word 2011
 

Similaire à 4 Steps to Optimal Endpoint Settings

Web sever environmentA Web server is a program that uses HTTP (Hy.pdf
Web sever environmentA Web server is a program that uses HTTP (Hy.pdfWeb sever environmentA Web server is a program that uses HTTP (Hy.pdf
Web sever environmentA Web server is a program that uses HTTP (Hy.pdf
aquacareser
 

Similaire à 4 Steps to Optimal Endpoint Settings (20)

SELJE - VFP and IT Security.pptx
SELJE - VFP and IT Security.pptxSELJE - VFP and IT Security.pptx
SELJE - VFP and IT Security.pptx
 
Web sever environmentA Web server is a program that uses HTTP (Hy.pdf
Web sever environmentA Web server is a program that uses HTTP (Hy.pdfWeb sever environmentA Web server is a program that uses HTTP (Hy.pdf
Web sever environmentA Web server is a program that uses HTTP (Hy.pdf
 
OWASP Portland - OWASP Top 10 For JavaScript Developers
OWASP Portland - OWASP Top 10 For JavaScript DevelopersOWASP Portland - OWASP Top 10 For JavaScript Developers
OWASP Portland - OWASP Top 10 For JavaScript Developers
 
OWASP Top 10 2017 - New Vulnerabilities
OWASP Top 10 2017 - New VulnerabilitiesOWASP Top 10 2017 - New Vulnerabilities
OWASP Top 10 2017 - New Vulnerabilities
 
2009: Securing Applications With Web Application Firewalls and Vulnerability ...
2009: Securing Applications With Web Application Firewalls and Vulnerability ...2009: Securing Applications With Web Application Firewalls and Vulnerability ...
2009: Securing Applications With Web Application Firewalls and Vulnerability ...
 
Network Diagram of a company ABCD Roshan basnet it 29
Network Diagram of a company ABCD Roshan basnet it 29Network Diagram of a company ABCD Roshan basnet it 29
Network Diagram of a company ABCD Roshan basnet it 29
 
Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007
 
Mobile Enterprise Application Platform
Mobile Enterprise Application PlatformMobile Enterprise Application Platform
Mobile Enterprise Application Platform
 
Dark Alleys/Internet Security
Dark Alleys/Internet SecurityDark Alleys/Internet Security
Dark Alleys/Internet Security
 
Cisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherCisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better Together
 
Web Application Security 101
Web Application Security 101Web Application Security 101
Web Application Security 101
 
Owasp top 10 2017
Owasp top 10 2017Owasp top 10 2017
Owasp top 10 2017
 
User Expert forum Wildfire configuration
User Expert forum Wildfire configurationUser Expert forum Wildfire configuration
User Expert forum Wildfire configuration
 
CursoFirewallWG_2022.pdf
CursoFirewallWG_2022.pdfCursoFirewallWG_2022.pdf
CursoFirewallWG_2022.pdf
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?
 
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content Protection
 
OSB120 Beat Ransomware
OSB120 Beat RansomwareOSB120 Beat Ransomware
OSB120 Beat Ransomware
 
FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise WorkshopFBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise Workshop
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
 

Plus de Sophos

When Malware Goes Mobile
When Malware Goes MobileWhen Malware Goes Mobile
When Malware Goes Mobile
Sophos
 

Plus de Sophos (7)

Your Money or Your File! Highway Robbery with Blackhole and Ransomware
Your Money or Your File! Highway Robbery with Blackhole and RansomwareYour Money or Your File! Highway Robbery with Blackhole and Ransomware
Your Money or Your File! Highway Robbery with Blackhole and Ransomware
 
2013 Security Threat Report
2013 Security Threat Report2013 Security Threat Report
2013 Security Threat Report
 
When Malware Goes Mobile
When Malware Goes MobileWhen Malware Goes Mobile
When Malware Goes Mobile
 
BYOD - Protecting Your School
BYOD - Protecting Your SchoolBYOD - Protecting Your School
BYOD - Protecting Your School
 
Sophos Mobile Control - Product Overview
Sophos Mobile Control - Product OverviewSophos Mobile Control - Product Overview
Sophos Mobile Control - Product Overview
 
IT Security DOs und DON’Ts (Italian)
IT Security DOs und DON’Ts (Italian)IT Security DOs und DON’Ts (Italian)
IT Security DOs und DON’Ts (Italian)
 
IT Security DOs and DON'Ts
IT Security DOs and DON'Ts IT Security DOs and DON'Ts
IT Security DOs and DON'Ts
 

Dernier

Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 

Dernier (20)

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 

4 Steps to Optimal Endpoint Settings

  • 1. SOPHOS Sophos EP Policy Webinar 02/12/2013 Presenter: Tom Farrell Sophos Professional Services Topics:  Policies and demonstrations of Anti-Virus Live Protection.  Policies and demonstrations of Anti-Virus Web Protection.  Policies and demonstrations of Data Control.  Policies and demonstrations of Web Control.
  • 2. Live protection  Sophos has two primary types of file checking technologies  OnAccess  LiveProtection
  • 3. Live protection  OnAccess examines files as they are “accessed”  As they are Written  As they are Read  As they are Renamed
  • 4. Live protection  OnAccess uses onboard virus detection database 4.5 million identities. “VDL”
  • 5. Live protection  Live Protection, is cloud based technology.  Live Protection releases are immediate.  Using Sophos SXL DNS transport lookup.
  • 7. Live protection  Additional events can trigger Live checks  Buffer Overflows  Host intrusion protection events  Suspicious files  Suspicious behavior  Malicious file events
  • 8. Live protection  Live protection demonstrations
  • 9. Detection events & Cleanup Best practice Not recommended
  • 10. Web protection  Web Protection  There are two features to Web Protection.  Block access to malicious websites.  Download scanning
  • 11. Web protection  Block access to malicious websites  Uses WinSock 2 API layered service provider (LSP)  LSP is a DLL that is inserted into the TCP/IP stack, once registered it can examine network traffic. With Sophos this is browser traffic for reputation and content.
  • 12. Web protection  Download scanning  Performs scans of temporary internet files.  Can rely on On-Access configuration or can operate independent of On-Access settings.
  • 13. Web protection  Web Protection transport similar to Live protection.  Very fast checksum based queries.  Transport using DNS/SXL.  SXL response defines content type:  Malicious  Adult / Sexual  Crime / Violence, etc...
  • 14. Web protection  Web Protection demo
  • 15. Data Leakage Prevention  Tracks moving data.  Data source can be local HD and network volumes.  Rules can be content expression based and or file matching.  Destinations include:  Removable storage  Browsers  Instant messenger  Email clients
  • 16. Data Leakage Prevention  Managing DLP events  Actions that can be applied  Allow and log  Block and log  Allow on user acceptance and log  All events are centrally reported and reports can be built using the Enterprise Console “EventViewer”
  • 17. Data Leakage Prevention  DLP use cases  Good people doing dumb things.  Bad people doing bad things.  The enemy within.
  • 19. Web control • There are two types:  Inappropriate  Full web control
  • 20. Web control  Both use Winsock 2 LSP  Uses WinSock 2 API layered service provider (LSP)  LSP is a DLL that is inserted into the TCP/IP stack, once registered it can examine browser based network traffic for reputation and content.
  • 21. Web control  Inappropriate filtering uses built in 14 categories of controls.  Control can be of Allow, Block or Warn.
  • 23. Web control  Web Control client events can be accessed through the Enterprise Console event viewer.
  • 24. Web control  Full Web Control requires Sophos Web Appliance physical or virtual.
  • 27. Web control  Key benefits of full web control  Greater control than just the built in 14 categories  Centrally store and report on users ENTIRE internet history, not just the violations.  Web control policies extend out of the office without any special network configurations using “live connect”
  • 29. Getting started & getting help  Documentation and resources  http://www.sophos.com/en-us/support/documentation/enterprise-console.aspx  http://www.sophos.com/en-us/support/professional-services.aspx  Contacting support  http://www.sophos.com/en-us/support/contact-support.aspx  support@sophos.com  1-888-767-4679
  • 30. Sophos Professional Services • Sophos PS is the global team that… • Enables ‘best practice’ adoption of Sophos solutions • Optimizes your security posture to your needs • Our experience.. • Over 3500 engagements every year • Hundreds of thousands of endpoints every year • Engagements with a few endpoints to 50k+ endpoints • Tom Farrell • Most senior PS engineer in North America Who are we, who am I
  • 31. 31 US and Canada 1-866-866-2802 NASales@sophos.com UK and Worldwide + 44 1235 55 9933 Sales@sophos.com nakedsecurity.sophos.com Staying ahead of the curve Staying ahead of the curve facebook.com/securitybysophos twitter.com/Sophos_News Sophos on Google+ linkedin.com/company/sophos

Notes de l'éditeur

  1. Notes Master heading here Enter Date here Enter Footer text here