News of the Flame attack has spread faster than wildfire. While the attack effected only a small number of Endpoints, Flame signifies a new level of cyber threat that all IT security professionals need to understand in-depth.
View these presentation slides by IT Security expert, Randy Franklin Smith, as he walks you through the fascinating nuts and bolts of Flame and explains the technical details about how it worked and what lessons can be learned.
• Learn the technical details about how Flame worked
• How Flame was more than just sophisticated encryption exploits
• Take away lessons on how to defend against APTs
Take an in-depth look into the entire attack which featured more than just encryption exploits. Randy explores social engineering, removable devices and more.
15. Brought to you by
www.lumension.com
Speaker
Chris Merritt - Director of Solution Marketing
16. Defense-in-Depth
Tools You Need to
Disrupt Sophisticated
Attacks like Flame
Chris Merritt
Director of Solution Marketing
Lumension
17. Integrated Defense-in-Depth
Unify workflows and technologies to deliver enhanced
endpoint operations and security management capabilities
Endpoint Operations Intelligent Whitelisting Endpoint Security
Patch
Application Control Device Control
Management
Asset Configuration Trusted Anti-Virus /
Change Disk Encryption
Management Management Spyware
Software Power Windows Firewall
Management Management Management
Reporting
» Delivers Comprehensive Security Solution
» Provides Proactive Target Hardening
» Reduces Overall IT Cost and Burden
17
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
18. Lumension® Patch and Remediation
Comprehensive and Secure Patch Management
Endpoint Operations » Provides rapid, accurate and secure patch and
configuration management for applications and
Endpoint Operations
Lumension® Patch and Remediation
operating systems:
Lumension® Content Wizard • Comprehensive support for multiple OS types
Lumension® Configuration Mgmt.
(Windows, *nix, Apple), native applications, and
3rd party applications
Lumension® Power Management • Streamline and centralize management of
heterogeneous environments
• Visibility and control of all online or offline endpoints
• Elevate security posture and proactively reduce risk
• Save time and cost through automation
18
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
19. Lumension® Content Wizard
Cost-Effectively Streamline Endpoint Management
Endpoint Operations » Simple, wizard-based policy creation and
baseline enforcement – without add’l tools:
Endpoint Operations
Lumension® Patch and Remediation
• Patch Creation
Lumension® Content Wizard • Software Installs and Uninstalls
Lumension® Configuration Mgmt. • Windows Security Policies
• Power Management Policies
Lumension® Power Management
• NEW! Windows Firewall Policies
19
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
20. Lumension® Security Configuration Mgmt.
Prevent Configuration Drift and Ensure Policy Compliance
Endpoint Operations » Ensure that endpoint operating systems and
applications are securely configured and in
Endpoint Operations
Lumension® Patch and Remediation
compliance with industry best practices and
Lumension® Content Wizard regulatory standards:
Lumension® Configuration Mgmt. • Security Configuration Management
• Out-of-the-box Checklist Templates
Lumension® Power Management
• NIST Validated Solution
• Continuous Policy Assessment and Enforcement
• Based on Open Standards for Easy Customization
• Security Configuration and Posture Reporting
20
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
21. Lumension® Power Management
Optimize Power Savings while Maintaining Security
Endpoint Operations » Enhanced Wake-on-LAN relay architecture
ensures systems are available for maintenance
Endpoint Operations
Lumension® Patch and Remediation
despite being powered down
Lumension® Content Wizard
» Monetizes Power Management Policies:
Lumension® Configuration Mgmt.
• Integrated Power Savings Reports
Lumension® Power Management • Power Monitoring and Savings Calculator
• Uptime Reports
• Dashboard – Uptime or Savings Trends
21
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
22. Lumension® AntiVirus
Multilayered Protection Against Malware
» Based on proven technology from industry Endpoint Security
leader providing complete protection against
Lumension® AntiVirus
known and unknown malware including viruses,
Endpoint Security
worms, Trojans, spyware, adware and more Lumension® Application Control
» Includes a breadth of analysis techniques from Lumension® Device Control
traditional signature matching to behavioral Lumension® Disk Encryption
analysis to effectively protect against zero-day
and evolving threats:
• Antivirus (AV) protection (full signature matching)
• DNA Matching (partial signature matching)
• SandBox (behavioral analysis in an emulated
environment)
• Exploit Detection (find hidden/embedded malware)
» VB100 certified by VirusBulletin
22
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
23. Lumension® Application Control
Proactive Protection Against Malware and More
» Effective Endpoint Security: Block known and Endpoint Security
unknown malware without signatures, and
Lumension® AntiVirus
prevent exploitation of application / configuration
Endpoint Security
vulnerabilities Lumension® Application Control
» Control the Unwanted: Real-time view of all Lumension® Device Control
application inventory, ensuring only approved Lumension® Disk Encryption
software is allowed to run, and denying /
removing all unwanted applications
» Control the Unknown: Enforce, log and audit
all endpoint application change while controlling
end-users with Local Admin rights
» Flexible and Easy-To-Use: Unified solution
workflow via single console with flexible trusted
change management policy
23
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
24. Lumension® Device Control
Policy-Based Data Protection and Encryption
» Protect Data from Loss or Theft: Centrally Endpoint Security
enforce usage policies of all endpoint ports and
Lumension® AntiVirus
for all removable devices / media.
Endpoint Security
Lumension® Application Control
» Increase Data Security: Define forced
encryption policy for data flows onto removable Lumension® Device Control
devices / media. Flexible exception Lumension® Disk Encryption
management.
» Improve Compliance: Centrally encrypt
removable devices / media to ensure data
cannot be accessed if they are lost or stolen.
» Continuous Audit Readiness: Monitor all
device usage and data transfers. Track all
transferred files and content. Report on all
data policy compliance and violations.
24
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
25. Lumension® Disk Encryption (powered by Sophos)
Transparent Full Disk Encryption for PCs
» Secures all data on endpoint harddrives Endpoint Security
» Provides single sign-on to Windows Lumension® AntiVirus
Endpoint Security
» Enforces secure, user-friendly pre-boot Lumension® Application Control
authentication (multi-factor, multi-user options)
Lumension® Device Control
» Quickly recovers forgotten passwords and data
(local self-help, challenge / response, etc.) Lumension® Disk Encryption
» Automated deployment, management and
auditing via L.E.M.S.S. (integrated version)
25
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
26. Lumension® Endpoint Management and Security Suite
Total Endpoint Protection
Endpoint Operations Endpoint Reporting Services
Lumension® Patch and Remediation Lumension® AntiVirus
Endpoint Security
Lumension® Content Wizard Lumension® Application Control
Lumension® Configuration Mgmt. Lumension® Device Control
Lumension® Power Management Lumension® Disk Encryption
Lumension® Endpoint Management Platform
» Comprehensive suite that unifies IT operational and security functions
» Delivers a more effective defense-in-depth endpoint security solution
» Simplifies endpoint system and agent management thru single console
» Centralizes policy management and reporting
» Expands operational and security visibility
» Reduces technology complexity and integration costs
» Flexible and modularly licensed best-of-breed application modules
» Scalable and agile single-agent, single-server platform architecture
26
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
27. Next Steps
• Free Tools
» http://www.lumension.com/Resources/Premium-Security-Tools.aspx
» Application Scanner – see what applications are running on your network
» Device Scanner – see what removable devices are being used
» Vulnerability Scanner – see what your OS / application risks are
• Whitepapers
» Endpoint Management and Security Buyers Guide
• http://www.lumension.com/Resources/WhitePapers/
Endpoint-Management-and-Security-Buyers-Guide.aspx
• Free Evaluation
» http://www.lumension.com/
endpoint-management-security-suite/free-trial.aspx
27