securing your endpoints using novell zenworks endpoint security management
DESCRIPTION
Endpoint security is one of the greatest concerns on the minds of senior management today. Protecting your data and controlling how systems access resources is of the utmost importance. You must take actions to protect your infrastructure while ensuring your employees can continue to perform their jobs effectively and efficiently. Come to this session to learn how you can leverage the power of Novell ZENworks Endpoint Security Management across your enterprise to achieve this delicate balance—so you and the rest of your organization can sleep at night.TRANSCRIPT
Securing Your Endpoints Using Novell® ZENworks®
Endpoint Security Management
Pete GreenTechnical Specialist - ZENworksNovell, Inc./[email protected]
Scott GuscarTechnology Sales SpecialistNovell, Inc./[email protected]
© Novell, Inc. All rights reserved.2
Agenda
• Economic Effects on Security• Compliance• High Profile Breaches• DLP/ILP• “Yes. Endpoints are Outsiders.”• ZENworks® Endpoint Security Features• Demonstration• Questions and Answers
Economic Effects on IT Security2010
© Novell, Inc. All rights reserved.4
Economic Effects on IT Security 2010
© Novell, Inc. All rights reserved.5
Economic Effects on IT Security 2010(cont.)
Change
Upturn Downturn Upturn
Time
ThreatsInformation Security Budgets
Compliance2010
© Novell, Inc. All rights reserved.7
Compliance 2010
• PCI Focus• SAS-70• ISO 27002
– Instead of focusing on detail of PCI-DSS, adopt ISO 27002 for holistic security
• Legal picture of PCI is very bleak and very real
• Who is minding the legal risk?
• Negligence is no excuse
T.J. Hooper as precedent“Radio is new technology. We can’t be expected to have radio on our cargo ships!”There are precautions so imperative that even their universal disregard will not excuse their omission.The T.J.Hooper 60 F.2d 737 (2nd cir), cert. denied, 287 U.S. 662 (1932).
High Profile Breaches
© Novell, Inc. All rights reserved.9
High Profile Breaches
Source: Privacy Rights Clearinghouse
DLP/ILP
© Novell, Inc. All rights reserved.11
DLP 2010
• Data Leakage Prevention
• Data Loss Prevention
• Data Loss Protection
• Information Leak Prevention
• Information Loss Prevention
• Information Loss Protection
DLP Calculator - http://www.tech-404.com/calculator.html
© Novell, Inc. All rights reserved.12
DLP 2010(cont.)
Endpoint Network/E-mail Appps/DB FS/CMS Storage
Endpoint Network/E-mail Appps/DB FS/CMS Storage
InternalEmployee
RemoteEmployee
Partners
LAN
WAN
VPN
EnterpriseApplications
BusinessAnalytics
OutsourcedDev.
File Server
Replica
Staging
File Server
Collaboration andContent Mgmt.Systems
Disk Arrays
ProductionDatabase
Disk Arrays
Disk Arrays
Backup Tape
Backup Systems
Backup Disk
© Novell, Inc. All rights reserved.13
DLP 2010(cont.)
Endpoint Network/E-mail Appps/DB FS/CMS Storage
Endpoint Network/E-mail Appps/DB FS/CMS Storage
InternalEmployee
RemoteEmployee
Partners
LAN
WAN
VPN
EnterpriseApplications
BusinessAnalytics
OutsourcedDev.
File Server
Replica
Staging
File Server
Collaboration andContent Mgmt.Systems
Disk Arrays
ProductionDatabase Backup Tape
Endpointtheft/loss
IP Sent tonon trusted user
Endpoint LeakVia print/copy
Network LeakEmail-IM- HTTP-
FTP-etc.
PublicInfrastructureAccess Hack
Email leak orPackets sniffed
In transit
Priviledge UserBreach
UnintentionalDistribution
Apps. DB orEncryption Key
Hack
Priviledge UserBreach
(Semi)Trusted User
Misuse
File Server/CMSHack
Tapes lost orstolen
Discarded diskexploited
Disk Arrays
Disk Arrays
Backup Systems
Backup Disk
© Novell, Inc. All rights reserved.14
DLP 2010(cont.)
Endpoint Network/E-mail Appps/DB FS/CMS Storage
Endpoint Network/E-mail Appps/DB FS/CMS Storage
InternalEmployee
RemoteEmployee
Partners
LAN
WAN
VPN
EnterpriseApplications
BusinessAnalytics
OutsourcedDev.
File Server
Replica
Staging
File Server
Collaboration andContent Mgmt.Systems
Disk Arrays
ProductionDatabase Backup Tape
Endpointtheft/loss
IP Sent tonon trusted user
Endpoint LeakVia print/copy
Network LeakEmail-IM- HTTP-
FTP-etc.
PublicInfrastructureAccess Hack
Email leak orPackets sniffed
In transit
Priviledge UserBreach
UnintentionalDistribution
Apps. DB orEncryption Key
Hack
Priviledge UserBreach
(Semi)Trusted User
Misuse
File Server/CMSHack
Tapes lost orstolen
Discarded diskexploited
Disk Arrays
Disk Arrays
Backup Systems
Backup Disk
© Novell, Inc. All rights reserved.15
DLP 2010(cont.)
Data at Rest
Data in Motion
Data in Use
-Microsoft file shares-Unix file shares-NAS/SAN storage-Windows 2000, 2003-Windows XP, Vista
-Microsoft Office Files-PDF's-PSTs-Zip Files
-SharePoint, Documentum-Lotus Notes, Exchange-Microsoft Access-Oracle, SQL, DB2-Contact Mgmt Systems
-SMTP email-Exchange, Lotus, etc.-Webmail-Text and attachments
-Yahoo IM-MSN Messenger-AOL Messenger
-FTP-HTTP-HTTPS-TCP/IP
-Local printers-Network printers-Burn ro CDs/DVDs
-External hard drives-Memory sticks-Removable media
-Copy to Network shares-Copy to external drives-Save As to external drives
File shares, Servers, Laptops 300+ File Typed Databases and Repositories
File shares, Servers, Laptops Instant Messages Web Traffic
Print and Burn USB Copy and Save As
© Novell, Inc. All rights reserved.16
DLP 2010(cont.)
Data at Rest
Data in Motion
Data in Use
-Microsoft file shares-Unix file shares-NAS/SAN storage-Windows 2000, 2003-Windows XP, Vista
-Microsoft Office Files-PDF's-PSTs-Zip Files
-SharePoint, Documentum-Lotus Notes, Exchange-Microsoft Access-Oracle, SQL, DB2-Contact Mgmt Systems
-SMTP email-Exchange, Lotus, etc.-Webmail-Text and attachments
-Yahoo IM-MSN Messenger-AOL Messenger
-FTP-HTTP-HTTPS-TCP/IP
-Local printers-Network printers-Burn ro CDs/DVDs
-External hard drives-Memory sticks-Removable media
-Copy to Network shares-Copy to external drives-Save As to external drives
File shares, Servers, Laptops 300+ File Typed Databases and Repositories
File shares, Servers, Laptops Instant Messages Web Traffic
Print and Burn USB Copy and Save As
Yes. Endpoints are Outsiders
© Novell, Inc. All rights reserved.18
Endpoints are Outsiders 2010
• “There used to be this thing called the ‘Network Perimeter’”.
Desktopvideo
Conferencing
CollaborationSoftware
MessagingSoftware
PDA Room Basedvideo
Phone
Laptop
Voice Mail
Fax
AudioConferencing
Mobile PhoneE-mail
Pager
ERP CRMSCMSuppliers Customers
Your Business
FrontOffice
BackOffice
Employees
Exhibit 2.The B orderless EnterpriseSource: Yankee Group, 2009
© Novell, Inc. All rights reserved.19
Endpoints are Outsiders 2010(cont.)
Source: ISSA Journal, June 2009 – A Forward-looking Approach to the Network Perimeter Paradigm, by Fernando Alonso
© Novell, Inc. All rights reserved.20
Endpoints are Outsiders 2010(cont.)
• Over 26,000 different USB products exist, 4.3 billion shipped in 2007
– Storage devices– Networking adapters– Printers, scanners, webcams– Coffee warmers, hand
massagers
• Billions and billions of USB devices have been sold to date
– Over 220 million iPods– Over 30 million iPhones – ANY form factor– Music albums now sold as USB– Their capacity keeps growing –
16GB flash drive is $20 – Virtually impossible to trace
Source: In-STAT/MDR
Inside ZENworks® Endpoint Security
© Novell, Inc. All rights reserved.22
Inside ZENworks® Endpoint Security
ZENworks® Endpoint SecurityDemonstration
ZENworks® Endpoint SecurityQuestions and Answers
© Novell, Inc. All rights reserved.25
Inside ZENworks® Endpoint Security(cont.)
© Novell, Inc. All rights reserved.26
Inside ZENworks® Endpoint Security(cont.)
© Novell, Inc. All rights reserved.27
Inside ZENworks® Endpoint Security(cont.)
© Novell, Inc. All rights reserved.28
Inside ZENworks® Endpoint Security(cont.)
© Novell, Inc. All rights reserved.29
Inside ZENworks® Endpoint Security(cont.)
© Novell, Inc. All rights reserved.30
Inside ZENworks® Endpoint Security(cont.)
© Novell, Inc. All rights reserved.31
Inside ZENworks® Endpoint Security(cont.)
Unpublished Work of Novell, Inc. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.