Sophos EndUser Protection

EndUser ProtectionSecurity gets… personal

Threats changing,

still increasing

Data everywhere, regulations

growing

Users everywhere,

using everything

We are focused on protecting you

2

We do IT securityBecause you’ve got enough to worry about

3

Wherever the user is, what ever they use

Our unique approach for better protection you can actually deploy

Quicker to setup, maintain and solve problems

SecurityEverywhere

WithoutComplexity

Active Protection

Security everywhereProtecting every part of your business

Email

Data

Endpoint

Mobile

Web Network

Active ProtectionOur unique approach for better protection with less complexity

Email Data Endpoint Mobile Web Network

Business today…Increasingly sophisticated threats, mobile workforce, BYOD

Dr. SmartphoneMr. Mac Ms. Virtual Mr. BYOD

I need email access on my

iPhoneI need a Mac to

do my job

I’ve got several virtual desktops on my computer

I want to use my iPad at work

Data Protection Suite

Introducing EndUser Protection

Complete Security Suite

Web Protection Suite

Endpoint Protection - Business

Anti-virus - Business

Endpoint Protection - AdvancedEndUser Protection

EndUser Data SuiteEndUser Web Suite

Now with Sophos Mobile Control

8

Security gets…

•Every device they use

•Everywhere they go

•Everything they need

•Sensible protection that covers all devices

•Sensible licensing per-user

•Sensible services with updates and support included

•Easy BYOD

•Easy admin

•Easy support from a single vendor

Personal Easier Sensible

Endpoint product line

9

Complete Security

Suite

EndUser Data Suite

EndUser Web Suite

EndUser Protection

UTM Fullguard + UTM Endpoint

(UTM 9)

Endpoint Protection -

Business

Sophos Anti-VirusBusiness

AV/HIP/Live Protection

Client Firewall

Application Control

Device Control

Web Filtering in Endpoint

DLP, NAC, Patch

Web Gateway

Email Gateway

Full-Disk Encryption

Mobile

UTM FullGuard*

Groupware

Platforms

SharePoint, Exchange

Win, Mac, Linux, Unix, VM, EMC

Exchange

Win, Mac, Linux, Unix, VM, EMC

Exchange

Win, Mac, Linux, Unix, VM, EMC

Exchange

Win, Mac, Linux, Unix, VM, EMC

Win

Exchange

Win, Mac, Linux,

VM, EMC

Win, Mac, VM,

*UTM FullGuard includes network, web, email, wireless and webserver protection

EndUser Protection at a glance

Access control

Firewall

Virtualization

ApplicationControl

Device Control

Encryption

Anti-malware

Mobile Control

Data Control

Patch assessment

Web Protection

ExchangeServer Protection

Securing mobile devices

The situation:

Smartphone and tablet adoption is growing rapidly

Employees are using their own devices

They need secure access to company email and data

The challenge:

113 devices are lost every minute in the US

Android is today’s largest malware target

… Thousands of rogue apps

Mobile Device Management

Unified policy and management for all devices

iOS, Android, BlackBerry, and Windows Mobile

Secure access to corporate email via proxy

Policy controls:• Passcode and auto lock enforcement• Compliance enforcement (jailbreaking/rooting)• Encryption enforcement

Loss/theft protection:• Remote lock/wipe• Auto wipe after failed login attempts• Locate lost devices

Enterprise App Store

Control apps on mobile devices

Publish in-house, required, recommended apps

Block unwanted apps

Mobile Security

Scans Android apps for malware before they are installed

Active Protection cloud technology:• Live real-time cloud lookups• Up-to-the-minute app intelligence

Fast and low impact scanning

Privacy advisor detects apps accessingyour personal data

Today’s threats

Mainly come from the web

Target data, identities and cash

Exploit vulnerabilities

Often execute silently

In families of malware

Are produced on a massive scale

Anti-malware

A single engine to protect from all malware

Genotyping technology

Active Protection cloud technologies:• Live url filter: Stops urls we know are bad instantly• Live anti-virus: Checks in seconds to see if a suspicious file might be a real

threat

Fast and low impact scanning

Small updates, frequently applied

Intrusion Prevention

Behavioral detection

Suspicious file detection

Suspicious behavior detection

Buffer overflow detection

Rules created by Sophos via Active Protection

So reliable it’s on by default

Applications wrongly applied

Users trying to install and run unauthorized apps

Some apps are risky

Unwanted apps might use bandwidth

Version control isn’t easy

Application Control

Applications created and updated via Active Protection

Over 40 categories including:• Online storage• Browsers• P2P File sharing• Instant messaging• Virtualization tools• Remote access• USB program launchers

Plugging the device gap

Devices can carry malware

They take data everywhere

If they’re lost can you be sure they’re secure?

People will plug them in anywhere

Device Control

Control devices connected to computers

Granular control of:• Storage devices:

• Removable storage - USB keys, removable hard disks• Optical / disk drives - CD / DVD / HD-DVD / Blu-ray

Network devices:• Wi-Fi / Modems• Bluetooth• Infra-red

Securing virtual environments

Virtualization saves money

Is security on the agenda?

Don’t compromise on performance

Virtualization

We protect virtual environments. At no extra cost

Our lighter-weight agent is better than other traditional Endpoint security solutions

Stagger scanning for virtual machines

No compromise on protection

Citrix Reciever plugin

Developing Vmware vShield scanner

The web: where malware is atA threat network

• The number one source of infection• Legitimate sites are regularly infected• Productivity filtering isn’t enough• Many applications accessing the web

How people do web protection today• Large scale deployments that focus on the gateway• Backhauling traffic to appliances• None or limited protection for users not connecting to the gateway

Web protectionBasic Endpoint

• Active Protection from malware and bad sites

• Works in any browser

Web Filtering in Endpoint• Low-cost add-on integrated into the Endpoint/SEC• Reduce surface area of attack from risky parts of the web (porn,

hate, p2p, etc.)• Essential compliance and liability coverage for inappropriate sites

Web Protection Suite• Complete protection everywhere users go with LiveConnect• Full coverage of threats, compliance, productivity, liability, and

visibility• Reduce investment & complexity in backhauling/VPN/Gateway HW

Inside LiveConnectwith Web Protection SuiteEnables full visibility and control

Policy and reporting synchronization

Immediate and automatic

Secure end-to-end encryption

Encryption

Industrial strength full disk encryption

Deployed and managed from your endpoint console

Fast initial encryption

Full password recovery options

Data ControlFully integrated endpoint DLP solution

Designed to prevent accidental data loss

Monitor and enforce on all common data exit points

Train staff through use of desktop prompts

Data types provided from Sophos via Active Protection

Integrated with email protection

The problem with patching

No visibility of exposure level• Have users installed vulnerable applications?• Have users disabled automatic updates?• Is Microsoft WSUS/SCCM working correctly?• Don’t know which patches to worry about!

Compliance audits become a real headache

Machines get compromised• Gartner: 90% of situations where machines got compromised, a patch or

configuration change existed that could have prevented it!

Patch Assessment1. We assess all the key exploited applications

• Checking for patches from 11 vendors

2. We accurately assess each endpoint• Local scans on every managed endpoint• Complex fingerprinting ensures patches accurately detected• Centralized reporting of relevant missing patches• Simple: no end-user interaction or messaging

3. We prioritize patches to make life easier• Sophos rates patch criticality via Active Protection• Sophos shows any malware associated with patches• Creates a focus on the patches that really matter!

Spam, spam, spam and malware

Spam emails contain weblinks to malware

They might also carry viruses in them

Over 90% of the worlds email is spam

Nasty emails might be stored on your local exchange servers too

Exchange Server protection

• Stop viruses and other threats in inbound, outbound and items inside Microsoft Exchange

• Unique real-time Behavioral Genotype malware engine• Live anti-spam via Active Protection stops 99%• Gives instant visibility of status, email throughput, quarantine databases and

all policy rules from a single console• Generate graphical management reports showing trends in email

throughput, protection level and issues needing action

Where’s the fire?

Open ports on PCs and Laptops are open doors to hackers

A computer without a firewall and connected to the internet is a target

Worms often target particular ports and protocols

Laptops can connect anywhere, you need different rules when they’re outside your network

Client firewall

Location aware policies

Identifies apps by checksum

Rollout invisible to users

Interactive management alerts to create rules

Stealth mode prevents unauthorized network access by hackers

Who’s on my LAN?

Do your computers have all the right software installed?

You don’t know when guests are connecting computers and if they’re secure

If guests don’t use the same software you do then you don’t know if they’re OK to connect

Access Control

Prevent security issues by assessing managed and unmanaged computers.

Detect and fix managed endpoint vulnerabilities

Ensure that any guest computers match your security requirements before they access your network

Updated database of over 600 security applications

Prevent unauthorized computers from accessing the network

Complexity

Users may complain about PC performance

Does implementing a new feature mean a whole new rollout?

Can you see every platform you’ve deployed to?

How easy is it to perform common tasks or cleanup threats?

Deploy and manage

A single deployment wizard for all endpoint features

Single agent for:• Anti malware• HIPS• Device Control• Data Control• Web protection

Widest platform support

Console built for usability

Mobile Device Management• Over-the-air policy updates• Self-serve user portal for registration reduces help desk burden

39

US and Canada 1-866-866-2802

NASales@sophos.com

UK and Worldwide + 44 1235 55 9933

Sales@sophos.com

nakedsecurity.sophos.com

Staying ahead of the curveStaying ahead of the curve

facebook.com/securitybysophos

twitter.com/Sophos_News

Sophos on Google+

linkedin.com/company/sophos

www.sophos.com/endpoint