delivering integrated cyber defense in the cloud generation symantec... · quadrants –epp, dlp,...

Delivering Integrated Cyber Defense in the Cloud Generation

Davor Kodrnja | Regional Sales Manager Adriatics

Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY2

A History of Industry LeadershipSymantec:

Symantec is founded by Gary Hendrix with a focus on artificial intelligence

1 9 8 2

Symantecachieves profitability

Symantec acquires Peter Norton Computing

John Thompson is hired to become CEO of Symantec

Acquisition of Vontu is completed to enter into the data protection space

1 9 8 9 1 9 9 0 1 9 9 9 2 0 0 7

Symantec enters the Antivirus market with a focus on Macintoshcomputers

1 9 8 8

NASDAQ IPO of Symantec

Symantec launches Norton Antivirus

Symantec acquires Veritas and Brightmailto enter into storage and email security

Verisign Identity and Authentication Business acquired by Symantec

1 9 8 9 1 9 9 1 2 0 0 4 2 0 1 0


Symantec Acquires Blue Coat and appoints Greg Clark as CEO

AUGUST 2016

Symantec integrates Blue Coat and Symantec threat data-lakes stopping 500K new threats per day

Symantec launches industry innovation with SEP14

Symantec acquires Lifelock protecting the identity information of millions

Symantec acquires Fireglass and Skycure

SEPTEMBER 2016 NOVEMBER 2016 FEBRUARY 2017 JULY 2017

Symantec divests Veritas business as it begins a pure focus on security

JANUARY 2016

Symantec launches Cloud Generation Data Protection with DLP and Blue Coat CASB integration

Symantec launches Norton Core to create the digital safety category for consumers

Symantec creates the new Symantec Ventures fund

Symantec takes leadership position in 5 Magic Quadrants – EPP, DLP, MSS, SWG, and CASB.

OCTOBER 2016 JANUARY 2017 MARCH 2017 JANUARY 2018

Celebrating The Past Two Years of Advanced InnovationSymantec:


The Industry Faces a Looming Fiscal Spending CrisisFiscal Crisis

Existing Technology Footprint Annual Security Improvement

New Regulations

Labor Cost Increases

Subscription Expense Growth

Maintaining a Dual Environment (Legacy and Cloud)

SECURITY OPERATING COSTS

CURRENT SECURITY BUDGET

6-8% ANNUAL BUDGET INCREASE


THE COMING FISCAL CRISIS

A Dark Internet Will Require Presence at Key Termination PointsThe Cloud Generation Dilemma


A DARK INTERNETTHE COMING FISCAL CRISIS

Organizations Will Need to Depend on Automatic Security CapabilitiesThe Cloud Generation Dilemma

ARTIF IC IAL INTELL IG ENCE


DEEP ARTIFICIAL INTELLIGENCE & AUTOMATION


Industry Refocused on the Criticality of PreventionThe Cloud Generation Dilemma


BEST IN CLASS TERMINATION POINTS & PROTECTION



Changing Usage Models Will Mandate Cloud Generation ArchitectureThe Cloud Generation Dilemma



CLOUD GENERATION ARCHITECTURE & PLATFORMS

BEST IN CLASS TERMINATION POINTS & PROTECTION




Delivering Protection in The Cloud Generation

Endpoint Requirements

Best in Class Protection

Machine Learning / Artificial Intelligence

Single Agent / Efficient Architecture

Cloud Aware / Enabled

Supports all Endpoints

PROXY

EMAIL

CLOUD APPS

ENDPOINTENDPOINT


Proxy Requirements

ENDPOINT

PROXY

EMAIL

CLOUD APPS

Best in Class

Strong Encrypted Traffic Management

Integrated CASB

Network Browser Isolation

Cloud, On-Premise & Virtual Form Factors



Email Requirements

Flexible Form Factor

Protects Intra-Company, Outbound & Inbound

Integrated Content Isolation

Best-In-Class Spam and Malware Defense

Machine Learning / Artificial Intelligence

ENDPOINT

PROXY

EMAIL

CLOUD APPS



Cloud ApplicationRequirements

ENDPOINT

PROXY

EMAIL

CLOUD APPS

Visibility Over Cloud User Behavior

Control Across all Cloud Applications

User and User-Action Based Authentication

Protections Against Malicious Content

Extends Data Protection to the Cloud



ENDPOINT

PROXY

EMAIL

CLOUD APPS




INTEGRATION FABRIC

• Codified Integration Model

• Simple Innovation Consumption

• Enterprise Class Workflows

• Empowers Third Party Participation

• One-to-One Integration Mechanics

• Heavy Programmatic Skills

• Support Intensive

• Painful Innovation Consumption

API BASED

VS



• Open Interface to Symantec and Third Party Technologies

• Structures and Unifies Telemetry

• Control of Event Information for Regulatory Adherence

• Long-Term Correlation of Event and Telemetry Data

• Provides Automated Actions for Control Points

• Integration Point for External Control Structures

• MSP• Artificial Intelligence / Machine Learning• Orchestration

INTEGRATED CYBER DEFENSE EXCHANGE (ICDx)

ICDx


SERVICES

ICDx

Confidential - Internal Use Only - Do Not Distribute

Delivering Technology Services in The Cloud Generation

• Simple Innovation Adoption

• Integrated Service Delivery Across Termination Points

• Complete Content Visibility and Control

TECHNOLOGY SERVICES


ADVANCED THREAT PREVENTION

Content Analysis

Sandboxing

Endpoint Detection & Response

Full Packet Capture and MetadataICDx



INFORMATION PROTECTION

DLP

Multifactor Authentication

Encryption

Information Centric Analytics

Discovery and ComplianceICDx




ADVANCED THREAT PREVENTION

COMPLIANCE ENFORCEMENT

INFORMATION PROTECTION

ANALYTICS

ENCRYPTED TRAFFIC MANAGEMENT

ICDx


INTEGRATED CYBER DEFENSE PLATFORM


Massive Global Threat Telemetry

State of The Art Security Analysis

Best-in-Class Global Cyberwarriors

Automated Threat Intel Fed to Platform

THREATRESEARCH


INTEGRATED CYBER DEFENSE PLATFORM

THREAT RESEARCH


PLATFORM SERVICES

Provider Ecosystem

3rd Party Integrations

Information Exchange Layer

Managed Security Services Provider

Custom Outcomes


600+ PARTNERS INQUIRIES 95+ TECHNOLOGY PARTNERS 180+ INTEGRATIONS

Integrated Cyber Defense Platform



HeadquartersData Center

Regional Office

Roaming Users


Full Packet Capture

Threat Forensics

Incident Workflow

Network Recording Reconstruction

Forensics & Recording

API Cloud Integration

Data Origination and Destination Awareness

Federated User-Based Policy Enforcement

Data Discovery and Machine Learning

Classification

Real-TimeBi-Directional DLP

Data Sovereignty

Cipher and Tokenization

Inline Enforcement Based on Policy

Encryption &Tokenization

Regulatory

Big Data Visualization

Compliance Standards, Reporting

& Enforcement

Reporting &Audit

Mobile Device Protection

Machine Learning

Anti-Malware Engine

Black/White Listing

File Reputation

File Prevalence and Frequency

Endpoint

WebProtection

Internet Classification

Malnet & Reputation

Machine Learning

Multi-Language

Real-Time Risk Scoring

Isolation of Web Traffic

Analytics &Intelligence

Cloud SOC

Anomaly Detection

User Risk Analysis

Cloud Application Risk Scoring

Artificial Intelligence

Integrated Cloud Data Analysis

API Cloud Integration

Machine Learning Data Algorithms

Real-Time Data Aggregation

Data Visualization and Compliance

Reporting

Access &Authorization

Inline Policy Enforcement

Federated Identity Integration

Granular Access Policy for Thousands of Cloud Applications

Advanced Malware

Customizable Detonation

Environments

Real-Time Detonation and

File Analysis

Evasion & Obfuscation

Detection

Visibility &Discovery

Application Identification

Library

Risks Scoringper Application

Compliance Reporting for Sanctioned &

Unsanctioned Apps

Light-weight agents

Low latency communications

Anomaly Detection

Cloud-based PKI & Device Certification

Compliance with IoT Standards

Device / IoT

Messaging

Targeted Attack Protection

Malware & Spam Filtering

Data Loss Prevention

Encryption

Anti-Phishing

Protection &Security

Compliance &Governance

Demands of the Cloud GenerationNeeds Across the Cloud Continuum


Protection &Security

Compliance &Governance

Forensics & Recording

Real-TimeBi-Directional DLP

Encryption &Tokenization

Reporting &Audit

Endpoint

WebProtection

Analytics &Intelligence

Integrated Cloud Data Analysis

Access &Authorization

Advanced Malware

Visibility &Discovery

Device / IoT

Messaging

Demands of the Cloud GenerationVendor Sprawl Across the Cloud Continuum


Challenges of Disparate Cloud Security Providers

Cloud Security Chaos

• Who Owns the Comprehensive Service Level Agreements?

• Single Pane of Glass?

• Redundancy & High-Availability?

• Vendor Compatibility?

Cloud Web Gateway

Provider

Cloud DLP Provider

Cloud Data Encryption

Provider

Cloud Access Control

Provider

Cloud SandboxProvider

Cloud Breach Analysis

Cloud Forensic / Recording

Cloud EmailScanning

Cloud DDoS

UBA

Complications of Cloud Adoption

• Who Owns the Comprehensive Service Level Agreements?

• Single Pane of Glass?

• Redundancy & High-Availability?

• Vendor Compatibility?


Symantec Integrated Cyber Defense Cloud Platform

End

po

int

Web

Pro

tect

ion

Ad

v. M

alw

are

Fore

nsi

cs &

R

eco

rdin

g

An

alyt

ics

&In

telli

gen

ce

Encr

ypti

on

&To

ken

izat

ion

Clo

ud

Dat

aA

nal

ysis

Bi-

Dir

ecti

on

alD

LP

Acc

ess

&A

uth

ori

zati

on

Rep

ort

ing

&

Au

dit

Vis

ibili

ty &

Dis

cove

ry

Dev

ice

/ Io

T

Mes

sagi

ng

Delivering a Simplified Security Model

Consolidating Cloud Security


HeadquartersData Center

Regional Office

Roaming Users

Delivering a Simplified Security Model for the Cloud GenerationSymantec Integrated Cyber Defense


Web Isolation

Endpoint Protection

Mobile

WebSecurityService

DLPSecure Web Gateway

RiskInsight

MessagingGateway

Web Application Firewall

Advanced Threat Protection

MalwareAnalysis

EndpointManagement

Endpoint Protection (SEP, EDR)

Endpoint Protection

CloudVIP

Identity

LocalIntelligence

File

UR

L

Wh

itel

ist

Bla

cklis

t

Cer

tifi

cate

Mac

hin

e Le

arn

ing

SIEM Integration

Data Center Security

EncryptionContent Analysis

Performance Optimization

Cloud DLP CASB

Email Security

WorkloadProtection

Cloud Sandbox

Encryption

Risk &Compliance

Management

EncryptedTraffic

ManagementSecurity Analytics

Third Party Ecosystem

ON

-PR

EM

ISE

SC

LOU

D

Cloud Data Protection

StorageProtection

Cyber SecurityServices

30

SOC Workbench




Intergrated Cyber Defense Meets Zero Trust

Enable security teams to:• Strengthen data security• Control and limit access to systems• Effectively detect and prevent threats • Efficiently respond/remediate

through automation/orchestration

Via a broad platform which is open to partners and customers

Forrester Zero Trust eXtended (ZTX) Ecosystem Model


DATA

NETWORK

WORKLOADS

• Cloud Proxy & SD-WAN/Firewall•Data Center Security• Proxy, Reverse Proxy, & WAF• Encrypted Traffic Management

•Data Loss Prevention•Data Encryption, Tagging,

and Analytics•Device Encryption

• Cloud Workload Protection• Storage Protection• Cloud Security Gateways (CASB)• Compliance Automation• WAF/Reverse Proxy

DEVICES

• Endpoint Protection and Management

• IoT Security• Data Center Security

WORKFORCE/PEOPLE•Multi-Factor Auth (VIP)•Web & Email Gateways•Web Browser Isolation • Content Analysis and Sandboxing• Cloud Security Gateway (CASB)

VISIBILITY & ANALYTICS• Data-Driven Analytics/Reporting• UEBA• Full-Packet Capture Forensics• Endpoint, Network, Cloud, Email

Reporting & Threat Analytics

AUTOMATION & ORCHESTRATION

ICDx

Symantec Portfolio and Zero Trust


Symantec Named a Leader in the Forrester Wave™: Zero Trust eXtended (ZTX) Ecosystem Providers, Q4 2018

Source: November 2018, The Forrester Wave™: Zero Trust eXtended (ZTX) Ecosystem Providers, Q4 2018

The Forrester Wave is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.

“Symantec is a juggernaut, given its breadth of security solutions. The company hasextensive endpoint, network security, and threat identification capabilities”- The Forrester Wave™: Zero Trust eXtended (ZTX) Ecosystem Providers, Q4 2018


Zagreb, 27.02.2019. Hotel Westin

Symantec Security Day

Beograd, 28.02.2019. Hotel Falkensteiner

delivering integrated cyber defense in the cloud generation symantec... · quadrants –epp, dlp,...

Documents