Vladimir DanilenkoPresale and Consulting Group, EEMEA

Vladimir.Danilenko@kaspersky.com

Internet Security in corporate environmentKaspersky Lab landscape view and approaches

On Kaspersky Lab

Three business areas:

• Products for Home

• Products and Services for Business

• OEM solutions

• Founded in 1997.

• Headquartered in Moscow, Russia, 19 Local Offices all over the world

• Acknowledged leader in Antivirus technologies.

• Over 2000 highly skilled employees worldwide.

• Over 250 million users worldwide protected by our products and technologies.

• Over 200 000 corporate customers.

• Largest IT-security OEM-solutions supplier, over 100 global partners.

• One of the fastest-growing security software companies.

Facts

Market leader in:

• Key European retail markets

• Russia and CIS

• China, India (*In terms of licenses)

• Antivirus technology licensing

• #4 worldwide in the IT-security corporate market

• #1 selling security software in the U.S. retail market

Kaspersky Anti-VirusKaspersky Internet SecurityKaspersky Mobile SecurityKaspersky PURE

Kaspersky Small Office Security

Kaspersky Open Space Security suitesSpecific products for targeted securitySoftware-as-a-Service solutions

For Home For Home Office Products And Services

For Business

Products

Number of malware threats increasing rapidly

05.000.000

10.000.00015.000.00020.000.00025.000.00030.000.00035.000.00040.000.00045.000.00050.000.000

prior 2004

2004 2005 2006 2007 2008 2009 2010

• Over 17,000,000 new malwares in 2009• Brand new sample for every 2 seconds• Complexity increases

Infected websites number increases as well

2006 2007 2008 2009

0,004%0,11%

0,35%

0,64%

Infected websites percentage

7

• Banners and attracting web links

• SPAM: e-mail, IM, social networking

• Black SEO

Click to edit Master title style

• Click to edit Master text styles

– Second level

• Third level– Fourth level» Fifth level

June 10th, 2009 Event details (title, place)

• Attracting web links

• Spam: e-mail, IM, social networks

• Black SEO

User-initiated downloads

www.masit.org.mk

Web link visit

User computer analysis

Vulnerable application selection

Exploit generation and execution

Dropper generation

Dropper downloading

Rootkit/backdoor installation

Drive-by downloads infection mechanism

• Using AV protection is essential

• New malwares torrent will only be worse

• More reasonable approach is crucial for

IT-security

Summary

KOSS Release 2

New AV engine applications:

Kaspersky Anti-Virus 6.0 R2 for Windows Workstations

Kaspersky Anti-Virus 6.0 R2 for Window Servers

Kaspersky Second Opinion Solution 6.0 R2

New management tool:

Kaspersky Administration Kit 8.0

Updated applications for corporate protection

Endpoint protection

File Anti-Virus (improved!)

Web Anti-Virus (improved!)

Mail Anti-Virus (improved!)

Proactive Defense (improved!)

Anti-Hacker (improved!)

Anti-Spam (improved!)

Device Control (Brand new!)

Anti-Spy

Protection components

Interception and inspection of HTTP-traffic

Blocking of dangerous scripts

Blocking of phishing links

Protection of SSL connections

Web Anti-Virus

● Intercepts SMTP, POP3, IMAP, NNTP (including encrypted versions) traffic

● Regardless of the protocol using plug-ins to Microsoft Outlook and The Bat! mail clients

● Possibility of infiltration and processing attachments

● Disinfecting viruses in Microsoft Outlook and Microsoft Outlook Express data files

● ICQ/MSN traffic inspection

Mail Anti-Virus

Behavior blocker

Monitoring registry

Proactively blocks

• Trojan.Generic / Trojan.Cryptor

• Worm.Generic / Worm.P2P.Generic

• Concealed objects (Rootkits)

• Keyloggers

• Invaders

• Concealed data dispatch

• Attempt to collect passwords in a system

• Anomalous behavior of applications+ Malicious

modifications rollback

PDM 6.0

PDM 6.0 R2

Proactive protection

Anti-Hacker

● Firewall● Automatic setting

● Flexible filtering rules

● Training regime

● Intrusion detection system● Blocking of attacking computer

● Network monitor

Anti-banner

Anti-dialer

Blocking all types of keyloggers

Anti-Spy

• CCD/DVD-rom

• Bluetooth devices

• USB devices:

• Modems

• Phones

• Printers

• Data storage devices

Centralized management via Kaspersky Administration Kit

Device Control

Kaspersky Antivirus for Windows Workstations 6.0 Release 2

File Anti-VirusMail Anti-VirusWeb Anti-VirusProactive protection

Anti-SpyFirewall

Anti-Spam

Improved

Improved

Improved

Improved

Improved

Device Control

Heuristic AnalyzerAnti-RootkitICQ/MSN traffic inspection

Windows 7 support

IPv6 support

New platform

Increased protection level

Extra abilities

What’s new? Comparison chart

Improved

Servers protection

Kaspersky Anti-virus for

Windows Servers 6.0 R2

www.kaspersky.com

Kaspersky Anti-Virus for Windows Servers protects data on serversrunning under Microsoft Windows from all types of maliciousprograms. The product was designed specifically for high-performance corporate servers that experience heavy loads.

Supported platforms:• Microsoft Windows Server 2000

• Microsoft Windows Server 2003

• Microsoft Windows Server 2003 R2

• Microsoft Windows Server 2008

• Microsoft Windows Server 2008 R2

• Microsoft Small Business Server 2003

• Microsoft Small Business Server 2008

• Essential Business Server 2008

● Network iSwift

● Several instances of antivirus core

● CPU load distributing

● Pausing of scanning process

● Blocking access of infected computers

● Flexible time settings for scanning

● Notification settings

KAV for Windows File Server

New management system

• Centralized installation and management

• Administration groups

• Inheritance of group structure from logical network structure

• Control of antivirus applications through group policies

• Blocking of settings for users

• Group tasks for updates and on-demand check

• Special settings for laptop users

• Cisco NAC support

• Flexible reporting and notfication systems

Antivirus protection management system

Out-of-the-Box Protection

•Single product package containing everything required to protect network immediately after installation

• New deployment scenarios added including 1-click deployment and native GPO-based deployment support

• Removal of third-party protection software and Kaspersky Anti-Virus deployment in one step

Out-of-the-Box Protection

•Optimized default settings are based on best practices and require less customization

• Automatic license management makes manual license installation obsolete

• Customizable dashboards provide continuous system health monitoring

Usability Improvements

• Easier access to the most important and usable features for beginners

• More advanced configuration options for expert users

• Better control over user interface can make antivirus protection completely invisible for end users

• Streamlined policy inheritance supports more versatile organization structures

New Features and Benefits

• Better performance and scalability with tens of thousands of clients per Administration Server

• Update verification to test updates before distribution them across the network

• Postponed processing — optional centralized decision making for infected objects on a per-incident basis

Kaspersky Administration Kit 8.0 — The Interface

Test results

• Good installation wizard

having excellent user

navigation

• Client installation is fast

• Admin console is

designed clearly and

coherently

Remote installation is

very easy

• Good grouping functions

are available

• Manual is not necessary

Kaspersky Open Space SecurityWorld-class security solution for your business

Kaspersky Open Space Security

The Kaspersky Open Space Security product line is designed toprotect corporate networks of any scale and complexity from alltypes of modern computer threats.

www.kaspersky.com

Kaspersky Work Space Security:protection for workstations / smartphones

Kaspersky Work Space Security provides centralized protectionfrom all types of contemporary computer threats for workstationsand smartphones on the corporate network and beyond.

Product Highlights

• Antivirus protection for core network nodes: workstations, laptops, smartphones

• A new antivirus engine ensures optimal use of resources

• Enhanced proactive protection for workstations and file servers against new malicious programs

• On-the-fly scanning of email and Internet traffic

• Personal firewall for protection on any type of network, including Wi-Fi

• Local protection from unsolicited emails and phishing

• Prevents data leaks from lost smartphones

• Full Support for 64-bit systems

www.kaspersky.com

Kaspersky Business Space Security:protection for workstations /smartphones /file servers

Kaspersky Business Space Security provides high-quality protectionfor corporate information assets from all types of contemporarycomputer threats.

Product Highlights

• Antivirus protection for key network nodes: workstations, laptops, file servers and smartphones

• Enhanced proactive protection for workstations and file servers against new malicious programs

• On-the-fly scanning of email and Internet traffic

• Protection for file servers running Windows, Linux and Novell NetWare

• Comprehensive protection for terminal servers and cluster servers

• Load balancing of server processes

• Full support for 64-bit systems

www.kaspersky.com

Kaspersky Enterprise Space Security:protection for workstations/smartphones/file/mail/groupware servers

Kaspersky Enterprise Space Security ensures the free flow ofinformation within a company and secure communication with theoutside world.

Product Highlights

• Antivirus protection for critical network nodes: workstations, laptops, file and mail servers as well as smartphones

• Local protection from unsolicited emails and phishing

• Scanning of all messages on Microsoft Exchange servers, including public folders

• Antivirus protection for Sendmail, qmail, Postfix and Exim mail servers

• Scanning of messages, databases and other objects on Lotus Notes/Domino servers

• Blocks mass mailings and malware outbreaks

www.kaspersky.com

Kaspersky Total Space Security:multi-layer protection

Kaspersky Total Space Security provides integrated protection forcorporate networks of any size or level of complexity from all typesof contemporary computer threats.

Product Highlights

• Integrated protection from malware, spyware, hacker attacks and spam at all levels of the corporate network from workstations to Internet gateways

• Centralized protection from spam

• Centralized antivirus scanning of Internet traffic (HTTP/FTP) in real time

• Protects all popular versions of Microsoft ISA Server (including server arrays)

• Support for proxy servers (appliances and software)

www.kaspersky.com

Kaspersky Security for Exchange 8.0

KAV for Microsoft TMG (ex-ISA) 8.0

KAV for Windows Servers Enterprise Edition 8.0

KAV for Lotus Notes/Domino 8.0

Kaspersky Endpoint Security 8.0 for Linux Servers/Workstations

Kaspersky Endpoint Security 8.0 for Mac

Kaspersky Endpoint Security 8.0 for Smartphones

New applications. October-November 2010

Thank You

Vladimir DanilenkoPresale and Consulting Group, EEMEA

Vladimir.Danilenko@kaspersky.com

Internet Security in corporate environmentKaspersky Lab landscape view and approaches