Upload
masit-macedonia
View
1.801
Download
2
Tags:
Embed Size (px)
DESCRIPTION
Presentation held by Mr.Vladimir Danilenko as a part of the Broadband Session at the 8th SEEITA and 7th MASIT Open Days Conference, 14th-15th October, 2010
Citation preview
Vladimir DanilenkoPresale and Consulting Group, EEMEA
Internet Security in corporate environmentKaspersky Lab landscape view and approaches
On Kaspersky Lab
Three business areas:
• Products for Home
• Products and Services for Business
• OEM solutions
• Founded in 1997.
• Headquartered in Moscow, Russia, 19 Local Offices all over the world
• Acknowledged leader in Antivirus technologies.
• Over 2000 highly skilled employees worldwide.
• Over 250 million users worldwide protected by our products and technologies.
• Over 200 000 corporate customers.
• Largest IT-security OEM-solutions supplier, over 100 global partners.
• One of the fastest-growing security software companies.
Facts
Market leader in:
• Key European retail markets
• Russia and CIS
• China, India (*In terms of licenses)
• Antivirus technology licensing
• #4 worldwide in the IT-security corporate market
• #1 selling security software in the U.S. retail market
Kaspersky Anti-VirusKaspersky Internet SecurityKaspersky Mobile SecurityKaspersky PURE
Kaspersky Small Office Security
Kaspersky Open Space Security suitesSpecific products for targeted securitySoftware-as-a-Service solutions
For Home For Home Office Products And Services
For Business
Products
Number of malware threats increasing rapidly
05.000.000
10.000.00015.000.00020.000.00025.000.00030.000.00035.000.00040.000.00045.000.00050.000.000
prior 2004
2004 2005 2006 2007 2008 2009 2010
• Over 17,000,000 new malwares in 2009• Brand new sample for every 2 seconds• Complexity increases
Infected websites number increases as well
2006 2007 2008 2009
0,004%0,11%
0,35%
0,64%
Infected websites percentage
7
• Banners and attracting web links
• SPAM: e-mail, IM, social networking
• Black SEO
Click to edit Master title style
• Click to edit Master text styles
– Second level
• Third level– Fourth level» Fifth level
June 10th, 2009 Event details (title, place)
• Attracting web links
• Spam: e-mail, IM, social networks
• Black SEO
User-initiated downloads
www.masit.org.mk
Web link visit
User computer analysis
Vulnerable application selection
Exploit generation and execution
Dropper generation
Dropper downloading
Rootkit/backdoor installation
Drive-by downloads infection mechanism
• Using AV protection is essential
• New malwares torrent will only be worse
• More reasonable approach is crucial for
IT-security
Summary
KOSS Release 2
New AV engine applications:
Kaspersky Anti-Virus 6.0 R2 for Windows Workstations
Kaspersky Anti-Virus 6.0 R2 for Window Servers
Kaspersky Second Opinion Solution 6.0 R2
New management tool:
Kaspersky Administration Kit 8.0
Updated applications for corporate protection
Endpoint protection
File Anti-Virus (improved!)
Web Anti-Virus (improved!)
Mail Anti-Virus (improved!)
Proactive Defense (improved!)
Anti-Hacker (improved!)
Anti-Spam (improved!)
Device Control (Brand new!)
Anti-Spy
Protection components
Interception and inspection of HTTP-traffic
Blocking of dangerous scripts
Blocking of phishing links
Protection of SSL connections
Web Anti-Virus
● Intercepts SMTP, POP3, IMAP, NNTP (including encrypted versions) traffic
● Regardless of the protocol using plug-ins to Microsoft Outlook and The Bat! mail clients
● Possibility of infiltration and processing attachments
● Disinfecting viruses in Microsoft Outlook and Microsoft Outlook Express data files
● ICQ/MSN traffic inspection
Mail Anti-Virus
Behavior blocker
Monitoring registry
Proactively blocks
• Trojan.Generic / Trojan.Cryptor
• Worm.Generic / Worm.P2P.Generic
• Concealed objects (Rootkits)
• Keyloggers
• Invaders
• Concealed data dispatch
• Attempt to collect passwords in a system
• Anomalous behavior of applications+ Malicious
modifications rollback
PDM 6.0
PDM 6.0 R2
Proactive protection
Anti-Hacker
● Firewall● Automatic setting
● Flexible filtering rules
● Training regime
● Intrusion detection system● Blocking of attacking computer
● Network monitor
Anti-banner
Anti-dialer
Blocking all types of keyloggers
Anti-Spy
• CCD/DVD-rom
• Bluetooth devices
• USB devices:
• Modems
• Phones
• Printers
• Data storage devices
Centralized management via Kaspersky Administration Kit
Device Control
Kaspersky Antivirus for Windows Workstations 6.0 Release 2
File Anti-VirusMail Anti-VirusWeb Anti-VirusProactive protection
Anti-SpyFirewall
Anti-Spam
Improved
Improved
Improved
Improved
Improved
Device Control
Heuristic AnalyzerAnti-RootkitICQ/MSN traffic inspection
Windows 7 support
IPv6 support
New platform
Increased protection level
Extra abilities
What’s new? Comparison chart
Improved
Servers protection
Kaspersky Anti-virus for
Windows Servers 6.0 R2
www.kaspersky.com
Kaspersky Anti-Virus for Windows Servers protects data on serversrunning under Microsoft Windows from all types of maliciousprograms. The product was designed specifically for high-performance corporate servers that experience heavy loads.
Supported platforms:• Microsoft Windows Server 2000
• Microsoft Windows Server 2003
• Microsoft Windows Server 2003 R2
• Microsoft Windows Server 2008
• Microsoft Windows Server 2008 R2
• Microsoft Small Business Server 2003
• Microsoft Small Business Server 2008
• Essential Business Server 2008
● Network iSwift
● Several instances of antivirus core
● CPU load distributing
● Pausing of scanning process
● Blocking access of infected computers
● Flexible time settings for scanning
● Notification settings
KAV for Windows File Server
New management system
• Centralized installation and management
• Administration groups
• Inheritance of group structure from logical network structure
• Control of antivirus applications through group policies
• Blocking of settings for users
• Group tasks for updates and on-demand check
• Special settings for laptop users
• Cisco NAC support
• Flexible reporting and notfication systems
Antivirus protection management system
Out-of-the-Box Protection
•Single product package containing everything required to protect network immediately after installation
• New deployment scenarios added including 1-click deployment and native GPO-based deployment support
• Removal of third-party protection software and Kaspersky Anti-Virus deployment in one step
Out-of-the-Box Protection
•Optimized default settings are based on best practices and require less customization
• Automatic license management makes manual license installation obsolete
• Customizable dashboards provide continuous system health monitoring
Usability Improvements
• Easier access to the most important and usable features for beginners
• More advanced configuration options for expert users
• Better control over user interface can make antivirus protection completely invisible for end users
• Streamlined policy inheritance supports more versatile organization structures
New Features and Benefits
• Better performance and scalability with tens of thousands of clients per Administration Server
• Update verification to test updates before distribution them across the network
• Postponed processing — optional centralized decision making for infected objects on a per-incident basis
Kaspersky Administration Kit 8.0 — The Interface
Test results
• Good installation wizard
having excellent user
navigation
• Client installation is fast
• Admin console is
designed clearly and
coherently
Remote installation is
very easy
• Good grouping functions
are available
• Manual is not necessary
Kaspersky Open Space SecurityWorld-class security solution for your business
Kaspersky Open Space Security
The Kaspersky Open Space Security product line is designed toprotect corporate networks of any scale and complexity from alltypes of modern computer threats.
www.kaspersky.com
Kaspersky Work Space Security:protection for workstations / smartphones
Kaspersky Work Space Security provides centralized protectionfrom all types of contemporary computer threats for workstationsand smartphones on the corporate network and beyond.
Product Highlights
• Antivirus protection for core network nodes: workstations, laptops, smartphones
• A new antivirus engine ensures optimal use of resources
• Enhanced proactive protection for workstations and file servers against new malicious programs
• On-the-fly scanning of email and Internet traffic
• Personal firewall for protection on any type of network, including Wi-Fi
• Local protection from unsolicited emails and phishing
• Prevents data leaks from lost smartphones
• Full Support for 64-bit systems
www.kaspersky.com
Kaspersky Business Space Security:protection for workstations /smartphones /file servers
Kaspersky Business Space Security provides high-quality protectionfor corporate information assets from all types of contemporarycomputer threats.
Product Highlights
• Antivirus protection for key network nodes: workstations, laptops, file servers and smartphones
• Enhanced proactive protection for workstations and file servers against new malicious programs
• On-the-fly scanning of email and Internet traffic
• Protection for file servers running Windows, Linux and Novell NetWare
• Comprehensive protection for terminal servers and cluster servers
• Load balancing of server processes
• Full support for 64-bit systems
www.kaspersky.com
Kaspersky Enterprise Space Security:protection for workstations/smartphones/file/mail/groupware servers
Kaspersky Enterprise Space Security ensures the free flow ofinformation within a company and secure communication with theoutside world.
Product Highlights
• Antivirus protection for critical network nodes: workstations, laptops, file and mail servers as well as smartphones
• Local protection from unsolicited emails and phishing
• Scanning of all messages on Microsoft Exchange servers, including public folders
• Antivirus protection for Sendmail, qmail, Postfix and Exim mail servers
• Scanning of messages, databases and other objects on Lotus Notes/Domino servers
• Blocks mass mailings and malware outbreaks
www.kaspersky.com
Kaspersky Total Space Security:multi-layer protection
Kaspersky Total Space Security provides integrated protection forcorporate networks of any size or level of complexity from all typesof contemporary computer threats.
Product Highlights
• Integrated protection from malware, spyware, hacker attacks and spam at all levels of the corporate network from workstations to Internet gateways
• Centralized protection from spam
• Centralized antivirus scanning of Internet traffic (HTTP/FTP) in real time
• Protects all popular versions of Microsoft ISA Server (including server arrays)
• Support for proxy servers (appliances and software)
www.kaspersky.com
Kaspersky Security for Exchange 8.0
KAV for Microsoft TMG (ex-ISA) 8.0
KAV for Windows Servers Enterprise Edition 8.0
KAV for Lotus Notes/Domino 8.0
Kaspersky Endpoint Security 8.0 for Linux Servers/Workstations
Kaspersky Endpoint Security 8.0 for Mac
Kaspersky Endpoint Security 8.0 for Smartphones
New applications. October-November 2010
Thank You
Vladimir DanilenkoPresale and Consulting Group, EEMEA
Internet Security in corporate environmentKaspersky Lab landscape view and approaches