Upload
lumension
View
1.817
Download
2
Tags:
Embed Size (px)
Citation preview
Securing Your InfrastructurePrivileged Identity Management andData Protection
MicrosoftLieberman SoftwareLumension
Agenda
• Introduction
• Infrastructure Security Challenges and the Business Impact
• Introducing Microsoft System Center
• Lieberman Enterprise Random Password Manager™ for System Center
• Lumension Device Control for System Center™
• Summary and Next Steps
Infrastructure Security Challenges
Always on, always connected
Demands for increased access to information
Communicate with partners, employees, outsourcers, and customers
Regulatory requirements for transparency
Advanced, multi-level attacks
Hacks motivated by criminal profit
Phishing and social engineering hacks wrapped in technology
Need to secure new types of devices and storage
Need to enforce and audit compliance
Increased Access Increased Security
Managing the tension between accessibility and security
Business ImpactWhat Can Our Integrated Security Solution Do For Your Business?
Keep Your IT Up and Running Protect Your Data
Manage systems, data and devices across the organization.
Keep company data private and secure by preventing common
breaches.
Save time through increased system performance while
enabling collaboration across boundaries.
Control and audit access to privileged systems, devices and
applications.
Reduce security risks by storing data centrally on your company
network.
Be confident that sensitive information is treated with
integrity.
Store and back up data to eliminate worry about data loss.
Improve data protection with consistent tools and processes
to protect vital assets.
Introducing Microsoft System Center
Martin Buckley, Strategic Alliances – System Center - Management & Services Division
Industry Trends
Macro Trends Current Indicators
Virtualization Acceleration
Compliance
IT Service Management
Anywhere Access
Software as a Service
• CIOs expect 10% of IT budget to be dedicated to compliance
• IT orgs can currently only correlate 30% of IT alerts to business problems
• Converged mobile phones (Smartphones) growing two times faster than mobile PCs
• >1/3 of TDMs interested in using SaaS to supportcustomer-facing business processes
Data Center Build Outs
• 74% of enterprises mandate all servers must reside in the data center
78% Maintenance
22% New
Implication • 78% of IT budgets spent on maintenance activities, trends increase pressure
• #1 CIO priority in 2008 (up from #17)
System Center Solutions: People, Process, & Technology
Desktop & Device Management
Data Center Management
Mid-Market
So
luti
on
s
Open Standards
Virtualization Technology
Windows Platform
Infr
astr
uct
ure
Pro
du
cts
Microsoft Consulting Services
Management Packs
Partner EcosystemKn
ow
led
ge
Solution Accelerators
Connectors for Interoperability
Microsoft Operations Framework (MOF/ITIL)
Document redirectionOffline files
PresentationVirtualization
ProfileVirtualization
ServerVirtualization
ApplicationVirtualization
DesktopVirtualization
VirtualizationManaging a virtualized infrastructure with a common management platform
Data Center Management Solutions
Automated Provisioning and Updating of Physical and Virtual EnvironmentsServer Consolidation Through Virtualization
Proactive Platform MonitoringApplication & Service Level MonitoringInteroperable and Extensible Platform
Configuration Controls and ReportingCentralized Security AuditingComprehensive Security & Identity and Access Mgmt
Business Continuity Through Virtualization MgmtBackup and Recovery of Physical and Virtual Resources Disaster Recovery
Configuration
Management
End to EndMonitoring
Server Compliance
Data Protection
and Recovery
Configuration ManagementAutomated provisioning and server consolidation through virtualization
Challenges Addressed
“We understood that if we consolidated servers we would reduce energy consumption. [System Center is a] one-stop, single-point approach to managing hundreds of Virtual Server–based virtual machines and all the hosts, while also easily performing physical-to-virtual migrations.”
- Jason Foster, Systems Architect Sr. Manager of Technology, Continental
• Power, space and maintenance costs forcing more efficient use of resources
• Dispersed servers and applications difficult to manage and update
• Manage virtual machines to consolidate physical servers
• Provision operating systems, applications, and patches in the data center
Key Capabilities
End to End MonitoringProactive platform, application and service-level monitoring
Challenges Addressed
“I can provide our system administrators with more in-depth monitoring and more explicit alerting. We can configure server reports to show downtime warnings, downtime events, and the start time and end time of every occurrence. We can also quickly learn why a server experienced downtime—whether it was a power outage, a hardware or software malfunction, or a server maintenance issue.”
Paul Johnson, Windows Monitoring Architect & Systems Engineer, Gates Corp
• IT services, applications and servers must run smoothly
• Increasing pressure for service levels that ensure optimal uptime and responsiveness
• Proactively monitor availability, performance and configuration across heterogeneous platforms
• Perform deep application and service-level monitoring
Key Capabilities
ERP Application
Databases
Order Tracker DB
Servers Web Servers
DN-App1 OTW-IIS-01 OTW-IIS-02
Server ComplianceConfiguration controls and centralized audit of system security
Challenges Addressed
“SAS 70 is a huge initiative for us with regard to our data centers and all of our applications, and SOX is obviously important as well. With [System Center] my team has reduced the amount of time that we spend collecting security log information. For example, we just completed an investigation and pulled the security report in less than 5 minutes. In the past it would have taken days.”
Jeff Skelton, Manager, Enterprise Management Center, Stewart
• Increasing compliance and audit requirements associated with business policies and regulatory requirements
• Security pressures in the data center
• Create, maintain and report on configuration controls for the data center environment
• Gather and report security related events
• Manage identities and access and improve security in the data center
Key Capabilities
Data Protection and RecoveryBackup & restore and business continuity through virtualization mgmt
• High availability and business continuity needed to meet service levels and optimal uptime
• Simple disaster recovery and backup & restoration of data and information
Challenges Addressed
Key Capabilities
• Dynamically replicate and move virtual machines and applications to distribute workloads in the event of an outage
• Recover and restore the physical and virtual environments in the data center through continuous data protection
“We really liked the looks of [System Center] for three key reasons, its disk-to-disk-to-tape design, the fact that we could eliminate full backups altogether and simply take snapshots, and its disaster recovery features.”
Ed Olson, Lead Windows Infrastructure Engineer, AutoNation
Data Center A
Data Center B
Backup and Restore
Desktop Management Solutions
Streamlined Application and
Desktop Delivery
Optimized Client Health and
Performance
Ease User Access Without Compromise
Adaptive Application Delivery
Managed client application delivery via traditional and virtual methods
Simplified Windows Vista Deployment
Automated OS deployment via image standardization
Client Infrastructure Monitoring
Client health monitoring and proactive issue identification
Remote PC Diagnostics & Repair
Zero-touch remote diagnosis and remediation with Intel®
vProTM
End-Point Security Management
Enforced compliance with system health policy definitions via remediation
Configuration Compliance
Assess systems compliance against established configuration baselines
Adaptive Application DeliveryManaged client application delivery via traditional and virtual methods
• Application compatibility and run time conflicts complicate deployments and regression testing
• New delivery models make asset inventory and reporting difficult
Challenges Addressed
Key Capabilities
• Natively deploy virtual applications to reduce or eliminate runtime conflicts
• Separate user state from computer hardware, OS, application data and user settings for anywhere access
• Centrally manage traditional, virtual and streamed applications from a single console
“We have significantly accelerated the testing of new programs by using virtualization. There are no more installs, and virtualized programs have no effect on the operating system or other applications.” - Frank Walburg, Department Manager of Desktop Software Services, BASF
IT Services
Data, User settings
OS
Hardware
Application
Application
Simplified Windows Vista/7 DeploymentAutomated OS deployment via image standardization
• Multiple hardware, OS and application configurations cause costly deployments
• Offline and low bandwidth environments make automated deployment methods less effective
Challenges Addressed
Key Capabilities
• Streamline Windows Vista deployment planning thru hardware assessment and application compatibility testing
• Standardize on a single hardware independent image to reduce OS deployment complexity
• Deployment support for highly distributed environments
“Deploying a new infrastructure and installing operating systems, applications, and drivers on thousands of computers across 50 locations and several countries, all within a year, is a massive task…we’re succeeding—and Configuration Manager is an essential part of our success.”
-- Poul Westmose, Chief Technology Officer, DONG Energy
Client Infrastructure MonitoringClient health monitoring and proactive issue identification
• Majority of hardware, application and OS crashes unreported until large number of end users impacted
• Configuration and user setting changes impact performance and security standards
Challenges Addressed
Key Capabilities
• Proactively monitor and identify OS, application and hardware issues to minimize support costs and impact to end-user productivity
• Report on configuration compliance and collective system health to identify trends
• Improve reliability and security by reducing configuration drift
“We catch problems before our users see them. That’s a significant way to contribute to our mission.”
- Xavier Coppin, Systems Engineer, Skyguide.
Remote PC Diagnostics and RepairZero-touch remote diagnosis and remediation with Intel® vProTM
• Troubleshooting and repairing PCs is mostly a manual and costly effort
• PCs that are powered off or that won’t boot cannot be diagnosed or repaired
Challenges Addressed
Key Capabilities
• Accelerate problem resolution time with diagnostic, configuration and performance monitoring tools
• Reduce onsite service calls with zero touch remote management, including PCs that won’t boot or are powered off
“Having the ability to wake devices up and run updates via a standard technology…will only enhance the security posture that the VA has been working to meet”
- Charles de Sanno, Executive Director of Enterprise Technology and IT Engineering, Veterans Affairs Department
End-Point Security ManagementEnforced compliance with system health policy definitions via remediation
• Mobile and distributed users present unique network security and compliance challenges
• Must identify vulnerabilities, enforce policies and remediate threats
Challenges Addressed
Key Capabilities
• Provide secure access across your remote, LAN and wireless connections
• Automatically assess vulnerabilities and security compliance
• Enable automatic enforcement and remediation of security parameters to ensure ongoing compliance
“We envision an IT environment that’s easy to maintain, with computers that automatically download updates and other required software every time they boot up, from the first day they’re on the network”
- Noah Johnson, Senior Systems Engineer, Freightliner
Microsoft NPS
Corporate Network
Policy Serverse.g.., Patch, AV
DHCP, VPN
Switch/Router
Restricted
Network
Remediation
Serverse.g., Patch
Not policy
compliant
Policy complian
t
1
3
5
4
2
Configuration ComplianceAssess systems compliance against established configuration baselines
• Misconfigured desktops represent compliance and security risks
• Desktop configuration drift (settings changes, account permissions, etc.) from multiple administrators changing policies
Challenges Addressed
Key Capabilities
• Create, maintain and report on configuration controls for your desktop environments
• Automate process for desired configuration management
• Utilize best practices built directly into the solution
“We’ll have our first-ever 100 percent compliance and lock-down, which translates into greater reliability and availability, better helpdesk operations, and faster and smoother updates and deployments, because we’ll be building on up-to-date, same-state servers, workstations, and devices.”
- Richard Page, IT Project Manager, Shoprite
Standardized Rationalized Dynamic
Core Infrastructure Optimization
Basic
Managed IT infrastructure with limited automation
Managed and consolidated IT
infrastructure with maximum
automation
Fully automated management,
dynamic resource usage, business
linked SLA’s
Uncoordinated, manual
infrastructure
Cost Center More Efficient Cost Center Business Enabler Strategic Asset
Manage Complexity and Achieve Agility
Dynamic IT
Managing ComplexityCustomer success stories
Rationalized DynamicBasic
Dynamic IT
Client Infrastructure Monitoring
Cut helpdeskcosts by 35%
Server Consolidation
Reduced server costsby $2M per year
Standardized
Simplified Vista Deployment
Saved $500K in deployment costs
Danish Foreign Ministry
Configuration Management
Cut deployment time by 73%
MEGA PHARMA
Configuration Management
Cut update time by 90%
Data Protection and Recovery
Reduced back-up times by 50%
• Use knowledge-based, automated in-line tasks to deliver rapid, high quality service
• Maximize the use of the IT department’s existing Windows Server expertise
• Out of the box, build on deep domain knowledge from both Microsoft and our strong partner community
• Implement templated best practices through Solution Accelerators
• Reduce complexity through seamless management of logical IT environments
• Manage your virtual environments down to the application level
• Improve visibility and control through integrated management
• Manage multi-hypervisor technologies and monitor cross-platform environments
Dynamic IT Management
Enterprise Random Password Manager
Philip Lieberman, President and CEO
Who We Are: Lieberman Software
• Privileged Identity Management Software for Windows and the Cross-Platform Enterprise
• HQ in Los Angeles with marketing and support office in Austin
• Privately Owned, Profitable, 100% USA-based
• Followed by Gartner, Forrester, 451 Group, Kuppinger-Cole (EMEA)
• Technical partnerships include: Microsoft, Oracle, HP, IBM, EMC/RSA, Novell, Red Hat, BMC Software, nCipher
• Over 900 Enterprise Customers in every industry, in all regions of the world
1900 Avenue of the Stars, Los AngelesHeadquarters Office
Privileged Accounts: What Are The Risks?
• Do you know where all of your privileged accounts are?
• Do the wrong people have access to sensitive data?
• Are privileged accounts being used for tasks that don’t require them?
• Who is sharing credentials? Are they accountable?
• Will you pass your next IT audit?
• Will your passwords fail to withstand dictionary and social attacks?
Privileged Accounts: Mitigating The Risks
• Identify and document critical IT assets, their privileged accounts and interdependencies.
• Delegate so that only appropriate personnel can access privileged accounts in a timely manner, using the least privilege required, with documented purpose, during designated times.
• Enforce rules for password strength, uniqueness and change frequency, synchronizing changes across dependencies.
• Audit and Alert so that the requesters, purpose and requested duration are documented and management is made aware of unusual access and other events.
Protecting Corporate AssetsDatacenter Deployment
Datacenter Deployment
New servers and applications have been deployed in the
datacenter.
The team must confirm that all privileged accounts on these
systems are secured as required by compliance
standards.
…and verify in the Windows Systems View that ERPM has already discovered these systems.
You launch Enterprise Random Password
Manager…
Datacenter Deployment
Discovered accounts include Windows Administrator accounts and privileged
accounts used by services and applications.
You switch to the Account Store View, expand a node for one of the
new servers, and view all of the privileged accounts detected on the
system.
Datacenter Deployment
You right-click a local Administrator account on the server and choose Properties from the
context menu.
Datacenter Deployment
The Properties window confirms that Enterprise Random Password Manager has already deployed
new password credentials.
Datacenter Deployment
Now authorized personnel can get privileged access to these servers by clicking Favorite
Tasks in the SCOM / SCCM Computers node.
Datacenter Deployment
… and when an IT staff member clicks Recover….
Privileged access is granted through permissions already configured in the company’s Role-Based Access Control system…
Datacenter Deployment
… he is prompted to type the reason for the password recovery request so there’s an audit trail.
Datacenter Deployment
A password is then provided through the SCOM /SCCM interface for one-time use.
Immediately after use, the password will be changed according to the company’s configured policy.
Datacenter Deployment
Results
• You now have an authoritative list of privileged accounts on the new servers.
• The account credentials are secured and will be changed according to a schedule policy.
• Authorized IT staff can quickly access these systems without taking authorizers’ time.
• All requests for privileged access are audited.
• Your team meets its mandate to secure the newly-deployed hardware.
Making IT Staff More EfficientPreparing for an IT Audit
The requirements list is long…
IT staff have limited time to prepare for a critical
Audit.
Preparing for an IT Audit
IT staff must show that:*
1. Administrator passwords are changed every 90 days.
2. There are no group, shared, or generic privileged accounts or passwords.
3. Access rights are restricted to least privileges required.
4. Inactive privileged accounts are removed or disabled every 90 days.
5. Privileged access is immediately revoked for all terminated users.
6. All system components are covered by password security policies.
7. Vendors’ remote maintenance accounts are enabled only during time periods needed.
8. All vendor-supplied passwords are changed before systems are deployed.
9. Automated audit trails are implemented for all system components.
*Typical PCI DSS requirements
Preparing for an IT Audit
You launch Enterprise Random Password
Manager…
First, let’s prove that all privileged account passwords are changed at least every 90
days.
Preparing for an IT Audit
… and open the Windows
Accounts View to see a list of privileged
passwords, sorted by age.
Views can also be sorted by system name, account
name, and so on.
You then click Compliance...
Preparing for an IT Audit
You’ve documented that ERPM is changing all privileged passwords according to
regulatory requirements.
… to create an HTML-formatted report that shows
the last password change date for all systems on your
network.
Preparing for an IT Audit
… that no systems fail to comply with regulatory
requirements for privileged passwords…
… and that any vendor-supplied passwords on newly-
deployed systems or applications have been
discovered and changed.
Next, let’s prove that there are no group, shared, or generic
privileged accounts or passwords on your production
network…
Preparing for an IT Audit
Fortunately these are all lab
systems, not on the production domain, that don’t need to
comply.
With a few more clicks, you create a new report showing a total of 19 systems on your network
that don’t have unique, complex, and frequently changed privileged credentials
enforced by ERPM.
Preparing for an IT Audit
Next, let’s document that IT personnel are accessing
privileged accounts on a need to know basis.
This is a common requirement of many regulatory standards.
Preparing for an IT Audit
Start by choosing whether to create a report by account,
system, or user...
Preparing for an IT Audit
This report shows the history, by user, of every
password check-out request.
It shows the day, time, system, account, and stated purpose to verify the need for each access.
Preparing for an IT Audit
ERPM also manages and reports user access by
Remote Desktop Connection.
This feature is commonly used to grant temporary, audited access to vendors
and contractors.
Preparing for an IT Audit
Results
• The organization demonstrates that it has auditing controls in place to manage privileged access.
• Preparations for IT audits are completed far more efficiently.
• Audit results are far more predictable.
ERPM for Systems Center Ops Manager
Internal & External Credential Use Management
• Inventories all SCOM credential usage
• Continuously updates/randomizes credentials on all external systems, devices and applications so there is no common credential for access to all systems
• Propagates new passwords back to SCOM “Run As” accounts, agents, services, etc.
• SCOM “Run As” accounts maintain access to cross-platform and un-trusted systems
• Access credentials in SCOM and components are updated in compliance with IT regulatory mandates
• No more manual updating of systems, agents and services
ERPM for System Center Config Manager
Fire Call Password Retrieval in SCOM/SCCM
• An Agent-less process deploys unique, frequently changing administrator / root account passwords to all machines (Windows, Linux, UNIX, appliances, etc.)
• No one knows current administrator / root passwords until they’re retrieved through audited check-out
• Role-based approvals expedite the password retrieval process
• Retrieved passwords are time-limited
• Activity and operations reports are accessible through a web-based console
Lumension Device Control for System CenterTM
Lumension’s History
Founded in 1991
Market-leading patch management
First cross-platform and application patch management solution
Enterprise-class vulnerability management
First credentialed based vulnerability scanner
Acquired: Feb ‘07
Market-leading device and application control
First to introduce whitelisting / patented file “shadowing” technology
Acquired: July ‘07
Established: Sept ‘07
Acquired: April ‘09
Compliance and Risk Management.
Delivering predefined compliance and control frameworks
Worldwide Presence & Recognition
Offices Worldwide
More than 5,100 customers in 68 countries
Strong Partner Base (400+ Worldwide)
Award-Winning
Strong Microsoft Partner
Lumension is a Long-term Microsoft Gold Partner • Both PatchLink and SecureWave held Gold Partner status
• Lumenion has continued Gold Partner status
• Competencies:• Advanced Infrastructure Solutions
• Data Management Solutions
• ISV/Software Solutions
System Center Alliance Member• Announcement forth coming
US ISV Managed Partner Program
Product line built on Microsoft Technologies:• Primary development environment - TFS
• Products developed/delivered on Microsoft Technology:• Microsoft .NET
• Microsoft Server
• Microsoft SQL Server
606060
Pro
du
cts
So
lutio
ns
Lumension® Patch and Remediation (PatchLink Update)
Lumension® Scan (STAT Scan)
Lumension® Security Configuration Management(PatchLink SCM)
Lumension® Application Control(Sanctuary Application Control)
Lumension® Device Control(Sanctuary Device Control)
Lumension® Enterprise Reporting(PatchLink ERS)
PGP®Whole Disk Encryption (Resell)
Lumension® Vulnerability Management™
Lumension® Endpoint Protection
Lumension® Data Protection
Lumension® Compliance and Risk Management
Lumension®
Lumension® ContentWizard(PatchLink PDK)
Lumension® Risk Manager
Lumension Solution Portfolio
Lumension® Device Control for System Center
6161
Pro
du
cts
So
lutio
ns
Lumension® Patch and Remediation (PatchLink Update)
Lumension® Scan (STAT Scan)
Lumension® Security Configuration Management(PatchLink SCM)
Lumension® Application Control(Sanctuary Application Control)
Lumension® Device Control(Sanctuary Device Control)
Lumension® Enterprise Reporting(PatchLink ERS)
PGP®Whole Disk Encryption (Resell)
Lumension® Vulnerability Management™
Lumension® Endpoint Protection
Lumension® Data Protection
Lumension® Compliance and Risk Management
Lumension®
Lumension® ContentWizard(PatchLink PDK)
Lumension® Risk Manager
Lumension® Device Control for System Center
Lumension Solution Portfolio
The Borderless Enterprise
Data has moved beyond the enterprise firewall:
Laptops / Home Offices USB Sticks / WiFi / VPN
and more…
Consumerization of IT
Insiders have direct access to your most sensitive data
70% of all serious incidents are sparked by
insiders.
Lost Laptops & Devices
Disgruntled Employees
P2P File Sharing Software
IDC Worldwide Security Products and Services 2007 Top 10 Predictions
48% of users utilize company tools for personal usage.
Increasing Internal Risk
Business Challenges
Minimizing Data Leakage Risk: Data Leakage via internal and/or external sources, be it accidental or intentional, is the biggest gap.
The Cost of Compliance: Bewildering array of National, State and Industry laws and regulations with costly Data Protection implications.
Enabling Productivity: Data sharing via removable devices enables cost-cutting measures but is a risk that can’t be ignored.
Policy-Based, Encryption-Enabled Data Protection.
Lumension Data Protection
• Protect Data from Leakage and Theft: Enforce usage policies for all removable devices and media.
• Increase Data Security: Define forced encryption policy for data flows onto removable devices / media. Flexible exception management.
• Improve Compliance: Policy-enforced encryption on removable devices to ensure that data cannot be accessed if removable devices or media are lost or stolen.
• Continuous Audit Readiness: Monitor all device usage and data transfers. Track all transferred files and content. Report on all data policy compliance and violations.
Lumension Data Protection
Lumension Device Control (LDC)
Lumension Device Controlfor Microsoft System Center (DCSC)
Lumension Data Protection: Key Features
Automates discovery of peripheral devicesAlways-on policy, centrally managed, kernel based driverProvides granular device control permission settings
By user, group, computer
Flexible and powerful encryption optionsWhite-list allowable devices
By make, Serial Number, etc Control Thumb Drives, iPods, Blackberrys, CD/DVD,…
Delivers detailed audit capabilities Patented bi-directional “Shadowing” of data written
to/from a device All device access attempts All administrator actions Exact contents of file(s) copied/compromised.*
Multiple hardware partnerships
Why Customers Choose Lumension
Tried and Proven: Over 1500 customers and 2 million licenses of Device Control Software
Policy Enforcement: Highly granular policies enforced via kernel-level driver, whether on or off line
Encryption: Centrally encrypt removable devices/media or force users to encrypt devices/media to ensure that data cannot be accessed if removable devices/media are lost or stolen.
File Shadowing: Keep a copy of every file that is transferred to or from removable devices / media using patented bi-directional shadowing technology. *
Scalability: Scalable deployment to an entire network with tamper-proof agents on every endpoint. * Future capability for Device Control for System Center
Device Control for System Center (DCSC)
Implementation of Lumension Device Control on Microsoft System Center Configuration Manager (SCCM) platform
• No stand-alone LDC server/console required
Provides market-leading LDC technology for SCCM customers:• Advanced management of all endpoint ports and removable devices/media• Policy based data encryption enforcement on devices/media• Endpoint protection from malware on devices/media
Leverages key System Center technologies• SCCM Console (MMC, UI, workflow)• SMS (agent/policy deployments)• WMI (monitoring and report information)
First and only Device Control for SCCM
Currently at Release Candidate 1 (RC1) • GA Announcement: TechEd Europe (09Nov2009)
DCSC Value to Microsoft System Center Customers
70
Leverages SCCM
Eliminates costs of stand-alone DC point solution
Accelerates deployment of DC security/audit benefits
Aligns with existing SCCM environment
Extends SCCM
Enforce data/port policies for removable devices
Enforce data encryption policies on range of devices
Prevents malware intrusion via removable media
• Decreased IT complexity• Security-Optimized Infrastructure• Increased ROI for System Center
Summary and Next Steps
Compliance and Data Protection
Device Control forSystem Center
Microsoft, Lieberman, & Lumension
Enterprise Random Password Manager
Privileged Identity Mgmt
• Shared password account mgmt• Protects policy mgmt privileges
• Granular device/port control policies prevent data leakage
Data Leakage Prevention
Overcome Infrastructure Security Challenges
…while continuing to provide high quality, uninterrupted service.
Leverage existing IT infrastructure with
superior integration
Mitigate security risks from hackers or unauthorized
intrudersProtect against data
loss, theft or corruption
Create automated, audited processes to
increase IT staff productivity
Ensure compliance with privacy
mandates like PCI DSS
Next Steps
• Discussion – to better understand your needs• Discovery – to better understand your infrastructure • Demonstration – to show you Microsoft System Center,
Enterprise Random Password Manager ™ and Lumension Device Control for System Center™
• Evaluation – to install and evaluate the software at your site
• Proof Of Concept – to test the products in-house• Contact us!
Thank You!