The cloud-based integrated data security infrastructure enables small and medium enterprises to introduce security solutions at a low cost by lowering the door sill and provides the small and medium enterprise with the ability to expand their security management system based on high-efficiency service.
Support complete security visibility, advanced network analysis (forensics),
real-time security threat detection with the intensive full packet capture technique
Investigates all sources and scopes of threats by integrated network forensics analysis
Serves at the security camera of DVR in the network
Symantec Security Analytics supports complete network security visibility, cutting-edge network forensics analysis, abnormal factor detection and real-time content inspection for all network traffics with the intensive complete packet capture function. Security violations can be solved in a shorter period of time than the existing process through the utilization of such detailed records to implement analysis research of network forensics while quickly responding to emergencies. Security Analytics, as a cutting-edge network forensics analyzing tool, can be used for the following reasons:
- Quickly respond by grasping an understanding for all sources and scopes of all threats
- Provide a short and clear answer as well as evidence to the emergency responding team
- Utilize outstanding data reinforcement and security threat intelligence
- Add context to the existing security tool
- Expand all investigation scopes of the network, endpoint and e-mail by integrating with the Symantec ATP
Analysis of security risks through a click of a button
Confirmation of the company’s network conditions
All you have to do it collect traffics after establishing Security Analytics appliance or virtual appliance to the network. After few days or weeks of running, create an integrated PDF report that covers main areas, including
- The number of files that are expected to be hidden in the encrypted traffic
- The amount of encrypted traffic that pass through the network
- Dangerous application in the network
- Abnormal network behavior based on the actual traffic benchmark
- Prioritize measures by synthesizing summaries that can be shared with the security team or management
Overcome the limitations of manual forensics analysis and packet capture
Automatically responds to emergencies rather than to stay in the manual forensics analysis.
The emergency response team can investigate who, when and how the security accident occurred by utilizing the comprehensive ‘SoR (System of Record)’ to shorten the problem solving time, research the basis of the cause, investigate the deep packet, strengthen integrated reputation service as well as to repost about malignant activities based on cutting-edge contents.
- Connects new security threat intelligence to all traffic data
- Utilize various reputation sources
- Detect abnormal factors with an elaborate method
- SCADA protocol inspection
- To save resources, extract and transmit only unidentified files for sandbox analysis
Security Threat Tracking: Preventive cyber security method
Advanced prevention rather than posterior measures
IT security team that utilizes the Symantec Security Analytics is capable of detecting hidden security threats or vulnerabilities in networks, endpoints, servers, for advanced prevention reasons and thereby detect and remove advanced security threats before they turn into attacks.
Grasp an understanding about the source and scope of evolving attacks through outstanding data intensification and security threat intelligence
Detect security threats hidden in encrypt traffic when established together with Symantec SSL Visibility
Shorten solving time with elaborate data detection and cutting-edge network forensics analyzing function
Detect threats hidden in encrypt traffic
Actualize integrated visibility for network traffic by establishing together with the Symantec SSL Visibility.
Detailed network forensics analysis and monitoring can be conducted for all network traffics, thousands of applications, dozens of file transfers, and all flows as well as packets as the subject. It also supports encrypt traffics when it is established together with Symantec SSL Visibility. By connecting it with viable intelligence, you can secure comprehensive visibility about the network traffic, which will allow you to quickly resolve exposure to risks and alleviate ongoing risks.
Secure detailed insights from all forensics analysis captures
Set a policy that allows decoding of selective SSL traffics
Share the encrypt traffic insight with the security application
Blocks malignant codes and phishing security threats by isolating potentially dangerous unclassified traffics
Symantec Web Isolation prevents the zero-day malignant code sent from the website from reaching the user’s device with the method of only transmitting safe rendering data to the browser of the user by running the web-session outside the endpoint. When it is together used with the Symantec Secure Web Gateway, traffic sent from an unclassified site or URL of the suspicious or potentially dangerous risk profile may be blocked in accordance with the policy.
Prevent excessive web access by isolating unclassified URLs or sites with potentially dangerous risk profiles
When web isolating technology, used in conjunction with Symantec Web Gateway based on Symantec Global Intelligence Network web risk-level intelligence, provides an isolation class that protects users from unclassified websites that have potentially dangerous risk profiles or from security threats that are distributed from URLs.
- Patented technology that prevents website codes from running on the user’s device
- Provide transparent and seamless user experience
- May be used as cloud service, on-premise or hybrid construction model
- Does not require endpoint agent and supports all browsers, OS and devices
- Access the web documents through the isolation stages and scan documents with security threat prevention solutions such as the Symantec Content and Malware Analysis
- Support intensive integration with the Symantec Secure Web Gateway
Provide additional protection against web-based security threats for users that possess special rights
Protect against web risks by isolating web traffic of the top management team as well as other major users
Certain group of users (ex: IT team, financial team) usually have special access rights, which acts as a serious risk when such rights are violated. The isolation technique provides enhanced security for these users to protect their devices and ensure special access for important data as well as systems.
- Administer web access rights for users possessing special rights while definitely securing their devices by isolating their web search
- Provide a seamless web browsing environment for users
- Support all devices and no agent is required
- Simply integrate with the Symantec Secure Web Gateway
Incapacitate phishing attacks by rendering e-mail links into harmless conditions
Prevent authentication information leakage and malicious code entering
Web isolation technology prevents malignant codes, ransomware and other intelligent attacks from spreading by blocking e-mails that include malignant website links. In addition, by rendering the page at a read-only mode, prevents the user from submitting business credentials as well as other important information to unclassified websites and malignant websites.
- Prevents users from sending company passwords and important information to malignant websites
- Isolate links to malignant websites and block endpoint access of malignant codes
- Provide a seamless website browsing environment
- Support all devices without any agents
- Simply integrate the Symantec Secure Web Gateway
Block ransomware by isolating the URL of potentially dangerous risk profiles
Ransomware, as a fast growing attack tactics, is used by an attacker to infect the device as well as to extort a business by encrypting files. Ransomware is mainly distributed to general users through websites. Web isolating technique resolves ransomware risks by launching as well as by rendering all contents at a safe remote environment to block malignant contents from accessing the user’s device.
- Remove ransomware infections from websites
- Block ransomware that use the Flash or Java exploit
- Simply constitute traffic isolation through integration with the Symantec Secure Web Gateway
Protects important networks as well as the infrastructure system by providing the network protection equipment in the same manner as the “air gap”
Security events that influence major important financial network such as the SWIFT or core infrastructure and operation technology (OT) environment may cause disaster. Since the web isolation technology isolates the web traffic of devices with access to important networks due to the formation of protective layer such as the “air gap”, it eliminates the risk of being infected by malignant codes in the process of web browsing.
- Eliminate the threat of malignant code infection by isolating the web traffic of the devices that has access to important networks
- Does not require endpoint installation and supports all browsers, OS as well as devices
- Provide a transparent and seamless web browsing environment
- Access all web documents through the isolation stages and scan documents with security threat prevention solutions such as the Symantec Content and Malware Analysis when download is necessary
Patch Management System
(Symantec IT Management Suite (former Altiris))
Manages all endpoints securely by establishing new devices as well as applications, managing software license, and resolving vulnerabilities
How do you apply patches to non-Microsoft affiliated applications?
Effective patch management strategy plays a critical role in distribution software updates and, above all, detecting and to resolve security vulnerabilities. Many successfully performed attacked have penetrated through already known vulnerabilities and the relevant software vendor has already provided patches or security configuration instruction for such vulnerabilities. Therefore, such patches must be established in order to obtain effect.
Symantec IT Management Suite provides centralized patch management. With this solution, security vulnerabilities may be detected and resolved through not only the Windows, Mac, Linux operation system but also through Microsoft application as well as 50 other non-Microsoft affiliated applications. The Patch can be applied as fast as possible based on a more simplified report technology through patch automation. Also, business productivity can be maximized by quickly making accurate decisions as well as by consistently protecting endpoints while utilizing the real-time compliance as well as the detailed reporting function.
Support Windows, Mac, Linux and virtual environment
Support more than 50 non-Microsoft affiliated applications
Trace and report integrated audit
Manage assets, ensure compliance and secure opportunities for saving
First of all, the environment must be thoroughly understood in order to effectively manage and protect the endpoint. Who is using which software and device, how much does it cost and is the latest patch as well as update installed?
Symantec IT Management Suite not only search, inventorify, and track all hardware and software assets that make up the IT infrastructure as well as manage the relationship between assets. The customers can use this information to quickly identify problems, apply solutions and document compliances.
In addition, cost saving opportunities can be secured through summary/detailed reports that track while comparing retentive software license with installed and active licenses. Additional purchases can be delayed and appropriate decisions about forecast and purchase can be made by utilizing unused license for other uses by securing such visibility.
Software and device search/management
Reduce expenses by preventing unnecessary software purchases and by collecting as well as utilizing unused licenses
Ensure software compliance and prepare for audits
Manage the inventory and establish plans for future needs
Maximize the value of IT assets
Patch Management Solution (Symantec IT Management Suite (former Altiris))
Complex Platform Management
Increase Mac introduction
Apple devices have quickly increased and become an important asset in the enterprise environment. Mac is no longer used only in the graphics department and MacBook can be found outside of the executive offices. As more and more Macs are introduces into the enterprise environment, the IT team must deviate from the Windows focused mindset and be able to manage as well as protect Macs.
Symantec provides a solution that is capable of comprehensively managing Windows, Mac, Linux, UNIX and virtual environment from a single console. With Symantec IT Management Suite, ever-expanding Mac environment can be easily managed like any other platform while performing imaging, patch management, software establishment, etc.
Manage Mac, Windows, Linux, UNIX and virtual environments from a single console
Automatically resolve and reinstall software problems by utilizing the software detection regulations
Perform Mac imaging without a separate Mac server
Easily establish Mac software by applying the push-button provision method, efficiency software bundles, and automated software standards
- It may be used separately or as part of an extensive solution because it has fully interoperable components as a modular solution composed of seven core components
- Major infrastructure function common to all modules include the function that normalize as well as analyze a vast amount of data, framework distinct data that is highly scalable, include customizable web-based dashboards as well as reports and workflow integrating function with the problem solving ticketing system
- Strong integration with the Symantec Data Loss Prevention is used to identify where most important data is located so that the IT assets on which the relevant data resides definitely comply with the mandatory security as well as regulation policy
- Symantec Control Compliance Suite Policy Manager – Enables simple policy management by accommodating numerous policies, automatically connecting to check items and by providing out-of-the-box policy content that is updated every quarter of a year
- Symantec Control Compliance Suite Risk Manager – Make influence that a IT risk has from a business perspective that align with the work-site operation department, determine IT risk threshold values with the department manager, assign ownership and trace risk mitigating effect in accordance with the flow of time
- Symantec Control Compliance Suite Standards Manager – Evaluate whether the security, configuration and patching of the system is applied correctly or not as the configuration assessment system of the industry leader
- Symantec Control Compliance Suite Vulnerability Manager – Comprehend the overall security threat conditions of the IT infrastructure as a glance by implementing overall vulnerability assessment with the web application, database, server, and other network devices as the subject of assessment
- Symantec Control Compliance Suite Virtualization Security Manager – Enable you to take advantages of virtualization without influencing security of compliance
- Symantec Control Compliance Suite Assessment Manager – Simplify assessment of procedural check items by providing automated web-based survey functions that may be utilized to assess overall security recognition assessment of employees
- Symantec Control Compliance Suite Vendor Risk Manager – Actively assess and monitor the risk conditions of the vendor to protect important data as well as to reduce business risks
Improve visibility about the conditions of the IT risks
- Prevent threats about important asserts and information in advance
- Prioritize corrective actions based on risks – Preferentially resolve asset and process with the highest priority
- Minimize risks of important assets by resolving problems in a faster manner
Simplify the management of various regulations on duty
- Remove common control duplications that are repeated in various regulations on duty
- Support organizational changes by delivering suitable information to the appropriate people
- Deliver consolidated reports as the evidence of auditable compliance
Minimize compliance expenses and complexity
- Substitute inefficient manual compliance process
- Settle the need to employee an in-house regulation specialist
- Support enterprise-wide scope utilizing one tool
Solution for blocking and searching real-time important information leakage on endpoint such as the external storage devices and network transmissions, etc
- Rank the threats of endpoint so that confidential data stored on laptops and desktops can be searched and so that additional protection measures can be taken and to prevent confidential data from being copied to a USB device, copied to CD/DVD or be downloaded to a local drive
- Confirm whether the laptop holds personal information data such as the identification number and discriminately apply full disk encryption
- Search source code that has been inappropriately stored on the workstation of the outsourcing engineer
- Prevent employees from copying product design documents to the USB drives
- Educate employees through the automated on-screen reminders when confidential data is needed to be protected
- Fully manage endpoints to store confidential data by user, department or policy
- Distinguish outdated data that needs to be deleted from the endpoint
- Accurate search function the minimize data leakage as well as false detection rates
- Support legitimate use of endpoint devices
- Support governmental as well as internal regulation compliance such as the PCI, GLBA, HIPAA, etc
- High-performance parallel search that minimizes network bandwidth consumption
- Continuous search and protection of internal as well as external networks