LANDesk Security Suite 8'7

1
LANDesk Security Suite8.7
2
Cost-effective, intelligent systems, security
and process management solutions with
single-console simplicity.
3
LANDesk Security Suite 8.7 Overview
4
LANDesk Security Suite New 8.7 Features

• LANDesk Antivirus
• Windows client/server support
• Enterprise management and enforcement
• E-mail protection (Inbound/Outbound)
• Rootkit detection
• Client (Real-time protection, Offline scanning
  and protection)
• Extended Device Discovery Database
• Multi-threaded Inventory Service
• Off-Core Inventory Service option
• LANDesk Management Gateway
• Increased Connection limit by 300
• Agent Watcher
• Patch Remediation for RedHat and SUSE

5
LANDesk Security Suite 8.7LANDesk Antivirus
6
Customer Pain PointsBlended Threats, a Growing
Reality

• Keeping Endpoints Secure
• Enforcing security configuration settings and
  security policy (up-to-date AV engine/definitions,
  etc.) takes a lot of valuable resources
• Enforcing Compliance
• Security policies at the endnode, per corporate
  mandate and best practice, are practically
  impossible, resulting in security risk and
  regulatory non-compliance
• Infected Machines
• Are connecting to and contaminating the corporate
  network causing network downtime and productivity
  loss
• Problem Visibility
• Clear perspective needed on where Im vulnerable
  and being attacked

• Super Tuesday
• Discovering, downloading, testing and applying
  patches/updates corporate-wide is resource
  intensive and not automated
• Proliferation of Malicious Code
• Spyware, rootkits, adware, viruses cause
  downtime and helpdesk calls.
• Information Leakage
• Due to poorly configured systems and slack access
  controls. Costs the company in terms of
  intellectual property loss, privacy breach, and
  undue publicity.
• Too Many Products, Consoles and Vendors
• Difficult to manage and expensive
• More training needed
• Limited integration

7
LANDesk Security SuiteA Layered Security
Solution
Knowledge Verification

• Executive Dashboard
• Reporting

Network Access Control

• LANDesk Trusted Access

Patch Management OS and Applications

• LANDesk Patch Manager

• AV Enforcement
• Application Blocking

• Antivirus
• Anti-spyware

Prevent Malicious SW

• Security Threat Assessment
• Connection Control Manager

• Agent Watcher
• Firewall Management

Lockdown Configuration

• Extended Device Discovery

Discovery
8
LANDesk Antivirus Success Factors

• Keys to Entering the AV Market
• Cost Customers feel locked in and are looking to
  reduce their annual subscription costs and move
  away from Symantec and other traditional AV
  vendors
• IntegrationConsolidating on a single vendor and
  toolset for security management is extremely
  important
• Reputable VendorCustomers cannot assume any risk
  in moving to a new vendor - the solution must be
  proven

• LANDesk Antivirus
• Fully integrated with
• LANDesk Security Suite
• LANDesk Management Suite
• Scanning and removal
• Viruses
• Spyware
• Rootkit detection
• Kaspersky engine and content
• Quarantine of malicious files (on Host)
• Pattern file updates
• Staged Pilot Deployment of updates
• Reporting / Alerts / Dashboard
• New LANDesk Antivirus SKUs
• LDAV Add-on (LDMS, LDSS)
• Annual subscription renewal
• 10/Node MSRP

9
Why Did We Choose Kaspersky?

• Kaspersky Lab uses a number of techniques to
  block threats
• Several types of heuristics
• Scanning of re-packagers and archives
• Kaspersky Lab earns the biggest kudos for its
  signature database.
• Signatures the most accurate way to detect or
  properly clean threats
• Kaspersky Lab is renowned for its speed in
  releasing signatures for newly discovered
  threats, delivering hourly updates
• To reduce the impact on the network, Kaspersky
  engineers are committed to keeping these constant
  updates very small, usually in the neighborhood
  of 50KB each
• (eWeek.com, Oct 10 2005)

10
LANDesk AntivirusNEW! Antivirus Administration
and Configuration

• Customer Benefits
• Enables administrators to align antivirus
  management to other corporate policies
• Allows the flexibility to determine who can
  deploy to what devices and how they are
  configured
• Administration and Configuration
• Enterprise-wide configuration of antivirus agents
• Administrator control over configuration
• Separate role-based administration to limit who
  can add, delete or change the configuration of
  the LANDesk Antivirus core and client settings.
• End-user agent locked down
• Deployment and scheduling of approved antivirus
  configuration and install

11
LANDesk AntivirusNEW! Administration and
Configuration

• Administration and Configuration (cont.)
• E-mail scanning
• Scan infectable files only
• Exclude files from scan
• Use heuristics to scan suspicious files or
  possible viruses
• Control access to Quarantine/Backup
• Schedule client-side scans
• Assign to Pilot Group
• Schedule or allow client initiated updates

12
LANDesk AntivirusNEW! Scanning for and Removal
of Malicious Code

• Customer Benefit
• Quickly assess and mitigate virus risks on
  managed company resources.
• Malicious Code Scanning and Removal
• Enable real-time protection and scanning
• Scheduled system scans to targeted machines
• Urgent Red Button scan now capability
• Enable scanning of Outlook e-mail
• Scan for suspicious files
• End-user launch of antivirus scan
• Enable end-user antivirus messages

13
LANDesk AntivirusNEW! Quarantine

• Customer Benefit
• A controlled, hands-off solution for detecting,
  trapping, removing and mitigating the effects of
  viruses and virus outbreaks
• Host-Based File Quarantine
• Quarantine and encrypt infected or suspicious
  files that cannot be cleaned
• Automatically scan quarantined files when new
  pattern files are released and restore the file
  if cleaned successfully
• Define quarantine folder size and settings to
  restore quarantine and backup files
• Password protect and control if the end user can
  retrieve files from quarantine
• Cleaned files are also backed up in case of
  corruption

14
LANDesk AntivirusNEW! Pattern File Updates

• Customer Benefit
• Administrator control of virus definition files
  empowers administrators to decide what versions
  are approved and when they are deployed
• Pattern File Update Features
• Scheduled automatic updates of virus definition
  files
• Configure and control settings for updates
• Enable user to download pattern files
• Capability for end-user to launch an antivirus
  update
• Ability to roll back to previous versions of
  virus definition files
• Automatic deployment of new virus definition
  files to pilot group with delayed deployment to
  the rest of the network

15
LANDesk AntivirusNEW! Deployment of Candidate
Files to Pilot Group

• Customer Benefit
• Administrator control of virus definition files
  empowers administrators to decide what versions
  are approved and when they are deployed
• Definitions can be tested before deployment
• Pattern File Deployment Control
• Identify and target early adopters or pilot group
  for antivirus definition testing
• Quickly identify Pilot version
• Delay deployment to the rest of the enterprise
• Limited early deployment allows testing of virus
  definition files before full-scale deployment
  across the enterprise
• Stop automatic process and leave systems on
  proven definitions or back up to a previous set

16
LANDesk AntivirusNEW! Alerts

• Customer Benefit
• Provide real-time alerting for antivirus actions
  and status
• Administrators are able to quickly address issues
  when alerted of virus threats, breaches and
  outbreaks
• Alerts
• Antivirus alerts notifying problems can be sent
  via e-mail, pager etc.
• Control alert frequency
• Granular control over alerts on actions for
• quarantine
• clean
• suspicious content

17
LANDesk Antivirus NEW! Reports

• Reports
• Antivirus information and configuration is
  reported up with inventory for easy creation of
  custom reports and queries
• Client-side notification of virus detection and
  scanning process
• Identification of computers that
• Are infected
• Have not run an antivirus scan recently
• Have outdated virus definition files
• Reports on antivirus activity and history

• Customer Benefit
• Provides administrators with information about
  which resources are protected or vulnerable, what
  viruses are being discovered, cleaned, and
  trapped
• Allows decision makers to know where to focus
  resources

18
LANDesk AntivirusNEW! Dashboard

• Customer Benefit
• Quickly identify virus outbreaks and illustrate
  virus control over time
• Administrators can quickly and precisely identify
  and mitigate the risk of virus outbreaks in the
  enterprise
• Dashboard
• Top 5 viruses found, past 10 days or weeks
• Computers infected with viruses, past 10 days or
  weeks
• Gauge of the percent of computers with
• Real-time antivirus enabled
• Up-to-date antivirus definitions

19
Thank You
20
Backup
21
Remote ControlRBA Granularity

• Customer Challenges
• Central remote permissions
• Faster overall performance
• Time constraints

• Customer Benefits
• One central location for control of
  remote-control permissions
• Remote Control Access tied to the console
  user
• Not machine-based
• RBA Remote Control Settings
• Central control of RC rights
• Remote Control \ View Only
• Execute Programs
• Transfer Files
• Chat
• Reboot Machine
• Time constraints
• Based on days
• Time range
• Requires one of these RC security models
• Integrated Security New
• Certificate-Based

22
Remote ControlIntegrated Security

• Customer Challenges
• Secure remote control
• Fast remote control

• Customer Benefits
• All the security benefits of Certificate-based
  with substantial speed improvements
• Integrated Security
• Certificate-based
• Central administration of remote control rights
  via RBA
• Quick startup of remote control sessions
• Supports new RBA remote control rights and time
  filters
• Integrated Security vs. Certificate-based
• Only difference between them is that certificate
  based is an on-demand load of the RC agent on the
  client, which tends to be slower then Integrated
  security

23
Some Recent Wins

• March 2006 - Computer Buyer Best Buy Award
• . . . top class virus checker detecting all of
  the malware as well as all of the viruses and
  it uses minimal resources without compromising
  the level of protection it provides. (Computer
  Buyer Reviewers)
• February 2006 - PC World Brazil Best Buy award.
• The product demonstrated top malicious program
  detection rates . . . low resource requirements
  on PCs, combined with high performance and
  reliable protection of user data.
• December 2005 - Virus Bulletin VB 100
• Kaspersky . . .was awarded the VB100 status,
  once again confirming the reputation of Kaspersky
  Lab products on the international IT market. In
  their review, editors particularly stressed the
  product's high performance and its traditionally
  outstanding levels of malicious program detection.

24
Kasperskys International, Award-Winning
Tradition

• 2005 22 awards
• 2004 20 awards
• 2003 10 awards
• 2002 10 awards
• 2001 17 awards
• 2000 22 awards
• 1999 19 awards
• 1998 10 awards
• 24-time awarded Virus Bulletin VB100
• 100 percent detection of In the Wild test
  samples and no false positives
• http//www.virusbtn.com/vb100/index

25

• Leading real time protection
• Leading manual scan protection

26
Recent Shootout Results

• www.virus.gr Shootout (April 05), using 91202
  virus samples
• The Best of AV Rank (Top 10)
• 1. Kaspersky Personal Pro version 5.0.20 - 99.28
• 2. AVK version 15.0.5 - 97.93
• 3. F-Secure 2005 version 5.10.450 - 97.55
• 4. eScan Virus Control version 2.6.518.8 - 96.75
• 5. Norton Corporate version 9.0.3.1000 - 91.64
• 6. Norton Professional version 2005 - 91.57
• 7. McAfee version 9.0.10 - 89.75
• 8. Virus Chaser version 5.0 - 88.31
• 9. BitDefender version 8.0.137 - 88.13
• 10. CyberScrub version 1.0 - 87.87

27
Other LANDesk Security Suite 8.7 Enhancements
28
Audit and ComplianceSecurity Configuration Audit

• Threat analysis of configuration settings and
  user resources
• Eliminate potential security threats by
  verifying
• Administrator Group Membership
• Available Shares
• Check for Unnecessary Services
• File System Type
• Guest Account Status
• Internet Connection Firewall Status
• Local Account Passwords
• Password Expiration
• Restrict Anonymous Users
• And more
• NEW! Enhancement
• Remediation being added for Security Threats
• Customizable to enforce corporate security
  policies

29
Audit and Compliance Application Blocking

• Detection
• Predefined list of suggested applications to
  block
• Content provided by LANDesk
• Configurable list that can be supplemented with
  custom applications
• Denial
• Block and deny the execution of detected unwanted
  applications
• Block applications that dont comply with
  corporate standards
• Increases security and productivity
• Applications continue to be blocked, even after a
  rename
• NEW! Enhancement
• FILENAME COLUMN?

30
Network Access ControlConnection Control Manager

• Device Level
• Apply on machine or user level
• Enable or disable devices that could pose
  security risks.
• USB hubs, pocket PCs, storage, keyboards, mice,
  printers, scanners, etc.
• Advanced USB settings to allow or disallow
  devices on a granular level
• Volumes
• Bluetooth Personal Area Networks (PAN)
• PMCIA network or storage cards
• Configuration name and date on the client is
  reported up with inventory
• NEW! Enhancement
• Biometric fingerprint reader
• Disable wireless when connected to LAN
• Network Level
• Ability to control the networks that a client can
  access
• Approved or disapproved list of authorized
  connections
• Select a device configuration policy to be
  applied when connected to the networks
• NEW! Enhancement
• Assign configuration based on network connection
  (listed and unlisted)

31
Patch Management

• Heterogeneous platform support
• Vulnerability Assessment and Remediation
• NEW! Linux Red Hat and SuSe
• Windows 98, XP, NT, 2000, 2003
• Macintosh
• Vulnerability Assessment
• Solaris, HPUX, AIX
• Endpoint control
• Install, custom messages, reboot, etc.
• Focused vulnerability scanning
• Patch install history
• Patch uninstall capability
• Patch supersedence and dependency

32
Malware Protection

• Monitor and Enforce Antivirus Settings and
  Anti-Spyware
• Supports a heterogeneous environment of the
  following antivirus solutions
• Symantec
• Norton
• McAfee
• Trend-Micro
• NEW! Enhancement
• Sophos
• Scan, Detect, Enforce, Report
• Configure which antivirus solutions and versions
  must be present
• Enforce real-time scanning and repair
• Verify and update pattern files

33
NEW! Custom Variable OverrideLayered Security on
the Desktop

• Customer Benefit
• Enforce a different security standard depending
  on an assets role, exposure and criticality
• Custom Variable Override
• Create custom variable profiles and assign them
  to computers
• Override the requirements in base rules so that
  it more closely matches the assets need