Scribd Logo
Upload

Welcome to Scribd!

  • End Use, HKHKHKK

    Uploaded by

    Andreja Milovic
    37 views27 pages
    hhkkhk

    Original Title

    EndUse,hkhkhkk

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    hhkkhk

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    37 views27 pages

    End Use, HKHKHKK

    Uploaded by

    Andreja Milovic
    hhkkhk

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 27

    EndUser Protection

    Peter Skondro
    Sophos

    Agenda

    Sophos EndUser Solutions


    Endpoint Usecases
    Sophos Mobile Solutions
    Mobile Usecases

    Endpoint

    Sophos EndUser Solutions


    EndUser Protection

    AV
    Firewall
    Application Control
    Data Control
    Device Control
    Web Control
    Patch Assessment

    SafeGuard Enterprise
    HDD Encryption
    File Encryption

    EndUser Protection
    Anti-Virus, Client Firewall & Application Control

    Anti-Virus and HIPS


    Reliable AV Protection
    Host Intrusion Prevention System
    Buffer Overflow Protection
    Live Protection & URL Filtering

    Firewall
    Stops attacks, Worms & Trojans
    Rule-based on application and/or network level
    Central management & logging

    Application Control
    Controls which applications are allowed to run
    Predefined applications & application categories
    e.g. File-Sharing Tools, Browser, Cloud Storage etc.
    New version definitions are provided automatically

    EndUser Protection
    Device Control, Web Control & DLP

    Device Control
    Central management, logging &unlocking of devices
    Selective use of devices for specific computer groups
    Support of storage media, smartphones & network interfaces
    Unlocking of specific devices or device modes

    Web Control
    Reduces the attack surface of the clients
    14 categories of websites (e.g. alcohol, gambling, hacking)
    Manual definition of additional White- & Blacklists
    Upgradable in combination with the Sophos Web Appliance or Sophos UTM

    Data Control
    Protection against accidental data loss
    Checks for file type or contents
    Transmission can be blocked or has to be confirmed by the user
    Predefined policies and contents are provided

    EndUser Protection
    Device Control, Web Control & DLP

    Patch Assessment
    Checks operating systems and applications for missing patches
    Support of Microsoft, Adobe, Oracle, Citrix and others
    Threats are rated based on real threats

    HDD Encryption (SafeGuard Enterprise)


    HDD Encryption based on Sophos technology and/or BitLocker & FileVault2
    Pre-Boot- Authentication
    Integrated password recovery mechanisms

    File Encryption (SafeGuard Enterprise)


    File Encryption based on Sophos technology
    Encryption for Removable Media, File Shares & Cloud Storage
    Key-Ring concept
    Portable component available

    Endpoint Use Cases

    How to protect mobile workers from


    web threats?
    Challenge
    While being in the company network notebooks are
    protected from web threats by the corporate firewalls. But
    what happens when the notebook leaves the secure
    network?

    Solution
    Sophos Endpoint can be used together with the Sophos
    Web Appliance and UTM
    Mobile workers are accessing the internet directly but with
    the current policies defined on the Web Appliance/ UTM.

    How to prevent the loss of sensitive


    information?
    Challenge
    Sensitive information is found everywhere in the company.
    How can we prevent that this information is accidently
    transferred to USB Keys/ E-Mail applications/Web
    Browsers/Applications?

    Solution
    Sophos EndUser Protection provides a set of features that
    enable you to easily protect your sensitive data
    Define DLP rules using Data Control, block unwanted
    applications and disallow the use of USB storage devices

    How to protect sensitive information?


    Challenge
    Nowadays sensitive data can be found on every notebook
    or USB storage? How can this data be protected when
    devices get lost or stolen?

    Solution
    Sophos Encryption solutions make it possible to
    appropriately protect data on mobile devices and storage
    media.

    How to find out which patches are


    important?
    Challenge
    New patches for business critical applications are
    introduced every day. How can we figure out which
    patches are really important for my company?

    Solution
    The Sophos Patch component provides all required
    information on relevant patches.
    Patches are prioritized so your can first handle the most
    important ones.

    Mobile

    Sophos Mobile Control


    Central management of Smartphones & Tablets

    Central management & configuration


    Central management for mobile devices
    Configuration distribution (Mail, WLAN, VPN, etc.)
    Inventory overview

    Broad platform support


    Apple iOS
    Android
    Windows Mobile, Windows Phone 8 & BlackBerry

    Countermeasures in case loss & theft


    Lock
    Wipe
    Locate (optional)

    Sophos Mobile Control


    Compliance, Access Control & App Management

    Compliance
    Definition of compliance settings
    Monitoring of device compliance state
    Automated actions in case of incompliant devices

    Control of E-Mail and network access


    E-Mail access control via Exchange Active Sync (EAS) Proxy
    Network access control via Sophos UTM, Cisco or Checkpoint
    Only compliant devices get access to company data

    App Management
    Installation & Removal of Apps (VPP Support)
    Enterprise App Store
    White- & Blacklisting of Apps

    Sophos Mobile Control


    Malware Protection, Encryption, On-Premise & SaaS

    Malware Protection for Android Smartphones & Tablets


    Central management of the AV component for Android devices
    Automatic malware scan during App installation & update
    Web Control prevent access to certain website categories
    App Control prevent launch of specified applications

    Mobile Encryption
    Access to encrypted documents of mobile devices
    Broad support of Public Cloud Storage providers
    Support of Private Clouds using WebDAV

    Purchasing Options
    On-Premise Installation
    Software as a Service (SaaS)

    Mobile Use Cases

    How to ensure that data on mobile


    devices is secure?
    Challenge
    When a smartphone or tablet is stolen non-authorized
    persons may have access to sensitive data. How can we
    protect the data in such situations?

    Solution
    Sophos Mobile Control allows you to distribute password
    policies on all supported platforms including wiping after n
    unsuccessful login attempts.
    Additionally you may remotely lock or wipe the
    smartphone/tablet.

    How to prevent that personal devices


    can synchronize with my mail server?
    Challenge
    Users can easily transfer the mail server settings from a
    company device to a personal devices. How do we prevent
    that unmanaged devices access company mails?

    Solution
    Sophos Mobile Control offers compliance settings which
    block access to company resources in case that
    unmanaged devices try to connect.

    How to prevent that personal devices


    can synchronize with my mail server?
    Challenge
    Users can easily transfer the mail server settings from a
    company device to a personal devices. How do we prevent
    that unmanaged devices access company mails?

    Solution
    Sophos Mobile Control offers compliance settings which
    block access to company resources in case that
    unmanaged devices try to connect.

    How to prevent that non-compliant


    devices connect to my Wi-Fi or VPN?
    Challenge
    Users can easily transfer the Wi-Fi or VPN connection
    settings to personal devices. How can we prevent that
    unmanaged devices access our company network?

    Solution
    Sophos Mobile Control can be used in combination with
    network security solutions (e.g. Sophos UTM) to prevent
    that unmanaged devices connect via Wi-Fi or VPN.

    SMC & UTM Setup

    SMC & UTM Setup

    Network Access Control

    Push Configuration

    How to protect Android devices against


    malware or unwanted apps?
    Challenge
    Malware on the Android platform is more and more
    becoming a problem. How can I protect my users against
    malware on their smartphones and tablets? How can I
    prevent that my users access malicious websites or run
    unwanted applications?

    Solution
    Sophos Mobile Control in combination with Sophos Mobile
    Security protects against malicious apps and websites and
    also blocks unwanted applications.

    Thank you

    You might also like