Endpoint Protection

 View Only
  • 1.  Web Security - Malware - Local Option?

    Posted Nov 03, 2010 10:00 AM

    Hi

    Quick question.  We have (or we will have soon) a very good anti-virus setup.  We have endpoint protection installed on each client managed by a enterprise managent server.  Soon we will be installing our own internal LiveUpdate server and will be working with multiple group update providers.

    Thats all fantastic, but my question is, should a user go onto a website that he or she does know about, we dont have anything installed qua web security (Websense or WebMarshal), are we in danger or are we covered with Symantec Endpoint Protection?

    Is there anonther layer of security/option that we can enable/install?

    Thanks for any recommendation

     

     



  • 2.  RE: Web Security - Malware - Local Option?

    Posted Nov 03, 2010 10:07 AM

    You can block few sites; antispyware component of symantec should take care of such things.



  • 3.  RE: Web Security - Malware - Local Option?

    Posted Nov 03, 2010 10:18 AM

    Hi Rafeeq,

    Do you actually sleep?? smiley

    Its not that Im interested in blocking access to sites its just that I want to have something in place to protect the users.



  • 4.  RE: Web Security - Malware - Local Option?

    Posted Nov 03, 2010 10:24 AM

    I do  :) 

    Antispyware should take care; though it does work like websense; it cant alert us;

    There was a document which had huge lists of suspecious website; if we could add that to the existing list; we are much covered..

     



  • 5.  RE: Web Security - Malware - Local Option?

    Posted Nov 03, 2010 10:59 AM

    Safe Web Lite may be added to a future release of SEP.

    Safe Web Lite provides a safer search experience by warning you of dangerous Web sites right in your search results, so you can search, browse, and shop online without worry.

    http://safeweb.norton.com/lite

    https://www-secure.symantec.com/connect/idea/add-safe-web-lite-sep



  • 6.  RE: Web Security - Malware - Local Option?

    Posted Nov 03, 2010 01:10 PM

    Dear Thomas,

    I have the following query on SafeWebLite. Is it something like a toolbar and would suggest only? Currently I use OpenDNS and it forcibly blocks bad websites. And whatever content that gets download, the local instance of SEP takes control and examines it.

    Basically what I am looking out for is a directive-driven security instead of just an advisory. If it is just advisory we may overlook it but if it is a mandated directive we would heed by it and hence the security of the systems/network is ensured right?

    And thanks for suggesting the idea URL. I have exercised my vote also to the same supporting the thought and campaign for it.



  • 7.  RE: Web Security - Malware - Local Option?

    Posted Nov 03, 2010 01:13 PM

    Just to add my two cents, if you are allowing unknown sites ensure your third party apps are updated. Adobe has been a big target for threats, we can't effectively stop things if there is a huge gaping hole in security such as a vulnerability.



  • 8.  RE: Web Security - Malware - Local Option?

    Posted Nov 03, 2010 01:15 PM

    You are correct, Safe Web Lite adds a tool bar to your browser.

     

    SFL is only supported on Internet Explorer 6.0 or higher, or Mozilla Firefox 3.0 or higher



  • 9.  RE: Web Security - Malware - Local Option?

    Posted Nov 03, 2010 02:53 PM

    >> Adobe has been a big target for threats

    Very much true. Your point is actually emphasized by FireFox stand now since flash plugins now run within its container.exe process. Also even within Chrome I see Shockwave Flash consumes a lot of memory. So the moment flash controls are infected it means a catastrophe being in the way and process hitting the system.



  • 10.  RE: Web Security - Malware - Local Option?

    Posted Nov 03, 2010 05:43 PM

    IMO if you just rely on one particular security device or product for your defenses, you are bound to get attacked and lose at some point.  SEP is a great product when configured properly, it needs maintenance and tweaking, but it's not the be all end all solution.

     

    A good webfiltering product that can stop threats from being downloaded is a great first layer.  Symantec's WegGate appliance is a good option here, or their hosted solution through their MessageLabs acquisition.

    Then there is email filtering and anti-spam.  There is brightmail, mail security for Exchange, and yet again a hosted solution.

    Then you get into a good patching system that not only patches MS products, but also 3rd party too, like Adobe, Java, etc...

    Then there is user education.  There is no substitute for getting users to stop clicking on things they dont know.

    Above all, diligence..  Setting up these products and not hand holding them on a daily basis will allow things to get through.  But security in layers is always recommended.