Security Transformation for Low Bandwidth Organizations using Symantec Products

Security Transformation for Organizations of Low Bandwidth Organizations using Symantec Products

• Organizations had to balance security and connectivity needs of their remote offices/locations. To address this need the transformation project had to address the harsh reality of connectivity not being available and local service provider last mile links.

Bandwidth Service Providers seems to be taking eternity and this reality was to be addressed to service Business growing need of connectivity, higher security at remote offices/locations and transformation automation to address entire business unit locations.

To address this needs:

A)End system services were planned to cover:

B)Endpoint security, Endpoint systems lifecycle covering asset management and patch management, Endpoint whole disk encryption, Endpoint Network access control, Endpoint identity and LDAP using Microsoft Active Directory.

C)The architecture should be capable of delivering Data loss prevention or Data lifecycle which is crucial for safeguard of customer data and any accidental data concerns.

D)Organizations also wanted the elements of Anti-Malware to address mail and web challenges which can be concern to the endpoint as the threat to the endpoint was a risk to mitigate.

E)Remote access management using traditional tools to be shifted to Access control via the privilege admin at central locations be it in DC or DR.

F)It was essential that the security architecture be sustainable and address the reality of bandwidth being limited and also bandwidth available for a small window of time.

G)Automation plans were the only choice kept for any service provider as SLAs were linked to sustenance and not just delivery and one time completion.

The servers and infrastructure planned is with redundancy across the Datacenters and during drill the infrastructure would be managed from the DR site and updated to all remote offices/locations.

Threat intelligence and sharing to the other elements to reduce the risk from web and mail and enable defense in depth measures are some of the initiatives the Organizations are planning to undertake as part of Data lifecycle protection and would also include data loss prevention controls.

As the Organizations plans to move towards advanced security controls the converged view of 11 controls incorporated among today four agents in the desktops of which real time controls and Task based controls are addressed in maker checker concept of asset reconciliation.

The 11 controls incorporated are:

Control 1: System wide asset inventory and status.

Control 2: System patch gap identification and remediate via patch management catalogue.

Control 3: System wide software delivery

Control 4: System whole disk encryption control

Control 5: System endpoint PC transplant solution to migrate and deploy as backup and refresh for new systems.

Control 6: System endpoint security control for antimalware covering antivirus and anti spyware.

Control 7: System endpoint host firewall and application control enabling device blocking and peripheral control.

Control 8: System identity repository and LDAP attribute across assets.

Control 9: System and network converged to address policy control and admission control via network access control.

Control 10: System host level network and host intrusion detection and prevention.

Control 11: Blacklist and whitelist of Applications.

The above controls make the base for the addition of further controls like data loss prevention and Backup for user data specially out of office users in a seamless manner.

The controls now can be integrated with network like network firewall or next generation firewalls as well as web application firewall for greater application control at the perimeter be it for ingress or egress.

The risk identification and mitigation process enable readiness for known threats as well as enable risk mitigation via the controls planned.