Symantec Critical System Protection is a compact, behavioral security engine that provides comprehensive and in-depth security for your IoT devices. Based on the fixed-function and predictable nature of IoT devices, Critical System Protection can enact policies to define expected behavior of the system, allowing only nonmalicious and hygienic operations. Features: Compact size A kernel-level protection engine, Critical System Protection requires about 20 MB RAM on a Windows® platform and uses less than 1 percent of a typical CPU. Application containment Using proprietary auto-isolation technology, Critical System Protection restricts applications to sandboxes that provide the least privilege access required on a per-application basis, without any code changes or functional limitations. Application whitelisting Critical System Protection provides the ability to whitelist applications within policies, allowing only named applications to run. In addition, you can specify policies for specific applications and application types. This ensures that even if an attacker obtains a compromised certificate, Critical System Protection will stop any attempt at an unapproved action. This highly granular control determines what any app can and can’t do. Intrusion detection Critical System Protection policies provide thousands of prebuilt rules that monitor and harden the complete operating system and require minimal tuning. They monitor files, settings, events, logs, application behavior, and more, essentially covering the entire system. This ensures the immediate detection of any attempted malware actions. Intrusion prevention Critical System Protection prevents intrusions from causing damage. It has granular control over the entire operating system, blocking any attempts at unauthorized behavior and rendering attackers powerless. Zero-day attack prevention Zero-day exploits are security flaws that exist from the day of manufacturing, so they are already present when you purchase a device. Critical System Protection uses a prebuilt set of baseline policies to automatically confine known operating system components and restrict access only to required system resources. Additionally, the strategy of placing all unknown applications in least-privilege sandboxes prevents zero-day attacks from applications that are not known on the host machine. Malware control in the network Critical System Protection controls application access to networking. This is important because most malware tries to spread or download additional malware via the internet as soon as it is installed. Because Critical System Protection will not recognize malware, it will not provide network access. Robust security

• Auto sandboxing: Jails processes, system, memory, OS, registry, Microsoft® PowerShell®, network, and other resources
• Broad compatibility: Supports any embedded/non-embedded/ POSReady Windows OS since Windows NT, 2000, XP, 7, 8, 10, Linux®, and QNX®, managed or unmanaged mode
• Complete protection: Provides multistage zero-day prevention, and intrusion prevention system and intrusion detection system configurations
• Automation Vendor Interoperability: CSP is lightweight enough to easily protect, but not interfere with day-to-day operations of SCADA/DCS controllers, HMIs, and robot controllers

Stay secure and compliant when using sanctioned and unsanctioned cloud apps and services on SaaS, PaaS, and IaaS platforms. Get unequaled cloud app security with the deepest visibility, tightest data security, and strongest threat protection from the CASB vendor named a Leader by Gartner and Forrester. Protect SaaS, PaaS, and IaaS Accounts from Misuse, Threats, and Data Loss Confidently use cloud applications and services with CloudSOC. Govern Sanctioned and Unsanctioned Cloud Service Use Protect your accounts, users, and data across the full range of cloud apps. Integrated Cyber Defense with CASB 2.0 Add DLP, SWG, endpoint protection, and more to your CASB security hub. Manage Your Security Posture for Regulatory Compliance Cloud Workload Assurance for IaaS. Managed Cloud Defense: Security Monitoring Expertise Cyber warriors trained for the cloud.

Extend Data Loss Prevention to the Cloud

Discover sensitive data in cloud apps with Symantec Data Loss Prevention (DLP), now integrated with full cloud access security broker (CASB) capabilities from Symantec CloudSOC.

Extend your DLP coverage and get direct visibility of content in over sixty cloud apps - including Office 365, Box, Dropbox, Google Apps or Salesforce

Leverage full CASB capabilities so you can continuously monitor content additions, changes, and access rights in cloud apps

Leverage existing DLP policies and workflows for cloud apps so you don’t have to rewrite your finely-tuned rule sets

 

Discover Where Sensitive Data Is Stored Across Your Infrastructure

Described Content Matching looks for matches on regular expressions or patterns, e.g., “block if we see a credit card pattern”

Exact Data Matching identifies sensitive data directly in your database, e.g., “block exfiltration of any customer name and their associated bank account number”

Indexed Document Matching applies a “full file fingerprint” to identify confidential information in unstructured data including Microsoft Office documents; PDF files; as well as binary files such as JPEGs, CAD designs, and multimedia files

Vector Machine Learning automatically learns and identifies the layout of sensitive document types such as financial documents, source code, etc.

File Type Detection recognizes more than 330 different file types including email, graphics and encapsulated formats, and can also recognize virtually any custom file type

 

Monitor and Protect Sensitive Data On Mobile Devices, On-Premise, and In the Cloud

Keep data safe on Windows and Mac endpoints by performing local scanning and real-time monitoring

Monitor confidential data that is being downloaded, copied or transmitted to or from laptops and desktops, including through email or cloud storage

Extend data loss prevention monitoring and protection to iOS and Android devices, whether corporate-owned or user-owned

Find and protect confidential unstructured data by scanning network file shares, databases, and other enterprise data repositories

Monitor and protect data in motion, including sensitive data sent via email, web and a wide range of network protocols

 

Define and Enforce Policies Consistently Across Your Environment

Use a single web-based console to define data loss policies, review and remediate incidents, and perform system administration across all of your endpoints, mobile devices, cloud-based services, and on-premise network and storage systems

Take advantage of more than 60 pre-built policy templates and a convenient policy builder to get your Symantec Data Loss Prevention solution up and running quickly

Use robust workflow and remediation capabilities to streamline and automate incident response processes

Apply business intelligence to your Symantec Data Loss Prevention efforts with a sophisticated analytics tool that provides advanced reporting and ad-hoc analysis capabilities

Stop Spear Phishing, Credential Theft, and Ransomware with Isolation Insulate users from spear phishing, ransomware, and other advanced attacks, and foil credential theft with strong email threat isolation.

• Isolate suspicious email links and execute them in a remote environment to shut down spear phishing and other advanced email threats.
• Stop credential theft by rendering suspicious websites in read-only mode, preventing users from submitting sensitive data.
• Protect against advanced email attacks such as ransomware by isolating weaponized attachments.

Block Email Threats with the Highest Effectiveness and Accuracy Prevent insidious email threats such as spear phishing, ransomware, and business email compromise.

• Stop spear phishing emails with multiple layers of email protection, threat isolation, advanced email security analytics for deep visibility into attacks, built-in user awareness and education tools, and more.
• Block the latest ransomware with content defense, sandboxing, and link protection technologies that detect emerging, stealthy, and zero-day attacks.
• Defeat business email compromise with impersonation protection, sender authentication methods, and brand protection controls.
• Apply insights gathered from the world’s largest global intelligence network—distilling telemetry from over 175 million endpoints and 57 million attack sensors in 157 countries—to expose and stop the stealthiest threats.

Stop Email Attacks with Rapid Response and Remediation

• Defend against targeted campaigns with multilayered technologies and deep threat analytics.
• Protect your business from email threats with sophisticated defenses including advanced machine learning, cloud sandboxing, and time-of-click link protection.
• Gain the deepest visibility into targeted and advanced attack campaigns with email security analytics that include 60+ data points on every clean and malicious email.
• Hunt threats and prioritize the most important email security incidents across your environment through seamless integration with the Security Operations Center.
• Quickly remediate attacks and orchestrate your response across emails and endpoints by blacklisting and quarantining threats.

Reduce Business Risk through Security Awareness

• Prepare users to avert attacks and prioritize email protection for vulnerable users.
• Evaluate employee readiness by simulating real-world email attacks that imitate the latest email threats.
• Benchmark and improve user readiness over time with detailed reporting and repeat assessments.
• Teach users to recognize email attacks through training notifications that raise security awareness.

Prevent Data Leakage Across Your Environment Protect sensitive data and help address legal and compliance requirements through tight integration with Symantec Data Loss Prevention.

• Discover, monitor, and protect sensitive data wherever it's used—in email, on endpoints, in your network, in storage, and even in cloud apps.
• Accurately identify confidential data with advanced detection technologies including vector machine learning, exact data matching, and indexed document matching.
• Migrate to cloud-based email securely by extending content-aware DLP capabilities to Microsoft Office 365, Google G Suite, and more.

Safeguard the security and privacy of confidential emails with advanced policy-based encryption controls.

• Automatically encrypt sensitive emails with a secure PDF or web pickup portal, which provide both push- and pull-based encryption.
• Gain granular control over encrypted emails through policy-driven enforcement that includes the ability to expire and recall messages.
• Increase trust in encrypted messages by customizing emails, notifications, and the web portal with your company brand.

Enterprises are increasingly under threat from sophisticated attacks. In fact, research has found that threats dwell in a customer’s environment an average of 190 days.  These Advanced Persistent Threats use stealthy techniques to evade detection and bypass traditional security defenses.  Once an advanced attack gains access to a customer environment the attacker has many tools to evade detection and begin to exploit valuable resources and data.  Security teams face multiple challenges when attempting to detect and fully expose the extent of an advanced attack including manual searches through large and disparate data sources, lack of visibility into critical control points, alert fatigue from false positives, and difficulty identifying and fixing impacted endpoints. Symantec EDR exposes advanced attacks with precision machine learning and global threat intelligence minimizing false positives and helps ensure high levels of productivity for security teams. Symantec EDR capabilities allow incident responders to quickly search, identify and contain all impacted endpoints while investigating threats using a choice of on-premises and cloud-based sandboxing. Also, Symantec EDR enhances investigator productivity with automated investigation playbooks and user behavior analytics that brings the skills and best practices of the most experienced security analysts to any organization, resulting in significantly lower costs. In addition, continuous and on-demand recording of system activity supports full endpoint visibility. Symantec EDR utilizes advanced attack detections at the endpoint and cloud-based analytics to detect targeted attacks such as breach detection, command and control beaconing, lateral movement and suspicious power shell executions. Capabilities: Detect and Expose – Reduce time to breach discovery and quickly expose the scope

• Apply Machine Learning and Behavioral Analytics to expose suspicious activity, detect and prioritize incidents
• Automatically identify and create incidents for suspicious scripts and memory exploits
• Expose memory-based attacks with analysis of process memory

Resolve – Rapidly fix endpoints and ensure the threat does not return

• Delete malicious files and associated artifacts on all impacted endpoints
• Blacklist and whitelist files at the endpoint
• Enhanced reporting allows any table to be exported for incident resolution reports

Investigate and Contain – Increase incident responder productivity and ensure threat containment

• Ensure complete incident playback with continuous recording of endpoint activity, view specific endpoint processes
• Hunt for threats by searching for indicators of compromise across all endpoints in real-time
• Contain potentially compromised endpoints during an investigation with endpoint quarantine

Integrate and Automate – Unify investigator views, orchestrate data and workflows

• Easily integrate incident data and actions into existing SOC infrastructure including Splunk and ServiceNow
• Replicate the best practices and analysis of skilled investigators with automated incident playbook rules
• Gain in-depth visibility into endpoint activity with automated artifact collection

Stop advanced threats with intelligent security   Last year, we saw 317 million new malware variants, with targeted attacks and zero-day threats at an all-time high. Organizations are struggling to keep up with the rapidly evolving threats. Symantec Endpoint Protection is designed to protect against advanced threats with powerful, layered protection backed by industry leading security intelligence.   Network Threat Protection stops most threats before they can take up residence on the machine Insight reputation scoring accurately detects rapidly mutating malware and zero-day threats SONAR™ behavioral analysis stops malicious files designed to appear legitimate Strong antivirus, antispyware and firewall protection eradicate known mass malware 14 Years a Leader in Gartner Magic Quadrant for Endpoint Protection Platforms.

Symantec pcAnywhere, the world’s leading remote control solution, helps organizations manage remote computers securely — even across routers and firewalls. For compatibility in today’s heterogeneous operating environments, the solution supports multiple platforms for both host and remote systems, including Windows, Linux, and Mac OS X. All hosts can also be securely accessed from Microsoft Pocket PC devices or Web browsers.

Helpdesk personnel can quickly start a remote control session with a machine that does not have pcAnywhere installed; can remotely control mouse and keyboard input over a network, modem-to-modem, direct cable connection, or standard Internet connection utilizing a Web browser; and can transfer files or folders while troubleshooting a device.

A new gateway component enables real-time discovery of multiple devices behind firewalls and NAT devices, mitigating private dynamic IP challenges and minimizing port opening or forwarding. The new host invitation feature simplifies the process of establishing a reverse connection to helpdesk from behind network devices.

Symantec Packager simplifies installation and setup and allows administrators to tailor the solution to best fit the needs of the organization. And support for 13 authentication methods allows customers to use existing network authentication user names and passwords with pcAnywhere.

An optional Symantec pcAnywhere Access Server facilitates the discovery of and connection to multiple pcAnywhere hosts from anywhere – regardless of location or network configuration – providing a more cost-effective and better self-managed alternative to hosted remote access services. Symantec pcAnywhere coupled with the pcAnywhere Access Server eliminates monthly remote access service subscription fees, helping to lower overall long-term IT management costs.

Features:

• Feature-rich, easy-to-use, secure and reliable remote control solution
• Hosts can be securely accessed from Microsoft® Pocket PC devices or Web browsers
• Multi-platform support for both host and remote: Windows®, Linux and Mac OS X
• Gives technical support staff powerful remote management and problem-solving tools
• NO monthly remote access service subscription fees!