Académique Documents
Professionnel Documents
Culture Documents
Network
Data Sheet: Advanced Threat Protection
Almost no company, whether large or small, is immune to targeted attacks. Five out of every six large companies (2,500+
employees) were targeted with spear phishing attacks in 2014, a 40 percent increase over the previous year. Small and
medium-sized businesses also saw an uptick, with attacks increasing 26 percent and 30 percent, respectively.1
Advanced threats are engineered to closely resemble legitimate applications, URLs, and emails, so threat signatures,
reputation scoring, and behavioral heuristics alone cannot detect everything, and with the ever increasing number of attack
vectors, systems, adversaries, and targets, it's becoming impossible to block every threat before it reaches a network.
Pro
Protect
tect,, Detect
Detect,, and Respond
Organizations can no longer focus purely on preventing threats at the endpoint; they must also ensure that they can detect
threats as they enter the network, as well as detect and respond to threats which have already taken a foothold. Symantec
Advanced Threat Protection: Network provides automated threat analysis at the network for rapid detection of even the most
advanced malware designed to evade traditional Virtual Execution techniques.
Agentless integration with Symantec Endpoint Protection and Symantec Email Security.cloud gives a unique view across
multiple control points. This allows for automated and accurate prioritization of security events, reducing the volume of
security alerts and prioritizing the most significant threats.
Real-time threat prevention blocks net
network
work-based
-based attacks
Symantec Advanced Threat Protection: Network is available in either hardware appliance or Virtual Machine (VM) form-factors
and includes multiple protection components on-box, including Symantec Insight, Mobile Insight, and Symantec Vantage, to
detect threats and suspicious behavior as they occur on the network. These patented technologies detect and block threats in
real-time.
Symantec Insight and Mobile Insight are reputation-based security technologies that identify how common or rare a file is, how
old it is, and where it was first seen, and through context, it can detect new or rapidly mutating threats, as well as targeted
attacks. Symantec Vantage is an Intrusion Prevention System (IPS) technology, used to identify compromised machines by
detecting suspicious activity inside the network.
In addition, Symantec Advanced Threat Protection: Network includes Symantec Antivirus and IP, URL, and Domain blacklists
generated by the Symantec Global Intelligence Network.
Detect intelligent malware designed to ev
evade
ade virtual ex
execution
ecution techniques
Symantec Cynic is a new, cloud-based service that detects unknown malware and advanced threats by executing content in
virtual and bare-metal sandbox environments. Cynic mimics human behavior over a range of operating systems and commonly
exploited applications to remotely execute suspicious files, and combines SONAR behavioral analysis with global threat
1
intelligence to return a verdict for a faster more confident detection. In 2014, 28 percent of all malware was VM-aware , and
with most sandboxing technologies heavily reliant on hypervisors for content execution and analysis, the use of bare metal
environments is critical to detecting advanced malware.
1.
Form Factor
1U Rack Mount
2U Rack Mount
CPU
Memory
32 GB
96 GB
Hard Drive
1 x 1TB drive
RAID 5 4 x 300GB
Power Supply
Non-redundant PSU
1 Management port
1 Monitor port
Copyright 2015 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S.
and other countries. Other names may be trademarks of their respective owners.
21349720 04/15