Stringent patching and patch management is key to anti-virus security management

1. Protection from malware

2. Secure connectivity

3. Protection from Inappropriate Content

4. Maximization of Network Resources

5. Protection of Resources

6. Ease of IT administration

7. Maximization of performance

8. Budget Management

How to Secure Malware Threat

 Strategic security plan

 Comprehensive policy-based AV/security infrastructure/service

 Ongoing communications to constituents

 Drastic enforcement

 Cooperation with AV vendors

– For desktop solutions

Virus Outbreaks

 Problem

– Malicious applications(a.k.a. malware) such as viruses and worms can cause loss of functionality and/or loss of data if system is infected

 Types

– Viruses, Worms, Trojans and blended threats

 Result

– Viruses take advantage of vulnerabilities

 Solution

– Holistic approach

– Strategic methodology

– Drastic measures

Secure Connectivity

 Problem

– Remote users connecting to facility network via VPNs

 Issue

– VPNs can provide yet another means by which viruses, worms, and other attacks can penetrate the firewall and reach the private network.

 Cause

– Conventional VPN hardware and software does not scan the content carried within their “secure” tunnels

 Solution

– Implement secure scanning of tunnel

Protection from Inappropriate Content

 Problem

– Access to banned websites and content results in productivity loss and possible liability for the host

 Cause

– Lack of effective enforcement of security policy regarding internet access and content transfer

 Result

– Productivity loss and possible liability for the host

 Solution

– Limit exposure to liability caused by access to inappropriate or malicious content

Protection of Resources

 Problem

– Un-authorized access and removal of individual, business and IPR content

 Types

– Financial – Credit card,ID #, SSN #, UserID, Password

– Proprietary Info – Patents, Research findings

 Cause

– Exploits in Servers and applications

 Solution

– Stringent Access control to prevent Snooping, Spoofing and un-authorized access

Maximization of Network Resources

 Problem

– Misuse of network resources

 Cause

– File swapping, malware distribution

 Result

– Network resources applied to non-productive and potentially illegal activities

 Solution

– Use traffic management to limit the amount of network bandwidth allocated to swapping applications

Ease of Administration

 Problem

– Complexity of network infrastructure

 Cause

– Divergent point solutions

– Lack of specialized administrators

 Result

– Various challenges associated with network administration

 Solution

– Implement consolidated security technologies for fast, effective, easy to manage network security management

Maximization of Performance

 Problem

– Maximum network security may equal compromised security performance

 Cause

– Loosely inter-operable point solutions

 Result

– Lack of real-time performance

 Solution

– Hardware accelerated security solution

Budgeting

 Problem

– Existing security infrastructure needs to be upgraded / reinforced

 Cause

– New threats

– Need for security specialists

 Result

– Security infrastructure lacking

 Solution

– Seek lower TCO for advanced security