Sygate Products
Endpoint protection and compliance
Ricardo Hernández Calleja
Sales Engineer – Security Solutions
14 Diciembre 2006
2005 Symantec Corporation, All Rights Reserved
Magic Quadrant for Personal Firewalls, 1Q06
Gartner RAS Core Research Note G00139942, John Girard, 27 June 2006, R1901 06302007
This Magic Quadrant graphic was published by Gartner, Inc. as
part of a larger research note and should be evaluated in the
context of the entire report. The Gartner report is available upon
request from Symantec.
The Magic Quadrant is copyrighted June 2006 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis
of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to
2 –vendors
2005 Symantec
Rights Reserved
select only those
placed in Corporation,
the "Leaders"Allquadrant.
The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied,
with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Customer List
Some Global Customers
TimeWarner
3 – 2005 Symantec Corporation, All Rights Reserved
Some Southern Europe &
Benelux Customers
Framing the Security Problem
Worms targeting multi-layered vulnerabilities
and are growing in complexity
4 – 2005 Symantec Corporation, All Rights Reserved
Vulnerability—Exploit Gap Decreasing
Ramen/Adore—06/00
5 variants, 359,000 machines infected
Vulnerability Announced
Code Red—06/01
Digispid—03/02
Spida—04/02
SQL Slammer—07/02
Slapper—07/02
WebDAV vuln—03/03
Blaster/Welchia—07/03
75 variants, 500,000+ machines infected
Witty—03/04
Sasser—04/04
17 variants, 1,000,000+ machines infected
Zotob—8/05
0
50
100
150
Days Until First Attack
5 – 2005 Symantec Corporation, All Rights Reserved
200
250
Vulnerabilities in the Enterprise
Vulnerabilities Exploited—Gartner
Misconfiguration
Old Patch
Recent Patch
New Vulnerability
Agent+PFW+Host Integrity
IPS
0-Day
6 – 2005 Symantec Corporation, All Rights Reserved
Symantec Endpoint Compliance Solution
Symantec Sygate Enterprise Protection
Symantec On-Demand Protection
Symantec Embedded Security
Symantec Network Access Control
7 – 2005 Symantec Corporation, All Rights Reserved
Symantec Sygate Enterprise Protection
Problem
 Propagation of malicious code
 Leakage of sensitive information
 Lost user productivity
 Increased support costs
Solution
 Ridding the network of
non-compliant endpoints with
Symantec network access control
 Ensuring compliance on contact™
across all entry points
 Protecting endpoints with host
intrusion prevention
8 – 2005 Symantec Corporation, All Rights Reserved
Two Symantec Sygate
Enterprise Protection Agents
Symantec Protection Agent
Enforcement
Host Integrity
Symantec Enforcement Agent
Enforcement
Host Integrity
 HI and Remediation
 DHCP/LAN/Gateway/API
 HI and Remediation
 IF...Then...Else
 OS Protection (File,
Registry, Process Control)
 NAC/NAP
 DHCP/LAN/Gateway/API
 NAC/NAP
OS
Protection
 System Lockdown
(Application Control)
 Buffer Overflow Protection
 Peripheral Device Control
Adaptive
Policies
 Auto-Location Switching
IDS
 Signature-based IDS
FW
 Desktop Firewall
Adaptive
Policies
9 – 2005 Symantec Corporation, All Rights Reserved
 Auto-Location Switching
Symantec Protection Agent
 Adaptive policies
– Change firewall and/or HIPS policies:
 By network (IP, subnet, DNS server, DNS
resolution, SPM connection, network
adapter)
 By host integrity result
(quarantine policy)
 Application-centric firewall
– Granular traffic control
– Adapter-specific rules
(e.g., Ethernet, wireless, VPN)
– Application learning
 Intrusion Prevention Signatures
10 – 2005 Symantec Corporation, All Rights Reserved
Symantec Protection Agent
 Host intrusion prevention system
– OS protection behavioral IPS
 Configure application access
controls for files, registry keys,
ability to launch/terminate a
process, and load a DLL
 Downloadable templates
– System lockdown
 Application control whitelist
– Universal buffer overflow protection
 OS services or all applications
11 – 2005 Symantec Corporation, All Rights Reserved
Symantec Protection Agent
 Peripheral Device Control
– Block Devices by type (Windows® Class ID)
– Supports all common ports
 USB, Infrared, Bluetooth, Serial, Parallel,
FireWire, SCSI, PCMCIA
– Can block read/write/execute from removable drives
– Example:
 Block all USB devices except USB mouse and keyboard
12 – 2005 Symantec Corporation, All Rights Reserved
Enterprise-Class Management
 Scalable Multi-Server Architecture
– Policy and Log Replication
– Policy Distribution (Push/Pull)
– Configurable Priority/Load Balancing
 Policy Management
–
–
–
–
Group hierarchy w/ inheritance
Manage by computer or user
Reusable policy objects
AD user and group synchronization
 Centralized Logging and Reporting
– Event forwarding (Syslog, SIMs)
– Daily or Weekly E-mailed Reports
13 – 2005 Symantec Corporation, All Rights Reserved
Symantec Network Access Control
Problem
 Propagation of malicious
 Leakage of sensitive information
 Lost user productivity
 Increased support costs
Solution
 Discovering endpoints & their
compliance with security policies
 Enforcing network access
throughout the entire network
 Remediating non-compliant
endpoints
 Monitoring the network
continuously
14 – 2005 Symantec Corporation, All Rights Reserved
Symantec Open Network Access Control
 Host Integrity
–
–
–
–
Verify process/application (FW, A/V, etc.)
Verify service pack/hotfix
Verify files/registry keys (patches, etc.)
Sophisticated decision tree logic (IF … THEN …
ELSE)
– Templates
 Enforcement
– Check agent status and Host Integrity result
before allowing network access
 Automatic Remediation
– Run local command
– Download and execute file
– Custom Checks
 Set registry value, log event, run program or
script, popup dialog box
15 – 2005 Symantec Corporation, All Rights Reserved
Policy
Symantec Open Network Access Control
 Endpoint Enforcement
– Switch to Quarantine Policy when HI fails
 Sygate Gateway Enforcer
– In-line network bridge at gateway
VPN, RAS, etc.
– Authenticate agent, verify policy, check HI status
– Block/quarantine when validation fails
 Captive proxy redirection
 Enforcement API
– Provide agent status to third-party applications
– Integrated VPN Enforcement
Nortel, Netscreen/Neoteris, Checkpoint, Aventail, Cisco,
iPass
16 – 2005 Symantec Corporation, All Rights Reserved
Symantec Open Network Access Control
 LAN Enforcement (802.1X)
– Switch challenges network devices when attached
– Non-compliant devices blocked by switch or moved to remediation
VLAN
– Sygate LAN Enforcer acts as RADIUS proxy
 Verify agent running, policy current, Host Integrity status
– SSA and/or third-party supplicant
 Policy Compliance or Authentication + Compliance
17 – 2005 Symantec Corporation, All Rights Reserved
Symantec Open Network Access Control
 DHCP Enforcement
– Evaluates a computer’s compliance with security policy before
allowing the system to obtain a valid DHCP lease (and IP
address).
 DHCP Gateway
 Microsoft DHCP Plug In
 Lucent VitalQIP Server Plug In
 Cisco NAC Enforcement
– Integration with Cisco Trust Agent
18 – 2005 Symantec Corporation, All Rights Reserved
Network Access Control concepts
2005 Symantec Corporation, All Rights Reserved
Corporate Network Is Continually Exposed
Internet Kiosks
& Shared Computers
Guests
WANs
& Extranets
SSL VPN
Consultants
IPsec VPN
Employees
Working at Home
20 – 2005 Symantec Corporation, All Rights Reserved
Wireless
Networks
Web
Applications
“Because of
worms and
other
threats, you
can no
longer
leave your
networks
open to
unscreened
devices and
users.”
Protect Your
Network with a
NAC Process,
Gartner ID#
G00124992
It Begins At The Endpoint …
 Compromised and non-compliant
endpoints endanger the network and your
data
 Every user accesses the network and the
Internet from an endpoint
 But not all endpoints are protected and
compliant
 For employees, the endpoint may be
–
–
–
Company-issued laptop that hasn’t had a
patch or AV update in two weeks
Personal computer – desktop or laptop
Kiosk computer in an airport, hotel, or
office center
 For guests, the endpoint could be
anything, with no ability to know its
security health
 Endpoints are at risk even when not
connected to the corporate network
21 – 2005 Symantec Corporation, All Rights Reserved
Authorizing Endpoints, Not Just Users
 Network Access Control = Control who can access your network by
creating a closed system
 Ensure that required patches, configuration, and protection
signatures are in place before the endpoint connects to the network
 Automatic endpoint remediation
– Enforce policy before access is granted
Authorized
User
+
Authorized
Endpoint
Antivirus installed and current?

Firewall installed and running?

Required patches and service
packs?

Required configuration?

22 – 2005 Symantec Corporation, All Rights Reserved
Protected Network
Enterprise NAC Requirements
Pervasive
Endpoint
Coverage
Universal
Enforcement
• Laptops
• Deployable in all
enterprise
environments:
• Servers
• LAN
• Managed devices
• Desktops
• 802.1x
• Unmanaged
devices
• DHCP
• Guests
• WLAN
• VPN
• Contractors
• SSL
• Home
computers &
kiosks
• IPSec
Integration
Support
• Standards
• 802.1x
• TCG TNC
• Frameworks
• Cisco NAC
• Microsoft NAP
Automated
Remediation
Enterprise
Management
• Tie into existing
tools and
workflow
• Centralized
• No end-user
intervention
required
• Scalable
• Flexible
Learning
Mode
• Preserve
productivity
during patch
cycles
• Redundant
• Multi-tier
• Configurable
deferral options
• Web portal
• Printers &
other devices
“Automated remediation will minimize productivity loss and help desk labor costs for deployments
that encompass a large number of managed endpoints.” Understanding Benefits of Installed Endpoint Agents for
NAC, Gartner ID# G00140811
23 – 2005 Symantec Corporation, All Rights Reserved
Network Access Control: Multiple
Dimensions
Onsite

Nodes connected directly in the LAN
switching infrastructure
– Workstations
– Laptops
Remote

Nodes connected
indirectly to the
corporate LAN via VPN
Managed

Nodes that are owned and administered
by the corporate IT group Have expected
AV, firewall, and other client protection
components
– Workstations
– Company-issued laptops
Unmanaged

24 – 2005 Symantec Corporation, All Rights Reserved
Nodes outside the authority or control of
the corporate IT group
– Guest and contractor laptops
– Employee home computers
– Kiosk workstations
Symantec NAC:
Covering the Endpoint Security Problem
 Gateway Enforcer
M
A
N
A
G
E
D
U
N
M
A
N
A
G
E
D
 SEP SelfEnforcement
 VPN API Integration
R
E
M
O
T
E
O
N
S
I
T
E
 LAN Enforcer (802.1x)
– Transparent and full 802.1x
modes
 DHCP Enforcer
 Cisco NAC
 SEP Self-Enforcement
 Symantec On-Demand
Protection Guest Enforcement
25 – 2005 Symantec Corporation, All Rights Reserved
 Symantec On-Demand
Protection
Symantec Network Access Control:
Defining Policy and Compliance
 Symantec NAC can perform a wide range of host integrity
(HI) checks for endpoint security policy compliance
–
–
–
–
Most Anti-Virus
Microsoft Patches
Microsoft Service Packs
Most Personal Firewalls
 Unique template feature
– Delivered from Symantec
Security Response
– Updated online
– Provides integration with
3rd party tools such as patch management systems
 Remediation
26 – 2005 Symantec Corporation, All Rights Reserved
Symantec Network Access Control
Custom Host Integrity Checking
 Most robust capability of any NAC solution
 Powerful If…Then…Else syntax
 Many checks available, including:
– Registry entries—exist, specific
value, more
– Files—exist, date, size,
checksum, more
– AV Signature file age, date, size
– Patches installed
– Process running, OS version
– More
 Actions also programmable:
– Set a registry entry
– Run a Script or Program
– Download and execute an installer, and more
27 – 2005 Symantec Corporation, All Rights Reserved
Symantec Network Access Control
Technologies Overview
2005 Symantec Corporation, All Rights Reserved
Symantec NAC Self-Enforcement
 The ability of the agent to quarantine its system if it falls
out of compliance
– Quarantine policies defined on Policy Manager
– Policies set for host integrity (HI), OSP, and firewall
 The agent can quarantine itself by switching to a
quarantine firewall policy
– Firewall restricts access to specific IP addresses or segments
 Allows rapid deployment of basic endpoint security
– No network-level systems or configuration needed
 Includes market-leading personal firewall (Gartner 2006
PFW Magic Quadrant)
 Requires Symantec Enterprise Protection agent
29 – 2005 Symantec Corporation, All Rights Reserved
Symantec NAC Self-Enforcement:
How It Works
Symantec
Policy
Manager
Symantec Sygate
Enterprise
Protection Agent
with NAC
Protected
Network
Onsite or
Remote
Laptop
Quarantine
Remediation
Resources
Host Integrity Rule
Client
connects to
network and
validates
policy
SEP Agent
performs
selfcompliance
checks
30 – 2005 Symantec Corporation, All Rights Reserved
Compliance pass:
Apply “Office”
firewall policy
Compliance fail:
Apply “Quarantine”
firewall policy
Status
Anti-Virus On

Anti-Virus Updated

Personal Firewall On

Service Pack
Updated
Patch
Updated


Patch Updated

Symantec NAC Gateway Enforcer
 In-line appliance segments networks into secure and insecure
zones
– Transparent deployment
– Integrates easily with existing network infrastructure
 If a client is non-compliant (HI fail or no Agent present), Enforcer can
– Block the client or simply log their compliance status
– Restrict access to certain network resources
(e.g., patch and update server)
 Typically used to enforce endpoint security for nodes
connecting through
– IPSec VPN
– WAN
- Wireless LAN
- Dial-up RAS
 Guest access for local unmanaged users (conference rooms,
guest offices, etc.)
31 – 2005 Symantec Corporation, All Rights Reserved
Symantec NAC Gateway Enforcement:
How It Works
Gateway Enforcement
Options
Symantec Sygate
Policy Manager
Block Client
HTTP Redirect for Client
Symantec NAC
Enforcement Agent
Display Pop-up on Client
Restrict Network Access
Protected
Network
Remote User
IPSec VPN
Gateway Enforcer
Remediation
Resources
Host Integrity Rule
Client
attempts to
connect to
network
Gateway
Enforcer
requests
policy &
compliance
data
32 – 2005 Symantec Corporation, All Rights Reserved
Enforcer
validates
policy &
checks
compliance
status
Agent
present &
compliance
pass: Allow
access
Status
Anti-Virus On

Anti-Virus Updated

Personal Firewall On

Service Pack
Patch
Updated
Updated


Patch Updated

Symantec NAC LAN Enforcer
 802.1x Standards-Based
– Supports wired and wireless
– Supports all standards-based 802.1x implementations
– Provides most secure remediation
– Nearly all vendors supported
 Two Deployment Options
– NAC status (transparent mode)
– NAC+User credentials (full 802.1x mode)
 Transparent mode reduces complexity
– Only 802.1x-capable switch infrastructure is required
– Username/password is not part of admission decision:
only the compliance status of the endpoint is considered
– Benefits:
 No third-party
 No backend RADIUS server
 No user authentication at switch layer
33 – 2005 Symantec Corporation, All Rights Reserved
 Fewer logins to manage
Symantec NAC LAN Enforcement:
How It Works
Symantec LAN
Enforcer
Symantec Sygate
Policy Manager
EAP
RADIUS
Server
Symantec NAC
Enforcement Agent
Status
User Name

Password

Token

Protected
Network
Quarantine
VLAN
LAN Desktop
Remediation
Resources
Full 802.1x Mode
Host Integrity Rule
Client
connects &
sends login,
compliance,
and policy data
via EAP
Switch
forwards
data to
LAN
Enforcer
LAN
Enforcer
checks user
login on
RADIUS
server
34 – 2005 Symantec Corporation, All Rights Reserved
LAN
Enforcer
checks
policy &
validates
compliance
status
HI pass:
Open port on
switch
HI fail: Assign
to quarantine
VLAN
Status
Anti-Virus On

Anti-Virus Updated

Personal Firewall On

Service Pack
Patch
Updated
Updated


Patch Updated

Symantec NAC LAN Enforcement:
How It Works
Symantec LAN
Enforcer
Symantec Sygate
Policy Manager
Symantec NAC
Enforcement Agent
Protected
Network
Quarantine
VLAN
Local User
Remediation
Resources
Transparent Mode
Host Integrity Rule
Client
connects &
sends login,
compliance,
and policy data
via EAP
Switch
forwards
data to
LAN
Enforcer
LAN
Enforcer
checks
policy &
validates
compliance
status
35 – 2005 Symantec Corporation, All Rights Reserved
HI pass:
Open port on
switch
HI fail: Assign
to quarantine
VLAN
Status
Anti-Virus On

Anti-Virus Updated

Personal Firewall On

Service Pack
Patch
Updated
Updated


Patch Updated

Symantec NAC DHCP Enforcer
 DHCP-Based solution is universal
– Supports wired and wireless
– Supports any network infrastructure without upgrade
 Two deployment options
– Network-based DHCP Enforcer: Deploy as a policy-enforcing bridge to
protect an internal network
– DHCP Enforcer Plug-In that runs directly on a Microsoft DHCP server
 Non-compliant clients are left in quarantine address space
– Clients only able to interact with Quarantine network resources
(remediation server, etc.) and Symantec Policy Manager until they are
compliant
 Failover configurations supported for high-availability
deployments
36 – 2005 Symantec Corporation, All Rights Reserved
Symantec NAC DHCP Enforcement:
DHCP Enforcer Plug-In – How It Works
DHCP Server
Symantec Sygate
Policy Manager
Symantec NAC
Enforcement Agent
Symantec NAC DHCP Plug-In
running on MSFT DHCP server
Remediation
Resources
Quarantine
IPs
Protected
Network
LAN Desktop or
Onsite Wireless Client
Host Integrity Rule
Client sends
DHCP
request
Enforcer
assigns a
‘quarantined’
IP address;
requests
compliance
& policy data
37 – 2005 Symantec Corporation, All Rights Reserved
Enforcer
validates
policy &
checks
compliance
status
Enforcer
initiates
DHCP
release &
renew on
client
Client
receives
access to
production
network
Status
Anti-Virus On

Anti-Virus Updated

Personal Firewall On

Service Pack
Updated

Patch Updated

Symantec Network Access Control
Enforcement Methods – Proven Experience
NAC Method
Sygate Support
API Enforcement
June, 2001
Gateway Enforcement
December, 2001
Self Enforcement
August, 2003
On-Demand Enforcement
September 2003
802.1x (W)LAN Enforcement
February, 2004
DHCP Enforcement
Mid 2005
Cisco NAC, v1
Mid 2005
TCG’s Trusted Network Connect
Late 2005
DHCP Enforcer Plug-In
July 2006
Microsoft NAP
Vista / Longhorn
TNC
When specifications released
38 – 2005 Symantec Corporation, All Rights Reserved
SNAC Enforcer Appliance
Symantec Network Access Control
Enforcer 6100 Series Appliance
 The Enforcer appliance is a new
Enforcer option being added to the
existing SNAC solution
 The appliance is NOT a standalone
NAC solution. Operates in
conjunction with the Symantec
Sygate Policy Manager and
Symantec Enforcement Agents
 Enforcer can be utilized as:
– LAN Enforcer
– Gatway Enforcer
– DHCP Enforcer
 Benefits
– Rapid implementation
– Simplified management
Base Unit
2.8GHz/1MB cache - P4
800MHz front side bus
Memory
1GB DDR2, 533MHz, 2x512
single-ranked DIMMs,
Hard
drive
160GB, SATA, 1-inch, 7.2K
RPM hard drive
Network
adapters
Two network adapters
Size &
Weight
Form Factor: 1U Rack
Height: 1.68" (4.27 cm)
Width: 17.60" (44.70 cm)
Depth: 21.50" (54.61 cm)
Weight: ~ 26.0 lbs. (11.80kg)
39 – 2005 Symantec Corporation, All Rights Reserved
Symantec Network Access Control
How it works…
Gateway/API
Enforcement
802.1x Enforcement
Symantec Policy
Manager
Symantec
LAN Enforcer
Symantec
DHCP Enforcer
Symantec
Host
Host Integrity
Integrity Rule
Rule
On-Demand
Policy Manager Anti-Virus On
Compliant
Non-Compliant
Compliant
Guest
Access
Remediation
Wireless
Guest
Desktop
Server
Switch
Anti-Virus Updated
Router
Personal Firewall On
Symantec
Gateway
Enforcer
Radius
Service Pack Updated
SSL VPN
Patch Updated
Remediation
DHCP
Kiosk
IPSEC VPN
Applications
Mobile User
Telecommuter
Host
Status
Host Integrity
Integrity Rule
Rule
Status
EAP
Status
Anti-Virus
Anti-Virus On
On
User
NameUpdated
Anti-Virus
Anti-Virus
Updated
Personal
Personal Firewall
Firewall On
On
Password
Service
Service Pack
Pack Updated
Updated
Token
Patch
Patch Updated
Updated
40 – 2005 Symantec Corporation, All Rights Reserved
Partner
Thieves
Hackers
Status
The real world – Using multiple solutions
Lan
Enforcement
WAN
?
Gateway
Enforcement
DHCP
Enforcement
Plug In
Gateway
Enforcement
41 – 2005 Symantec Corporation, All Rights Reserved
Roadmap Symantec: Full Integration
AntiCrimeware
Integrated Suite
Anti-Spyware
Symantec Sygate
Enterprise Protection 5.1
Antivirus
Management
AntiVirus
AntiSpyware
2 Management Consoles
Symantec AntiVirus
42 – 2005 Symantec Corporation, All Rights Reserved
SAV
Adaptive
Policies
IDS
FW
Enterprise Management
Symantec Client Security
Host Integrity
OS
Protection
Enterprise Management
Enforcement
Enforcement
Host Integrity
OS
Protection
Adaptive
Policies
Adaptive
Policies
IDS
IDS
FW
FW
Symantec On-Demand Protection
Problem
 Eavesdropping and theft of data from
unmanaged devices
 Unprotected or compromised devices
connecting to the enterprise via web
infrastructure
 Delivering endpoint security to unmanaged
devices (contractors, kiosks, home machines)
Solution
 Protects confidential data by creating a secure
environment that provides encryption and file
deletion upon session termination
 Protection from viruses, worms by enforcing
AV, personal firewall via host integrity
 Lower TCO by delivering endpoint protection
on-demand via existing web infrastructure
43 – 2005 Symantec Corporation, All Rights Reserved
The Market in Which Symantec On-Demand
Plays—Gartner Has Defined the Market…
Six Critical Requirement for On-Demand Security:
 Client integrity checkers
– SODA host integrity
 Browser cache file cleanup
– SODA cache cleaner
 Behavioral malicious code scanners
– SODA malicious code prevention
 Personal firewall mini-engines:
– SODA connection control
 Protected virtual user sessions
– SODA virtual desktop
 Dynamic user access policies
– SODA adaptive policies
Source: “Access From Anywhere Drives Innovation for On-Demand Security, Gartner, ID Number: G00126242”, March 21, 2005.
44 – 2005 Symantec Corporation, All Rights Reserved
SODP Architecture
Symantec
On-Demand
Agent
User
can
securely
logs
into
SSL
Virtual
Desktop
Cache
Symantec
On-Demand
IfUpon
compliant,
On-Demand
Symantec
On-Demand
inactivity
ororAgent
closing,
Adapts
Policies
to
download,
view,
modify,
VPM/Web
app
and
gets
Cleaner
then
launches
the
Agent
launches
the
Virtual
Desktop
Administrator
Creates
Verifies
Host
Integrity
VD
is
closed
and
data
User
Connects
to
Login
Administrator
Uploads
Environment
and
upload
corporate
access
to process
the
network
login
Downloads
(Java)
or
Cache
Cleaner
Symantec
On-Demand
Agent
erased
Page
On-Demand
Agent
information
How it works…
Symantec Policy
Manager
Symantec LAN
Enforcer
Symantec DHCP
Enforcer
Symantec
On-Demand
Policy Manager
Wireless
Guest
Desktop
Server
Switch
Router
Symantec
Gateway
Enforcer
Radius
SSL VPN
Adaptive Policies
Device
Network
Host Integrity
Rule
Type
Location
Policy
Status
CorporateAnti-Virus OnAirport
owned,
WLAN
Anti-Virus Updated
running
agent
Personal Firewall On
Employee
Home
Service Pack Updated
Home
Network
Trusted
Patch Updated
Guest
Internal
Laptop
LAN
VD, HI
Kiosk
VD, HI
Public
Internet
Remediation
DHCP
Kiosk
IPSEC VPN
Web Applications
Mobile User
Telecommuter
Partner
45 – 2005 Symantec Corporation, All Rights Reserved
Thieves
Hackers
VD, HI,
Persistent
Muchas Gracias
2005 Symantec Corporation, All Rights Reserved