Connect And Protect | How Symantec Endpoint Protection became EGS's top choice!
Your role in the organization/company:
I am Nel Ramos, the Anti-virus POC (Point of Contact) of EGS, a multinational company that covers 5 continents of the world namely: North America, South America, Europe, Asia and Africa. I lead a team designated to monitor virus infections and outbreaks, analyze existing data on virus and spyware trending, perform research on new applications and tools to counter possible threats and advice ground IT personnel on the resolution of issues related but not limited to virus infections. Our team’s operation is 24/7 in ensuring that the company’s valuable data would not be vulnerable to data theft, data manipulation on an internal or external manner, interference of business-critical services, and damage the organization’s status. It also consists of more than 10,000 hardware systems that are multi-plat formed.
What was your data protection criterion, concerns and related issues, and how did Symantec Endpoint Protection resolve them?
Our data protection criteria is a total solution package that could deal with existing and zero day threats that could compromise sensitive client and internal data from unauthorized access by internal and external entities. This is very crucial since we have many entry and exit points that needs constantly guarded. We need a package that has anti-virus and anti-spyware capabilities that would proactively protect data and endpoints across the organization. This solution also needs to simplify endpoint security management and lower TCO by combining protection with enforcement. The monitoring console must not be to complicated, that users would need hundreds of man hours to set up the system or produce AV reports for different sets of clients. The out of the box solution also must ensure ongoing stability, performance, and scalability. There must be a way to upgrade the existing package if a newer version would be available in the market to protect against newer threats or to fix a possible application bug.
Since we monitor threats on a large-scale basis, an improved threat monitoring tool and reduced administrative burden of protecting endpoints against known and unknown threats needs to be included. The solution also needs to comply with the existing systems that the company has. Although new hardware might be purchased together with the solution, as long as this would still support the majority of our computers. The solution also needs to be supporting the different operating systems that the company is using. Just a tip, please also take a deeper look at your company’s software inventory. Would the Operating System be compatible with the AV that you would purchase? Would the servers have issues once they are installed with the Symantec Endpoint System? We also need a way to protect our e-mail system from sending and receiving data that could harm the system and could audit the transactions to determine the origin of the infection.
What were the strategic or financial reasons you chose Symantec Endpoint Protection Solutions?
Acquiring an advance Anti-virus and anti-spyware system needs a big budget in order for this to be implemented - that is why the leadership had carefully studied all possible options before entering into an agreement with a vendor. Some of the things to weigh in are; how did the solutions fare when it came to performance, scalability, high rate of detection and affordability. Symantec comes first in the short list that was released. Although financial issues were not the main concern, it was part of the intricate process on how Symantec was preferred and purchased.
What were the technical criteria/reasons you chose Symantec Endpoint Protection Solutions?
The Technical reasons why our organization chose Symantec are as follows: Antivirus and Antispyware Protection, Network Threat Protection and Proactive Threat Protection.
First, Symantec’s Antivirus and Antispyware Protection gives value over money due to its sensitive detection of virus signatures by providing daily updates and sending rapid releases to overcome newer infections that are not yet detected.
Second is the Network Threat Protection that incorporates intrusion prevention systems (IPS) and protective firewalls. The protective firewall hinders any intrusions coming from the Internet to affect the computer. After the firewall, the intrusion prevention system is the second layer of defense that is installed in the computer. It operates by scanning each packet that runs in and out of the computer checking for attack signatures. Once it detects such signatures present in a packet, it automatically drops it. Lastly, on top of the two levels of defense, the proactive threat scans uses signatures to detect unknown threats. It uses state-of-the art Heuristic Technology to deal with the detection of new and unknown viruses. It also shields the computers from zero day attacks that exploit computer application vulnerabilities that are not known to all, undisclosed to the software vendor, or for which no security fix is available.
Symantec was the right choice because...?
Symantec was the right choice because it posessed all the requirements that we were looking for in a total solution package. There are three post production reasons that strengthened our decision.
They are as follows: Symantec consultants, Symantec Technical service phone-in support and Symantec connect. Firstly, after purchasing the product, it was the right deal to package that with in-house consultation. They had helped us in implementing the advance policies that made our system safe. The technical support after the consultancy was very helpful although getting used to help just a few desks away had brought in big comparisons.
What sealed our loyalty to Symantec was the last of the three, Symantec Connect. It was recommended by one of our Symantec consultants. At first, I was apprehensive to use it since the majority of the ones that would help resolve issues were customers like me, but my apprehension was replaced by mutual respect after knowing that there are good and highly technical people that could give a helping hand to strangers, even major competitors in the name of virus protection. After my first weeks in the site, I was glued to my seat, enriching myself with knowledge. I had eventually recommended the site to my team in dealing with issues that are not clear to them. Glad to say that almost 90% of our queries are solved through this medium.
How has your Symantec Security Solutions helped you be more successful?
Symantec Security Solutions helped me to be more successful by simplifying the way we monitor virus infections and outbreaks. The mail alert option has been very useful in bringing our attention to issue pertaining to AV concerns. I have also created several e-mail alerts that are filtered via location and designation. The leadership would only receive e-mail alerts on outbreaks while the specialist would be getting all the alerts of the Symantec AV.
I had also created e-mail alerts by locations, so IT ground personnel per site could get e-mail alerts on their specific location. I had also implemented to send only those alerts that are critical, thus limiting spamming. Due to its organized dashboard, we could get vital information in a glance. Report generation was also easy to make, thus giving us more time researching new threats and testing other Symantec Endpoint Solutions.
Although the system may not be perfect at all times, the point is, that it delivers the requirements that our organization needs. I would like to take this opportunity to thank the whole Symantec Team for making SEP a reality. These valuable tools help us in getting the job done. Almost all the tasks were automatically resolved by cleaning. Proactive and heuristic scanning takes the upper hand in virus detection and resolution. We all became true believers. We hope that you will continue to help make the internet a safer place to be. Cheers to all!