Symantec Offers SaaS Security - Page 2

Symantec's decided to ride the security SaaS wave with its collection of .cloud services, providing pre-integrated solutions on a subscription basis.

 By Paul Rubens
Page 2 of 2   |  Back to Page 1
Print Article

Symantec Endpoint Protection.cloud

In contrast to Symantec's Email Security.cloud, Endpoint Protection.cloud is scarcely a cloud-based security product at all. To use it is necessary to install a so-called security agent -- a piece of client software that provides Symantec's standard antivirus, anti-spyware, intrusion prevention and firewall functionality - on to all your servers, desktops and laptops. The only cloud element of any note is a Web-based management console that you can use to set custom policies and send them to your endpoints, and for various other administrative tasks such as deploying new endpoints or checking the security status of your existing ones.

Symantec Web Security.cloud

That leaves Web Security.cloud. You can set this up by forwarding Web traffic from your corporate Web proxy to Symantec's cloud platform, or by installing agents on your laptops which configures them to use the cloud platform as a proxy. Unlike some other cloud security systems, it is necessary to manually configure this agent to connect to the most appropriate Symantec data center (the company operates 14 data centers in four continents) as you travel around the world.

Once implemented, the cloud service checks every Web request made by users against policies which you can configure from Symantec's cloud portal. You can set up policies to block specific URLs or URL categories, or to prevent excessive usage or restrict Web use at specific times -- and if no policy rule is triggered the request passes on to the Internet. If the request does trigger a policy rule then access to the Web page can be denied, or the request can simply be logged. Incoming Web pages are scanned for malware and blocked if malware is detected. When it comes to reports, you can examine logs for all Web users from a central cloud-based reporting interface.

A cloud-based service is only useful if it does what it promises, and Symantec has gone to great lengths to help reassure customers by backing up its .cloud platform with a surprisingly ambitious service level agreement (SLA) with financial compensation if any service levels are not met. "SLAs are absolutely key for potential customers," Woods says. Individual service level commitments include:

Email security:

  • Anti-virus effectiveness - 100 percent protection against known and unknown email viruses
  • Anti-virus accuracy - no more than 0.0001 percent false positives
  • Anti-spam effectiveness - 99 percent spam capture (95 percent for email with Asian characters)
  • Anti-spam accuracy - no more than 0.0003 percent false positives
  • Email delivery - 100 percent email delivery
  • Latency - average email scanning time within 60 seconds
  • Availability - 100 percent service uptime

Web security:

  • Anti-virus - 100 percent protection against known Web viruses
  • Latency - average Web content scanning time within 100 milliseconds
  • Availability - 100 percent service uptime

Symantec.cloud is charged on a per service per user basis, but the company declined to provide any indication of actual pricing.

This article was originally published on May 27, 2011
Get the Latest Scoop with Networking Update Newsletter