SYMANTEC CORPORATION in Industrial Control Systems Security Solutions

Are you from this Company?
SYMANTEC CORPORATION
California, USA
1982
$1BN to $5BN
Enterprise
74 Likes
79 Buyers Negotiating

Summary

The company provides ICS security solutions for both operators to secure their plants and infrastructure, as well as, for equipment vendors to increase the security of their products. Symantec’s Critical System Protection (SCSP) helps plant/infrastructure operators protect their equipment from sophisticated attacks. SCSP offers robust, signature-less, and host-based protection in managed and unmanaged scenarios, without compromising the device’s performance to manufacturers and asset owners of embedded systems. Some of the key features of SCSP are application whitelisting, application specific network firewall controls, integrated host-based firewall, USB device whitelisting, auto-sandboxing, anti-exploit mitigation techniques, and deep application discovery.

Symantec Critical System Protection

Symantec Critical System Protection 5.2.6 implements adaptable controls against the known and obscure vulnerabilities affecting one’s basic framework. The administration support empowers executives to arrange and keep up security strategies, oversee clients and jobs, see cautions, and run reports crosswise over heterogeneous working frameworks. Basic System Protection offers adaptable server security that controls client and application practices, squares unseemly system traffic and occasions, and provides non-signature strategy based ways to deal with suit server outstanding burdens dependent on an assortment of server profiles. Framework conduct can be constrained by counteracting explicit activities that an application or client may take and reviewing framework forms, documents, log information, and basic settings for unseemly movement. Basic System Protection encourages meeting consistence necessities by conveying complete review proof by means of combined occasion logs, investigation, and revealing.

 

Improved Host Protection

  • System and device controls lock down configuration settings, file systems, and prevent installation and execution of unauthorized executables
  • Zero-Day protection against known and unknown attacks without the need for signature updates
  • Out-of-the-box OS hardening via standard policies that ensure an enhanced level of security to the OS

 

High Performance Operation

  • Modular Policy Architecture reduces lengthy rules processing
  • Adaptive risk profile protection allows flexible policy enforcement based on server types
  • Prevent unauthorized user access and application downloads

 

Granular Controls across Diverse Server Environments

  • Broad platform coverage includes Windows®, Solaris®, Linux®, AIX®, HP-UX®, VMware (console OS and guest VMs), and Virtual Agent for unsupported/less common platforms

 

Easy Policy-based Deployment and Administration

  • Automate responses to events with multiple actions and countermeasures including console alerts, e-mail, SNMP trap, disabling the user account, and executing a command or event logging
  • Expand detection policies via the console, allowing more detection rules with fewer policies and edits
  • Quickly enforce restrictions to enforce security policies before patches exist or have been deployed

 

Policy Viewer

  • Provides detailed information on HIDS/HIPS policies

Benefits: – Quick assessment of system policies and settings

 

HIDS Policy Enhancements for Windows

  • Reorganized per operating system environment to enhance modularity
  • New detections of SQL injection, directory traversal, vulnerable CGI scripts, blacklist IP, malicious strings, and SEP actions

Benefits: – Easier PCI file integrity and user monitoring

 

File Monitoring Enhancements for Windows

  • Monitor ACL’s in file attributes
  • Intelligent real-time file hashing (FIPS 180-2)
  • Track username and processes associated with file modification within HIDS

Benefits: – Better performance with no polling interval hashing and more granular file integrity monitoring

 

Unicode Log Monitoring for Windows

Benefits: – Improved log monitoring for critical applications

 

PCI Policy Guidelines

  • Targeted for PCI requirements 10.3, 10.5, and 11.5 for monitoring files, configurations, and users

Benefits: – Reduced complexity for PCI compliance

 

HIPS Enhancements

  • Control over outsourced and remote administrators
  • Multiple custom IPS policies per agent
  • Enhanced GUI options for policies

Benefits: – Easier management of multi-tier prevention policies

 

Windows XPe Agent Support

Benefits: – Extends detection and prevention capabilities (especially for PCI requirements) to embedded systems such as retail PoS and medical devices

 

Discussions

Strengths
  • +5
    As a Service
  • +8
    Module Based
  • +14
    Outcome Based
  • +7
    Per Node/Asset
  • +6
    Per User
  • +12
    Regulatory compliance
  • +10
    IOC detection tools
  • +9
    Network traffic anomaly detection tools
  • +9
    Education & Training
  • +5
    Incident Response
  • +10
    Managed Security Services
  • +11
    Support & Maintenance
  • +7
    Risk Based Asset Classification
  • +8
    Risk/VaR Simulation
  • +9
    Software Enabled Methodology
  • +9
    Cloud
  • +12
    Hybrid
  • +10
    On-premise
  • +13
    Cyber attack simulation
  • +7
    Design & Integration
Cautions
  • -13
    Security Challenges
  • -8
    Good Management of Log Data
  • -14
    Application Control
  • -10
    Network topology vizualization
  • -9
    Exact Data Matching
  • -5
    Risk and Threat Assessment
  • -13
    EDDL - Electronic Device Description Language
  • -12
    FDT – field device tool
  • -11
    ODVA
  • -14
    Integration of legacy devices
  • -12
    IAEA - Computer Security at Nuclear Facilities
  • -14
    NRC -10 CFR - 73.54
  • -13
    NRC - Regulatory Guide 5.71
  • -13
    WIB M-2784 (Process Control Domain – Security Requirements for Vendors)
  • -9
    API- API 1164 Pipeline SCADA Security
  • -8
    DoE - 21 steps for SCADA security
  • -10
    IEC 62351
  • -6
    ISO/IEC TR 27019
  • -7
    NISTIR 7628
  • -8
    UL 2900-2-2

SYMANTEC CORPORATION Reviews

user-icon

Buyer, Manufacturing, SME

2
Apr 11, 2019

“Securing Multiple Networks”

Security of the industrial environment against various threats and attacks is a major challenge. End users must secure multiple networks.
Useful (0) Not useful (0)
user-icon

Analyst

4
Apr 11, 2019

“Amazing Solution for protecting ICS endpoint”

Rockwell Automation partnered with Symantec Corporation to address the risk to computer-based endpoints in automation systems. Rockwell Automation tested Critical System Protection (CSP) solution for protecting its ICS host endpoints. The CSP solution provides policy-based behavior control and detection for hosts/devices.
Read less Read more
Useful (0) Not useful (0)
user-icon

Buyer, Transportation and Logistics, SME

3
Apr 11, 2019

“Protection of antimalware”

The protection of antimalware increases with the advanced machine learning and neural network technologies of Symantec. No internet connections are required for its functioning. It uses plug and play solutions to minimize false positives and blocks malwares.
Read less Read more
Useful (0) Not useful (0)
user-icon

Buyer, Power, SME

2
Apr 07, 2019

“Securing multiple networks”

Security of the industrial environment against various threats and attacks is a major challenge. End users must secure multiple networks
Useful (0) Not useful (0)
user-icon

Analyst

3
Apr 07, 2019

“Security and Vulnerability Management ”

Rockwell Automation partnered with Symantec Corporation to address the risk to computer-based endpoints in automation systems. Rockwell Automation tested Critical System Protection (CSP) solution for protecting its ICS host endpoints. The CSP solution provides policy-based behavior control and detection for hosts/devices.
Read less Read more
Useful (0) Not useful (0)
user-icon

Buyer, Transportation and Logistics, SME

3
Apr 07, 2019

“Asset management”

Symantec offers Asset Management Suite that helps organizations ensure compliance of IT assets.
Useful (0) Not useful (0)
user-icon

Analyst

3
Apr 07, 2019

“Protection of antimalware”

The protection of antimalware increases with the advanced machine learning and neural network technologies of Symantec. No internet connections are required for its functioning. It uses plug and play solutions to minimize false positives and blocks malwares.
Read less Read more
Useful (0) Not useful (0)
user-icon

Buyer, Energy and Utilities, SME

1
Apr 07, 2019

“Denial of Service (DDoS) attacks”

Symantec’s Security Response can discover cybercriminals hijacking consumer connected devices and home networks to carry out Distributed Denial of Service (DDoS) attacks on more profitable targets.
Read less Read more
Useful (0) Not useful (0)
I agree to 360Quadrants Terms of use and privacy policy
Success
info
Error
Company Size :
  Enterprise
  SME
  Startup