Hide Notes 

Slide 1: Automated Malware Audit Panda Software (Malaysia) TS Wong, Country Manager Mar 2007 Panda Software (Malaysia) | Copyright reserved 2007 Intelligent Application Switching 1 Automated Malware Audit
Slide 2: Automated Malware Audit Agenda ► Introduction • Who is Panda Security? • Our Customers • Our Technologies ► Why Managed Services (SAaS)? ► Panda Managed Office Protection • • • • Traditional vs SAaS How does it works? Designed for Reseller & MSSP Screenshots Intelligent Application Switching 2 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 3: Automated Malware Audit Agenda II ► Technical Problems Deployment Features & Functionalities Demo ► Benefits • Shorter Improvement Cycle • • • • Intelligent Application Switching 3 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 4: Automated Malware Audit Agenda III ► Business Opportunities for Partners • Market Reality • Target Market ► Benefits for Partners Unique Branding Manageability Better Customer Service Reduced Technical Issues ► How to Sell? • Price List • Promotion • PMOP Kickback Program ► Technical Training Registration Panda Software (Malaysia) | Copyright reserved 2007 • • • • Intelligent Application Switching 4 Automated Malware Audit
Slide 5: Automated Malware Audit TIME Daily routine. What is a Malware Audit? ► Complete an audit within 1-2 hours for 500 PCs? ► Scan for all types of malware ► Disinfect all types of malware ► Provides Executive Audit Report REQUIREMENT Low requirement for hardware and people. EFFECTIVE A strong detection and disinfection. SEAMLESS Does not disrupt existing infrastructure. ► Provides Technical Audit Report INFORMATIVE Complete information on security. Intelligent Application Switching 5 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 6: MalwareRadar Intelligent Application Switching 6 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 7: Automated Malware Audit Problems • Antivirus not updates Report Scan • Antivirus could not detect • Antivirus not running • Problem with console • AV not designed for reporting MalwareRadar Report • Can’t assess PCs status • Too tedious to perform routine checks Scan Disinfect • AV could not disinfect • Need to deploy big team • Need to disinfect 1-by-1 PCs Disinfect Intelligent Application Switching 7 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 8: Automated Malware Audit MalwareRadar • Executive, Technical and Disinfection Report • PDF and Online • Need to disinfect 1-by-1 PCs Report MalwareRadar Scan • Provides Panda Technology • Better Detection • •Quick Scan in 5 min • Strong 2nd opinion Disinfect • Provides Panda Technology (rootkit, spyware, etc.) • NO need to deploy big team Intelligent Application Switching 8 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 9: Automated Malware Audit 1 MalwareRadar WebSite Architecture Overview DMZ 1 2 3 Full Scanner Distribution Tool Office A Picture 250 Internal Network 2 Distribution Tool Configuration virus spyware vulnerability 4 Internet Office B 3 Reporting Full Scanner Quick Scanner Picture 250 virus spyware vulnerability 5 Disinfect Tool Active Directory NTLM Office C Picture 250 4 Backend Quick Scanner virus spyware vulnerability 5 Disinfection Tool Batch File: create common user with Admin Rights Intelligent Application Switching 9 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 10: Automated Malware Audit 1 Login to MalwareRadar Operational Overview I 1 DMZ Distribution Tool Internal Network Office A Picture 250 Configuration 2 Configure necessary profile 3 4 5 Full 3 Scanner virus Full Scanner 6 vulnerability spyware 2 Internet Office B Full Scanner Reporting Gen + Download • Scanner • Distribution Tool Quick Scanner Distribution Tool 6 vulnerability 3 Active Directory NTLM Picture 250 5 virus spyware 4 Backend Run Distribution Tool 3 5 Batch File: create common user with Admin Rights Office C Picture 250 virus Full Scanner spyware 6 vulnerability 5 Push Scanner to PCs Admin Rights 6 Scan 7 8 Generate Report Intelligent Application Switching 10 Close Audit Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 11: Automated Malware Audit 1 Login to MalwareRadar Operational Overview I 1 DMZ Distribution Tool Internal Network Office A Picture 250 Configuration 2 Configure necessary profile 3 4 Full 3 Scanner virus spyware vulnerability 2 Internet Office B Reporting Gen + Download • Scanner • Distribution Tool Quick Scanner Distribution Tool 3 Active Directory NTLM Picture 250 virus spyware vulnerability 4 Backend Run Distribution Tool 3 Office C Picture 250 virus spyware vulnerability Batch File: create common user with Admin Rights Intelligent Application Switching 11 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 12: Automated Malware Audit 5 Push Scanner to PCs Operational Overview II DMZ Internal Network Office A Picture 250 Configuration Admin Rights Distribution Tool Full Scanner 6 Scan 5 virus Full Scanner 6 vulnerability spyware Internet Office B Full Scanner Reporting 7 Close Audit Quick Scanner Distribution Tool Active Directory NTLM 6 vulnerability Picture 250 5 virus spyware Office C Backend Picture 250 8 Generate Report 5 Batch File: create common user with Admin Rights virus Full Scanner spyware 6 vulnerability Intelligent Application Switching 12 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 13: Automated Malware Audit 1 Gen + Download • Disinfection Tool Operational Overview III DMZ Distribution Tool Configuration Disinfect 1 Internal Network Office A DT Picture 250 3 vulnerability 2 Push DT Scanner to PCs Admin Rights 2 Internet Office B virus spyware Reporting 3 Scan & Disinfect DT virus spyware 3 vulnerability Picture 250 2 Active Directory NTLM Office C Backend DT Picture 250 3 vulnerability 2 Batch File: create common user with Admin Rights virus spyware Intelligent Application Switching 13 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 14: Automated Malware Audit 5 Simple Steps Deployment Admin Rights Configuration Scan Report Disinfection  Login to  Must have Administrator  Quick Scan (1-5 min)  Full Scan  Executive Report  Technical Report  Same as scan process.  Cleaning Report www.malwareradar.com  Configure scanning type  Configure scanning rights  Active Directory (AD) & NTLM  Most advanced detection of malware.  Detects current AV, details  Download scanner and distribution tool. firewall, HIPS, etc status.  Detects vulnerabilities Intelligent Application Switching Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 15: Automated Malware Audit Requirement ► For workstations: • • • • • • • • • Windows 95, 98, Me, NT 4 Server/WS SP6, 2000, XP, 2003, Vista 32 bits RAM: 64MB Hard disk free space: 30MB. Internet Explorer 5.5 ► For the distribution tool: Runs under Windows 2000 WS/Server, XP, 2003, Vista 32 bits Distribution in Windows NT 4, 2000, XP or 2003, Vista 32 bits RAM: 64MB Hard disk free space: 30MB. Internet Explorer 5.5 ► Note: To distribute the scan to NT 4, 2000, XP or 2003 computers, the distribution tool must be run from Windows 2000 or XP computers. These computers should have the administrative resources enabled. Intelligent Application Switching 15 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 16: Automated Malware Audit Quick vs. Full Scan Quick Scan Goals Quickly detect all the active malware on the network Active and latent in the most common directories ►Memory ►Log ►Most common directories Full Scan Full Scan Detect all active and latent malware Active malware and all latent malware ►Memory ►Log ►All directories ►Emails Type of malware Location Scan Time Size 5 to 25 minutes 2.5 hours onwards (depending on size of hard disk and its data) Scanner: approx 20MB Distribution Tool: approx 20MB YES Picture 250 Scanner: approx 20MB Distribution Tool: approx 20MB YES YES Scan status of protection Scan vulnerabilities YES Intelligent Application Switching Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 17: Automated Malware Audit Report (online or pdf) ► Executive • • • • • • The network situation and organization risk level Statistics PCs infected ► Technical Each computer in detail Malware detected, description, effects and path Level of security • Protection Status • Existence of vulnerabilities ► Cleaning • Malware neutralized, location and result of cleaning Intelligent Application Switching 17 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 18: Better Detection Intelligent Application Switching 18 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 19: Automated Malware Audit 2 Panda Collective Intelligence System Automated Data Processing New DataCenter 100s of Servers Knowledge Base 1 3 Collection of Data from Community Release of Knowledge Extracted Other Sources Partners Customers Intelligent Application Switching 19 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 20: Automated Malware Audit Updated Detection and Signature ► MalwareRadar is on-demand scanner (not resident or realtime) • No concern of the complexity of a resident protection. • No concern of the OS, drivers and other applications. ► Faster to incorporate new detection technologies and signature ► Highly sensitive hueristic technology is incorporated MegaDetection Intelligent Application Switching 20 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 21: Automated Malware Audit TIME Daily routine. Value Proposition Quick Scan Completes scanning of active malware within 1-5 minutes Full Scan Completes within 2-5 hours Disinfect Completes within 4-8 hours REQUIREMENT Low requirement for hardware and people. Web Browser Only web browser and internet connection. Low hardware 64MB RAM and 30MB hard disk. k rea b on p Do Notut O Rely u n Current AV lea Updates C g on i on r St pi n nd O 2 EFFECTIVE A strong detection and disinfection. Rootkit Detection Technologies No Install Only distribution of files Heuristic en t with high equ of level t Fr ud sensitivity i t Vulnerabilities Scanning Detects known ~ and its malware Check Protection e let Does not disrupt existing infrastructure. mp Co it &d ickProtection Au INFORMATIVE u Q Complete information Status SEAMLESS on security. A Detects status of currentAV No Uninstall Keep existing protection No Resident After scan everything is deleted CPU Sensitive Configure scan during CPU idle Exploit Check AV process & update Vulnerabilites and its virus Intelligent Application Switching 21 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 22: Pricing Intelligent Application Switching 22 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 23: Automated Malware Audit When Price meets Value Proposition Malware Radar - Subscription Malware Radar - One Run Audit Licenses 1 Year 2 Year 3 Year Licenses One Run Audit 5 - 25 118 177 236 5 - 25 83 26 - 50 103 154 205 26 - 50 72 51 - 100 99 149 198 51 - 100 69 101 - 250 74 111 149 101 - 250 52 251 - 500 64 95 127 251 - 500 45 501 - 1000 52 78 104 501 - 1000 36 1001 - 2000 40 60 80 1001 - 2000 28 Intelligent Application Switching Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 24: Thanks! Call us for an audit today. RESULT Intelligent Application Switching 24 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 25: Automated Malware Audit Product Overview Home | SOHO Corporate Gateway Corporate Managed Service Standalone Web NanoScan™ ActiveScan™ ActiveScan Pro™    Web technology. Fastest scanner in the  world.  Strong retail products. All malware protections. Blocking known and unknown threats.   Gateway products. Combines gateway antivirus + antispam + webfiltering + IPS + firewall, etc.    Corporate products to  support customers with large no. of PCs. Superior technology to block known and unknown threats. NO OPTIONAL MODULE. ALL INCLUSIVE. MSP products. Intelligent Application Switching 25 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 26: Screenshots Intelligent Application Switching 26 Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 27: Automated Malware Audit Configuration Intelligent Application Switching Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 28: Automated Malware Audit Configuration Intelligent Application Switching Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 29: Automated Malware Audit Distribution Tool Intelligent Application Switching Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 30: Automated Malware Audit Online Monitor Intelligent Application Switching Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 31: Automated Malware Audit Executive Report Intelligent Application Switching Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 32: Automated Malware Audit Technical Report Intelligent Application Switching Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit
Slide 33: Automated Malware Audit Technical Report Intelligent Application Switching Panda Software (Malaysia) | Copyright reserved 2007 Automated Malware Audit