Feature
Back To Features LandingSecurity Beyond The Box: The Global Intelligence Network
Let’s get right to the thesis: a rigorous online security solution includes far more than just the box of software you install on your hard-drive. Staying secure is not a one-time quick fix; it means continuous, worldwide vigilance.
It’s true that once upon a time the software all by its lonesome was pretty much enough. Computers themselves were the targets of attacks, and security was more a question of hygiene and housekeeping—contagion, disinfection, protection. Repeat.
That model has pretty much gone the way of acid wash jeans and Pet Rocks.
To mix metaphors, it might be useful to think of the box as the tip of the iceberg—the visible part can be small compared to the business end that floats below the waterline. Similarly, the software in your box must be backed by a powerful system of detection, updating, and constant research in order to effectively keep you secure.
That’s because the target of today’s attacks isn’t our computer: it’s us. Or, more to the point, our data. Data that we are constantly sending and receiving 24/7 because we are all plugged into that big 24x7data-cranking machine called the Internet.
Nearly every day we—and our personal data—come into contact with this always-on, always-connected, information machine. It would seem near impossible that a simple box of software could stay ahead of something evolving that quickly unless it can tap into a larger detection system, such as Symantec’s Global Intelligence Network.
In the last six months of 2007, Symantec detected 499,811 new malicious code threats. Think back to the 90% of the iceberg, the part that’s under the water. The software solution is the tip of the iceberg; the real business end is the Global Intelligence Network that keeps the software current.
The Global Intelligence Network collects and mines data on the latest security breaches and worldwide threats around the world and around the clock. For those of you picturing a guy sitting by a red “hotline” phone with a pencil and notepad, guess again. Mined directly in the field, from overt sources as well as those that are alluringly sneaky—in a James Bond way, but without the tuxedoes and Aston-Martins®—the information Symantec collects and uses would hardly qualify as something you jot on a scratch pad.
The Global Intelligence Network is proactive, and consists of resources (human and otherwise) worldwide dedicated to the collection of data on the latest security threats and the development of the patches, updates, and product removal tools required to keep consumers and businesses secure.
Here’s how it works for you:
Three Operations Centers Around the Globe
The Internet never sleeps, nor do threats to online security, so these fully staffed and dedicated centers in Reading (UK), Sydney (Australia), and Alexandria, VA research worldwide threats and security breaches in real-time.
40,000 Registered Sensors in 180+ countries
These computers use DeepSight software to extract and send data logs. DeepSight tracks security events on a global basis, providing early warning of active attacks. In addition, DeepSight “honeypots” strategically placed around the world report on who’s been passing through and just what it is they are up to. The sticky fingerprints they leave behind are a rich goldmine of data used to keep customers armed with up to the minute information.
In addition, like the honeypots, Symantec’s 2,000,000 decoy email accounts allow collection of even more data “in the wild.” It would be tempting to envision each of those accounts like a diver being lowered in the cage to hang with hungry great-whites, but closer to the truth is that the volume and quality of data collected trickles down into a better-mapped threat landscape, and enhanced protection.
Millions of systems managed by Symantec Managed Security Services
In 61 countries Symantec has customer computers being managed by Symantec Managed Security Services that report malicious code activity through the Digital Immune System.
11 Symantec Support Centers
Interactions with thousands of customers per day through Symantec customer support centers yield even more data. Support centers provide customers with information on product updates and removal tools, especially during outbreaks.
8 Symantec Security Response Labs
In these hubs—located in Calgary, Ireland, Pune, India, Tokyo, Taipei, and three California cities —teams of researchers collect and analyze the latest malicious threats from network and security threats and vulnerabilities to viruses and worms.
In short, the resources deployed around the world to help keep you secure are significant. Remember, as you contemplate the part of the iceberg you can’t see—the one that sinks ships— that this infrastructure is backed by over 1,800 analysts, engineers, product and security specialists, researchers, and technical experts. So let the bad guys, malware purveyors, and peeping toms re-arrange deckchairs all they want. You know they have a date with something very big—too big to fit in a software box.
