1. /
  2. Symantec Solutions for Amazon Web Services
Security Solutions Optimized for Amazon Web Services

Security Solutions Optimized for
Amazon Web Services

Security in public clouds is different. Are you prepared? Symantec has teamed up with Amazon Web Services to deliver security that is optimized for your AWS applications and instances. Download the White Paper
Symantec Solutions for AWS

Symantec delivers security solutions that are optimized for Amazon Web Services. Confidently migrate your legacy applications, deploy new cloud-native applications and services, and burst services on-demand to augment your on-premise requirements with Amazon Web Services.

Public Clouds to Deliver Business Services

Using Public Clouds to Deliver Business Services at the Speed of Need

Businesses and public sector organizations are no longer just using the public clouds like Amazon Web Services (AWS) for their test and development environments. Increasingly, they are using public clouds to migrate critical applications running on unsupported on-premise legacy platforms, as well as to deploy new cloud-native applications. A 2014 Forrester survey notes that “cloud-first” policy is increasingly the norm for new workload deployments. Organizations are also turning to public clouds like AWS to burst services, and meet seasonal spikes in demand.
Security Optimized for AWS

Symantec Delivers Security that is Optimized for AWS

Security and compliance in public clouds are different. Applications in these environments are componentized, preconfigured, and based on a library of templates. These applications are dynamic, mobile, orchestrated, and automated. Architectural differences between public clouds and on-premise infrastructures make it difficult to retrofit on-premise security solutions for public cloud environments. Traditional security solutions require deep expertise, extensive configuration, and long tuning cycles- thus, are not suited for the public cloud. Understanding these differences and challenges, and offering security that is optimized for public cloud architectures are critical to removing barriers to adoption.
Simplify Security Across Your On-premise and Public Cloud

Symantec Simplifies Security Across Your On-premise and Public Cloud

Symantec understands the distinct requirements for security in public cloud and offer security products that are optimized for AWS; at the same time, enables customers to simplify management with their on-premise security operations.
By taking the same proven solutions that organizations have come to rely on and extending them to Amazon EC2 and Amazon S3, organizations can now enjoy the peace of mind knowing their people and information are protected by Symantec solutions.

Control Compliance Suite

Control Compliance Suite delivers business-aware security and risk visibility so that customers are effectively able to align priorities across security, IT operations, and compliance. It automates continuous assessments and delivers a unified view of security controls and vulnerabilities. Customers can deploy Control Compliance Suite on-premise or on Amazon Web Services (AWS) to assess their AWS instances and applications. With Control Compliance Suite, customers are able to harden the data center, prioritize security remediation, enable the secure migration to the software-defined data center, and support continuous assessments for Cyber Security and Continuous Monitoring.
Learn more about Control Compliance Suite

Symantec Protection Engine for Cloud Services

Symantec Protection Engine for Cloud Services is a flexible and feature rich client/server application that allows customers to incorporate malware and threat detection technologies into almost any application. Protection Engine includes Symantec's proprietary, patented URL categorization technology and industry-leading malware protection for fast, scalable, and reliable content scanning services. These services help organizations protect their data and storage systems against the ever-growing malware threat landscape.

Symantec Data Center Security: Server Advanced/Monitoring Edition

Symantec Data Center Security: Server Advanced and Symantec Data Center Security: Monitoring Edition both provide security monitoring of AWS public and hybrid clouds (VPCs). It delivers security configuration monitoring, file integrity monitoring, whitelisting with application control for on-premise and off-premise data centers, and security automation across the cloud environment via REST API.
Symantec Data Center Security: Monitoring Edition is intended to deliver continuous security monitoring and compliance reporting across physical and virtual servers, as well as AWS and Openstack clouds.
Symantec Data Center Security: Server Advanced offers all the features and benefits of the Monitoring Edition but also adds server hardening for physical and virtual servers and OpenStack Keystone, including out-of the-box host IDS and IPS policies, sandboxing and process access Control (PAC), host firewall, compensating HIPS controls, file and system tamper prevention, and application and device control.
Customers that use either Symantec Data Center Security: Server Advanced or Symantec Data Center Security: Monitoring Edition will have the ability to simplify security monitoring and compliance reporting across their hybrid data centers.

Symantec Endpoint Protection

Symantec has traditionally offered Symantec Endpoint Protection as an on-premises solution. Now, Symantec and Amazon Web Services have teamed up to provide this enterprise class security solution in the cloud in the form of an Amazon Machine Image (AMI) based on the Windows Server 2003 operating system. With Symantec™ Endpoint Protection you can ensure that your work is safeguarded and that your business assets are protected.
Symantec Endpoint Protection on Amazon EC2 offers:
  • Proactive protection against unseen threats with TruScanTM Proactive Threat Scan
  • Comprehensive malware and antivirus protection and new rootkit protection
  • Dynamic performance adjustments to keep systems productive and protected
  • Industry leading threat landscape intelligence with Symantec's Global Intelligence Network
(source: AV-Test.org April, 2015)

Data Loss Prevention

Customers can now confidently deploy workloads containing confidential data to the Amazon cloud with Symantec’s market-leading data loss prevention (DLP) solution. Symantec Data Loss Prevention provides comprehensive coverage and unified management of your confidential data across the Amazon Web Services (AWS) cloud and your on-premises environment.
Symantec Data Loss Prevention is a content-aware data security solution that discovers, monitors and protects confidential data stored across the AWS cloud, including AWS-hosted instances of Microsoft Exchange and Microsoft SharePoint. Unlike other security solutions that provide limited DLP controls, Symantec delivers deep content inspection, sophisticated policy and incident management, and proven scalability and performance. With AWS and Data Loss Prevention, businesses can confidently deploy workloads to the cloud without sacrificing control over of their confidential data.
Learn more about Data Loss Prevention

Symantec Identity: Access Manager

Symantec Identity: Access Manager is a next generation access control platform, the foundation for an information protection solution for the cloud; that integrates Single Sign-On (SSO) with strong authentication (Symantec Validation and ID Protection Service and Managed PKI Service), access control, and user management. In the cloud, where a traditional enterprise perimeter does not exist, Identity Access Manager fills the gap by helping enterprises adopt cloud-based applications while maintaining proper risk management and compliance measures to protect enterprise data and follow regulations. Symantec Identity Access Manager is available on-premises or as a hosted service on the Amazon Web Services (AWS) cloud. Virtually any cloud-based application is supported with easy to create connectors. Also included is a built-in user directory for self service provisioning and integration with common identity providers to enforce security and compliance for applications without getting in the way of productivity. The AWS cloud offers a secure, scalable infrastructure to support Identity Access Manager as it scales with an organization's need to manage additional apps, devices, and users.

What is Cloud Computing?

Cloud computing is an option for computing in which dynamically scalable and often virtualized resources are provided as a service over a network. Hosting services on the internet are referred to as "Public Clouds," while hosting services on an internal network is referred to as a "Private Cloud."

What is Amazon Web Services (AWS)?

Amazon Web Services (AWS) is an infrastructure-as-a-service provider, serving companies of all sizes. With AWS, companies can requisition compute power, storage, and other services, gaining access to a suite of elastic IT infrastructure services, as business demands them.

Essential Characteristics of Public Cloud

The five essential characteristics of cloud computing:
  1. On-demand self-service
  2. Broad network access
  3. Resource pooling and multi-tenancy
  4. Rapid elasticity
  5. Metered service
For More information on Cloud Computing, see the NIST Special Publication 800-145, “The NIST Definition of Cloud Computing

Key Security Concepts & Challenges Associated with Public Clouds

  • Cloud, by definition, means some loss of control and visibility.
  • Majority of the risks originate from the components that are managed by the subscriber. Application and instance security are soft targets for malicious hackers.
  • Attempts to retrofit on-premise security controls and patterns to secure applications and instances in the public cloud are ineffective due to differences in the architecture between on-premise and public cloud infrastructures.
  • Customers using AWS must have a solid understanding of the “AWS Shared Security Responsibility Model
Learn more about AWS Security and Compliance
AWS Shared Responsibility Model

What is the Nature of the Relationship Between Symantec and Amazon Web Services?

Symantec recognizes Amazon Web Services (AWS) as a leading cloud infrastructure-as-a-service provider and has partnered with AWS to bring Symantec's products that are optimized for these environments. The Symantec products that support AWS are designed to deliver security at the application and instance levels, which are the subscriber-controlled components in the AWS Shared Security Responsibility Model. Symantec therefore complements the cloud infrastructure and network security that is provided by AWS security services.
Symantec does not endorse or resell AWS offerings nor does AWS resell any of Symantec's products. Customers are encouraged to evaluate the product and service offerings made available by Symantec and AWS, and identify how each solution would benefit a particular use-case.

What Symantec Products Secure Applications and Instances on Amazon Web Services?

See the “Products” section for information on Symantec security solutions for AWS.