Posted: 2 Min ReadExpert Perspectives

Hardening Doesn’t Have To Be Hard

Symantec Data Center Security makes it simple and effective

Hardening your systems remains one of the most effective things you can do to prevent successful attacks.  But it’s not easy to do.  Computers are dynamic about both what they do on the network and the software they need to run.  Hardening can shut down business processes, interfere with productivity, stop legitimate apps from running.  And the solutions from security vendors usually require you to spend time and resources customizing their configuration and constantly monitoring and adapting to changes in the network and on the system. Until there is a technological breakthrough, we will all continue to see low adoption of hardening for general purpose computers.

The Exception

There is an exception to this.  Servers.  Most servers have a single, well understood function.  They can be hardened because they are not dynamic in what programs they run or what they do on a network.  But this still requires an understanding of the OS and primary applications.  And IT still needs to configure the system and security products accordingly.

There is a solution for you: Symantec Data Center Security (DCS) proactively secures and hardens servers for common applications with its default policies. They are built by Symantec security experts to make hardening simple and effective.

There is a solution for you: Symantec Data Center Security (DCS) proactively secures and hardens servers for common applications with its default policies.

And it works as advertised.  The recent attacks against Microsoft Exchange servers leveraged four different zero-day vulnerabilities. While attacks using these vulnerabilities started out from a single threat actor and were limited and targeted, once the vulnerabilities became known a large number of threat actors jumped in to take advantage of the vulnerabilities, trying to get ahead of patching efforts.  DCS customers however did not have to worry.

The Intrusion Prevention feature of DCS, with its default policies, provided zero-day protection against the deployment of web shells used in these attacks.  Protection against this and other zero-day attacks comes standard, with zero effort from the admins.  Hardening without expensive configuration.  I think this is the future.

Symantec Enterprise Blogs
You might also enjoy
Threat Intelligence9 Min Read

How Symantec Stops Microsoft Exchange Server Attacks

Symantec's Intrusion Protection technology will block all attempted exploits of critical vulnerabilities.

Symantec Enterprise Blogs
You might also enjoy
Feature Stories2 Min Read

Symantec Named the Best Cross-Platform Endpoint Protection of 2020

AV-TEST independent lab also places Symantec in the coveted top spot for the Endurance Award

About the Author

Kevin Haley

Director, Symantec Security Response

Kevin Haley is responsible for ensuring the security content from Symantec’s Global Intelligence Network is actionable for its customers-including focus on education in security issues and incorporating the security content into Symantec’s enterprise products.

Want to comment on this post?

We encourage you to share your thoughts on your favorite social platform.