A Hadoop-Based Endpoint Protection Mechanism

• Main Authors: Lin, Jiun-Yu, 林君豫
• Other Authors: 羅濟群
• Format: Others
• Language: zh-TW
• Published: 2015
• Online Access: http://ndltd.ncl.edu.tw/handle/10751644664014425491

碩士 === 國立交通大學 === 管理學院資訊管理學程 === 103 === Today the number of end-users in enterprises and organizations are obviously more than past twenty years, in particular, almost employees can use their own devices to connect the intranet of enterprises and organizations, making IT sector controlling and managing in endpoint securities and management become more difficultly. Strengthening manage security software may lead to increase the burden of companies and organizations hidden costs. Various anti-virus software vendors begin to figure out the solution, improving their products, and implementing the advanced threat prevention technologies into a single agent program which can be the great achievement of the original anti-virus software, not only providing organizations with unparalleled various endpoint defense capabilities, but also being comprehensive upgrade protection more safe. Therefore, almost of them only focus on the functionality, the monitoring service, the establishment of a state of exception, and the number of virus classification and statistics so that it fail to offer an effective way for the enterprise or organization's internal information security control. This study attempts to implement the cloud analysis tool (Hadoop) into Symantec Endpoint Protection Manager (SEPM) architecture, analyzing, noting to the managers and generating a priority checking list. Finally, offering assessment of effectiveness of before and after. The result has significant benefit. This study use the cloud analysis software (Hadoop) to effectively strengthen information security event handling, reducing the threat which may occur, for other companies or organizations to enhance overall information security level of the reference.