McAfee Web Gateway 7.0
|
|
|
- Stephen Waters
- 10 years ago
- Views:
Transcription
1 McAfee Web Gateway 7.0 Overview Clive Lutley McAfee System Engineer (NSU) September 23, 2010
2 What will be covered Market Leading Technology Sample Rules Architecture Options The UI and Concepts 2 September 23, 2010
3 Market Leading Technology
4 Recognized Web Gateway Leader: Analyst reports McAfee Web Gateway, backed by McAfee s security expertise, is a solid choice for enterprise buyers looking for strong on-box malware protection [McAfee] received the highest score on the technology portion of the evaluation...thanks to its innovative Web reputation technology and high-performing appliance, IDC ranks McAfee #1 in Appliance Market Share for web security appliances 4 McAfee Web Gateway (Webwasher)
5 Awards and Testing Leading Independent Reviewers Rank McAfee Web Gateway a Leader Gartner Network World Forrester IDC AV-TEST.org Info Security SC Magazine Magic Quadrant Leader three straight years Clear Choice Winner in their product reviews Leader in its 2009 Web Filtering Wave McAfee #1 in Market Share in Web Security Appliances #1 ranking 3 straight years, independent web gateway anti-malware testing 2009 Readers Choice Award Best Web Security Gateway Products Best Anti-Malware Solution 2010 Best Solution from 6 Finalists WW500 Network World: McAfee's Web Gateway appliance is our Clear Choice winner McAfee's appliance thwarted more malware with lower latency than the other gateways. 6 McAfee Web Gateway (Webwasher)
6 McAfee Web Gateway: Designed For Web 2.0 SECURITY Hybrid security Local: Proactive anti-malware protection Cloud-based: McAfee AV with Artemis, Web reputation Deep content inspection including SSL traffic CONTROL Inbound / outbound filtering of multiple Web protocols Productive use of Web 2.0: Application control Powerful policy engine Prevent data leakage Extensive reporting/auditing PERFORMANCE Robust proxy / cache Enterprise scalability Flexible delivery: Appliances, VMware, blade Flexible deployment: Proxy, transparent bridge, transparent router Manage multiple Web security components 7 McAfee Web Gateway (Webwasher)
7 McAfee Web Gateway McAfee Web Gateway Appliance Hardware Proxy/Cache HTTP, HTTPs, FTP, RTSP, IM support, delegated and role based administration, epo integration, ICAP, Centralized Management, Flexible Network Options Authentication SSL-Scanner Ensure proper Web access by users: AD/LDAP, NTLM, edirectory, Kerberos, cookie, IP range, etc Unlocks encrypted traffic, enabling HTTPS content inspection, anti-malware scanning and company policy enforcement. Extensive Certificate Control. DLP Inspection Platform for McAfee Network DLP solutions for HTTP, FTP, HTTPS via ICAP Web filtering Multi-lingual URL filtering, Integrated Web Reputation powered by McAfee Labs, cloud look-up option for both categorization and reputation Anti-Virus Web 2.0 Security Reporting Solutions Virus filtering at the gateway utilizing the McAfee anti-virus engine and real-time Artemis look-ups. Separation of Desktop and Gateway engine technologies. In-depth, Zero-Day Proactive protection against Viruses, Worms, Trojans, and Spyware at the Internet gateway. Enterprise-level reporting on Web traffic.
8 Filtering on the Proxied Traffic Filtering traffic with MWG can be broken down into three distinct cycles. Request HTTP(S) requests (outbound) FTP requests (commands) All IM messages (see IM.Direction property) Response HTTP(S) responses (inbound) FTP responses (command results) Embedded Optionally after Request or Response cycle Only when request or response body contains embedded objects For example elements of a zip file or a HTML tag object There are also non filtering cycles, e.g.: Log Cycle Runs after all other cycles at the end of a transaction The Log Cycle is always executed
9 TrustedSource Reputation & Categorization 10
10 URL Filtering within 7.0 Local Database: 45 Million Entries URLs as well as IP addresses Web Reputation Safe Search Enforcement Cloud Database: 80% more data than what is locally stored on the appliance URL Geolocation Artemis Lookups Real Time information In the past (even with MWG 6.x) customers needed to schedule downloads of the URL database. While this gave the customer good coverage there was that delta timeframe between downloads where they were working with limited as well as potentially different data than was available. Average Customer Download: Every 6 hours.
11 Web Reputation powered by Global Threat Intelligence McAfee Labs File Reputation Web Reputation Reputation Network Reputation Point Products
12 Anti-Malware is More Than Anti-Virus Signature based detection is not enough to cover today s targeted Malware attacks Anti-Virus Signature based Anti-Virus is important part of Antimalware protection Stops known threats However it is only a single aspect of the complete solution Signature based detection is not enough to cover today s targeted Web 2.0 Malware attacks Intent Analysis Code authentication Checks for Digital Signature on active code Media Type Filter - verification via magic byte analysis not MIME + = Behavioral Malware detector - scans for malicious script intent and removes offending function calls Behavioral exploit detector inspects code for hostile behavior like buffer overflows, etc. Anti-Malware Prevents OS, browser and application exploits as a result of: Protects from known malicious code Protects from unknown malicious mobile code for which no signature exists Anti-Malware is a unique combination of Signature-based Anti-Virus PLUS intent analysis of mobile code
13 Anti-Malware Protection for Web 2.0 ActiveX Controls & Browser Helper Objects Windows Executables & Dynamic Link Libraries Java Applets & Applications JavaScript (in HTML, Stand-alone, in PDF). Visual Basic Script Visual Basic for Apps macros in Office documents Intent Analysis: Buffer overflow exploit detection Generic Trojan downloader detection Shell code detection Several other detection algorithms Active code Fragments extracted or blocked Security Policy maps classification into action Local Intent Analysis engines enforce the conditions set by the site s reputation, protecting from malicious active scripts, determining Intent when a signature cannot exist. Local Enforcement of Global Reputation.
14 Security: Malware Detection Leader Continues McAfee GW Edition Sophos Fortinet Symantec Trend Micro Q Average Response Time in Hours McAfee GW AntiVir Sophos Fortinet Symantec Trend Micro Authentium Proactive Detections: Q AV-Test is one of the worldwide leading providers of test scenarios analyzing effectiveness, behavior and speed of IT-security solutions Quarterly tests on 36 anti-malware products McAfee Web Gateway consistently leads 17 McAfee Web Gateway (Webwasher)
15 IM Proxy Supported Clients Free IM Filtering Features! Control of IM usage via Screen Names AntiMalware Scanning of Attachments Embedded URL Scanning of Chat Keyword Scanning of messages Logging of Chat Sessions (not the actual Chat!)
16 Helix Proxy by Real Networks Included at no extra cost with 7.0! Reduce Bandwidth Costs: By eliminating redundant data transmission between the server and proxy, you require less bandwidth to receive the same amount of content. Lower bandwidth usage translates into savings to your bottom line. Manage the Network: Cap inbound and outbound bandwidth, ensuring that missioncritical applications are not adversely affected by streaming activities. Control Content: Helix Proxy authenticates every client request at the origin, so control of the content always stays at the proxy. Security: Helix Proxy masks the IP address of your internal users. Improve End-User Playback: By caching and splitting content closer to the end-user, Helix Proxy reduces transmission problems that degrade the quality of the playback experience.
17 Complete One Box Solution URL Filter Multi-vector reputation-based filtering including IP, Message, Content, URL, geo-location Yes Anti-Malware Signature-based anti-virus Cloud-based anti-virus look-ups Industry-leading, 3 rd party tested, pro-active filtering/protection for unknown attacks Unlimited file size scanning Single appliance integration Yes Yes Yes Yes Yes Other Features Authenticode filter digital signatures Yes Flexible rules-based filtering engine Yes Streaming proxy support Yes epo integration Yes App control including IM Yes Flexible authentication (cookie auth, Kerberos) Yes 21 McAfee Web Gateway (Webwasher) September 23, 2010
18 Operation Aurora Infected Malicious Sites Inbound Content Protection Downloads Dropper Downloaded Trojan Infected Machine phones home Ad.jpg ccc.htm File does not contain correctly structured JPG content Destination of launch page denied by TrustedSource based on reputation and category. Proactive protection from malicious code by Gateway Anti-malware Heuristic.BehavesLike. JS.Obfuscated.E Destination of downloader denied by TrustedSource Caught at Gateway by media type Decodes To Blocked by SSL Decryption Decodes To Heuristic.BehavesLike. HTML.Suspicious.B Trojan.Spy.Gen Runs Exploit Code Heuristic.Exploit. CodeExec.PGPG
19 Experience the Benefits Background Fortune 100 US corporation Existing web proxy/gateway installation 30-Day POC Evaluation One sixth of users moved to Web Gateway Scanned Ninety-two million URLs 346,000 websites and web objects Results 280,000 URLs categorized incorrectly by current proxy 16,000 discrete web objects containing malware 50,000 URLs with unacceptable reputations Savings: Estimated ROI 1,000 desktops saved from infection Remediation costs: $150-$200 per desktop During POC: $150,000-$200,000 savings Extrapolated to entire organization: $900k to 1.2M savings per month
20 Understand Traffic and Simplify Investigations McAfee Web Reporter Stand-Alone Windows, Linux Software Pre-built and customizable reports and dashboards Real-time views with extensive drilldown capability Scheduled reporting in multiple languages quickly process GBs of data Enterprise features: delegated reporting options 24 McAfee Web Gateway (Webwasher)
21 MWG 7 features vs benefits Features Streaming Proxies IM Proxies Trusted Source SDK Artemis Logfiles per policy Rule tracing Rule engine 64bit OS New proxy architecure Search function Benefits Provides additional access control and bandwidth savings for streaming as well as reduced latency. Eliminates the need to reconfigure each desktop. Allows DLP and compliance enforcement for IM, allows to apply all security features of MWG to IM traffic. New TS SDK adds supports a hybrid (local database plus online queries) lookup, providing a significantly enhanced coverage and real-time lookup for new sites. Artemis adds online virus lookup for executables, resulting in improved detection rate. Adds multi-tenant logging capabilities, makes the product the perfect fit for MSP/Telco, education or large enterprise environments. Improved troubleshooting. New rule based policy engine provides un-matched flexibility, and adds additional multi-tenancy features. Improved scalability. New internal architecture and re-designed connection handling, resulting in improved scalability and overall robustness. Simplified and faster administration through product-wide search for content in rules, lists and settings. Hierarchical rules 25 Additional multi-tenancy capabilities September 23, 2010
22 High Level Feature Comparison Proxy/Cache with complete AAA functionality, Auditable configuration management, and Cache. High-performance, multi-lingual Web filtering, with Integrated Web Reputation scoring. In-depth, ultra-high performance Proactive Anti Malware protection against Viruses, Worms, Trojans and Spyware at the gateway Anti Virus filtering at the gateway with the McAfee Scanning engine. SSL Scanner which unlocks encrypted traffic, enabling HTTPS content anti-virus scanning and company policy enforcement. IM Proxy for the most common IM protocols, such as ICQ, 26 AIM, MSN, Yahoo. Native Streaming Proxy with support for RTSP, MMS with split streaming and caching. Flexible Rule-base Policy Engine with high granularity and object oriented approach Installation and Startup wizards for easy setup x x x x September 23, 2010
23 Architecture Options
24 Performance McAfee Web Gateway Content Security Blade Server WG5500 WG5000 WW1100 SaaS Security as a Service WW500 Branch Office Corporate HQ 28 McAfee Web Gateway (Webwasher)
25 Architecture possibilities and preferences Explicit Direct Proxy.pac Transparent Bridge mode Router mode WCCP Next hop ICAP 29 September 23, 2010
26 Architecture Options Using an external hardware load balancer is MFE best practice for HA MWG cluster installs. 30 September 23, 2010
27 Architecture Options -however- MWG 7 has several built in load balancing setups Proxy HA Router Mode Bridge Mode *** throughput my be limited by the 1gb NIC unless you manually configure channel bonding which is not currently supported in the GUI Redundant directors are support via VRRP or STP Directors are the appliances that are used also as load balancers Scanning nodes are only used for scanning traffic 31 September 23, 2010
28 Proxy HA Mode Proxy HA Mode proxy port on the director node traffic is redirected to scanning nodes at kernel level 32 September 23, 2010
29 Transparent Bridge Mode Bridge Mode director is plugged into the network path like a bridge no proxy configuration on the client selected destination ports are intercepted transparent: director keeps IP and MAC use Spanning Tree Protocol to switch redundant bridge(s) into blocking state 33 September 23, 2010
30 Transparent Router Mode Router Mode director has to be in the routing path, e.g. as default gateway no proxy configuration on the client selected destination ports are intercepted transparent: director keeps IP 34 September 23, 2010
31 McAfee Network DLP and McAfee Web Gateway Action SMTP FTP Servers, Extranet Sales Prevent Monitor ICAP!!! Research Finance McAfee Web Gateway
32 UI & Concepts
33 Concepts Find your way around The new java based web interface is separated into 5 main Sections Each Section might have tabs for sub-sections Settings are arranged in a tree structure for easy access 37 September 23, 2010
34 Concepts Find your way around The Dashboard will give you a good overview of current system statistics If you have multiple MWGs in a cluster, you can view Dashboards from different appliances in one interface 38 September 23, 2010
35 Feature set of 7.0 (DashBoards) 11 Default Dashboards are available within 7.0 Example: Malware Statistics gives you an list of the Malware names as well as the URLs that delivered it. Multiple MWGs Dashboards can be viewed directly through the single administrative gui
36 Concepts Find your way around Under Policy you will be able to configure ALL your filtering Rules You can find three tabs that will give you the options to configure everything you need for filtering 40 September 23, 2010
37 Concepts Find your way around The Configuration section will show all the options to configure general settings and the appliance itself Licensing Clustering Proxy mode and ports Network settings Monitoring/SNMP General Log File settings like pushing and rotation 41 September 23, 2010
38 Concepts Find your way around On the Accounts tab you will configure users and permissions for the administration of MWG 42 September 23, 2010
39 Concepts Find your way around Troubleshooting will allow the MWG administrator to execute common tasks from the web interface Feedback.sh Tcpdump Log file viewing etc 43 September 23, 2010
40 Rule-Based in MWG7 Request Cycle URL is in Global Whitelist URL is in Global Blacklist Authenticate Is URL High Risk Reputation? User= jsmith Group = Webmail Users & URL in WebMail Category Group = Domain Users Allow Whitelist Sites Block isauthenticated = false Block Client.IP is in Allowed IP List Allow Webmail Sites Allow Default Sites Every Rule is user-defined. No hard-coded sequence of events. Conditions can be added as needed. Multiple levels of nested rules. Infinite combinations of conditions. Allowed Sites Only Allowed Sites for jsmith only Response Cycle Virus and Malware Scanning Cache this Content? Is SSL Certificate Valid? Zip File is Encrypted Body contains List of bad words Media Type = MP3? Block Cache Block Bypass AV Scanning Block Block MP3
41 Rule Sets Rule Set Set of Rules Applies to Requests, Responses & Embedded Cycle Rules Sequential evaluation of Rule Criteria Property, Operator, Operand Action Continue (go to next rule) Block (display Block Page) Redirect (to another page) Stop Rule Set (go to next Rule Set) Stop Cycle (stop further filtering-allow traffic) Authenticate Remove (content from page) Events Perform a System Action, such as: Send Alert Manipulate Headers or Body Next-Hop Proxy, etc. Set Property (manipulate variables and counters) Set Log Handler or Error Handler Rule Criteria Property Variables in the system to make decisions on. (URL, Client.IP, isinfected, etc) Operator Comparisons. (Equals, Greater than, Contains, Is in list, etc.) Operand Parameter to compare to. (Category, String, Boolean, Wildcard Expression, etc.) 45 September 23, 2010
42 Sample Rule to Block Category 46 September 23, 2010
43 Block Page Result 47 September 23, 2010
44 Geographical Location URL.GeoLocation is a string property that gets populated from a lookup to the Trusted Source Network. Embargoed Country List is just a string list that was created with the two letter country codes for countries on the US Embargoed List By using the Operator is in list and a custom block page Embargo Test you can offer a level of control/protection that most others can t do. If you will notice there is also an AND statement with another rule based on self signed certificates that was added just to show how easy it is to create rules. 48 September 23, 2010
45 Other cool things? Its almost endless.. How about creating a clientless Site Advisor? 49 September 23, 2010
46 Other cool things? Its almost endless.. Granular control over who uses the application and how it is used Enabling or disabling specific functionality as needed Allow Facebook, but block all Games or specific, e.g. Mafia Wars Example below: Using the policy engine to determine if a user can view YouTube videos, and what kind of Videos they may view! 50 September 23, 2010
47
Securing and Optimizing the Next Generation Branch Office
Securing and Optimizing the Next Generation Branch Office 1 Global Organizations Current state of affairs 3 Globally distributed enterprises rely on the WAN for day to day operations to stay competitive
McAfee Web Gateway Administration Intel Security Education Services Administration Course Training
McAfee Web Gateway Administration Intel Security Education Services Administration Course Training The McAfee Web Gateway Administration course from Education Services provides an in-depth introduction
Threat Containment for Facebook
Threat Containment for Facebook Based on statistics for more than 62M users in 2009, the Blue Coat WebPulse cloud service ranked social networking as the number one most requested web category, surpassing
Cyan Networks Secure Web vs. Websense Security Gateway Battle card
URL Filtering CYAN Secure Web Database - over 30 million web sites organized into 31 categories updated daily, periodically refreshing the data and removing expired domains Updates of the URL database
Gateway Security at Stateful Inspection/Application Proxy
Gateway Security at Stateful Inspection/Application Proxy Michael Lai Sales Engineer - Secure Computing Corporation MBA, MSc, BEng(Hons), CISSP, CISA, BS7799 Lead Auditor (BSI) Agenda Who is Secure Computing
Reverse Proxy for Trusted Web Environments > White Paper
> White Paper ProxySG for Reverse Proxy Web-based solutions are being implemented for nearly every aspect of business operations, and increasingly for trusted environments with mission-critical business
Content Scanning for secure transactions using Radware s SecureFlow and AppXcel together with Aladdin s esafe Gateway
TESTING & INTEGRATION GROUP SOLUTION GUIDE Content Scanning for secure transactions using Radware s SecureFlow and AppXcel together with Aladdin s esafe Gateway INTRODUCTION...2 RADWARE SECUREFLOW... 3
Direct or Transparent Proxy?
Direct or Transparent Proxy? Choose the right configuration for your gateway. Table of Contents Direct Proxy...3 Transparent Proxy...4 Other Considerations: Managing authentication made easier.....4 SSL
Secure Web Gateway 11.5 Release Notes
Trustwave is pleased to announce the release of Secure Web Gateway version 11.5. Review the Release Notes below for further information. Contents New Features... 1 General Enhancements and Bug Fixes...
Symantec Endpoint Protection 12.1.2
Data Sheet: Endpoint Security Overview offers comprehensive defense against complex attacks for both physical and virtual environments. It integrates ten essential security technologies in a single, high
SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity
SSL-VPN Combined With Network Security Introducing A popular feature of the SonicWALL Aventail SSL VPN appliances is called End Point Control (EPC). This allows the administrator to define specific criteria
Controlling Risk, Conserving Bandwidth, and Monitoring Productivity with Websense Web Security and Websense Content Gateway
Controlling Risk, Conserving Bandwidth, and Monitoring Productivity with Websense Web Security and Websense Content Gateway Websense Support Webinar January 2010 web security data security email security
Web Application Firewall for Untrusted Web Environments > White Paper
> White Paper ProxySG Web Application Firewall Web-based solutions are being implemented for nearly every aspect of business operations, and these are increasingly under attack within public web access
Move over, TMG! Replacing TMG with Sophos UTM
Move over, TMG! Replacing TMG with Sophos UTM Christoph Litzbach, Pre-Sales Engineer NSG 39 Key Features of TMG HTTP Antivirus/spyware URL Filtering HTTPS forward inspection Web Caching Role based access
Superior protection from Internet threats and control over unsafe web usage
datasheet Trend Micro interscan web security Superior protection from Internet threats and control over unsafe web usage Traditional secure web gateway solutions that rely on periodic updates to cyber
Symantec Endpoint Protection 12.1.6
Data Sheet: Endpoint Security Overview Last year, we saw 317 million new malware variants, while targeted attacks and zero-day threats were at an all-time high 1. The threat environment is evolving quickly
Next-Generation Firewalls: Critical to SMB Network Security
Next-Generation Firewalls: Critical to SMB Network Security Next-Generation Firewalls provide dramatic improvements in protection versus traditional firewalls, particularly in dealing with today s more
Enterprise Buyer Guide
Enterprise Buyer Guide Umbrella s Secure Cloud Gateway vs. Web Proxies or Firewall Filters Evaluating usability, performance and efficacy to ensure that IT teams and end users will be happy. Lightweight
SWSA ((SECURING WEB WITH CISCO WEB SECURITY APPLIANCE)) 2.1
SWSA ((SECURING WEB WITH CISCO WEB SECURITY APPLIANCE)) 2.1 Objetivo Securing Web with Cisco Web Security Appliance (SWSA) é um curso com carga horário de dois dias, que proporciona aos alunos os conhecimentos
How To Protect Your Network From Attack From A Virus And Attack From Your Network (D-Link)
NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls (DFL-260/860) integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content Filtering
McAfee Firewall Enterprise System Administration Intel Security Education Services Administration Course
McAfee Firewall Enterprise System Administration Intel Security Education Services Administration Course The McAfee Firewall Enterprise System Administration course from McAfee University is a fast-paced,
McAfee Web Gateway 7.4.2
Release Notes Revision A McAfee Web Gateway 7.4.2 Contents About this release New features and enhancements Resolved issues Installation instructions Known issues Additional information Find product documentation
Secure Web Gateways Buyer s Guide >
White Paper Secure Web Gateways Buyer s Guide > (Abbreviated Version) The web is the number one source for malware distribution. With more than 2 million 1 new pages added every day and 10,000 new malicious
Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications
Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications November, 2010 2010 Websense, Inc. All rights reserved. Websense is a registered
Web Security Gateway Anywhere
Web Security Gateway Anywhere The Web Security Challenge Web Technology Trends Dynamic, interactive Web 2.0 technologies have transformed the Web into a core business application platform Customer relationship
Web Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks [email protected]
Web Application Security Radovan Gibala Senior Field Systems Engineer F5 Networks [email protected] Security s Gaping Hole 64% of the 10 million security incidents tracked targeted port 80. Information Week
SafeNet Content Security Product Overview. Protecting the Network Edge
SafeNet Content Security Product Overview Protecting the Network Edge From idea to action, SafeNet smartly protects information as it moves through its lifecycle. With data encryption and control solutions,
Astaro Gateway Software Applications
Astaro Overview Astaro Products - Astaro Security Gateway - Astaro Web Gateway - Astaro Mail Gateway - Astaro Command Center - Astaro Report Manager Astaro Gateway Software Applications - Network Security
Basic & Advanced Administration for Citrix NetScaler 9.2
Basic & Advanced Administration for Citrix NetScaler 9.2 Day One Introducing and deploying Citrix NetScaler Key - Brief Introduction to the NetScaler system Planning a NetScaler deployment Deployment scenarios
The Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know
The Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know I n t r o d u c t i o n Until the late 1990s, network security threats were predominantly written by programmers seeking notoriety,
SafeNet Content Security. esafe SmartSuite - Security that Thinks. Real-time, Smart and Simple Web and Mail Security Solutions.
SafeNet Content Security esafe SmartSuite - Security that Thinks Real-time, Smart and Simple Web and Mail Security Solutions Product Overview Malware CONTENT SECURITY Antivirus Malware A secure Web gateway
Protect your internal users on the Internet with Secure Web Gateway. Richard Bible EMEA Security Solution Architect
Protect your internal users on the Internet with Secure Web Gateway Richard Bible EMEA Security Solution Architect Identity and Access Management (IAM) Solution Authentication, Authorization, and SSO to
Solution Brief FortiMail for Service Providers. Nathalie Rivat
Solution Brief FortiMail for Service Providers Nathalie Rivat Agenda FortiMail for Internet Service Providers Outbound antispam to prevent blacklisting MMS routing for Mobile Operators Inbound antispam
Protecting the Infrastructure: Symantec Web Gateway
Protecting the Infrastructure: Symantec Web Gateway 1 Why Symantec for Web Security? Flexibility and Choice Best in class hosted service, appliance, and virtual appliance (upcoming) deployment options
Content-ID. Content-ID URLS THREATS DATA
Content-ID DATA CC # SSN Files THREATS Vulnerability Exploits Viruses Spyware Content-ID URLS Web Filtering Content-ID combines a real-time threat prevention engine with a comprehensive URL database and
NetDefend Firewall UTM Services
NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content Filtering (WCF) for superior
74% 96 Action Items. Compliance
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated
HTTPS Inspection with Cisco CWS
White Paper HTTPS Inspection with Cisco CWS What is HTTPS? Hyper Text Transfer Protocol Secure (HTTPS) is a secure version of the Hyper Text Transfer Protocol (HTTP). It is a combination of HTTP and a
REVOLUTIONIZING ADVANCED THREAT PROTECTION
REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my
A Websense White Paper Implementing Best Practices for Web 2.0 Security with the Websense Web Security Gateway
A Websense White Paper Implementing Best Practices for Web 2.0 Security with the Websense Web Security Gateway Table of Contents Introduction... 3 Implementing Best Practices with the Websense Web Security
Networking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
FortiMail Email Filtering Course 221-v2.2 Course Overview
FortiMail Email Filtering Course 221-v2.2 Course Overview FortiMail Email Filtering is a 2-day instructor-led course with comprehensive hands-on labs to provide you with the skills needed to design, configure,
Cisco Small Business ISA500 Series Integrated Security Appliances
Q & A Cisco Small Business ISA500 Series Integrated Security Appliances Q. What is the Cisco Small Business ISA500 Series Integrated Security Appliance? A. The Cisco Small Business ISA500 Series Integrated
SSL Inspection Step-by-Step Guide. June 6, 2016
SSL Inspection Step-by-Step Guide June 6, 2016 Key Drivers for Inspecting Outbound SSL Traffic Eliminate blind spots of SSL encrypted communication to/from the enterprise Maintaining information s communication
Websense Web Security Gateway: What to do when a Web site does not load as expected
Websense Web Security Gateway: What to do when a Web site does not load as expected Websense Support Webinar November 2011 web security data security email security Support Webinars 2009 Websense, Inc.
Cisco IronPort Email & Web Security
Cisco IronPort Email & Web Security Greg Griessel Consulting Systems Engineer - Security [email protected] 2010 Cisco and/or its affiliates. All rights reserved. Ciscc 1 Application-Specific Security Gateways
McAfee Web Gateway 7.4.1
Release Notes Revision B McAfee Web Gateway 7.4.1 Contents About this release New features and enhancements Resolved issues Installation instructions Known issues Find product documentation About this
Content Inspection Director
Content Inspection Director High Speed Content Inspection North America Radware Inc. 575 Corporate Dr. Suite 205 Mahwah, NJ 07430 Tel 888 234 5763 International Radware Ltd. 22 Raoul Wallenberg St. Tel
Evaluation Guide. iprism Web Security. 800-782-3762 www.edgewave.com V7.000
800-782-3762 www.edgewave.com Welcome to EdgeWave Web Security! This short guide is intended to help administrators set up and test the iprism Web Filtering appliance for evaluation purposes. A more detailed
Content Security Gateway Series Real-time Gateway Web Security Against Spyware and Viruses
Content Security Gateway Series Real-time Gateway Web Security Against Spyware and Viruses 1. Why do I need a Web security or gateway anti-spyware solution? Malware attack vector is rapidly shifting from
ISB13 Web security deployment options - which is really best for you? Duncan Mills, Piero DePaoli, Stuart Jones
ISB13 Web security deployment options - which is really best for you? Duncan Mills, Piero DePaoli, Stuart Jones Web Security Deployment Options 1 1 The threat landscape 2 Why Symantec web security 3 Generic
WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8
WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8 Overview Global organizations are constantly battling with advanced persistent threats (APTs) and targeted attacks focused on extracting intellectual property
Simple security is better security Or: How complexity became the biggest security threat
Simple security is better security Or: How complexity became the biggest security threat Christoph Litzbach, Pre-Sales Engineer NSG 1 What do they have in common? DATA BREACH 2 Security is HARD! Components
NetDefend Firewall UTM Services
Product Highlights Intrusion Prevention System Dectects and prevents known and unknown attacks/ exploits/vulnerabilities, preventing outbreaks and keeping your network safe. Gateway Anti Virus Protection
How To Control Your Network With A Firewall On A Network With An Internet Security Policy On A Pc Or Ipad (For A Web Browser)
1110 Cool Things Your Firewall Should Do Extend beyond blocking network threats to protect, manage and control application traffic Table of Contents The Firewall Grows Up 1 What does SonicWALL Application
Integrated Approach to Network Security. Lee Klarich Senior Vice President, Product Management March 2013
Integrated Approach to Network Security Lee Klarich Senior Vice President, Product Management March 2013 Real data from actual networks 2 2012, Palo Alto Networks. Confidential and Proprietary. 2008: HTTP,
Web Security Gateway Solutions
Web Security Gateway Solutions Websense Web Security Gateway Solutions 90 percent of the top 100 Web sites are classified as social networking or search and more than 47 percent of these sites support
INTRODUCTION TO FIREWALL SECURITY
INTRODUCTION TO FIREWALL SECURITY SESSION 1 Agenda Introduction to Firewalls Types of Firewalls Modes and Deployments Key Features in a Firewall Emerging Trends 2 Printed in USA. What Is a Firewall DMZ
Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.
Content-ID Content-ID enables customers to apply policies to inspect and control content traversing the network. Malware & Vulnerability Research 0-day Malware and Exploits from WildFire Industry Collaboration
Symantec Endpoint Protection 12.1.5 Datasheet
Symantec Endpoint Protection 12.1.5 Datasheet Data Sheet: Endpoint Security Overview Malware has evolved from large-scale massive attacks to include Targeted Attacks and Advanced Persistent Threats that
Symantec Endpoint Protection 12.1.4
Data Sheet: Endpoint Security Overview provides unrivaled security across physical and virtual platforms and support for the latest operating systems-mac OS X 10.9 and Windows 8.1. Powered by Symantec
Web Request Routing. Technical Brief. What s the best option for your web security deployment?
Web Request Routing and Redirection What s the best option for your web security deployment? Choosing the right method for redirecting traffic to your secure web gateway is absolutely essential to maximize
Firewall and UTM Solutions Guide
Firewall and UTM Solutions Guide Telephone: 0845 230 2940 e-mail: [email protected] Web: www.lsasystems.com Why do I need a Firewall? You re not the Government, Microsoft or the BBC, so why would hackers
WEB APPLICATION FIREWALLS: DO WE NEED THEM?
DISTRIBUTING EMERGING TECHNOLOGIES, REGION-WIDE WEB APPLICATION FIREWALLS: DO WE NEED THEM? SHAIKH SURMED Sr. Solutions Engineer [email protected] www.fvc.com HAVE YOU BEEN HACKED????? WHAT IS THE PROBLEM?
ANNEXURE TO TENDER NO. MRPU/IGCAR/COMP/5239
ANNEXURE TO TENDER NO. MRPU/IGCAR/COMP/5239 Check Point Firewall Software and Management Software I. Description of the Item Up gradation, installation and commissioning of Checkpoint security gateway
STOPPING LAYER 7 ATTACKS with F5 ASM. Sven Müller Security Solution Architect
STOPPING LAYER 7 ATTACKS with F5 ASM Sven Müller Security Solution Architect Agenda Who is targeted How do Layer 7 attacks look like How to protect against Layer 7 attacks Building a security policy Layer
How To Protect Your Web Security From Attack From A Malicious Website Or Email From A Corporate Network (For A Fee)
Nine Essential Requirements for Web Security Enabling safe, productive access to social media and other web applications Table of Contents Executive Summary...3 Introduction...4 Web Security Concerns....4
THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS
THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS INCONVENIENT STATISTICS 70% of ALL threats are at the Web application layer. Gartner 73% of organizations have been hacked in the past two
Comprehensive real-time protection against Advanced Threats and data theft
TRITON AP-WEB Comprehensive real-time protection against Advanced Threats and data theft Your business and its data are under constant attack. Traditional security solutions no longer provide sufficient
Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Express Websense Hosted Web Security
Web Security Gateway Web Security Web Filter Express Hosted Web Security Web Security Solutions The Approach In the past, most Web content was static and predictable. But today s reality is that Web content
When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.
Deployment Guide Revision C McAfee Web Protection Hybrid Introduction Web Protection provides the licenses and software for you to deploy Web Gateway, SaaS Web Protection, or a hybrid deployment using
Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003
Lectures 9 Advanced Operating Systems Fundamental Security Computer Systems Administration TE2003 Lecture overview At the end of lecture 9 students can identify, describe and discuss: Main factors while
Web Application Firewall
Web Application Firewall Getting Started Guide August 3, 2015 Copyright 2014-2015 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks
ISA Server Plugins Setup Guide
ISA Server Plugins Setup Guide Secure Web (Webwasher) Version 1.3 Copyright 2008 Secure Computing Corporation. All rights reserved. No part of this publication may be reproduced, transmitted, transcribed,
CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module
CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human
REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL
REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL AWF Series Web application firewalls provide industry-leading Web application attack protection, ensuring continuity
Secure Cloud-Ready Data Centers Juniper Networks
Secure Cloud-Ready Data Centers Juniper Networks JUNIPER SECURITY LEADERSHIP A $1B BUSINESS Market Leadership Data Center with High- End Firewall #1 at 42% Secure Mobility with SSL VPN #1 at 25% Security
Applications erode the secure network How can malware be stopped?
Vulnerabilities will continue to persist Vulnerabilities in the software everyone uses everyday Private Cloud Security It s Human Nature Programmers make mistakes Malware exploits mistakes Joe Gast Recent
Kaspersky Endpoint Security 8 for Windows and Kaspersky Security Center
Kaspersky Endpoint Security 8 for Windows and Kaspersky Security Center Reviewer s Guide Contents Introduction / Solution Headlines... 3 Getting Started... 4 Deployment... 4 Installation on an Infected
Cisco Cloud Web Security
Data Sheet Today s highly connected and fast-moving world is filled with complex and sophisticated web security threats. Cisco delivers the strong protection, complete control, and investment value that
WildFire Reporting. WildFire Administrator s Guide 55. Copyright 2007-2015 Palo Alto Networks
WildFire Reporting When malware is discovered on your network, it is important to take quick action to prevent spread of the malware to other systems. To ensure immediate alerts to malware discovered on
IBM Managed Security Services (Cloud Computing) hosted e-mail and Web security - express managed Web security
IBM Managed Security Services (Cloud Computing) hosted e-mail and Web security - express managed Web security INTC-8608-01 CE 12-2010 Page 1 of 8 Table of Contents 1. Scope of Services...3 2. Definitions...3
User Identification and Authentication
User Identification and Authentication Vital Security 9.2 Copyright Copyright 1996-2008. Finjan Software Inc.and its affiliates and subsidiaries ( Finjan ). All rights reserved. All text and figures included
FortiGuard Web Content Filtering versus Websense March 2005
FortiGuard Web Content Filtering versus Websense March 2005 FortiGuard Web Filtering offers schools and enterprises a cost effective and easy to deploy solution to enforce safe and acceptable web usage
Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright 2007-2015 Palo Alto Networks
Decryption Palo Alto Networks PAN-OS Administrator s Guide Version 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com/company/contact-us
QUICK START GUIDE. Cisco S170 Web Security Appliance. Web Security Appliance
1 0 0 0 1 1 QUICK START GUIDE Web Security Appliance Web Security Appliance Cisco S170 303417 Cisco S170 Web Security Appliance 1 Welcome 2 Before You Begin 3 Document Network Settings 4 Plan the Installation
Cisco S380 and Cisco S680 Web Security Appliance
QUICK START GUIDE Cisco S380 and Cisco S680 Web Security Appliance 1 Welcome 2 Before You Begin 3 Document Network Settings 4 Plan the Installation 5 Install the Appliance in a Rack 6 Plug In the Appliance
How To Protect A Web Application From Attack From A Trusted Environment
Standard: Version: Date: Requirement: Author: PCI Data Security Standard (PCI DSS) 1.2 October 2008 6.6 PCI Security Standards Council Information Supplement: Application Reviews and Web Application Firewalls
How Traditional Firewalls Fail Today s Networks And Why Next-Generation Firewalls Will Prevail
How Fail Today s Networks And Why Will Prevail Why your current firewall may be jeopardizing your security, and how you can counter today s threats, manage web 2.0 apps and enforce acceptable-use policies.
Barracuda Web Filter Demo Guide Version 3.3 GETTING STARTED
Version 3.3 GETTING STARTED What is the Web Filter? Integrated content filtering and application blocking Best-of-breed spyware protection Integrated gateway antivirus Desktop spyware protection Firmware
Zscaler Internet Security Frequently Asked Questions
Zscaler Internet Security Frequently Asked Questions 1 Technical FAQ PRODUCT LICENSING & PRICING How is Zscaler Internet Security Zscaler Internet Security is licensed on number of Cradlepoint devices
Network protection and UTM Buyers Guide
Network protection and UTM Buyers Guide Using a UTM solution for your network protection used to be a compromise while you gained in resource savings and ease of use, there was a payoff in terms of protection
SiteCelerate white paper
SiteCelerate white paper Arahe Solutions SITECELERATE OVERVIEW As enterprises increases their investment in Web applications, Portal and websites and as usage of these applications increase, performance
Lab Testing Detailed Report DR100412D. Detailed Competitive Testing of the Websense Web Security Gateway 7.5
Lab Testing Detailed Report DR100412D Detailed Competitive Testing of the Security 7.5 May 2010 Miercom www.miercom.com Contents Executive Summary... 3 Key Findings... 4 Figure 1: Averages of Percentage
