Web Security Gateway Anywhere

Web Security Gateway Anywhere

The Web Security Challenge

Web Technology Trends Dynamic, interactive Web 2.0 technologies have transformed the Web into a core business application platform Customer relationship and payroll are now delivered over the Web while social networking is used for recruitment, lead generation, and marketing. Along with Web 2.0, however, comes new risk as traditional URL filtering and antivirus solutions are rendered ineffective. Blocking access is not the answer increasingly the business needs broad Web access to compete and enable employees to get the job done. 2010 Websense, Inc. All rights reserved.

The Web Security Challenge Enable secure business use of dynamic, interactive Web resources Dynamic malware protection Web is THE primary malware distribution platform AV can t keep pace Dynamic acceptable use policy Traditional URL filtering can t handle dynamic nature of today s Web Force IT into monolithic ON/OFF policies Outbound data loss and compliance Interactive destinations multiply data loss risk Inbound mixed content, malicious scripts AV, Filter, DLP Outbound PII, CC#, SSN, health, financial 58% of data stealing malware is Web based Rising Web security TCO Managing multiple vendors and products Supporting the distributed enterprise

Static URL Filtering is Dead Gambling Video or Audio Streaming Auctions Traditional URL filters, classify this as Search Is it really? Social Networking Inappropriate Content Understanding the URL is not enough. You must understand and control the content on the page.

Complexity Driving Higher TCO Branch Offices Remote Client Remote Users AV Web DLP Sniffer SaaS SaaS SaaS Console HQ / Large Branch Web/AV Manager Web DLP Manager AV DLP Sniffer Manage multiple products and vendors Web, AV, DLP Multiple boxes, policies, reporting systems, and relationships Securing the distributed enterprise Remote offices lack technical expertise May add yet another separately managed SaaS solution The challenge replace ad-hoc Web security with a simple, unified solution

The Web Security Gateway Anywhere Solution

The TRITON Architecture Unified Solution Web Security Data Security Unified Content Security Email Security Unified Platform SaaS Appliance Software Unified Management 2010 Websense, Inc. All rights reserved.

The Web Security Gateway Solution The best security against modern threats Apply policy to dynamic, interactive Web 2.0 content Protect against dynamic and scripted Web threats Prevent outbound data loss and establish compliance controls Manage use of network applications and protocols Gain visibility into encrypted SSL traffic At the industry s lowest TCO Consolidate multiple products and deployment platforms with a unified content security solution 9

Web Security Gateway Overview 1 2 Advanced Classification Engine TruHybrid Deployment 3 TruWeb DLP 4 5 Enterprise Proxy Architecture TRITON Console

V-Series Appliances Enterprise-class performance and reliability for on-premise deployments Scale to 7,500 users per appliance Support for load balanced, high availability clusters Global 24 x 7 phone support Global 4 hour on-site service Proven in Fortune 100 environments Lowest total cost of ownership Preconfigured, hardened, simple to deploy Consolidated Web security: filtering, AV, real-time scanning, DLP, management Investment protection - future support for Web, DLP, email security V10000 Appliance Headquarters/ Large Branch Appliance Two Deployment Options V5000 Medium Business/Branch V10000 Headquarters/Large Branch

V-Series Deployment Options V10000 Appliance Enterprise HQ / large branch Up to 7,500 users Component redundancy Investment protection Scale for consolidated Web AND email (v7.6) Headroom to grow beyond 2000 users V5000 Appliance Enterprise branch and medium business Up to 2,000 users Web OR email appliance (v7.6) V-Series Appliances DLP Web DLP Email DLP Web OR DLP Email V10000 V5000 V5000

Websense TRITON Advanced Classification Engine (ACE) ThreatSeeker Network 0101010101010101 1010110111010101

Real-time Content Classification Extends acceptable use policy to dynamic content not accurately classified by traditional URL filtering Password protected, mixed-content, uncategorized, personalized sites igoogle, Facebook, LindedIn, Twitter, MyYahoo, etc. Dynamically classifies content within each Web page on the fly Allow appropriate content, block unwanted or malicious content Accurate across all 95 Websense categories Unlock the power of the Web 2.0 without compromising productivity and security 14

Without Websense 15

With Websense 16

Without Websense Decisions based on past history not actual content YES NO MAYBE???????? Simplistic policies lead to over-blocking or poor security Facebook = BAD, block all pages Wikipedia = GOOD, allow unrestricted access AV and other signature-based technologies protect against known threats only No practical data loss prevention Manually configured regular expressions guarantee false positives, extensive tuning, and wasted time No best practice compliance policies or reporting Enterprise-class compliance solution requires complex and costly third-party integration

With Websense Real-time classification for granular control of content elements within page Across 95 categories Actual content versus past reputation Real-time security scanning for dynamic zero day and scripted malware protection YES NO MAYBE NO YES MAYBE YES YES YES Native integration of market leading DLP for easy to deploy data compliance controls Enables organizations to enable Web 2.0 without inbound threats and outbound risks

Real-time Security Scanning Modern threats designed to evade antivirus (AV) AV blocks known threats > attacks change or target zero-day vulnerabilities AV focuses on executables > attacks are scripted Leverage complex evasion methods obfuscation, hybrid Web/email, spearphishing Real-time security scanning protects against dynamic zero day and scripted attacks that evade antivirus Analyzes scripts, executables, URL, reputation, and content on-the-fly Multi-point analytics combine to identify malicious intent Augments integrated antivirus and malicious URL filtering for complete protection against known and unknown threats JavaScript Active X Executables Applets Flash Silverlight Code analyzed malicious intent blocked JavaScript Active X Executables Applets Silverlight 19

The ThreatSeeker Network 1 billion pieces of content per day Websense Web Security Gateway Threat Detection/Probes Real-Time Security Updates Shared Analytics/Feedback ThreatSeeker Technology 2+ million posts per day Websense Hosted Customers Defensio ThreatSeeker Technology Websense Security Labs 200+ million sites per day 10+ million emails per hour Websense Hosted Security URL and Security Database

Flexible policy controls Granular web policy creation 95 URL categories Control to block, allow, confirm and use quota Implement policy for groups and individuals Integration with authentication services Allows detailed policy and actionable reporting

Advanced Protocol Control Growth in development and use of network protocols for applications IM, P2P etc can be implemented using SSL to create invisibility Growing security concern for inbound and outbound communications Web Security Gateway controls 130+ protocols and applications Prevent threats from entering network via non-business channels (e.g. P2P, IM) Prevent confidential data from leaving Preserve bandwidth for business applications Control SSL encrypted (e.g. GoogleWave) and tunneled enterprise applications (e.g. Webified Oracle) 22

TruHybrid Deployment The ONLY solution with unified management of hybrid on-premise / SaaS deployments SaaS Web Security Remote Users TRITON Console Branch SSL Flexibility to deploy where and how you need it Secure HQ with on premise appliance Secure branch and mobile users in the cloud No need to manage separate policies and reports 2X lower operating cost than competition V-Series Appliances HQ/Branch

TruHybrid in Action Secure branch office and mobile users in minutes Register branch IP addresses with onpremise Web management User, group, policy, reporting data automatically synchronized between onpremise manager and SaaS data centers No remote equipment or client software to support HQ / Large Branch Policy, Users, Groups SaaS Web Security Remote User V-Series Appliance or Dedicated Management Server Log/Reporting Branch

SaaS Service Delivery Hosted from 8 globally distributed data centers San Jose and Ashburn, United States Heathrow and Feltham, UK Dusseldorf, Germany Paris, France Hong Kong Sydney, Australia Resilient processing clusters Automatic data center allocation and fail-over Directs travelling users to nearest geographical data center Redirects to nearest alternate in case of failure Performance Service Level Agreements: 100% protection against known viruses 99.99% service availability No noticeable latency: < 60ms average processing time Accredited to ISO27001

TruWeb DLP Native integration of market leading DLP for Web traffic Predefined compliance data classifiers, policies, and reporting Patented precise ID fingerprinting Web DLP Simplified DLP and compliance Single-box Web/DLP enforcement Unified TRITON interface Single vendor Automated compliance bestpractices and accuracy

Simple, Single-Box Enforcement Competitors Websense Vendor A Web Security Antivirus Web DLP V-Series Appliance ICAP Vendor B DLP Sniffer On-premise deployment (appliance or software) Lower latency No unencrypted sensitive data sent over network Lower TCO for complete inbound/outbound Web security 3X fewer enforcement boxes PER LOCATION! 2X fewer management systems 2X fewer vendors Lower software license cost Simple license key upgrade to full DLP

Best Practice Compliance Wizards Select Region Select Industry Select Regulation Best practice compliance policies automatically enabled in minutes No need to translate vague or complex regulation into technical DLP policies Derived from years of experience meeting worldwide compliance requirements

Web User and Destination Awareness DLP policies and reports include user and Web category information Accelerate decision making and compliance Compliance reports immediately reveal sources of outbound risk what, who, and where Separate legitimate business process from compliance violations

Enterprise Web Proxy, SSL Proxy and Cache Decrease latency for Internet downloads Consolidate existing proxy deployments Reduce rack space, power, latency, and support cost Enable visibility and control of encrypted SSL traffic Eliminates blind spot used to circumvent outbound control policy (firewall, DLP, Web) Often used by proxy avoidance sites Integration with Web DLP enables inbound and outbound control SSL bypass supports privacy exceptions (e.g. banking)

TRITON Console Unified management of Web, DLP, on-premise, and SaaS Role based control for Web and data loss prevention Simplifies administration for lowest TCO Expandable to full TRITON unified content security solution Full enterprise wide DLP (discovery, endpoint, email, etc.) on existing hardware with simple license upgrade Preserve investment in existing policies, reports, training, hardware Future support for integrated email (also running on V10000 appliance)

Comprehensive Security Dashboard System Health Monitoring Security Alert Monitoring Task-based Management Fully customizable click-through reports

Task-based Management Common administration tasks available on all interface pages Reduce learning curve to manage product Reduce time to carrying out common tasks Simplify troubleshooting without user involvement

World Class Reporting Integrated policy and reporting interface Drill-down reporting direct from dashboard Numerous output options: pie chart, bar charts, pdf, html

Unparalleled Visibility Where Your Users are Going Where Your Data is Going Where You Are at Risk

Questions?