EXTENDING THREAT PROTECTION AND CONTROL TO MOBILE WORKERS

Similar documents
Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

Secure Web Gateways Buyer s Guide >

Top 10 Reasons Enterprises are Moving Security to the Cloud

WAN OPTIMIZATION FOR MICROSOFT SHAREPOINT BPOS

SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION

SECURE WEB GATEWAY DEPLOYMENT METHODOLOGIES

Cisco ASA and Cloud Web Security: Best-in-Class Network Security Combined with Best-in-Class Web Security

NEXT GENERATION SECURE WEB GATEWAY: THE CORNERSTONE OF YOUR SECURITY ARCHITECTURE

DUBEX CUSTOMER MEETING

Blue Coat Systems Cloud Security Service Overview. Blue Coat Cloud Security Service (ThreatPulse)

Threat Containment for Facebook

Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS

MOBILITY & INTERCONNECTIVITY. Features SECURITY OF INFORMATION TECHNOLOGIES

Enabling Business Beyond the Corporate Network. Secure solutions for mobility, cloud and social media

Payment Card Industry Data Security Standard

Best Practices for Secure Mobile Access

VIRTUALIZED SECURITY: THE NEXT GENERATION OF CONSOLIDATION

A TECHNICAL REVIEW OF CACHING TECHNOLOGIES

Mobile workforce management software solutions. Empowering the evolving workforce with an end-to-end framework

10 easy steps to secure your retail network

Enabling Secure BYOD How Fortinet Provides a Secure Environment for BYOD

WAN Optimization for Microsoft SharePoint BPOS >

Guest Speaker. Michael Sutton Chief Information Security Officer Zscaler, Inc.

Zone Labs Integrity Smarter Enterprise Security

Tech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks

Symantec Protection Suite Add-On for Hosted and Web Security

White Paper. What the ideal cloud-based web security service should provide. the tools and services to look for

Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Express Websense Hosted Web Security

ARCHITECT S GUIDE: Comply to Connect Using TNC Technology

Cisco Cloud Web Security

Reverse Proxy with SSL - ProxySG Technical Brief

Protect your internal users on the Internet with Secure Web Gateway. Richard Bible EMEA Security Solution Architect

Security Practices for Online Collaboration and Social Media

BOOSTING INTERNET ACCESS LINK PERFORMANCE WITH BLUE COAT WAN OPTIMIZATION TECHNOLOGIES

SECURE ACCESS TO THE VIRTUAL DATA CENTER

Cisco Cloud Web Security Key Functionality [NOTE: Place caption above figure.]

On and off premises technologies Which is best for you?

Secure Remote Access Give users in office remote access anytime, anywhere

OVERVIEW. Enterprise Security Solutions

Authentication Strategy: Balancing Security and Convenience

Blue Coat WebFilter >

Readiness Assessments: Vital to Secure Mobility

Clean VPN Approach to Secure Remote Access for the SMB

THE WEBPULSE COLLABORATIVE DEFENSE

Unified Threat Management, Managed Security, and the Cloud Services Model

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

How To Protect Your Data From Being Hacked

Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite

Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Hosted Web Security

F5 Identity and Access Management (IAM) Overview. Laurent PETROQUE Manager Field Systems Engineering, France

Enterprise Buyer Guide

overview Enterprise Security Solutions

Enterprise Data Protection

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

Clean VPN Approach to Secure Remote Access

Internet threats: steps to security for your small business

Filling the Threat Management Gateway Void with F5

Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER

Ensuring the Security of Your Company s Data & Identities. a best practices guide

V1.4. Spambrella Continuity SaaS. August 2

CTERA Enterprise File Services Platform Architecture for HP Helion Content Depot

REVOLUTIONIZING ADVANCED THREAT PROTECTION

Advantages of Managed Security Services

The Advantages of Security as a Service versus On-Premise Security

SA Series SSL VPN Virtual Appliances

I D C A N A L Y S T C O N N E C T I O N

Symantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management

Managing Web Security in an Increasingly Challenging Threat Landscape

Protecting Your Roaming Workforce With Cloud-Based Security

Array Networks & Microsoft Exchange Server 2010

SYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION

North American Electric Reliability Corporation (NERC) Cyber Security Standard

EasyConnect. Any application - Any device - Anywhere. Faster, Simpler & Safer Networks

Secure, Scalable and Reliable Cloud Analytics from FusionOps

overview Enterprise Security Solutions

INFORMATION PROTECTED

TRITON AP-ENDPOINT STOP ADVANCED THREATS AND SECURE SENSITIVE DATA FOR ROAMING USERS

The ForeScout Difference

EXECUTIVE BRIEF SPON. File Synchronization and Sharing Market Forecast, Published May An Osterman Research Executive Brief

THE SECURITY OF HOSTED EXCHANGE FOR SMBs

WEBSENSE TRITON SOLUTIONS

Stop advanced targeted attacks, identify high risk users and control Insider Threats

Next-Generation Firewalls: Critical to SMB Network Security

Building a Web Security Ecosystem to Combat Emerging Internet Threats

Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media

McAfee Security Architectures for the Public Sector

Decrypt Inbound SSL Traffic for Passive Security Device (D-H)

Dell SonicWALL Secure Virtual Assist: Clientless remote support over SSL VPN

Injazat s Managed Services Portfolio

Transcription:

EXTENDING THREAT PROTECTION AND WHITEPAPER CLOUD-BASED SECURITY SERVICES PROTECT USERS IN ANY LOCATION ACROSS ANY NETWORK It s a phenomenon and a fact: employees are always on today. They connect to the network whenever they want, from wherever they happen to be, with laptops, smartphones and tablets. Securing smartphones and tablets is a challenge, but laptop computers, still the most vulnerable of all endpoint devices, present the biggest mobile threat to corporate security. Laptops today are far more numerous than other mobile devices, and are more tightly integrated into the enterprise infrastructure. They are prime targets for malware attacks. Protecting laptops from these threats in branch offices, in home offices, and on the road is increasingly critical and challenging. As mobile users leave the corporate network, they leave corporate policies and security behind. They re exposed to web-based threats that lurk in search engines, social networking sites and email. In this environment, businesses need to extend consistent protection, policies and reporting to mobile workers in any location across any network. es are now using cloud-based security services for that purpose. Cloud-based security allows businesses to create a seamless secure experience for all mobile employees, whether they re connecting from the corporate network, from captive hotel portals, or from Wi-Fi logon pages. They receive all the benefits of up-to-date protection without sacrificing portability, flexibility or agility. es can be assured that when mobile laptops access the corporate network they re not infected with malware. Why Laptops Are the Weakest Link According to Forrester Research, more than 60 percent of businesses issue laptops to sales reps, executives, heavy travelers and IT staff as standard practice. Laptops will continue to be the dominant PC platform for the foreseeable future; they re forecasted to account for more than 43 percent of PC sales through 2015, declining only slightly despite the growth in tablets. At the same time, the population of mobile workers is expected to reach 1.19 billion in 2013, accounting for 34.9 percent of the workforce according to IDC. Despite the convenience of smartphones and tablets, laptops are the dominant platform for mobile workers because they re exceedingly efficient, particularly for long sessions or complex tasks. The problem is that although the laptop is a critical business tool, it s also used for personal activities. Workers visit vulnerable web sites, access social networks, and expose personal data. Traditional Enterprise Boundaries Leave Mobile Users Vulnerable Gateway AV, Content and Policy Protection Endpoint Anti-Virus Internet Step 1 Elevated Threat Risk Corporate orat Network Desktop AV only - no content security and no policy enforcement. Mobile users risk infection when Enterprise policies are unable to follow. 1

In fact, many users surf the web much more aggressively when they re off the corporate network, exposing their laptops to greater risk of infection. Their ubiquity, and the ways mobile workers use them, make these endpoints and, in turn, corporate networks very vulnerable to a dynamic threat landscape that saw a 240 percent increase in malicious sites in 2011 alone. According to the Blue Coat Systems 2012 Web Report, the average business now faces more than 5,000 security threats every month, and nearly half of these threats originate in the most popular places on the internet search engines and social networks. Criminals may also target laptops because they know workers are far more likely to use them (rather than smartphones or tablets) to store and access sensitive corporate data. Cloud-Based is the Answer Cloud-based security lets IT and security professionals extend protection and control seamlessly to mobile workers, particularly when the solution is tightly integrated with on-premise appliances to deliver unified policy management and monitoring. Securing the laptops of mobile workers through a cloud-based service allows IT to achieve the following goals: policies to cover mobile use. Reporting can also be centralized to provide a single view of user behavior on and off the corporate network. Reduced Cost: Cloud-based security services represent an operational expense rather than a capital expense, giving businesses budget flexibility. The consume-as-you-go model allows businesses to purchase just enough licenses to cover existing users then scale as needed. And there are more savings at the branch office: with centralized management and deployment, IT no longer needs to staff branch offices or be on-site to provision new services. Better User Experience: In addition to reducing bandwidth pressure on the corporate network, a cloud-based security service can help improve laptop performance. Clean internet is delivered to the laptop; unwanted content is blocked. This reduces processing overhead for content screening and inspection and makes more power available for users applications. With a cloud-based service, users simply log on and access their content anywhere, anytime safely. Adding Cloud-Based to Extend Policies Reduced Threats: Cloud-based security services seamlessly extend threat and malware protection to mobile workers who are left unprotected when they re off the corporate network. By integrating multiple defenses into a single service offering, a cloud-based security solution can deliver more effective protection than traditional desktop solutions. For businesses, the extension of this protection ensures that mobile workers don t introduce infected endpoints into the corporate network, where they can steal sensitive data. WebPulse Collaborative Defense Internet Reduced Complexity: With a cloud-based security solution, the IT organization can quickly and easily provision new laptops or even remote offices from corporate headquarters. Policy management can be centralized, eliminating the need to create additional Hosted Reporting Module Web Module Blue Coat Cloud Service Enterprise Policies Follow mobile users providing Enterprise threat protection wherever connected 2

What a True Enterprise-Class Cloud Solution Requires When it comes to delivering a cloud-based security service, some solutions are more robust and powerful than others. Knowing the difference is important for successful implementation. To deploy maximum protection and control without sacrificing the user experience or compromising the security of the corporate network, businesses need enterprise-class features and performance. When evaluating any cloud-based security solution, therefore, IT organizations should make sure that it includes these essential features: A Robust Global Network: This is of great importance in any evaluation of vendor solutions. It s not enough to look at dots on a map. To deliver the reliability that users expect, the solution must guarantee 99.999 percent availability through an infrastructure that utilizes only enterprise-grade data centers. This standard requires that the network be fully meshed in SSAE 16 or ISO 27001-approved data centers with both local and global redundancy for disaster recovery. Tight Integration with Existing Solutions: Tight integration enables IT organizations to easily deploy a cloud-based security service into an existing security and network infrastructure without disrupting services or the user experience. To do that, the solution must include two key elements: Robust Connection Methods: All cloud-based security services require web traffic to be redirected to the cloud. This redirection typically occurs at the corporate internet gateway where appliancebased security solutions, such as firewalls or proxy devices, are deployed. To guarantee encryption and resiliency, a universal capability like IPsec VPN is required. For mobile workers, redirection should take place at the device level. Mobile workers often connect over public connections, so redirection must also be secure. A tamper-resistant software client that communicates over SSL and encrypts traffic regardless of connection type is the most secure option for mobile workers and the laptops they use. Universal Directory Support: Ensuring that directory authentication is seamless for both employees and administrators is especially important with mobile workers. Support for Active Directory and Assertion Markup Language (SAML) allows the IT organization to deliver a single sign-on (SSO) experience for its users. Consistent Threat Protection: es can t afford to settle for good-enough threat protection against today s dynamic threat landscape. A cloud-based security service must be able to deliver the same protection seamlessly to all employees, regardless of their location or the network they re using. For enterprise-class protection, that means a combination of defenses, including web filtering, antivirus scanning and real-time analysis of all web content. And the defense must be able to analyze encrypted traffic, because more and more businesses are adopting cloud-based applications. The HTTPS connections used by these applications can circumvent traditional web security solutions. Flexible Policy Management and Reporting: Addressing the security needs of mobile workers as they move from the corporate office to remote locations requires flexible controls that allow IT to set situational policies. These policies should be managed centrally and enforced seamlessly as users move across networks, devices and locations. Supporting and managing these policy capabilities demands real-time reporting insight into all web behavior. The ability to monitor and report on threat activity is increasingly important, particularly for advanced persistent threats and botnet activity on the corporate network. Mobile workers using laptops have the same performance and policy requirements as desktop users but are exposed to greater risk. With the right cloud-based security service, a business can extend protection and control from the corporate office to any location and give all users the same secure experience. Choosing the Right Cloud-Based Solution The Blue Coat Cloud Service is built on technology used by 85 percent of the FORTUNE Global 500. It delivers the enterprise-class performance, security and reliability that businesses need to extend security perimeters to mobile workers. Blue Coat has architected its Cloud Service to ensure instant operability with existing network infrastructures. 3

Here s what it delivers: Enterprise-Class Reliability and Performance: The Blue Coat Cloud Service is built entirely on enterprise-class Tier 1 data centers that guarantee five-nines uptime. The multi-tenant architecture is purposebuilt with a fully meshed network of global data centers that delivers consistent, high-availability access to users at any location. The advanced security and performance technologies used in Blue Coat s ProxySG and ProxyAV appliances are the foundation of the Cloud Service. They deliver a robust and proven architecture that scales to the capacity requirements of the most demanding enterprises. Secure Client: The Blue Coat mobile client enables a secure, authenticated implementation through the cloud for mobile workers on laptops. It is tamper-resistant and can only be uninstalled by administrators, which is extremely important for laptops and mobile devices. Additionally, the Blue Coat client is location-aware, which ensures that mobile workers traffic will be forwarded to the nearest data center. The location-aware client can uniquely sense when it s behind a ProxySG appliance on the corporate network, and will conform to the policies enforced by the appliance. When the user leaves the corporate network, the Blue Coat Cloud Service becomes the primary source of protection and policy enforcement. Secure Connectivity: The Blue Coat Cloud Service offers the most robust and secure connection options available to enterprises. It is the first security service to offer IPsec VPN connection to the cloud. With an IPsec implementation, organizations can leverage existing equipment to connect to the Cloud Service and avoid filtering on firewalls, which slows down performance. Since the Cloud Service uses open standards to ensure interoperability with gateway devices and clients existing capabilities, it works well with laptops and mobile devices. Global Threat Protection: The Blue Coat WebPulse collaborative defense delivers threat intelligence across Blue Coat ProxySG appliances and the Blue Coat Cloud Service, ensuring consistent protection for all users, regardless of location. WebPulse utilizes advanced analysis and ratings techniques to protect more than 75 million users worldwide from 3.3 million threats daily, including calls to command-and-control servers from infected endpoints. Blue Coat Labs continually assesses the threat landscape and adds new defenses to WebPulse. For example: Blue Coat recently added a Negative Day Defense that tracks the malware networks (malnets) that are responsible for nearly two-thirds of all attacks and blocks those attacks before they launch. Granular Control: The Blue Coat Cloud Service provides granular Web and mobile application controls that allow IT organizations to manage the applications on their network and the way users interact with them. These granular controls help businesses manage the risks and bandwidth impact of web and mobile applications. For example: an IT organization could create a policy that allows read-only access to Facebook, mitigating the threats of data loss, reduced productivity and malware attacks. Actionable Reporting: These controls are strongly supported by unified real-time reporting capabilities that provide a single view of all web activities across the organization. This intelligence enables actionable reporting triggering a policy action based on a reporting threshold. Actionable reporting also works in real time with the WebPulse collaborative defense, immediately identifying infected laptops that have been blocked from calling home to command-andcontrol servers. IT can then quickly remedy the problem. Blue Coat Cloud Service: The Clear Choice for in the Cloud Mobile workers create challenges for security-minded businesses. Smartphones and tablets occupy mindshare, but the widespread deployment of laptop computers creates the greatest security challenge to IT. It s clear that neither the challenges nor the laptops are going away anytime soon. Finding a solution is critical. Cloud-based security services provide a seamless way to address the security, policy and performance challenges. The right solution can help enable mobile workers without compromising the security of the corporate network. Blue Coat Cloud Service is the comprehensive, field-proven answer. Learn how you can benefit from enterprise-class security in the cloud 4

Blue Coat Systems Inc. www.bluecoat.com Corporate Headquarters Sunnyvale, CA +1.408.220.2200 EMEA Headquarters Hampshire, UK +44.1252.554600 APAC Headquarters Singapore +65.6826.7000 2013 Blue Coat Systems, Inc. All rights reserved. No part of this document may be reproduced by any means nor translated to any electronic medium without the written consent of Blue Coat Systems, Inc. Information contained in this document is believed to be accurate and reliable as of the date of publication; however, it should not be interpreted to be a commitment on the part of Blue Coat, and Blue Coat cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. Blue Coat makes no warranties, express, implied, or statutory, as to the information in this document. The information contained in this document was developed for products and services offered in the U.S. Blue Coat may not offer the products, services, or features discussed in this document in other countries. Consult your local Blue Coat representative for information on the products and services currently available in your area. Blue Coat products, technical services, and any other technical data referenced in this document are subject to U.S. export control and sanctions laws, regulations and requirements, and may be subject to export or import regulations in other countries. You agree to comply strictly with these laws, regulations and requirements, and acknowledge that you have the responsibility to obtain any licenses, permits or other approvals that may be required in order to export, re-export, transfer in country or import after delivery to you. Blue Coat may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not give you any license to these patents. Blue Coat, ProxySG, PacketShaper, CacheFlow, IntelligenceCenter and BlueTouch are registered trademarks of Blue Coat Systems, Inc. in the U.S. and worldwide. All other trademarks mentioned in this document are the property of their respective owners. v.wp-extending-threat-protection-control-to-mobile- WORKERS-EN-v2b-0513 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information