Websense TRITON Raggiungere un elevato livello di integrazione di soluzioni e piattaforme grazie ad una nuova ed unica suite dedicata alla sicurezza dei contenuti Ferdinando Mancini Sr. Sales Engineer web security data security email security 2010 Websense, Inc. All rights reserved.
Websense Milestones Websense Evolution Real-time security & content management Unified Content Security Web Filtering: Block inappropriate content in the workplace Manage Internet access for productivity Protect by blocking access to compromised sites; ThreatSeeker technology Essential Information Protection 1994 2000 2004 2006 2007 2008 2009 2010 500 Mil $ investiti negli ultimi 2 anni in Ricerca e Sviluppo Acquired Inktomi Traffic Server Acquired Port Authority Technologies Acquired SurfControl Investment & Innovation Acquired Defensio 2010 Websense, Inc. All rights reserved.
Websense Innovazione e Leadership Innova&on First to market with phishing protec2on Nov 02 First to market with drive by and backchannel spyware protec2on Nov 02 First to market with crimeware/keylogger protec2on Nov 04 47 Brevetti Mondiali First to market with bot network protec2on Feb 06 First to add natural language processing to DLP. Jun 07 106 richieste in via di approvazione First to deliver Web email Data bi direc2onal security intelligence Dec 07 First to market with dynamic Web 2.0 content categoriza2on Mar 08 First to create an Internet HoneyGrid that melds honeypots and advanced grid compu2ng capable of parsing one billion pieces of content daily First to deliver a hybrid virtual service plaoorm combining the best of appliances and cloud based services Mar 08 Feb 10 2010 Websense, Inc. All rights reserved.
La security tradizionale e inefficace See the proof for yourself at the: Security Effectiveness Center hqp://securitylabs.websense.com/ Numero di Real Time secutity Update 2010 Websense, Inc. All rights reserved.
La security tradizionale e inefficace hqp://securitylabs.websense.com/ Numero di virus non conosciuti bloccati 2010 Websense, Inc. All rights reserved.
L URL Filtering statico è insufficiente AUCTIONS VIDEO OR IL GAMBLING controllo URL statico AUDIO e insufficinete, e STREAMING necessario riconoscere il contenuto. SOCIAL NETWORKING INAPPROPRIATE OR LEGALLY LIABLE CONTENT 2010 Websense, Inc. All rights reserved.
The best modern security at the lowest total cost of ownership
TRITON Architecture Unified Solution Web Security Data Security Unified Content Security Email Security Unified Platform SaaS Appliance Software Unified Management 2010 Websense, Inc. All rights reserved.
Websense TRITON Advanced Classification Engine (ACE) ThreatSeeker Network 0101010101010101 1010110111010101
7.5 Product Features - WSGA DLP Integration with Web Security Gateway Will be first vendor to truly integrate DLP and WSG Eases customer entry into DLP by making it a feature in their existing gateway will result in more DSS customers Increases value proposition for WSG by adding market leading content control will result in more WSG customers Hybrid Hosted/On-Premise Solution for WSG Will be first vendor to deliver a hybrid solution Gives customers flexibility on how they deploy WSG in cloud, onpremise or both Web Security and Proxy features Real time security and content classification Multiple authentication realms
Hybrid Web Security Gateway Solution Websense Hosted Web Security Integrated Policy & Repor&ng (7.5) WCG WSG NA SSL NA ThreatSeeker TECHNOLOGY Websense Security Labs
Integrated Data Security Websense Hosted Web Security Integrated Policy & Repor&ng (7.5) WCG WSG NA SSL NA Unified Management & On Board DLP (7.5) ThreatSeeker TECHNOLOGY Websense Security Labs
7.5 features Feature Func&on Benefit Hybrid Web Security Web Data Loss Preven&on 1. Deploy Web Security Gateway across a distributed enterprise using a mixed method of on premise and cloud based deployments 2. Extend Web security policy controls to the branch office and mobile worker 3. Manage your en2re mixed method deployment across both on premise and cloud deployments through a single management plaoorm 1. WSG provides visibility and control over outbound content over web traffic by inspec2ng web and other channels 2. Visibility into company assets (intellectual property, employee data, etc.)that are being communicated over the Web 3. Visibility into regulated content (PII, PCI, PHI, others) 1. Customize your Web security with a flexibility architecture to efficiently cover your en2re enterprise, without deploying and suppor2ng addi2onal IT resources 2. Deploy persistent policies and centralized repor2ng anywhere across the enterprise, from the corporate site to the branch office and mobile worker 3. Op2mize your Web security configura2on and reduce costs and 2me to value with centralized management and repor2ng of all of the users in the enterprise 1. Monitor and protect Web communica2ons for confiden2al data and prevent data loss 2. Data leakage preven2on built into the WSG product proxy not requiring addi2onal hardware. 3. Demonstrate compliance with industry regula2ons to avoid penal2es, failed audits, and bad press. Ease of Deployment 1. WSG allows bypassing SSL traffic based on the Category for easier SSL configura2on 2. Mul2ple authen2ca2on realms will be supported for proxy authen2ca2on 3. Applica2on recogni2on in the proxy for Web traffic without requiring Network agent. 4. Support for the 2008s ISA 2008 plug in, SQL 2008 compa2bility 1. Op2mize network deployment by transparent deployment across different domains in the enterprise. 2. Demonstrate compliance with security policies, minimize security risks and manage produc2vity by keeping an eye on applica2on usage in web channel 3. Expand the deployment op2ons and future proof the investment 2009 Websense, Inc. All rights reserved. 14
Web Security Gateway Anywhere Key Features and Functions Feature Real &me Scanning Web Security Gateway Anywhere Func&on 1. RTCC for Acceptable Use Policy monitoring and enforcement for dynamic, Web 2.0 sites, 2. RTSS for visibility and control over malware on dynamic Web 2.0 sites 3. Effec2ve iden2fica2on of previously unseen web content (such as private proxy avoidance servers, content behind registra2on) Hybrid Web Security Web Data Loss Preven&on 1. Deploy Web Security Gateway across a distributed enterprise using a mixed method of on premise and cloud based deployments 2. Extend Web security policy controls to the branch office and mobile worker 3. Manage your en2re mixed method deployment across both on premise and cloud deployments through a single management plaoorm 1. WSG provides visibility and control over outbound content over web traffic by inspec2ng web and other channels 2. Visibility into company assets (intellectual property, employee data, etc.)that are being communicated over the Web 3. Visibility into regulated content (PII, PCI, PHI, others) Network Protocols and Applica&on Control Enterprise wide Management and Repor&ng Leading Price Performance 1. Monitor and control over 130 protocols and thousands of applica2ons, including IM and P2P 2. Automa2c updates for new or updated applica2ons 1. Single console to manage policies and reports across a distributed, mixed method deployment 2. Drill down capabili2es from dashboard to more details behind sta2s2cs 3. Deploy sites on the V10000 G2 appliance as a plaoorm solu2on 1. Integrated content security 2. Industry leading plaoorm 3. Market leading technology 4. Global services and Support
Web 2.0 Visibility, Protec2on & Control Real &me Content Classifica&on Classifies content into filtering categories by extrac2ng and analysing webpage elements Real &me Security Scanning Security focused analysis of threats Proven technology from ThreatSeeker Network Applica&on Recogni&on and Detec&on Analyses executables and non web based files An& Virus Tradi2onal virus detec2on using 3rd party engine 16
Content Classification Stack Websense Technology Web Exploit: Profiling aka RTCC/SS Reputa2on File Scanning (An2virus) URL Filtering Uniqueness Real 2me content/security scanning Dynamic exploit profiles for detec2on for known and unknown exploits Obfusca2on and shell code analysis and Web kit detec2on profiles Real 2me Websense is the ONLY vendor to do this 9 point reputa2on analysis (property, lexical, Web 2.0, neighbors, search, history, age, and geography) URL filtering of exploits & malware detected via founda2onal infrastructure Real 2me push of reputa2on filtering updates 40+ updates (on average) every day Third Party AV signatures for known file based threats Websense signatures for known file based threats Integrated heuris2cs and generic aqack signatures for unknown aqacks Real 2me push of signature updates 40+ updates (on average) every day Most mature URL filtering on the market Supported by Email, Web 2.0 (Defensio), and Honey Pot feeds (1 billion pieces of content analyzed every day) 80 100 updates (on average) every day 17
WSG Data Flow and Analysis Real Time Categoriza2on Content Threat Scanning Applica2on Scanning Content Stripping WTG Plug in Web Security Applica2on Control HTTP 8080 HTTPS 8070 Proxy/Cache 18
Network Footprint Consolidation Internet Internet Firewall Mul$ple appliances Web Proxy & Caching SSL Decryp&on An& Virus Web 2.0 Exploits URL Filtering DLP* Users V10000 PlaZorm Appliance cost consolidation Reduced power consumption Reduced network footprint Improved latency Faster change management Centralized management * DLP integrated in V7.5
Combining Network Agent and APD Users Router Other TCP PAC files (Explicit) WPAD (DNS, DHCP), GPO, SMS Other protocols over HTTP HTTP / HTTPS V10000 WCG APD Network Agent Firewall WCCP v2 (Transparent) Internet
Q&A