Protecting the Infrastructure: Symantec Web Gateway

Similar documents
Choosing Between Managed Security Services or In-house SIEM? Consider the Benefits of both!

Best Practices for a BYOD World

Symantec Endpoint Protection 12.1 Symantec Protection Center 2.0

On and off premises technologies Which is best for you?

Cybercrime Security Risks and Challenges Facing Business

ORGANIZADOR: APOIANTE PRINCIPAL:

ISB13 Web security deployment options - which is really best for you? Duncan Mills, Piero DePaoli, Stuart Jones

Find the needle in the security haystack

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

Data Sheet: Messaging Security Symantec Brightmail Gateway Award-winning messaging security for inbound protection and outbound control

Cyber and Mobile Landscape, Challenges, & Best Practices

Introducing IBM s Advanced Threat Protection Platform

Secure Your Mobile Workplace

Unified Security, ATP and more

Integrating MSS, SEP and NGFW to catch targeted APTs

IBM Advanced Threat Protection Solution

Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Express Websense Hosted Web Security

IBM Managed Security Services (Cloud Computing) hosted and Web security - express managed Web security

User Documentation Web Traffic Security. University of Stavanger

Symantec enterprise security. Symantec Internet Security Threat Report April An important note about these statistics.

Netsweeper Whitepaper

WildFire. Preparing for Modern Network Attacks

Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data

Symantec Brightmail Gateway Real-time protection backed by the largest investment in security infrastructure

Product Roadmap Symantec Endpoint Protection Suzanne Konvicka & Paul Murgatroyd

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

UP L13: Leveraging the full protection of SEP 12.1.x

Symantec LiveUpdate Administrator. Getting Started Guide

Cyan Networks Secure Web vs. Websense Security Gateway Battle card

Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Hosted Web Security

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

Symantec Advanced Threat Protection: Network

Insight. Security Response. Deployment Best Practices

Agenda. Taxonomy of Botnet Threats. Background. Summary. Background. Taxonomy. Trend Micro Inc. Presented by Tushar Ranka

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Web Protection for Your Business, Customers and Data

SECURE ICAP Gateway. Blue Coat Implementation Guide. Technical note. Version /12/13. Product Information. Version & Platform SGOS 6.

Countering Insider Threats Jeremy Ho

Symantec AntiVirus Enterprise Edition

Solution Brief: Enterprise Security

Streamlining Web and Security

McAfee Web Reporter Turning volumes of data into actionable intelligence

Firewall Testing Methodology W H I T E P A P E R

Symantec Endpoint Protection Analyzer Report

McAfee Network Security Platform Administration Course

Cisco Security Intelligence Operations

Norton Personal Firewall for Macintosh

INSTANT MESSAGING SECURITY

10 Things Every Web Application Firewall Should Provide Share this ebook

A Buyer's Guide to Data Loss Protection Solutions

isheriff CLOUD SECURITY

A Critical Investigation of Botnet

Symantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations

IBM Security Network Protection

Symantec Protection Center Enterprise 3.0. Release Notes

Securing the endpoint and your data

RSA Security Analytics

Symantec Protection Suite Add-On for Hosted and Web Security

IBM QRadar Security Intelligence April 2013

Guidance Regarding Skype and Other P2P VoIP Solutions

Cisco RSA Announcement Update

Symantec Client Firewall Policy Migration Guide

Symantec Cyber Security Services: DeepSight Intelligence

Cisco Cloud Web Security Key Functionality [NOTE: Place caption above figure.]

WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8

Cyberoam Perspective BFSI Security Guidelines. Overview

Cisco & Big Data Security

Getting Ahead of Malware

North American Electric Reliability Corporation (NERC) Cyber Security Standard

V1.4. Spambrella Continuity SaaS. August 2

Symantec Protection Suite Small Business Edition A simple, effective and affordable solution designed for small businesses

Symantec Security Information Manager 4.8 Release Notes

Best Practices for Running Symantec Endpoint Protection 12.1 on the Microsoft Azure Platform

Overview. Introduction. Conclusions WINE TRIAGE. Zero day analysis. Symantec Research Labs (SRL)

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

Attack Intelligence Research Center Monthly Threat Report MalWeb Evolution and Predictions

Analyzing HTTP/HTTPS Traffic Logs

Zscaler Cloud Web Gateway Test

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

Comparison of Firewall, Intrusion Prevention and Antivirus Technologies

Extreme Security Threat Protection G2 - Intrusion Prevention Integrated security, visibility, and control for next- generation network protection

Did you know your security solution can help with PCI compliance too?

Breach Found. Did It Hurt?

BitDefender Client Security Workstation Security and Management

Symantec Endpoint Protection Small Business Edition Installation and Administration Guide

SapphireIMS 4.0 BSM Feature Specification

Securing OS Legacy Systems Alexander Rau

Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide

Transcription:

Protecting the Infrastructure: Symantec Web Gateway 1

Why Symantec for Web Security? Flexibility and Choice Best in class hosted service, appliance, and virtual appliance (upcoming) deployment options Multiple deployment options Extensive portfolio of complementary products Multiple buying programs Technology Leadership Next generation, bidirectional scanning Largest, most applicable threat intelligence network STAR developed unique signatures 2

Web Threat Overview 33.6% of malicious domains were NEW in September 21.8% of web-based malware was NEW in September. 80% of malicious websites were compromised LEGITIMATE sites Proactive, up-to-the-minute intelligence is needed to meet this volume in real time Source: MessageLabs Intelligence September 2010 3

Evolution of Web Security Pattern Matching Bidirectional Correlated Events Connection Based Protection First Generation URL Filtering IP Reputation Second Generation Inbound Anti Virus Scanning Application Control Third Generation Infected Client Detection Behavioral Analysis 4

Malware Domains & IPs URL Filtering Malware Content Scanning Application Control Infected Client Detection Botnet Detection Symantec Web Gateway is Challenges Unknown malware spreading via the web Cannot easily identify spyware infected computers Difficult controlling applications & internet usage Benefits Lower infection rates Significantly reduced cleanup, theft and lost data costs Increases end user productivity Core Functional Areas Identifies computers infected with viruses & spyware Controls application access to the Internet Blocks malicious websites Monitors and/or blocks access to inappropriate websites Symantec Web Gateway Inspects packets, IPs, URLs, files, active content, applications, behavior Web Client systems 5

Global Intelligence Network Identifies more threats, takes action faster & prevents impact Calgary, Alberta Dublin, Ireland San Francisco, CA Mountain View, CA Culver City, CA Austin, TX Pune, India Chengdu, China Chennai, India Taipei, Taiwan Tokyo, Japan Worldwide Coverage Global Scope and Scale Rapid Detection 24x7 Event Logging Attack Activity 240,000 sensors 200+ countries and territories Malware Intelligence 133M client, server, gateways monitored Global coverage Vulnerabilities 35,000+ vulnerabilities 11,000 vendors 80,000 technologies Spam/Phishing 5M decoy accounts 8B+ email messages/day 1B+ web requests/day Preemptive Security Alerts Information Protection Threat Triggered Actions 6

Connection Reputation Provided from Symantec Global Intelligence Network Sources: 75M+ Norton Community Watch Users Symantec Honey pots Symantec Web Crawlers Symantec DeepSight Policy based blocking User/Group/IP Severity Category 7

Infected Client Detection Phone Home Signature Detection Multi Port Multi Protocol Behavioral Correlation Algorithm Accurately Identifies Bots on the network Automatic Quarantine Limits potential damage Notifies end users of risk Consolidated, Useful Reporting Specific Event Information Sort by Count, Severity, Type Identify and prevent compromised systems from harming the organization 8

Infected Client Detection Identify Installed Malware Actionable Reporting Malware Infection Installed software (often without user s notice or permission) Has a Call Home component Can range in severity Network Signature Based Any Port/Protocol Proactive Blocking Quarantine 9

Symantec Web Gateway - Botnet Detection Correlated Behavior Inspects all traffic in/out the network Detects patterns of typical Bot traffic Command & Control Communications IP scanning Spamming Etc Correlates Multiple Behaviors to determine Active Bot Single patterns are Suspect but may be false positives, so are not Blocked Active Bots are Blocked Dormant Bots are marked as Inactive 10

AV Protection of Web 2.0 File Transfer Channels Conventional Web Download and Upload Channels Native HTTP Human and Machine downloads FTP Native FTP and FTP over HTTP Controls IM Download and Upload Channels Blocking P2P 11

Malware Download Scanning Download scanning in progress: After download has finished: 12

Malware Download Block Page 13

Application Control and File Leakage Inspects all internet bound traffic for popular web applications Signature Based Not reliant on ports Supports over 100 Applications and Protocols IM, P2P, DB Apps, Remote Access, VoIP, etc File transfer protocols, email protocols, network protocols, etc. Monitor / Control Application Usage Focus on Public IM Safety Antivirus scan on files transferred Can Allow Chat / Prevent Downloads File Leakage Control File Uploads/Downloads Monitor File Names 14

Web Gateway URL Filter Add On URL list gives Admin ability to monitor, block, or allow access to over 100+ million sites organized within 62 different categories 15

Web Gateway URL Filter Add On After hours setting can be enabled to apply different policies during non working hours 16

URL Block Page 17 17

Administration All management and administration done through secure Web GUI Interface separated into three main areas: Reporting Policies Configuration 18 18

Administration 19 19

Policy Configuration Flexible policy configuration allows policy creation based on: Subnet IP Range Numerous LDAP attributes, if integrated with Windows LDAP directory Ability to create templates to simplify policy creation 20 20

Customizable End User Pages Multiple sets of end user pages available and can be applied to different group policies Nineteen pre-built language options available Over ten run time variables available to use in block messages 21 21

Out-Of-The-Box Reporting Full set of reporting options Dashboard - quantifies all known threats Executive Summaries Flexible reporting workflow Scheduled report generation and export options Benefits Gain insight into performance Identify malware trends Track potential malware attacks 22

Thank you! Copyright 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. 23

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information