Enterprise Buyer Guide



Similar documents
The OpenDNS Global Network Delivers a Secure Connection Every Time. Everywhere.

Networks. Sites and Internal Networks: Setup Guide. Sites and Internal Networks Setup Guide for Umbrella Page 1

Cisco ASA and Cloud Web Security: Best-in-Class Network Security Combined with Best-in-Class Web Security

Top 10 Reasons Enterprises are Moving Security to the Cloud

WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8

Zscaler Internet Security Frequently Asked Questions

Secure Web Gateways Buyer s Guide >

How To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)

Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

Replacing Microsoft Forefront Threat Management Gateway with F5 BIG-IP. Dennis de Leest Sr. Systems Engineer Netherlands

ios Mobile: Setup Guide for Umbrella ios Mobile Devices

SSL Encryption and Traffic Inspection ADDRESSING THE INCREASED 2048-BIT PERFORMANCE DEMANDS OF 2048-BIT SSL CERTIFICATES

The Advantages of Security as a Service versus On-Premise Security

Symantec Protection Suite Add-On for Hosted and Web Security

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

On and off premises technologies Which is best for you?

VERISIGN DDoS PROTECTION SERVICES CUSTOMER HANDBOOK

V1.4. Spambrella Continuity SaaS. August 2

We license by the total # of users with Internet access. No, but you may contact us anytime you need to increase your license count.

The Benefits of SSL Content Inspection ABSTRACT

EXTENDING THREAT PROTECTION AND CONTROL TO MOBILE WORKERS

Troubleshooting BlackBerry Enterprise Service 10 version Instructor Manual

F5 Identity and Access Management (IAM) Overview. Laurent PETROQUE Manager Field Systems Engineering, France

Trend Micro Hosted Security Stop Spam. Save Time.

Cisco Cloud Security Interoperability with Microsoft Office 365

Technical Note. ForeScout CounterACT: Virtual Firewall

INTRODUCING isheriff CLOUD SECURITY

Fidelis XPS Power Tools. Gaining Visibility Into Your Cloud: Cloud Services Security. February 2012 PAGE 1 PAGE 1

Protecting Your Network Against Risky SSL Traffic ABSTRACT

Application Visibility and Monitoring >

BlackRidge Technology Transport Access Control: Overview

F-Secure Messaging Security Gateway. Deployment Guide

Putting Web Threat Protection and Content Filtering in the Cloud

A Link Load Balancing Solution for Multi-Homed Networks

Concierge SIEM Reporting Overview

Symantec Messaging Gateway 10.6

Service: Cloud Web Filtering and Malware Protection Aruba Instant Integration + Certified for Interop on Campus and RAP

CMPT 471 Networking II

Solution Brief. Aerohive and OpenDNS. Advanced Network Security for Retail Stores

PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES

WAN Optimization for Microsoft SharePoint BPOS >

Reduce Your Network's Attack Surface

Next-Generation Firewalls: Critical to SMB Network Security

XRoads Networks, Inc.

Stop Spam. Save Time.

Securing Virtualization with Check Point and Consolidation with Virtualized Security

Web Request Routing. Technical Brief. What s the best option for your web security deployment?

Trend Micro Encryption (TMEE) Delivering Secure . Veli-Pekka Kusmin Pre-Sales Engineer

Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Express Websense Hosted Web Security

Symantec Messaging Gateway 10.5

Cisco Cloud Web Security

Chapter 2 TOPOLOGY SELECTION. SYS-ED/ Computer Education Techniques, Inc.

February Considerations When Choosing a Secure Web Gateway

Security Administration R77

CALNET 3 Category 7 Network Based Management Security. Table of Contents

Web Application Hosting Cloud Architecture

AKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE.

Web Security Gateway Anywhere

Cisco Cloud Web Security Key Functionality [NOTE: Place caption above figure.]

Unmatched protection for borderless networks, covering BYOD, MDM and the Cloud

ISB13 Web security deployment options - which is really best for you? Duncan Mills, Piero DePaoli, Stuart Jones

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

Cisco ASA 5500 Series Business Edition

BlackBerry Enterprise Service 10. Version: Configuration Guide

The Application Front End Understanding Next-Generation Load Balancing Appliances

Enabling Business Beyond the Corporate Network. Secure solutions for mobility, cloud and social media

Web Security Gateway Solutions

Strengthen Microsoft Office 365 with Sophos Cloud and Reflexion

FireSphere Advanced APT Defense Web and Application Security Mobile Security

Networking for Caribbean Development

+ web + DLP. Secure 1, 2, or all 3 with one powerful solution. The best security you can get for one or for all.

Content Scanning for secure transactions using Radware s SecureFlow and AppXcel together with Aladdin s esafe Gateway

Firewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA

Eiteasy s Enterprise Filter

White Paper. What the ideal cloud-based web security service should provide. the tools and services to look for

Array Networks & Microsoft Exchange Server 2010

Firewalls Overview and Best Practices. White Paper

SSL Inspection Step-by-Step Guide. June 6, 2016

AKAMAI WHITE PAPER. The Challenges of Connecting Globally in the Pharmaceutical Industry

MOVING SECURITY TO THE CLOUD. pandasecurity.com

Intelligent, Scalable Web Security

McAfee Network Security Platform

Customer Service Description Next Generation Network Firewall

THE SECURITY OF HOSTED EXCHANGE FOR SMBs

PULSE SECURE FOR GOOGLE ANDROID

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

WHITEPAPER. Designing a Secure DNS Architecture

Application Firewalls

E-Guide. Sponsored By:

Symantec Messaging Gateway powered by Brightmail

Quick Start 5: Introducing and configuring Websense Cloud Web Security solution

VIA COLLAGE Deployment Guide

Advantages of Managed Security Services

Transcription:

Enterprise Buyer Guide Umbrella s Secure Cloud Gateway vs. Web Proxies or Firewall Filters Evaluating usability, performance and efficacy to ensure that IT teams and end users will be happy.

Lightweight vs. Heavyweight Traffic Routing For secure, fast, scalable and reliable Internet connections to content servers via any application, protocol or port, Umbrella Enterprise first enables secure, fast, scalable and reliable responses from name servers. Umbrella uses a unique Secure Cloud Gateway to route only lightweight traffic with selective proxying thru the infinitely scalable and always available OpenDNS Global Network. Protecting every on-net device requires no new hardware, client software, device changes or network topology changes. Simply enter two Anycast IP addresses used by the OpenDNS Global Network. ALL DEVICES INCLUDING BYOD NO DEVICE OR NETWORK CHANGES RELIABLE CONNECTIONS NO LATENCY NO BOTTLENECKS Existing solutions rely on Web proxies and firewall filters that require routing heavyweight traffic thru hardware with limited scalability and availability. NOT SECURE, NOT ALWAYS SOME DEVICES EXCLUDING BYOD PLUS DEVICE OR NETWORK CHANGES SOME SECURE, BUT SLOW, CONNECTIONS AT SCALE 1 or MORE ISPs PROXY FILTER IT teams re-gain visibility and control over unmanaged devices such as user-owned smartphones, tablets and laptops connected to networks as a result of BYOD (bring your own device) initiatives. IT teams also gain visibility and control over every distributed network where existing solutions had been cost prohibitive to deploy. Umbrella s Secure Cloud Gateway does not overlap with Web proxies or firewall filters, so both may be used in tandem to protect unmanaged devices and networks. And to prevent unwanted connections resulting in security, compliance, productivity or bandwidth risks. Restoring scalability to existing solutions. ALL DEVICES INCLUDING BYOD PLUS ANY EXISTING CHANGES SECURE, FEWER SLOW, CONNECTIONS AT SCALE PROXY FILTER SECURE CLOUD GATEWAY CLOUD-HOSTED Protect every on-net device w/o device or network changes Easy to manage w/o any software or hardware to maintain! #* " Secure every Internet connection any app, protocol or port Filter inappropriate sites and grant overrides to select users! Scale to 1000s of network locations cost-effectively FIREWALL FILTERS *NOTE: Many cloud-hosted web proxies require new on-premises devices to redirect traffic. Umbrella s Secure Cloud Gateway vs. Web Proxies or Firewall Filters Page 2

Security vendors often focus on threat efficacy, but gloss over its usability or performance. Vendors often assume administrators are investing their time in addition to their organization s money to use the solution, so they do not focus on how easy it is to: provision and setup enforce and report manage and maintain Also, vendors often offer cryptic or rather meaningless specifications regarding the product s performance, which do not always accurately reflect its: reliability and resiliency connection speed bandwidth throughput Finally, while vendors may claim they have superior threat intelligence and prevention, consider more completely its: on-net device coverage attack surface coverage accuracy and timeliness LOW TCO, HIGH ROI, HAPPY USERS It is not uncommon for Web proxies and firewall filters to take days to weeks before it is effectively enforcing devices and reporting activity. Add on training to learn how to manage all the complex bells and whistles, many which go unused, and on-going maintenance to address performance or efficacy issues, and the ownership cost increases. Umbrella can enforce every device on any network and report activity within an hour of asking for an evaluation trial. Our simple cloud-hosted management console and issue-free operation, means you set and forget it. Often Web proxies and firewall filters are deployed within the network using a less redundant topology than if they never existed, which can result in new points of failure. They add new hops for Internet connections and/or processes applied to Internet traffic, which can increase latency and decrease throughput; leading to less happy users. Umbrella simply replaces a mandatory, already in-use cloud service provided by ISPs. Faster, more reliable connections are a result of OpenDNS s Anycast and SmartCache technologies that reduce hops and processes. Web proxies, in particular, provide minimal on-net device coverage depending on the setup of managed devices or networks. Often only traffic sent by configured browsers is protected; not Web-based outbound botnet traffic from infected devices malicious software. The Web may be the most used protocol, but it is one amongst hundreds that threats utilize and proxies are blind to. Firewalls often only filter by destination for Web traffic; some using a built-in Web proxy. Firewalls filtering other application traffic often do not distinguish between good or bad destinations for this traffic. The Umbrella Security Cloud ensures that malware, phishing, inappropriate sites and botnets never touch your network, regardless of the attack surface (any application, protocol, port or non-managed device). The evaluation matrix on the following page provides more detail on how Umbrella s use of a Secure Cloud Gateway compares to other solutions use of Web proxies delivered in-the-cloud or on-premises or on-premises firewall filters. We believe that you will draw the same conclusions, that Umbrella delivers a more usable, high performance and effective solution than competitors traditional solutions. Umbrella s Secure Cloud Gateway vs. Web Proxies or Firewall Filters Page 3

COMPARE THE ADVANTAGES OR DISADVANTAGES BETWEEN DELIVERY PLATFORMS SECURE CLOUD GATEWAY vs CLOUD-HOSTED or or FIREWALL FILTERS Provision & Setup Lightweight DNS traffic redirection without network topology changes for 1 to 1000s of sites No appliances or client software No client setting changes Heavyweight TCP/IP traffic redirection per site Requires network topology change, client software or setting changes Receive and deploy appliance per site Heavyweight TCP/IP traffic redirection per site Requires network topology change, client software or changes Receive and deploy appliance per site Significant configuration to control network traffic flow is likely required to migrate from current firewall Enforce & Report Network-level granularity via public IP Grant override permissions to users Full data retention for 2 years with no hidden fees User-level granularity via directory integration requires complex setup or network-level granularity Data retention often limited or else extra fees User-level granularity via directory integration requires complex setup Data retention limited by internal storage available Network-level granularity via internal IP User-level granularity requires complex setup Data retention limited by internal storage available CHOOSE AN EVALUATION CRITERIA Manage & Maintain Reliability & Resiliency Connection Speed Bandwidth Throughput On-Net Device Coverage Simple set and forget No OS patches or appliance upgrades No security rule tuning No site exceptions to address SSL decryption or authentication issues No outages since launch in 2006 Uses Anycast IPs No new latency Often reduced response time via SmartCache Spikes in traffic will not cause slower speeds Infinite scalability via lightweight queries & responses Any on-net device; managed or not any application, any protocol and any port Often security rules are complex, and require fine-tuning to reduce false positives/negatives SSL or auth. issues require frequent site exceptions Many have had outages despite SLA Lack Anycast IPs Adds new latency due to one or more intermediate hops Likely unlimited, but heavyweight traffic redirection can be limited Depending on setup, only managed devices and configured browser applications only HTTP/S and ports 80/443 OS patch conflicts or upgrade downtime Often security rules are complex and require finetuning SSL or auth. issues require site exceptions Often reduced network redundancy in topology or else expensive Adds new latency due to another intermediate hop Spikes in traffic will cause noticeably slower speeds Limited by resources available on appliance or server; often a bottleneck Depending on setup, only managed devices and configured browser applications only HTTP/S and ports 80/443 Complex and focused on network management, not policy or security, so it is often confusing If SSL or auth. is included, then issues will require site exceptions Sometimes reduced network redundancy in topology May add new latency depending on internal processes and the number of add-on features enabled Limited by resources available on appliance or server Any on-net device; managed or not Filters by destination over HTTP/S, 80/443 May include protocol or application filters, but not by destination Attack Surface Coverage Industry-leading outbound botnet protection Inbound malware and phishing protection Web filtering categories for regulatory & acceptable use policy compliance Ineffective outbound protection due to inadequate network coverage Inbound protection use proprietary and/or 3 rd - party systems Ineffective outbound protection due to inadequate network coverage Inbound protection use proprietary and/or 3 rd - party systems Outbound protection usually not a focus Inbound protection is usually via 3 rd -parties so efficacy is not controlled Accuracy & Timeliness Proactive protection is updated 24x7 via engineers and partners Very few false positives Often need to fine-tune security rules to prevent inaccuracies Often need to fine-tune security rules to prevent inaccuracies Not usually a core focus of business or products, so accurate or timely protection may suffer Umbrella s Secure Cloud Gateway vs. Web Proxies or Firewall Filters Page 4

Umbrella is brought to you by OpenDNS. Trusted by millions around the world. The easiest way to prevent malware and phishing attacks, contain botnets, and make your Internet faster and more reliable. OpenDNS, Inc. www.umbrella.com 1.877.811.2367 Copyright 2012 OpenDNS, Inc. All rights reserved worldwide. No part of this document may be reproduced by any means nor translated to any electronic medium without the written consent of OpenDNS, Inc. Information contained in this document is believed to be accurate and reliable, however, OpenDNS, Inc. assumes no responsibility for its use. BG-Umbrella-Enterprise-Secure-Channel-vs-Proxy-Filter

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information