Frequently Asked Questions



Similar documents
SECURE ICAP Gateway. Blue Coat Implementation Guide. Technical note. Version /12/13. Product Information. Version & Platform SGOS 6.

Clearswift SECURE Gateway V4.2

Clearswift SECURE Gateway V3.*

Clearswift SECURE Exchange Gateway Installation & Setup Guide. Version 1.0

Policy Based Encryption Z. Administrator Guide

Policy Based Encryption E. Administrator Guide

Policy Based Encryption E. Administrator Guide

Frequently Asked Questions (FAQ)

Securing Microsoft Office 365

Check list for web developers

Data Protection. Administrator Guide

WebMarshal User Guide

Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications

Integrated SSL Scanning

Reverse Proxy for Trusted Web Environments > White Paper

Filling the Threat Management Gateway Void with F5

Web Application Firewall for Untrusted Web Environments > White Paper

SECURE Web Gateway. HTTPS/SSL Technical FAQ. Version 1.1. Date 04/10/12

CLEARSWIFT SECURE Web Gateway HTTPS/SSL decryption

SECURE Web Gateway Sizing Guide

Microsoft Lync Server 2010

Gain the virtualisation advantage with Clearswift

Deploying F5 to Replace Microsoft TMG or ISA Server

How To Protect A Web Application From Attack From A Trusted Environment

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

HTTPS Inspection with Cisco CWS

Integrated SSL Scanning

Clearswift SECURE Gateways

Superior protection from Internet threats and control over unsafe web usage

Installation and configuration guide

Clearswift SECURE File Gateway

Endpoint web control overview guide. Sophos Web Appliance Sophos Enterprise Console Sophos Endpoint Security and Control

ProxySG ICAP Integration

Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified

.CRF. Electronic Data Capture and Workflow System for Clinical Trials

Securing Corporate on Personal Mobile Devices

Four reasons to upgrade from MIMEsweeper for SMTP to the Clearswift SECURE Gateway

Policy Based Encryption Essentials. Administrator Guide

Pipeliner CRM Phaenomena Guide Opportunity Management Pipelinersales Inc.

Sophos Mobile Control Technical guide

fåíéêåéí=péêîéê=^çãáåáëíê~íçêûë=dìáçé

Threat Containment for Facebook

Clearswift SECURE Gateways

The Benefits of SSL Content Inspection ABSTRACT

Implementing Deep-Secure guards in NATO Information Exchange Gateways

Novell ZENworks 10 Configuration Management SP3

Stopping secure Web traffic from bypassing your content filter. BLACK BOX

A Buyer's Guide to Data Loss Protection Solutions

Sophos Mobile Control Startup guide. Product version: 3.5

Pipeliner CRM Phaenomena Guide Sales Target Tracking Pipelinersales Inc.

Post-TMG: Securely Delivering Microsoft Applications

Implementing Exception Pages

Sophos for Microsoft SharePoint Help. Product version: 2.0

White Paper. How to Effectively Provide Safe and Productive Web. Environment for Today's Businesses

SQL Server 2005 Reporting Services (SSRS)

Installation and configuration guide

Omniquad Exchange Archiving

HTTPS HTTP. ProxySG Web Server. Client. ProxySG TechBrief Reverse Proxy with SSL. 1 Technical Brief

Sophos Mobile Control Startup guide. Product version: 3

DEPLOYMENT GUIDE DEPLOYING F5 WITH MICROSOFT WINDOWS SERVER 2008

CA Mobile Device Management 2014 Q1 Getting Started

How To Set Up A Load Balancer With Windows 2010 Outlook 2010 On A Server With A Webmux On A Windows Vista V (Windows V2) On A Network With A Server (Windows) On

WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8

TEST METHODOLOGY. Web Application Firewall. v6.2

IBM WebSphere Application Server

Sophos for Microsoft SharePoint Help

Fairsail REST API: Guide for Developers

Pipeliner CRM Phaenomena Guide Sales Pipeline Management Pipelinersales Inc.

DEPLOYMENT GUIDE DEPLOYING THE BIG-IP SYSTEM WITH MICROSOFT INTERNET INFORMATION SERVICES (IIS) 7.0

SafeNet Authentication Service

Clearswift SECURE Web Gateway Evaluation Guide

WS_FTP Pro. Addendum to User s Guide. Software Version 6.6. Ipswitch, Inc.

Securing your critical information with Clearswift. Product & Solution Overview

Portal Administration. Administrator Guide

Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

Clearswift Adaptive Redaction

Detecting and Exploiting XSS with Xenotix XSS Exploit Framework

Secure Web Gateway 11.5 Release Notes

IP Application Security Manager and. VMware vcloud Air

Blue Coat Security First Steps Solution for Deploying an Explicit Proxy

ADOBE CONNECT ENTERPRISE SERVER 6

ez Agent Administrator s Guide

Simple security is better security Or: How complexity became the biggest security threat

Application Firewall Overview. Published: February 2007 For the latest information, please see

Cyan Networks Secure Web vs. Websense Security Gateway Battle card

Blue Coat Security First Steps Transparent Proxy Deployments

Implementing SSL Offload with JAGUAR Ver.1.0

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v9.x with Microsoft IIS 7.0 and 7.5

REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL

DEPLOYMENT GUIDE. Deploying F5 for High Availability and Scalability of Microsoft Dynamics 4.0

SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION

Deploying the BIG-IP System with Microsoft Lync Server 2010 and 2013 for Site Resiliency

User Identification and Authentication

Essential Steps to Web Security. A Clearswift Best Practice Guide

A Websense White Paper Implementing Best Practices for Web 2.0 Security with the Websense Web Security Gateway

FileMaker Server 13. Custom Web Publishing with PHP

Transcription:

Clearswift SECURE ICAP Gateway v4.2 Version 01 30/07/2015 Clearswift Public

Copyright Version 1.0, July, 2015 Published by Clearswift Ltd. 1995 2015 Clearswift Ltd. All rights reserved. The materials contained herein are the sole property of Clearswift Ltd unless otherwise stated. The property of Clearswift may not be reproduced or disseminated or transmitted in any form or by any means electronic, mechanical, photocopying, recording, or otherwise stored in any retrievable system or otherwise used in any manner whatsoever, in part or in whole, without the express permission of Clearswift Ltd. Information in this document may contain references to fictional persons, companies, products and events for illustrative purposes. Any similarities to real persons, companies, products and events are coincidental and Clearswift shall not be liable for any loss suffered as a result of such similarities. The Clearswift Logo and Clearswift product names are trademarks of Clearswift Ltd. All other trademarks are the property of their respective owners. Clearswift Ltd. (registered number 3367495) is registered in Britain with registered offices at 1310 Waterside, Arlington Business Park, Theale, Reading, Berkshire RG7 4SA, England. Users should ensure that they comply with all national legislation regarding the export, import, and use of cryptography. Clearswift reserves the right to change any part of this document at any time. Clearswift Public Page 2 of 9

Contents What is the SECURE ICAP Gateway?... 4 What is ICAP?... 4 Which products can the SECURE ICAP Gateway be integrated with?... 5 Can the SECURE ICAP Gateway be deployed alongside a forward or reverse proxy?. 5 Can several SECURE ICAP Gateways run as a group?... 6 What can the Clearswift deep content inspection engine do?... 6 Can the SECURE ICAP Gateway inspect HTTPS traffic?... 6 Does the SECURE ICAP Gateway provide URL filters?... 6 Does the SECURE ICAP Gateway provide anti-malware engines?... 7 Can the SECURE ICAP Gateway apply Adaptive Redaction?... 7 What does Data Redaction do?... 7 What does Document Sanitization do?... 7 What does Structural Sanitization do?... 7 What file formats are supported by these features?... 8 How are these features licensed?... 8 Where can I find out more about the Adaptive Redaction features?... 8 What are custom tokens?... 8 Clearswift Public Page 3 of 9

What is the SECURE ICAP Gateway? The Clearswift SECURE ICAP Gateway provides deep content inspection features to ICAP clients to extend the functionality of your existing web security platform. The Clearswift content inspection engine s unique features allow you to create an effective and accurate Data Loss Prevention policy for browsing traffic from your users or to your corporate servers. The Gateway provides the following key functionality: Clearswift deep content inspection Recursive decomposition True file type detection Lexical expression detection Structured and unstructured data detection Token detection Adaptive redaction 1 Information Governance server integration 1 URL database Anti-malware engine 1 The full details of the product can be checked in the SECURE ICAP Gateway datasheet. What is ICAP? The Internet Content Adaptation Protocol or ICAP is a protocol that was initially developed to offload inspection from existing proxy servers. In an ICAP deployment, there are two elements: an ICAP client and an ICAP server. The ICAP client sends content to be inspected to the ICAP server, which can respond by accepting the content unmodified, block it or modify the content. Users ICAP Client / Proxy ICAP Web Servers ICAP Server The SECURE ICAP Gateway is an ICAP Server, as it receives the content to be inspected from existing poxy devices. 1 Cost option Clearswift Public Page 4 of 9

Which products can the SECURE ICAP Gateway be integrated with? The Clearswift SECURE ICAP Gateway can be integrated with any ICAP compatible ICAP client. The officially supported products are Blue Coat ProxySG, F5 BIG-IP LTM and Squid Proxy. Can the SECURE ICAP Gateway be deployed alongside a forward or reverse proxy? Yes. The SECURE ICAP Gateway will receive the content to be inspected from an existing proxy, regardless of whether it is a forward or a reverse proxy. In a forward proxy deployment the aim is to enforce the security policy to browsing traffic. External Web Servers ICAP Clearswift SECURE ICAP Gateway Internal Users When the SECURE ICAP Gateway is deployed in a reverse proxy infrastructure, it protects the information exposed through the corporate webservers as well as the content being uploaded to them. External Users ICAP Clearswift SECURE ICAP Gateway Corporate Web Servers Clearswift Public Page 5 of 9

Can several SECURE ICAP Gateways run as a group? Yes. Several instances of the SECURE ICAP Gateway can be deployed and peered together. One or more ICAP clients will then be able to share the load between the different SECURE ICAP Gateways to provide load balancing and high availability. From an administration perspective, a peer group of ICAP Gateways can be created to unify the management and reporting through the platform. What can the Clearswift deep content inspection engine do? Clearswift s award winning Content Inspection Engine is able to decompose the communication flow recursively to identify and understand its contents. The engine is capable of performing true data type detection to identify more than 180 different data types, even if they are embedded, renamed, or obfuscated. It is also able to extract the information from within the data type and analyze it against managed or user created expression lists. These expressions might contain simple words or phrases, regular expressions, or even tokens like credit cards or social security numbers where checksums must be generated to validate them. Structured data sources like databases usually contain critical information such as customers contact information. The content inspection engine can be fed with information from these sources to look for it in the communication flow. As a result, an accurate detection is performed to protect your critical information. Can the SECURE ICAP Gateway inspect HTTPS traffic? Yes. HTTPS traffic inspection needs to be enabled proxy device. Then, it will redirect the decrypted traffic to the Clearswift SECURE ICAP Gateway for inspection. Does the SECURE ICAP Gateway provide URL filters? Yes. The Clearswift SECURE ICAP Gateway includes a URL database that can be used to perform URL filtering of web browsing traffic. Within the categories included in the product there are security risk related ones which act as an additional layer of threat protection. It must be noted though that a URL database is often present within the proxy device. In this case, it should be decided by the administrator where these filters are to be applied to reduce administration overlap. Clearswift Public Page 6 of 9

Does the SECURE ICAP Gateway provide anti-malware engines? Yes, as an additional option. Clearswift SECURE ICAP Gateway clients can choose between Kaspersky or Sophos anti-malware engines. Can the SECURE ICAP Gateway apply Adaptive Redaction? Yes, as an additional option. The Clearswift SECURE ICAP Gateway contains the Clearswift Content Inspection engine, so all the common features of it are available in the product. This includes the ones applicable in a web environment: Data Redaction Document Sanitization Structural Sanitization What does Data Redaction do? Data Redaction is the process of looking for words, phrases or tokens in a piece of textual data and replacing the detected text items with an asterisk character. So if the keywords to redact were fox and dog, we would have the phrase: The quick brown *** jumped over the lazy ***. This process can help to reduce the chance of data leakage. What does Document Sanitization do? Document Sanitization looks at the documents and detects meta data held as document properties or change tracking and allows a client to remove either or both of these elements. This process can help to reduce the chance of data leakage. What does Structural Sanitization do? Structural Sanitization is inspecting the documents for potential active code such as macros, scripts and embedded objects and will remove them from the file/message/webpage. This can help protect clients from Advanced Persistent Threats (APT) as they often use common file formats to embed the malicious payload as active content. Clearswift Public Page 7 of 9

What file formats are supported by these features? The following table defines what formats are supported by each feature. Format Structural Sanitization Document Sanitization Data Redaction HTML Yes N/A Yes XML N/A N/A Unsupported in 4.0 Microsoft Office 97-2003 Detection only, therefore On Unsuccessful Action Triggered Detection only, therefore On Unsuccessful Action Triggered Detection only, therefore On Unsuccessful Action Triggered Microsoft Office 2007+ Yes Yes Yes Open Office Yes Yes Yes PDF Yes Yes Yes RTF Yes Unsupported in 4.0 Yes RTF Encoded HTML Yes Unsupported in 4.0 Yes How are these features licensed? Each feature is charged for separately. There is a discount if a client purchases all three of the Data Redaction + Document Sanitization + Structural Sanitization options. Where can I find out more about the Adaptive Redaction features? There is a separate FAQ for these features and datasheets are available. Please check our website for more information: http://www.clearswift.com/solutions/adaptive-redaction What are custom tokens? The Gateway is delivered with a number of predefined tokens to help detect common data types such as credit card and social security numbers. However clients may have specific data types that might be appropriate for their environment such as Part Number or Patient Number. The custom token features allow a client to build up a list of tokens that they use and be able to incorporate them in keyword searches. Clearswift Public Page 8 of 9

In this example we have defined an Expiry Date using a regular expression of [0-9]{2}/[0-9]{2}\s to find a format of mm/yy to assist our keyword search to find credit card details in some piece of data. Clearswift Public Page 9 of 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information