Cisco Web Security: Protection, Control, and Value



Similar documents
Cisco Web Security Appliance

Cisco Security: Layered Protection from Blended Threats

Cisco Cloud Web Security

Cisco Security Appliances

Cisco Security Appliances

Cisco Advanced Malware Protection

Cisco Cloud Web Security Datasheet

Cisco Security Appliances

Content Security: Protect Your Network with Five Must-Haves

Symantec Brightmail Gateway Real-time protection backed by the largest investment in security infrastructure

Symantec Messaging Gateway powered by Brightmail

Cisco SecureX Product Brochure

Cisco ASA and Cloud Web Security: Best-in-Class Network Security Combined with Best-in-Class Web Security

Symantec Messaging Gateway 10.5

Cisco Advanced Malware Protection. Ross Shehov Security Virtual Systems Engineer March 2016

Symantec Messaging Gateway 10.6

Cisco Advanced Malware Protection for Endpoints

Cisco M-Series Content Security Management Appliance for and Web Security Appliances

SourceFireNext-Generation IPS

Cisco Advanced Malware Protection for Endpoints

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Cisco for SAP HANA Scale-Out Solution on Cisco UCS with NetApp Storage

Unified Security, ATP and more

Get More Scalability and Flexibility for Big Data

Trend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond

Web Security Gateway Anywhere

Symantec Advanced Threat Protection: Network

Cisco C-Series and X-Series Security Appliances

Cisco Security Intelligence Operations

INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe

How To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)

Mitigating Web Threats with Comprehensive, Cloud-Delivered Web Security

WEBSENSE TRITON SOLUTIONS

TRITON APX. Websense TRITON APX

Cisco ISR Web Security with Cisco ScanSafe

you us MSSP are a Managed Security Service Provider looking to offer Advanced Malware Protection Services

WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8

Cisco IronPort Security Appliances

Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.

Replacing Microsoft Forefront Threat Management Gateway with F5 BIG-IP. Dennis de Leest Sr. Systems Engineer Netherlands

Reduce Your Network's Attack Surface

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

McAfee Network Security Platform

Superior protection from Internet threats and control over unsafe web usage

Stop advanced targeted attacks, identify high risk users and control Insider Threats

Cisco Cybersecurity Pocket Guide 2015

Web Security Gateway Solutions

Symantec Endpoint Protection

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

INFORMATION PROTECTED

SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION

Solution Brief: Enterprise Security

Requirements When Considering a Next- Generation Firewall

Top 10 Reasons Enterprises are Moving Security to the Cloud

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

Extreme Security Threat Protection G2 - Intrusion Prevention Integrated security, visibility, and control for next- generation network protection

Putting Web Threat Protection and Content Filtering in the Cloud

Cisco Extended Care 1.0

V1.4. Spambrella Continuity SaaS. August 2

Endpoint protection for physical and virtual desktops

Symantec Protection Suite Add-On for Hosted and Web Security

Cisco IronPort Security Appliances

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

Swordfish

Symantec Endpoint Protection

Extreme Networks Security Analytics G2 Vulnerability Manager

WEBSENSE SECURITY SOLUTIONS OVERVIEW

+ web + DLP. Secure 1, 2, or all 3 with one powerful solution. The best security you can get for one or for all.

ENABLING FAST RESPONSES THREAT MONITORING

Five Steps For Securing The Data Center: Why Traditional Security May Not Work

INTRODUCING isheriff CLOUD SECURITY

Cisco IronPort C370 for Medium-Sized Enterprises and Satellite Offices

Cisco Advanced Services for Network Security

Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Hosted Web Security

Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Express Websense Hosted Web Security

Symantec Endpoint Protection Datasheet

How To Buy Nitro Security

Introducing IBM s Advanced Threat Protection Platform

QUICK START GUIDE. Cisco S170 Web Security Appliance. Web Security Appliance

Symantec Protection Suite Small Business Edition

Devising a Server Protection Strategy with Trend Micro

Veeam Backup & Replication Enterprise Plus Powered by Cisco UCS: Reliable Data Protection Designed for Virtualized Environments

QUICK START GUIDE. Cisco C170 Security Appliance

TRITON AP-ENDPOINT STOP ADVANCED THREATS AND SECURE SENSITIVE DATA FOR ROAMING USERS

Types of cyber-attacks. And how to prevent them

Devising a Server Protection Strategy with Trend Micro

IronPort C300 for Medium-Sized Enterprises and Satellite Offices

On and off premises technologies Which is best for you?

Cisco Cloud Web Security Key Functionality [NOTE: Place caption above figure.]

Cisco Small Business ISA500 Series Integrated Security Appliances

Boost Database Performance with the Cisco UCS Storage Accelerator

The Need for Intelligent Network Security: Adapting IPS for today s Threats

Transcription:

Cisco Web Security: Protection, Control, and Value Benefits Strong protection: Protects every device through a sophisticated global threat-intelligence infrastructure, which includes Cisco Talos Security Intelligence and Research Group (Talos) Complete control: Helps enable advanced control of all web traffic, including dynamic web content such as social media applications Investment value: Delivers more for your security investment and lowers the total cost of ownership (TCO) for web security, offering flexible deployment options, smooth integration with existing security and network infrastructure, and world-class 24-hour support The World Wide Web is a wonderful thing. It s also insecure. But how do you protect your devices and resources while also using social media and web applications? We believe that one solution isn t enough. You need a variety of protections against today s fastevolving cyberthreats. But that introduces complexity and bigger operational workloads to your IT environment, right? Not with the Cisco Web Security Appliance (WSA) (see Figure 1). Cisco WSA is an all-in-one highly secure web gateway that brings you strong protection, complete control, and investment value. It also offers an array of competitive web security deployment options, each of which includes Cisco s market-leading global threat intelligence infrastructure. Figure 1. Cisco Web Security Appliance Strong Protection Advanced Threat Defense Cisco Web Security is powered by Cisco Talos Security Intelligence and Research Group, the industry s largest collection of real-time threat intelligence, with the broadest visibility and largest footprint. Talos discovers where threats are hiding by pulling massive amounts of global information across multiple attack vectors (see Figure 2). This information gathering encompasses: 100 TB of security intelligence daily 1.6 million deployed security devices, including firewall, intrusion prevention system (IPS), web, and email appliances 150 million endpoints 13 billion web requests per day Hundreds of applications and 150,000 microapplications 35 percent of the world s enterprise email traffic Talos delivers early-warning intelligence, threat and vulnerability analysis to help protect organizations against zero-day advanced threats. It continually generates new rules that feed updates every three to five minutes so that Cisco Web Security can deliver industry-leading threat defense hours and even days ahead of competitors. 2015 Cisco and/or its affiliates. All rights reserved. 1

Figure 2. Cisco Talos Security Intelligence and Research Group Cisco Web Security Integration with Threat Intelligence Built on unmatched collective security analytics I00I III0I III00II 0II00II I0I000 I00II I0I000 0110 00 I00I III0I III00II 0II00II I0I000 0110 00 Threat Cisco III0I III00II 0II00II I0I000 0110 00 I00I III0I III00II 0II00II I0I000 0110 00 I00I III0I III00II 0II00II I00I I Intelligence Talos I00I III0I III00II 0II00II I0I000 I00I III0I III00II 0II00II I0I000 0110 00 Email Endpoints Web 0110 00 Research I00I III0I III00II 0II00II I0I000 Response 0110 00 180,000+ file samples per day Networks IPS FireAMP community Devices 1.6 million 35% Advanced Microsoft and industry disclosures 100 TB 13 billion Snort and ClamAV open source communities 150 million+ 24x7x365 600+ 40+ global sensors of data received per day deployed endpoints engineers, technicians, and researchers worldwide email traffic web requests operations languages WSA + Advanced Malware Protection Honeypots Sourcefire AEGIS program Private and public threat feeds Dynamic analysis Best Website Reputation Analysis Cisco WSA correlates threats collected from Cisco s network to produce a behavior score on which to take action. It applies and enforces web-reputation scores on parent sites and subsites. Integrated, Multilayer Malware Defense for Adaptive Protection Effective web security used to mean blocking navigation to bad URLs. But today you re more likely to contract a virus or download malware through legitimate websites. Cisco WSA defends against malware and advanced persistent threats using multiple layers of antimalware technologies and intelligence from Talos updated every three to five minutes. Every piece of web content accessed from HTML to images to Flash files is analyzed using security and contextaware scanning engines. Cisco WSA analyzes traffic in real time, breaks it into functional elements, and pushes elements to best-designed malware engines for inspection while maintaining high processing speeds (see Figure 3). 2015 Cisco and/or its affiliates. All rights reserved. 2

Figure 3. Cisco WSA s Layers of Defense Talos Cisco Web Security Appliance (WSA) Appliance Virtual Before During After Web Reputation Web Filtering Application Visibility and Control Webpage Parallel AV Scanning File Reputation Data Loss Prevention AMP File Sandboxing Cognitive Threat Analytics File Retrospection Client Authentication Traffic Redirections WCCP Load Balancer Explicit/PAC PBR AnyConnect HQ Admin Management Reporting Log Extraction Campus Office Branch Office Roaming User Allow Warn Block Partial Block Sandboxing and Continuous Analysis Advanced Malware Protection (AMP) is an additionally licensed feature available to all Cisco WSA customers. AMP is a comprehensive malware-defeating solution that provides malware detection and blocking, continuous analysis, and retrospective alerting (see Figure 4). AMP augments the malware detection and blocking capabilities already offered in the Cisco WSA with enhanced file reputation capabilities, detailed file-behavior reporting, continuous file analysis, and retrospective verdict alerting. Customers now have the ability to sandbox PDF, Microsoft Office, and archive/compressed files files, in addition to Windows portable executable files. Figure 4. Retrospective Analysis with AMP Initial Disposition = Clean Sandboxing Antivirus Not 100% Actual Disposition = Bad = Too Late!! POINT-IN-TIME DETECTION Analysis Stops Blind to scope of compromise AMP Retrospective Analysis CONTINUOUS MONITORING Analysis Continues X X Identifies threats after an attack Initial Disposition = Clean Actual Disposition = Bad = Blocked 2015 Cisco and/or its affiliates. All rights reserved. 3

Complete Control Centralized Management The Cisco WSA s intuitive management interface centralizes policy management and reporting, offering global control from a simple-to-use single interface. Deep Web Usage and Application Visibility With the Cisco WSA, you get deep visibility into evolving application and microapplication content. Specifically, Cisco WSA identifies and classifies the most relevant and widely used web and mobile applications, such as Facebook, and more than 150,000 microapplications, such as Facebook games. This is done by combining identity, time, content, location, and outbound-compliance data to build and maintain application policy. Coupled with this visibility, the Cisco WSA offers the precise control over application and usage behavior. It can regulate bandwidth consumption and apply conditional controls, such as throttling, based on the location or profile of the user and the type of device. In addition, the Cisco WSA provides dynamic, context-based control of user access to applications based on user profile, device, and access mechanism. You can also set up policy to control SaaS applications such as Salesforce.com or WebEx. Data Loss Prevention The Cisco WSA blocks sensitive information from leaving the safety of the network, helping to ensure compliance and reduce risk (see Figure 5). This capability is in addition to the controls for outbound content such as file-sharing applications. You re able to prevent uploads to filesharing services in the cloud, including icloud and Dropbox. You can also stop confidential data from leaving the network by creating context-based rules for basic data loss prevention (DLP) or by using the Internet Content Adaptation Protocol (ICAP) to integrate with any third-party DLP solution for deep content inspection and enforcement of DLP policies. Figure 5. Data Loss Prevention with Cisco WSA Basic DLP CWS Cloud Basic DLP WSA On-Premises Advanced DLP Enterprise DLP Integration through ICAP protocol WSA + DLP Vendor Box 2015 Cisco and/or its affiliates. All rights reserved. 4

Investment Value Lower Total Cost of Ownership The Cisco WSA delivers a consolidated solution in a single appliance, unlike other solutions that often require additional devices for new features and functions. You spend less time troubleshooting, with 99.999 percent availability and uptime. You save time with automatic updates from Talos and stay tuned against the latest threats without intervention. Lastly, you can use your existing VMware infrastructure in an unlimited number of deployments of the Cisco Web Security Virtual Appliance (WSAV). Models and Options Available Tables 1 through 4 provide specifications for the Cisco WSA, the Cisco Web Security Virtual Appliance (WSAV), and the Cisco M-Series Content Security Management Appliance. Table 1. Cisco WSA Performance Specifications Large enterprise Midsize office Users* Model Disk Space RAID Mirroring 6,000 12,000 1,500 6,000 S680 S380 4.8 TB (8 x 600-GB SAS) 2.4 TB (4 x 600-GB SAS) Memory CPUs Yes (RAID 10) 32 GB 16 (2 octa core) 2.70 GHz Yes (RAID 10) 16 GB 6 (1 hexa core) SMB and branch Less than 1,500 S170 500 GB (2 x 250-GB SATA) Yes (RAID 1) 4 GB 2 (1 dual core) 2.80 GHz * Please confirm sizing guidance with a Cisco content security specialist to help ensure your solution will meet your current and projected needs. Table 2. Cisco WSA Hardware Specifications Hardware platform S680 S380 S170 Form factor 2 rack units (2RU) 2RU 1RU Dimensions Redundant power supply Remote power cycle DC power option Hot-swappable hard drive 3.5 x 19 x 29 in. (8.9 x 48.3 x 73.7 cm.) 3.5 x 19 x 29 in. (8.9 x 48.3 x 73.7 cm.) Yes Yes No Yes Yes No Yes Yes No Yes Yes Yes Fiber option Yes (accessory) No No 1.64 x 19 x 15.25 in. (4.2 x 48.3 x 38.7 cm.) Ethernet 4 Gigabit NICs, RJ-45 4 Gigabit NICs, RJ-45 2 Gigabit NICs, RJ-45 Speed (Mbps) 10/100/1000, autonegotiate 10/100/1000, autonegotiate 10/100/1000, autonegotiate 2015 Cisco and/or its affiliates. All rights reserved. 5

Table 3. Cisco WSAV Specifications Web Users Model Disk Memory Cores Less than 1,000 S000v 250 GB 4 GB 1 1,000 2,999 S100v 250 GB 6 GB 2 3,000 6,000 S300v 1024 GB 8 GB 4 Servers Cisco UCS ESXi 5.0, 5.1 and 5.5 Hypervisor Table 4. Cisco M-Series Content Security Management Appliance Model Cisco M680 Cisco M380 Cisco M170 Users (approx.) 10,000 or more Up to 10,000 Up to 1,000 Next Steps Find out more at http://.cisco.com/go/wsa. Evaluate how the Cisco WSA will work for you with a Cisco sales representative, channel partner, or systems engineer. Americas Headquarters Cisco Systems, Inc. San Jose, CA Asia Pacific Headquarters Cisco Systems (USA) Pte. Ltd. Singapore Europe Headquarters Cisco Systems International BV Amsterdam, The Netherlands Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco Website at.cisco.com/go/offices. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL:.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) C02-733921-00 2/15 2015 Cisco and/or its affiliates. All rights reserved. 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information